OCGIFINDEX(r5, 0x8914, &(0x7f0000000000)={'ipvlan0\x00', r7}) ioctl$ifreq_SIOCGIFINDEX_vcan(r3, 0x8933, &(0x7f0000000bc0)={'vxcan1\x00', r7}) sendmsg$ETHTOOL_MSG_LINKINFO_GET(0xffffffffffffffff, &(0x7f0000000ec0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000e80)={&(0x7f0000000c00)={0x268, 0x0, 0x100, 0x70bd27, 0x25dfdbfe, {}, [@ETHTOOL_A_LINKINFO_HEADER={0x68, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_hsr\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bond0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wg1\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}, @ETHTOOL_A_LINKINFO_HEADER={0x48, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'nr0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}]}, @ETHTOOL_A_LINKINFO_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bridge_slave_0\x00'}]}, @ETHTOOL_A_LINKINFO_HEADER={0x84, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'hsr0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_bond\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'gre0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_virt_wifi\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}, @ETHTOOL_A_LINKINFO_HEADER={0x30, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wg1\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}, @ETHTOOL_A_LINKINFO_HEADER={0x1c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}, @ETHTOOL_A_LINKINFO_HEADER={0x2c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}, @ETHTOOL_A_LINKINFO_HEADER={0x6c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'macvlan1\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}]}, @ETHTOOL_A_LINKINFO_HEADER={0x24, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r2}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}]}]}, 0x268}}, 0x40000) ioctl$TIOCVHANGUP(r0, 0x5437, 0x0) 18:39:59 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) open(&(0x7f00000000c0)='./file0\x00', 0x40c2, 0x0) open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x88) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x200000000, 0x2, &(0x7f00000001c0)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r1 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000240)={0x0, 0x0}, &(0x7f0000000280)=0x5) setuid(r2) r3 = openat$autofs(0xffffffffffffff9c, 0x0, 0x0, 0x0) r4 = socket(0x100000000011, 0x0, 0x0) r5 = geteuid() setsockopt$inet_IP_IPSEC_POLICY(r4, 0x0, 0x10, &(0x7f0000000240)={{{@in6=@loopback, @in6=@local, 0x4e22, 0x8000, 0x4e22, 0x0, 0x2, 0x60, 0xa0, 0x3c, 0x0, r5}, {0x5, 0x100000001, 0xffff, 0x5, 0x8, 0x6, 0x0, 0x2}, {0x10001, 0x0, 0x1, 0x3}, 0x0, 0x6e6bb8, 0x1, 0x1, 0x2}, {{@in6=@private1={0xfc, 0x1, [], 0x1}, 0x0, 0x32}, 0x2, @in6=@private0, 0x3505, 0x3, 0x3, 0x9b, 0xb650, 0x40, 0x400}}, 0xe8) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) r8 = socket$netlink(0x10, 0x3, 0x0) getsockopt$sock_cred(r8, 0x1, 0x11, &(0x7f0000000000)={0x0, 0x0, 0x0}, &(0x7f0000cab000)=0xc) mount$9p_fd(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000000)='9p\x00', 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r6}, 0x2c, {'wfdno', 0x3d, r7}, 0x2c, {[{@loose='loose'}, {@dfltgid={'dfltgid', 0x3d, r9}}]}}) sendmmsg$unix(0xffffffffffffffff, &(0x7f0000001bc0)=[{&(0x7f0000000040)=@abs={0x1, 0x0, 0x4e21}, 0x6e, &(0x7f00000000c0)=[{&(0x7f00000002c0)="6f5768e45f84a4040741ba96ff09ff8ad3def08acebc3f3525b9417337f0751d9729ca9dc1cd6786136cfc72f89f25790987008cb0ed6d2c9f0c20c28b67c78a979da0a86695d44f703a6b7159feefd4ee0fdd77201290e6c10ce435757052be03b82665f1e08e68e5465d15ad5f242a473a4d23c9adfcc4f6277607ae9b6881470db4d394b3e5f2fdab45732f83d0ac11ceb407a9fe5c4d6d3f286b00d9a0bbb7add7bd6ed768b65f9e3951ccf85ed9d70f589d69857d11bb54e96d86f5ff39a91ccf74b58332f04847e6d95cb96b2ee9d5dad9a85e0a3f9f23fd4115d512e829da9055af63baf33ccba1023cfd6a91d8a03b83b49bbccab5d5a024bb9572076d3a041cf8f5cb0dd2a22cc79106ec5237d3a6a23395bc0581d3fac7552b0c6cce5c3e89cf1cb95672c96ee994fdaad309f54b60f5e3073ac7e85f9bf524f5b9cd935d8b49aaf19814db9e2b8e2b134de72f1ec969c6fd32e96628c8457f3b2028ce486a4a13147e0a1d1e4a3f2745c55103a12aa593bef497b4f8b28d0dd05a73f05949fa9fb6cd2f704d4ddd76fbdfbd216cf3a82d3eb13d73b1d3168692228188ffe21e6286e6fa178bfc5f4717918f253e5f1f5d4b4d884f66f8341170a19cc92dd8fe938d2649c203f6fb02839d89002441405e044f3439fec8435935b213e6ecf50c14e3a9d5d5b229d29ab142dcc94e64b316e69fb944bda214a50d5b61fcc5eb71fdbefdd5ef72d71afb1ebab59fc61b37f293986b9240d8beef5746d90f75f7fb4a871473d6d57cec25a576d4512ca8594d0387341b82e41e64a8c967268aa7fb17beb03dec634679133cf36cf11e4706b1cee950c6c2614f4a4883a550137d4d0dca0574a3fc28d245090eff18591627894839384c90563ab544ddee1ba062f80c19d2619427f151b387dae1747d0a3667cc55da4f33d8b5a401927c5dcad2887c7caeeba9e50ad1065a80315eff1ff5af4848f3de4d016cb1051a4ab68a303fadc63093e5651458583cb8dce9edf686fb57844ec0c9b2926383cbab3dd3b8f5255002fb79ac2e4b14064781c7ee95f3686250e8fd41b302725669f0b487bd3b1ccc463ef2968a9a737ee46aba9a2f70ef0f7a51bf5cf8cd1934c8d785137b9f69e3dbdf516c9c92291d401cb3e91e56058927387017eb52fe0ecf5064a6dc0c13413f52d51ebee288f68169a3aa3f42b7e17486dd111edcec1aaa2e710d163dd2bea08b7c8d53673b9d7f574bf247130a134bd96e6a5153deb1d86a3da12833e0e0bb03a7352553e5884dd33a7b96460046e1bac0301c16466d546d3fffc6b42700e130787ac104c9f1e9c19b26349985af651414712a890d26824f7ac949330a2e526511288c28b277571eece02fc4fea25ee58c97f32228b3afa93632e7953cc887f59b0da6298d4240ec17317be633d68e76ac4dc3b4dd3687cf80aa0df77a4f5c6874f9a1fa1a04e58e2f13a61b87695596a4ebca9b0b151aae979398c2fe15593c55b558fb50b7bdc8fbc753d9a4b91714dd1aaff6c7db312708a9f53239af5efceb9aea850341ea999fc859f3f3b3fa8410783363efe4577e2f8e1b3d01b4b763f8b52b1afaa7d049f48d4408d06a2932cb554b42be82778ecc43ed919b1e8622aeeb5676f954862997e6fb76376814d7858b5389fcaeef735ee177ad04b184cd1e07a930523ad9458c870578821151a7f2dac90c4c4c9739d5187442638b2309113c4370931b269ba891f0d37c43669ff66762416c906672be4fd93cddd104f20c7de8a6a90294232740694f6291a3d62874c34a2a1fbf9db7eab9f863e2c2375bb71fc90f5e67e5cfa09fbd40c2423bb575665300344f9b19605354e1b8fc3bfcb84323d7c4f1049b8e1a931a836419050848bb7e1b62fb9bb3bc792aa7b491c00c66c4fc0f5cf8169e9d5d958a975b3e9e9c5ddc6c329e205d0375c039f2ec1a9a13a6e2d44e12185eff0a4c7c0676c0f182444ec27e555c702caeebab497b9e68e77460ff9e2b78eb99f31bc257f739993d5585c8a5ead074f20fb776baeaf5436edc807d17931d9d242f8e793762df3de3954afc694a53a2c4d836229ccd34464105aacba3e32c1d2c7e56af649274639022226c86633dd1c5d1b337470dd41bbb48c9b963a0ee5495d982bf8bc52229942f14fe70d422edf4914f43c21c51e9798c3c13e15ac4ec833fa7c9f7d6a986412cf092ade2af18d3a9eb92285463419d19cb58523b7c492452f73f9d88d2efda6bd6876d27378224575ca1780027ac31d5febf087a2c179af050b81d61de83c044fa83dedda2239618adf2f20b55e099b661c2fb61b2c7788adf15d096d7e4351fbbfc82e6a6b021fd20a5b85c2c18edd3fb0b8a791db04ad06703bf27954e5eaf509227a7d56d1dd3a27abf4292241f41976f6144b22a67e5c2b2faca6228a75dc1d8fc472139da25e446dc30170a57dd3c1b455dd897ab95426055682380890088215a702719afc79dddd2137dcad98976a8951e493847fc39c80ecc9928a5b7f6b92dc2816601998b078daacccb5ae66aed43fc5c286677a2a0eab5f61bf6c6d9d34db773382fe7cacbd20813edf6d548162d55739fec4fed52321ebcc68309a931ca118a56850223fc32aa06bb96846d6baa9467a0d286e8ff78a074eaf65cf5bd5dc065e510fdd212f07918fd4dd0a26269ad7d42e1d6dbef2da881bb349aebb05e14c1051c5a42db50cc4f1b080de3ac001d75c0443b8084bebe6474d46cef5e06262dda2974771c947f33fb125bbead8a3d4573cbb35d3ad6fde12e81fcaec90e82a1b6a0281eb49e146576cf893110ea14a6204327a1ebbc9d229a4fa5a0ba70a2ce044697408bdbf4d00bf5ea00274dd25bc00cca89f4d50cacbb205f511b9266933c48ff72f4b20410070526350e4c4b5fa5959012c2696ce7af61a4e2d338969e21009d993f6e1ffc3721a0927cb779d49fb685972f5d466ba30f1841cf796b263870a0873460063a770e4dc30dd2b9651f3008c1afc154d49aebaa82de40cd825c3121caab1bca8aed773370d71722ade925b8c6cae999ff592a3d624f4419c651eccd69034491e91ed4fff23eecdb5ee6571499e06423bc2a86df9451d437a09917a1ddf884e56b964ad32bf8d9333ec7ca792d957d7303f43f0ddf9d8b2d61db8b78a550462bde7be5e3bea92ac0491a417f3def4b76f99a958b86b3f790c4c71e63cc5a47e8b50f6e4bb12b348e5218d5ad9affb271422fba457c27ce22407994af4448366730ccfdb8ceb3604590fb210ab16cbf152db865c6fe31556e843acb79d6eff380773e8d9ec02831102e4ab642fdefa7929f8538a9c2ecedde93836654636942db11452d85c1d7eec3a46e34aa689601f92ee02f0506f1cf542067b9bb0f4e598e202e815598c6da9cf6e9d3d4c2b46112e580b45007bd8e8b5adcd0f08399d2fd86f62e725390a5b7b8b3a1d91f9b2200586d287e31bd4f7631e3e87b10cb8b6bde53aef44a3fe63bd8722000a15699f9d061f2409189b93e184ec59d8c1d0e957050c4e26f484b096f43b26668d2f8c7e71216d0941dbeecc66674835b8ebb9a9102a8783887d16c5109039ee88b19ac5d8a7b5da9b75161687c8d4cc92f7fe66c558a78f3076514950b2cf2e91a461896b1c9ab81dd3502fb302340bf5081248bfd4296d6e845fb8fc7616d65938c151bc6e42d5930caff1574e2f6ced8e3789d947038d10fbf489fa04df0483875ef9632a47ea1533d81ffec6ea79e1b9b110134066513533d2ff9b5f7cb7d78bb413d82d36428d15d79bdf6866d1331d45e49062146ccbe37622a1162681fe0df3ea1960f7042cdfbccef2953280e7fa15d7767baec8c0377b59562ebaa2ad2205f06cafd31d28b0d69980a94eaacbd2023e747956217a9ab66273d068b6775b60eef9b8d2731b461115a5c101b69ac64e2e5bc12080e80f81cd31e7a0e64bfb177c518e13dca0cbf710568aae1976d718443a85da75682ea902932f6bbe246a283daac6369167e34c7f02083d2422f4624937b958855ac9d7f1c3daf602f0ac77bbe2188c84acd790ac3ad2b2dc8ac7c4224891195588dbe1d18ea227cf6804926a857daec60a03200c2334f92397f9fa5bc94ea73320199cd7d21f620135d31c8ca66fa059668c2c169c52fcebb71f9327fca20938c59e28bc37439835cbbc373e482b0e433b99dcae69165c5d161bbf184ce1bd04730919f3b24d3bbbf0f79d03da76cc1dd5b57971c4e1dfaf98360408e871f96f7ac2703526bdf569f0dcf05a49b979c20a6340642f82d8a243a723d051e0ee1b7d66b1ac4fc3630b68cadbc4f0d3a43c65ef72a00bc998adaef2b90cb740c2c7cb04898e325694b37306642e635e8ee300fc103deeecf82d8f0dc13d39f8fd2b26187a40aa287eca53bf62d37a94b2aa5149964e691c10aeeeba5597d669ac0501b3aca14c74c14b9e159d9cc9fe7bb4daaef2799a637ebab7666b67b32d0cef4c6b4c70bef2538ad7f97365785406b50680495fda061b6719581bdc60cfdd1eddc645189ca329461478614f964f87ac45759f700a66b075c3f34600854ba81f3f3023c6b3481aefd47515223294dbd2484b2918ca9cb72d75a217b05440c7f151a8a514d141a9b73b5c49ec262eb47675426e5f9d8d8f288736b190cc5e1645b57095e17a5604d6a047914d3158e50aeb3a35b44182444b058e9252309f9c6473e138d8ceb66c35dfa4f315ac8a5dfb78919e0a27710150857544d897b98ff98db76e841e57937f78fffccae61c7c0861473e2001bbdf098091ddce94ab25aaa9e316c82609f25caa0636a715ea364cd108c3f33bea8e3812a669c8129473e3e383a18598f6119324ef94163de9ce64c288da4e88fc16868f3a42ab1ed0d9517eee820d2ad0191c0381040de4ed5489f67e728ffb5f8fb41dd89aa9e0bf95007837572e223226288a665dcb8e3411b2126f3c470bac6ba2d9ded0de60d9d7fbfbd512fb283cadfcf0822ebe10049a3e8d7dcf3177de3d50c6ce74468e3f678a14ae0ea59335b35ae4be7509bbca9141ef822eff07d6a32af26f5fde2efe6d6814053de8017d4e354292927cc90cad7229fd630dba9e66047bd3bdeb9795f9d8cdf8d6b4b81ceaf23d75cf8e92117b9a5cce1b9e16f6f9e716acd04ebbc437e97f22f38de374b747c46c56de9248d79b8a2c831291ceb7a15f6302edf7e8a201415a870659c0ae014e76c4cd26a18774dff3b18062912390a0e61cde1f2b14e47d4cd98476f7b66a35e21dcd4fc17b3aab153ceb293b8f07c65928ea7780f2563d931fbf04bc9b1dc9bb7554a86c747fbf6aa0e18190eced8ef5de10f88b135e1d6eefeb496f3733ac4d345932678eee7c3524fd014393b7551c5e8f8dfd137804d2965be4a12441d9281e1a9615dbbd0fb41e190c53ab874e2acf0a4563e9d0720348e23722b677a007918272fad0a5a34d1df874b8aab3e75a42e6bd90fe0f2adf12344f64559150c5bfe40a5c1c7f1b2c58643247456228ff069beca857311ae2bf95e42bddaa2ea7ea1197a0df1323a4e7350037bfbcd666be976e3ebd5b7cb2f551c8fdf487564288af7855d42aa2df64be775b112376835f6c76b69b153c4e87dfe7f610ac909db0f2fa8b33863bbb7ceb305601470c13a0a268657c251db1dd52f51b88290dfd003ed4bdcdc36f01964ba982e4adc4237397f91c4057f350f049e7933411dd230c0c0ab6ffe5e6e7bd68e75fe5b67deee8432a1bc90dccfe425fcd1a5f9748591a437cd27719e6876", 0x1000}], 0x1, 0x0, 0x0, 0x10}, {&(0x7f0000000100)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f00000001c0)=[{&(0x7f0000000180)="c35edabe64d3e5715fc3fbe5a549ea2d5805670d6025c4af6cc8ac648362522b5ab36061862eb5", 0x27}], 0x1, &(0x7f0000001540)=[@rights={{0x2c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, r3]}}, @rights={{0x24, 0x1, 0x1, [r3, r3, r3, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {0xffffffffffffffff}}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x1c, 0x1, 0x1, [r3, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}], 0xf0, 0x40008}, {&(0x7f0000001600)=@abs={0x1, 0x0, 0x4e22}, 0x6e, &(0x7f0000001ac0)=[{&(0x7f0000001680)="76f0eb8ba89e82ec72eeb275e327cdd7b38a8ae6eb5a1f8b4580afab14b01554a61b132381775421d11b94", 0x2b}, {&(0x7f00000012c0)="1b60ef7c4eaf91ee859dc67370bb8f499c12698b0280af4905c2a1cbdc5bd8564f3b3a7a2cf9d351ec3c02185e5a6a855203f24ab8e4beef17bd46dd56dff05089152ff302de40135f6910c0b587aaba64cde135b9b0fde14608258ac4bc6076c7813d05b6e70593d90270e885c6ed992c13adeeccdc3bb74df2e1c09640f1f3e104eae25b5d2dcda15897149cd678dc74abc17470d744e1de87c180605e4cbc1d91ee7e0c8d04bce12992c619a49510b1a492b86545748943a74748d9c32f79408957dfd70036431de43d1a1fd6ed5239aa8753765f83dbe204354a18dde175ad91016fd36eb926677ce5de", 0xec}, {&(0x7f00000017c0)="c4fe9f834f655af8dfe5898f29f701d2ef0310dc2389800adc25bd1cb2dbb0afd2be016a290f028149403d29f80989148c16b4d9da31469936cbcff444f15de7f52a887b47bce14640e3fecbf51f3be9cfda384add44d84f0ddf8d79facd4674f08614b075fc44ea0fd361c895ab57be8dca3c36b9c0e6ac63890fef0b77e806fa61284244d8fe5ff48166e7cd9658476801026f581902a04b7d2056cd2ed2d76244", 0xa2}, {&(0x7f0000001880)="01", 0x1}, {&(0x7f0000001980)="365eb6389e10c66bacb717d0e5d2ea869d8d22f6c2ff0bbef495420f6a33bedf1f185a011edcb5d471b771e3c54b4a464215cfc2f58184f027dabb9b10079112415e36d22719ba93633369e9eb568c5d6bca7c9f60c7b0be2b668446af8c2dcd2f846742d8b927e0c7ad8e7c48032b114a", 0x71}], 0x5, &(0x7f0000001b80)=ANY=[@ANYBLOB="28000000000000000100000001000000", @ANYRES32, @ANYRES32=r3, @ANYRES32=r3, @ANYRES32, @ANYRES32, @ANYRES32, @ANYBLOB="1c00"/16, @ANYRES32=0x0, @ANYRES32=r5, @ANYRES32=r9, @ANYBLOB='\x00\x00\x00\x00'], 0x48, 0x4c000}], 0x3, 0x4004090) keyctl$chown(0x4, 0x0, r2, r9) write$binfmt_elf64(r1, &(0x7f0000000ec0)=ANY=[], 0x471) sendfile(r1, r1, &(0x7f0000000480), 0xa198) 18:39:59 executing program 5: clone(0x3a3dd4008400af01, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) write(0xffffffffffffffff, &(0x7f0000000040)="06", 0x1) mmap(&(0x7f0000000000/0x7000)=nil, 0x7000, 0x80000000004, 0x11, 0xffffffffffffffff, 0x0) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) setsockopt$IP_VS_SO_SET_ADD(r1, 0x0, 0x482, &(0x7f0000000000)={0x0, @remote, 0x0, 0x0, 'dh\x00'}, 0x2c) 18:40:00 executing program 4: ioctl$TIOCGETD(0xffffffffffffffff, 0x5424, &(0x7f00000004c0)) r0 = socket(0x200000000000011, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'sit0\x00', 0x0}) bind$packet(r0, &(0x7f0000000200)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @local}, 0x14) sendmmsg(r0, &(0x7f0000000d00), 0x400004e, 0x0) r2 = socket(0x200000000000011, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000080)={'sit0\x00', 0x0}) bind$packet(r2, &(0x7f0000000200)={0x11, 0x0, r3, 0x1, 0x0, 0x6, @local}, 0x14) sendmmsg(r2, &(0x7f0000000d00), 0x400004e, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000400)='IPVS\x00') sendmsg$IPVS_CMD_NEW_SERVICE(r4, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000080)=ANY=[@ANYBLOB="30001f00", @ANYRES16=r5, @ANYBLOB="01000000000000000000010000001c000180060001000a00000008000600736970000800050000000000"], 0x30}, 0x1, 0xa00000000000000}, 0x0) sendmsg$IPVS_CMD_NEW_DEST(r2, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)={0x54, r5, 0x420, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_DEST={0x4}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x1}, @IPVS_CMD_ATTR_DEST={0x2c, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x36f293e6}, @IPVS_DEST_ATTR_TUN_FLAGS={0x6, 0xf, 0x2}, @IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0xfff}, @IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0xfff}, @IPVS_DEST_ATTR_ACTIVE_CONNS={0x8, 0x7, 0x5}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x3}]}, 0x54}, 0x1, 0x0, 0x0, 0x8004}, 0x4000010) ioctl$sock_inet_SIOCGIFADDR(r0, 0x8915, &(0x7f0000000000)={'macvtap0\x00', {0x2, 0x4e24, @rand_addr=0x64010102}}) [ 2493.154613] IPVS: set_ctl: invalid protocol: 0 172.20.20.187:0 [ 2493.166901] audit: type=1800 audit(1590777600.004:1051): pid=28747 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="collect_data" cause="failed(directio)" comm="syz-executor.0" name="file0" dev="sda1" ino=16065 res=0 18:40:00 executing program 5: r0 = memfd_create(&(0x7f00000001c0)='\vem5\xc1#*\xff\x00\x00\x00\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\xa2\xf0\xa6\xb6\xbf\xb1\x00\xf0\x97zR\xe2r\x04\x15b\xd0\xa9`\xbc\xad\x1f\xb7\xde\xf3k\xdcw\xab\xe9[>)6;\xabi\xf0\xee\xaa\xa8$\x15O', 0x0) write(r0, &(0x7f0000000040)="06", 0x1) mmap(&(0x7f0000000000/0x7000)=nil, 0x7000, 0x80000000004, 0x11, r0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = fcntl$dupfd(r1, 0x0, r1) setsockopt$IP_VS_SO_SET_ADD(r2, 0x0, 0x482, &(0x7f0000000000)={0x0, @remote, 0x0, 0x0, 'dh\x00'}, 0x2c) [ 2493.197931] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 2493.223152] audit: type=1804 audit(1590777600.024:1052): pid=28747 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="open_writers" comm="syz-executor.0" name="/root/syzkaller-testdir477172077/syzkaller.GVGvUQ/701/file0" dev="sda1" ino=16065 res=1 [ 2493.288422] IPVS: Scheduler module ip_vs_ not found 18:40:00 executing program 5: r0 = memfd_create(&(0x7f00000001c0)='\vem5\xc1#*\xff\x00\x00\x00\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\xa2\xf0\xa6\xb6\xbf\xb1\x00\xf0\x97zR\xe2r\x04\x15b\xd0\xa9`\xbc\xad\x1f\xb7\xde\xf3k\xdcw\xab\xe9[>)6;\xabi\xf0\xee\xaa\xa8$\x15O', 0x0) write(r0, &(0x7f0000000040)="06", 0x1) mmap(&(0x7f0000000000/0x7000)=nil, 0x7000, 0x80000000004, 0x11, r0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = fcntl$dupfd(r1, 0x0, r1) setsockopt$IP_VS_SO_SET_ADD(r2, 0x0, 0x482, &(0x7f0000000000)={0x0, @remote, 0x0, 0x0, 'dh\x00'}, 0x2c) 18:40:00 executing program 4: openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000080)=0x400) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r1, 0x400455c8, 0x1) ioctl$TIOCSETD(r1, 0x5412, &(0x7f0000000040)) r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r2, 0x400455c8, 0x1) ioctl$TIOCSETD(r2, 0x5412, &(0x7f0000000040)) r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r3, 0x400455c8, 0x1) ioctl$TIOCSETD(r3, 0x5412, &(0x7f0000000040)) ioctl$TIOCGETD(r3, 0x5424, &(0x7f0000000000)) [ 2493.397082] audit: type=1804 audit(1590777600.234:1053): pid=28747 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="ToMToU" comm="syz-executor.0" name="/root/syzkaller-testdir477172077/syzkaller.GVGvUQ/701/file0" dev="loop0" ino=1 res=1 18:40:00 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$BATADV_CMD_GET_GATEWAYS(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000200)={0x24, 0x0, 0x711, 0x0, 0x0, {0x9}, [@BATADV_ATTR_MESH_IFINDEX={0x8}, @BATADV_ATTR_HARD_IFINDEX={0x8}]}, 0x24}}, 0x0) r1 = socket$inet6(0xa, 0x80002, 0x0) r2 = socket(0x11, 0x800000003, 0x0) bind(r2, &(0x7f0000000080)=@generic={0x11, "000001000000004f080044d44eeba71a4976e252922cb18f6e2e2dba000000012e0b3832005404b0e8301a4ce875f2e3ff5fb39c030000000000000000000000080101013c58110308d9123127ecce66080000000e5bf5ff1b0816f3f6db1c00010000000000326d3a09ffc2c654000000000400"}, 0x80) getsockname$packet(r2, &(0x7f0000000140)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f00000001c0)=0x14) ioctl$sock_SIOCGIFINDEX(r1, 0x8914, &(0x7f0000000000)={'ipvlan0\x00', r3}) sendmsg$BATADV_CMD_GET_TRANSTABLE_LOCAL(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000100), 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x24, 0x0, 0x100, 0x70bd2b, 0x25dfdbfe, {}, [@BATADV_ATTR_TPMETER_TEST_TIME={0x8, 0xb, 0x6}, @BATADV_ATTR_HARD_IFINDEX={0x8, 0x6, r3}]}, 0x24}, 0x1, 0x0, 0x0, 0x400c000}, 0x4004880) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r4 = open(&(0x7f00000000c0)='./file0\x00', 0x40c2, 0x0) open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x200000000, 0x2, &(0x7f00000001c0)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000ec0)=ANY=[], 0x471) pipe(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r6 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000040)='/dev/cuse\x00', 0x2, 0x0) splice(r6, 0x0, r5, 0x0, 0x20000038, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r5, 0xc0502100, &(0x7f0000000200)={0x0}) ioctl$SECCOMP_IOCTL_NOTIF_ID_VALID(r4, 0x80082102, &(0x7f0000000000)=r7) sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000480), 0xa198) 18:40:00 executing program 5: r0 = memfd_create(&(0x7f00000001c0)='\vem5\xc1#*\xff\x00\x00\x00\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\xa2\xf0\xa6\xb6\xbf\xb1\x00\xf0\x97zR\xe2r\x04\x15b\xd0\xa9`\xbc\xad\x1f\xb7\xde\xf3k\xdcw\xab\xe9[>)6;\xabi\xf0\xee\xaa\xa8$\x15O', 0x0) write(r0, &(0x7f0000000040)="06", 0x1) mmap(&(0x7f0000000000/0x7000)=nil, 0x7000, 0x80000000004, 0x11, r0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = fcntl$dupfd(r1, 0x0, r1) setsockopt$IP_VS_SO_SET_ADD(r2, 0x0, 0x482, &(0x7f0000000000)={0x0, @remote, 0x0, 0x0, 'dh\x00'}, 0x2c) [ 2493.463271] minix_free_inode: bit 1 already cleared [ 2493.470609] IPVS: Scheduler module ip_vs_ not found [ 2493.600480] audit: type=1800 audit(1590777600.434:1054): pid=28789 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="collect_data" cause="failed(directio)" comm="syz-executor.0" name="file0" dev="sda1" ino=16099 res=0 [ 2493.618848] IPVS: Scheduler module ip_vs_ not found [ 2493.660847] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 2493.677561] audit: type=1804 audit(1590777600.474:1055): pid=28789 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="open_writers" comm="syz-executor.0" name="/root/syzkaller-testdir477172077/syzkaller.GVGvUQ/702/file0" dev="sda1" ino=16099 res=1 [ 2493.812462] minix_free_inode: bit 1 already cleared [ 2493.822921] Bluetooth: Error in BCSP hdr checksum [ 2493.834881] Bluetooth: Short BCSP packet [ 2493.842906] Bluetooth: Short BCSP packet [ 2494.082206] Bluetooth: Error in BCSP hdr checksum [ 2494.093055] Bluetooth: Error in BCSP hdr checksum [ 2494.104906] Bluetooth: Error in BCSP hdr checksum [ 2494.342266] Bluetooth: Error in BCSP hdr checksum [ 2494.353656] Bluetooth: Error in BCSP hdr checksum [ 2494.363035] Bluetooth: Error in BCSP hdr checksum [ 2494.502010] Bluetooth: hci3 command 0x1003 tx timeout [ 2494.507733] Bluetooth: hci3 sending frame failed (-49) [ 2494.602179] Bluetooth: Error in BCSP hdr checksum [ 2494.622905] Bluetooth: Error in BCSP hdr checksum [ 2494.622907] Bluetooth: Error in BCSP hdr checksum [ 2494.862204] Bluetooth: Error in BCSP hdr checksum [ 2494.882185] Bluetooth: Error in BCSP hdr checksum [ 2494.882649] Bluetooth: Error in BCSP hdr checksum [ 2495.122170] Bluetooth: Error in BCSP hdr checksum [ 2495.141937] Bluetooth: hci4 command 0x1003 tx timeout [ 2495.147256] Bluetooth: hci4 sending frame failed (-49) [ 2495.154112] Bluetooth: Error in BCSP hdr checksum [ 2495.154169] Bluetooth: Error in BCSP hdr checksum [ 2495.221988] Bluetooth: hci5 command 0x1003 tx timeout [ 2495.227413] Bluetooth: hci5 sending frame failed (-49) [ 2495.382177] Bluetooth: Error in BCSP hdr checksum [ 2495.402280] Bluetooth: Error in BCSP hdr checksum [ 2495.402656] Bluetooth: Error in BCSP hdr checksum [ 2495.622205] Bluetooth: hci9 command 0x1003 tx timeout [ 2495.627614] Bluetooth: hci8 command 0x1003 tx timeout [ 2495.633101] Bluetooth: hci7 command 0x1003 tx timeout [ 2495.638438] Bluetooth: hci6 command 0x1003 tx timeout [ 2495.643948] Bluetooth: hci6 sending frame failed (-49) [ 2495.649689] Bluetooth: Error in BCSP hdr checksum [ 2495.649691] Bluetooth: Error in BCSP hdr checksum [ 2495.649899] Bluetooth: Error in BCSP hdr checksum [ 2495.902230] Bluetooth: Error in BCSP hdr checksum [ 2495.902269] Bluetooth: Error in BCSP hdr checksum [ 2495.907330] Bluetooth: Error in BCSP hdr checksum [ 2496.021951] Bluetooth: hci10 command 0x1003 tx timeout [ 2496.027469] Bluetooth: hci10 sending frame failed (-49) [ 2496.162089] Bluetooth: Error in BCSP hdr checksum [ 2496.162315] Bluetooth: Error in BCSP hdr checksum [ 2496.167137] Bluetooth: Error in BCSP hdr checksum [ 2496.422373] Bluetooth: Error in BCSP hdr checksum [ 2496.422648] Bluetooth: Error in BCSP hdr checksum [ 2496.431479] Bluetooth: Error in BCSP hdr checksum [ 2496.581877] Bluetooth: hci3 command 0x1001 tx timeout [ 2496.587215] Bluetooth: hci3 sending frame failed (-49) [ 2496.692167] Bluetooth: Error in BCSP hdr checksum [ 2496.697300] Bluetooth: Error in BCSP hdr checksum [ 2496.697416] Bluetooth: Error in BCSP hdr checksum [ 2496.951991] Bluetooth: Error in BCSP hdr checksum [ 2496.952180] Bluetooth: Error in BCSP hdr checksum [ 2496.956936] Bluetooth: Error in BCSP hdr checksum [ 2497.212184] Bluetooth: Error in BCSP hdr checksum [ 2497.212220] Bluetooth: Error in BCSP hdr checksum [ 2497.217292] Bluetooth: Error in BCSP hdr checksum [ 2497.227149] Bluetooth: hci4 command 0x1001 tx timeout [ 2497.233149] Bluetooth: hci4 sending frame failed (-49) [ 2497.301903] Bluetooth: hci5 command 0x1001 tx timeout [ 2497.307351] Bluetooth: hci5 sending frame failed (-49) [ 2497.472090] Bluetooth: Error in BCSP hdr checksum [ 2497.472400] Bluetooth: Error in BCSP hdr checksum [ 2497.477266] Bluetooth: Error in BCSP hdr checksum [ 2497.701937] Bluetooth: hci6 command 0x1001 tx timeout [ 2497.707229] Bluetooth: hci7 command 0x1001 tx timeout [ 2497.707267] Bluetooth: hci6 sending frame failed (-49) [ 2497.721839] Bluetooth: hci8 command 0x1001 tx timeout [ 2497.723639] Bluetooth: Error in BCSP hdr checksum [ 2497.735510] Bluetooth: hci9 command 0x1001 tx timeout [ 2497.741095] Bluetooth: Error in BCSP hdr checksum [ 2497.751941] Bluetooth: Error in BCSP hdr checksum [ 2497.756912] Bluetooth: Error in BCSP hdr checksum [ 2497.987190] Bluetooth: Error in BCSP hdr checksum [ 2497.992422] Bluetooth: Error in BCSP hdr checksum [ 2497.992433] Bluetooth: Error in BCSP hdr checksum [ 2497.997455] Bluetooth: Error in BCSP hdr checksum [ 2498.011948] Bluetooth: Error in BCSP hdr checksum [ 2498.016910] Bluetooth: Error in BCSP hdr checksum [ 2498.101701] Bluetooth: hci10 command 0x1001 tx timeout [ 2498.107222] Bluetooth: hci10 sending frame failed (-49) [ 2498.242000] Bluetooth: Error in BCSP hdr checksum [ 2498.246945] Bluetooth: Error in BCSP hdr checksum [ 2498.252884] Bluetooth: Error in BCSP hdr checksum [ 2498.257820] Bluetooth: Error in BCSP hdr checksum [ 2498.272740] Bluetooth: Error in BCSP hdr checksum [ 2498.277740] Bluetooth: Error in BCSP hdr checksum [ 2498.502208] Bluetooth: Error in BCSP hdr checksum [ 2498.507139] Bluetooth: Error in BCSP hdr checksum [ 2498.511955] Bluetooth: Error in BCSP hdr checksum [ 2498.516959] Bluetooth: Error in BCSP hdr checksum [ 2498.531977] Bluetooth: Error in BCSP hdr checksum [ 2498.536988] Bluetooth: Error in BCSP hdr checksum [ 2498.661701] Bluetooth: hci3 command 0x1009 tx timeout [ 2498.761945] Bluetooth: Error in BCSP hdr checksum [ 2498.766907] Bluetooth: Error in BCSP hdr checksum [ 2498.773292] Bluetooth: Error in BCSP hdr checksum [ 2498.778201] Bluetooth: Error in BCSP hdr checksum [ 2498.801965] Bluetooth: Error in BCSP hdr checksum [ 2498.806897] Bluetooth: Error in BCSP hdr checksum [ 2499.022104] Bluetooth: Error in BCSP hdr checksum [ 2499.027036] Bluetooth: Error in BCSP hdr checksum [ 2499.031975] Bluetooth: Error in BCSP hdr checksum [ 2499.036897] Bluetooth: Error in BCSP hdr checksum [ 2499.072716] Bluetooth: Error in BCSP hdr checksum [ 2499.077646] Bluetooth: Error in BCSP hdr checksum [ 2499.281861] Bluetooth: Error in BCSP hdr checksum [ 2499.286856] Bluetooth: Error in BCSP hdr checksum [ 2499.293187] Bluetooth: Error in BCSP hdr checksum [ 2499.298090] Bluetooth: Error in BCSP hdr checksum [ 2499.301657] Bluetooth: hci4 command 0x1009 tx timeout [ 2499.332009] Bluetooth: Error in BCSP hdr checksum [ 2499.336995] Bluetooth: Error in BCSP hdr checksum [ 2499.381650] Bluetooth: hci5 command 0x1009 tx timeout [ 2499.541806] Bluetooth: Error in BCSP hdr checksum [ 2499.546916] Bluetooth: Error in BCSP hdr checksum [ 2499.551942] Bluetooth: Error in BCSP hdr checksum [ 2499.557124] Bluetooth: Error in BCSP hdr checksum [ 2499.562166] Bluetooth: Error in BCSP hdr checksum [ 2499.601900] Bluetooth: Error in BCSP hdr checksum [ 2499.606817] Bluetooth: Error in BCSP hdr checksum [ 2499.781715] Bluetooth: hci9 command 0x1009 tx timeout [ 2499.786981] Bluetooth: hci8 command 0x1009 tx timeout [ 2499.793415] Bluetooth: hci7 command 0x1009 tx timeout [ 2499.798687] Bluetooth: hci6 command 0x1009 tx timeout [ 2499.805724] Bluetooth: Error in BCSP hdr checksum [ 2499.810657] Bluetooth: Error in BCSP hdr checksum [ 2499.817473] Bluetooth: Error in BCSP hdr checksum [ 2499.823036] Bluetooth: Error in BCSP hdr checksum [ 2499.861914] Bluetooth: Error in BCSP hdr checksum [ 2499.866860] Bluetooth: Error in BCSP hdr checksum [ 2500.061853] Bluetooth: Error in BCSP hdr checksum [ 2500.066755] Bluetooth: Error in BCSP hdr checksum [ 2500.071953] Bluetooth: Error in BCSP hdr checksum [ 2500.076847] Bluetooth: Error in BCSP hdr checksum [ 2500.122824] Bluetooth: Error in BCSP hdr checksum [ 2500.127831] Bluetooth: Error in BCSP hdr checksum [ 2500.181627] Bluetooth: hci10 command 0x1009 tx timeout [ 2500.321827] Bluetooth: Error in BCSP hdr checksum [ 2500.326743] Bluetooth: Error in BCSP hdr checksum [ 2500.332002] Bluetooth: Error in BCSP hdr checksum [ 2500.336905] Bluetooth: Error in BCSP hdr checksum [ 2500.381819] Bluetooth: Error in BCSP hdr checksum [ 2500.386903] Bluetooth: Error in BCSP hdr checksum [ 2500.581792] Bluetooth: Error in BCSP hdr checksum [ 2500.586749] Bluetooth: Error in BCSP hdr checksum [ 2500.593650] Bluetooth: Error in BCSP hdr checksum [ 2500.598559] Bluetooth: Error in BCSP hdr checksum [ 2500.652551] Bluetooth: Error in BCSP hdr checksum [ 2500.657478] Bluetooth: Error in BCSP hdr checksum [ 2500.841953] Bluetooth: Error in BCSP hdr checksum [ 2500.846882] Bluetooth: Error in BCSP hdr checksum [ 2500.852932] Bluetooth: Error in BCSP hdr checksum [ 2500.857839] Bluetooth: Error in BCSP hdr checksum [ 2500.911867] Bluetooth: Error in BCSP hdr checksum [ 2500.916867] Bluetooth: Error in BCSP hdr checksum [ 2501.101742] Bluetooth: Error in BCSP hdr checksum [ 2501.106791] Bluetooth: Error in BCSP hdr checksum [ 2501.113180] Bluetooth: Error in BCSP hdr checksum [ 2501.118093] Bluetooth: Error in BCSP hdr checksum [ 2501.171971] Bluetooth: Error in BCSP hdr checksum [ 2501.176969] Bluetooth: Error in BCSP hdr checksum [ 2501.361697] Bluetooth: Error in BCSP hdr checksum [ 2501.366698] Bluetooth: Error in BCSP hdr checksum [ 2501.372988] Bluetooth: Error in BCSP hdr checksum [ 2501.377912] Bluetooth: Error in BCSP hdr checksum [ 2501.431731] Bluetooth: Error in BCSP hdr checksum [ 2501.436789] Bluetooth: Error in BCSP hdr checksum [ 2501.621765] Bluetooth: Error in BCSP hdr checksum [ 2501.626688] Bluetooth: Error in BCSP hdr checksum [ 2501.632014] Bluetooth: Error in BCSP hdr checksum [ 2501.636959] Bluetooth: Error in BCSP hdr checksum [ 2501.691820] Bluetooth: Error in BCSP hdr checksum [ 2501.696752] Bluetooth: Error in BCSP hdr checksum [ 2501.881908] Bluetooth: Error in BCSP hdr checksum [ 2501.887149] Bluetooth: Error in BCSP hdr checksum [ 2501.893380] Bluetooth: Error in BCSP hdr checksum [ 2501.898409] Bluetooth: Error in BCSP hdr checksum [ 2501.951788] Bluetooth: Error in BCSP hdr checksum [ 2501.957008] Bluetooth: Error in BCSP hdr checksum [ 2502.142364] Bluetooth: Error in BCSP hdr checksum [ 2502.147424] Bluetooth: Error in BCSP hdr checksum [ 2502.153714] Bluetooth: Error in BCSP hdr checksum [ 2502.158621] Bluetooth: Error in BCSP hdr checksum [ 2502.211673] Bluetooth: Error in BCSP hdr checksum [ 2502.216696] Bluetooth: Error in BCSP hdr checksum [ 2502.401628] Bluetooth: Error in BCSP hdr checksum [ 2502.406712] Bluetooth: Error in BCSP hdr checksum [ 2502.413127] Bluetooth: Error in BCSP hdr checksum [ 2502.418020] Bluetooth: Error in BCSP hdr checksum [ 2502.481692] Bluetooth: Error in BCSP hdr checksum [ 2502.486877] Bluetooth: Error in BCSP hdr checksum [ 2502.492951] Bluetooth: Error in BCSP hdr checksum 18:40:09 executing program 5: clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = memfd_create(&(0x7f00000001c0)='\vem5\xc1#*\xff\x00\x00\x00\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\xa2\xf0\xa6\xb6\xbf\xb1\x00\xf0\x97zR\xe2r\x04\x15b\xd0\xa9`\xbc\xad\x1f\xb7\xde\xf3k\xdcw\xab\xe9[>)6;\xabi\xf0\xee\xaa\xa8$\x15O', 0x0) write(r0, &(0x7f0000000040)="06", 0x1) mmap(&(0x7f0000000000/0x7000)=nil, 0x7000, 0x80000000004, 0x11, r0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = fcntl$dupfd(r1, 0x0, r1) setsockopt$IP_VS_SO_SET_ADD(r2, 0x0, 0x482, &(0x7f0000000000)={0x0, @remote, 0x0, 0x0, 'dh\x00'}, 0x2c) 18:40:09 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = syz_open_dev$mouse(&(0x7f0000000000)='/dev/input/mouse#\x00', 0x8, 0x2) ioctl$KDDISABIO(r1, 0x4b37) open(&(0x7f00000000c0)='./file0\x00', 0x40c2, 0x0) open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) pipe(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000040)='/dev/cuse\x00', 0x2, 0x0) splice(r4, 0x0, r3, 0x0, 0x20000038, 0x0) ioctl$MON_IOCQ_URB_LEN(r3, 0x9201) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x200000000, 0x2, &(0x7f00000001c0)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r5 = socket(0x200000000000011, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000080)={'sit0\x00', 0x0}) bind$packet(r5, &(0x7f0000000200)={0x11, 0x0, r6, 0x1, 0x0, 0x6, @local}, 0x14) sendmmsg(r5, &(0x7f0000000d00), 0x400004e, 0x0) sendfile(r5, r2, &(0x7f0000000100)=0x27, 0x8) r7 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) write$binfmt_elf64(r7, &(0x7f0000000ec0)=ANY=[], 0x471) sendfile(r7, r7, &(0x7f0000000480), 0xa198) [ 2502.673294] Bluetooth: Error in BCSP hdr checksum [ 2502.678242] Bluetooth: Error in BCSP hdr checksum [ 2502.694659] Bluetooth: Error in BCSP hdr checksum [ 2502.699615] Bluetooth: Error in BCSP hdr checksum [ 2502.741564] Bluetooth: Error in BCSP hdr checksum [ 2502.746538] Bluetooth: Error in BCSP hdr checksum [ 2502.770695] IPVS: Scheduler module ip_vs_ not found [ 2502.931748] Bluetooth: Error in BCSP hdr checksum [ 2502.931853] Bluetooth: Error in BCSP hdr checksum [ 2502.936690] Bluetooth: Error in BCSP hdr checksum [ 2502.947080] Bluetooth: Error in BCSP hdr checksum [ 2502.952073] Bluetooth: Error in BCSP hdr checksum [ 2503.001717] Bluetooth: Error in BCSP hdr checksum [ 2503.006630] Bluetooth: Error in BCSP hdr checksum [ 2503.191783] Bluetooth: Error in BCSP hdr checksum [ 2503.196242] Bluetooth: Error in BCSP hdr checksum [ 2503.196710] Bluetooth: Error in BCSP hdr checksum [ 2503.203079] Bluetooth: Error in BCSP hdr checksum [ 2503.261612] Bluetooth: Error in BCSP hdr checksum [ 2503.266520] Bluetooth: Error in BCSP hdr checksum 18:40:10 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) r1 = openat$ttyprintk(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ttyprintk\x00', 0x470000, 0x0) pipe(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) openat$cuse(0xffffffffffffff9c, &(0x7f0000000040)='/dev/cuse\x00', 0x2, 0x0) splice(0xffffffffffffffff, 0x0, r2, 0x0, 0x20000038, 0x0) ioctl$DRM_IOCTL_MODE_OBJ_GETPROPERTIES(r2, 0xc02064b9, &(0x7f0000000180)={&(0x7f0000000100)=[0x7f, 0x35788, 0x29d, 0x5, 0x6, 0x8, 0xbbac, 0x0], &(0x7f0000000140)=[0x0, 0x0, 0x0, 0x0], 0x40000000000000ba, 0x5, 0xeeeeeeee}) ioctl$VT_OPENQRY(r1, 0x5600, &(0x7f0000000080)) ioctl$KDADDIO(r0, 0x400455c8, 0x4) r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r2, 0x5423, &(0x7f00000002c0)=0x17) ioctl$KDADDIO(r3, 0x400455c8, 0x1) pipe(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000040)='/dev/cuse\x00', 0x2, 0x0) splice(r5, 0x0, r4, 0x0, 0x20000038, 0x0) read$usbmon(r4, &(0x7f00000001c0)=""/231, 0xe7) ioctl$TIOCSETD(r3, 0x5412, &(0x7f0000000040)) ioctl$TIOCSETD(r3, 0x5412, &(0x7f0000000000)=0xfffffffc) syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1) prctl$PR_SET_NAME(0xf, &(0x7f0000000300)=':%\x00') [ 2503.365231] Bluetooth: Unknown HCI packet type 5e [ 2503.370206] Bluetooth: Unknown HCI packet type 43 [ 2503.377245] Bluetooth: Unknown HCI packet type 5e [ 2503.384036] Bluetooth: Unknown HCI packet type 50 [ 2503.388987] Bluetooth: Unknown HCI packet type 5e [ 2503.395487] Bluetooth: Unknown HCI packet type 40 [ 2503.451864] Bluetooth: Error in BCSP hdr checksum [ 2503.452123] Bluetooth: Error in BCSP hdr checksum [ 2503.456785] Bluetooth: Error in BCSP hdr checksum [ 2503.464019] Bluetooth: Error in BCSP hdr checksum [ 2503.531887] Bluetooth: Error in BCSP hdr checksum [ 2503.536857] Bluetooth: Error in BCSP hdr checksum [ 2503.711822] Bluetooth: Error in BCSP hdr checksum [ 2503.716119] Bluetooth: Error in BCSP hdr checksum [ 2503.716855] Bluetooth: Error in BCSP hdr checksum [ 2503.721690] Bluetooth: Error in BCSP hdr checksum [ 2503.801413] Bluetooth: Error in BCSP hdr checksum [ 2503.806386] Bluetooth: Error in BCSP hdr checksum [ 2503.971940] Bluetooth: Error in BCSP hdr checksum [ 2503.972105] Bluetooth: Error in BCSP hdr checksum [ 2503.976844] Bluetooth: Error in BCSP hdr checksum [ 2503.981862] Bluetooth: Error in BCSP hdr checksum 18:40:11 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) ioctl$VT_GETSTATE(r0, 0x5603, &(0x7f0000000000)={0x1f, 0x1, 0x39fa}) ioctl$TCXONC(r0, 0x540a, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) ioctl$TIOCVHANGUP(r0, 0x5437, 0x0) 18:40:11 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) open(&(0x7f00000000c0)='./file0\x00', 0x40c2, 0x0) open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x200000000, 0x2, &(0x7f00000001c0)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r1 = open(&(0x7f0000000040)='./file0\x00', 0x141240, 0x1) write$binfmt_elf64(r1, &(0x7f0000000ec0)=ANY=[], 0x471) pipe(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000040)='/dev/cuse\x00', 0x2, 0x0) splice(r3, 0x0, r2, 0x0, 0x20000038, 0x0) write$P9_RXATTRWALK(r2, &(0x7f0000000000)={0xf, 0x1f, 0x1, 0x8}, 0xf) ioctl$TUNSETLINK(0xffffffffffffffff, 0x400454cd, 0x300) r4 = socket(0x200000000000011, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000080)={'sit0\x00', 0x0}) bind$packet(r4, &(0x7f0000000200)={0x11, 0x0, r5, 0x1, 0x0, 0x6, @local}, 0x14) sendmmsg(r4, &(0x7f0000000d00), 0x400004e, 0x0) sendfile(r1, r4, &(0x7f0000000480), 0xa198) 18:40:11 executing program 5: clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = memfd_create(&(0x7f00000001c0)='\vem5\xc1#*\xff\x00\x00\x00\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\xa2\xf0\xa6\xb6\xbf\xb1\x00\xf0\x97zR\xe2r\x04\x15b\xd0\xa9`\xbc\xad\x1f\xb7\xde\xf3k\xdcw\xab\xe9[>)6;\xabi\xf0\xee\xaa\xa8$\x15O', 0x0) write(r0, &(0x7f0000000040)="06", 0x1) mmap(&(0x7f0000000000/0x7000)=nil, 0x7000, 0x80000000004, 0x11, r0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = fcntl$dupfd(r1, 0x0, r1) setsockopt$IP_VS_SO_SET_ADD(r2, 0x0, 0x482, &(0x7f0000000000)={0x0, @remote, 0x0, 0x0, 'dh\x00'}, 0x2c) 18:40:11 executing program 1: sendmsg$NL80211_CMD_STOP_SCHED_SCAN(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000280)={&(0x7f0000000240)={0x28, 0x0, 0x800, 0x70bd27, 0x25dfdbfd, {}, [@NL80211_ATTR_BG_SCAN_PERIOD={0x6, 0x98, 0x2}, @NL80211_ATTR_WDEV={0xc, 0x99, {0x1}}]}, 0x28}, 0x1, 0x0, 0x0, 0x40004}, 0x2) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) r1 = socket(0x200000000000011, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'sit0\x00', 0x0}) bind$packet(r1, &(0x7f0000000200)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @local}, 0x14) sendmmsg(r1, &(0x7f0000000d00), 0x400004e, 0x0) pipe(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000040)='/dev/cuse\x00', 0x2, 0x0) splice(r4, 0x0, r3, 0x0, 0x20000038, 0x0) ioctl$VIDIOC_S_INPUT(r3, 0xc0045627, &(0x7f0000000300)=0x2) setsockopt$inet6_group_source_req(r1, 0x29, 0x2f, &(0x7f0000000080)={0x1, {{0xa, 0x4e20, 0x3, @initdev={0xfe, 0x88, [], 0x0, 0x0}, 0x4}}, {{0xa, 0x4e22, 0x2, @empty, 0x10001}}}, 0x108) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) pipe(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r6 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000040)='/dev/cuse\x00', 0x2, 0x0) splice(r6, 0x0, r5, 0x0, 0x20000038, 0x0) bpf$BPF_MAP_FREEZE(0x16, &(0x7f0000000340)=r5, 0x4) ioctl$VFIO_IOMMU_MAP_DMA(0xffffffffffffffff, 0x3b71, &(0x7f0000000000)={0x20, 0x1, 0xfe99, 0x40, 0x81}) ioctl$KDADDIO(r0, 0x400455c8, 0x0) ioctl$KDADDIO(r0, 0x400455c8, 0x0) 18:40:11 executing program 4: r0 = openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ttyprintk\x00', 0x8000, 0x0) ioctl$KDFONTOP_GET(r0, 0x4b72, &(0x7f0000000480)={0x1, 0x0, 0x6, 0x7, 0x1d2, &(0x7f0000000080)}) ioctl$TIOCGPGRP(r0, 0x540f, &(0x7f00000004c0)) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x2, 0x0) ioctl$TIOCGETD(r1, 0x5424, &(0x7f0000000000)) [ 2504.778993] audit: type=1800 audit(1590777611.615:1056): pid=28860 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="collect_data" cause="failed(directio)" comm="syz-executor.0" name="file0" dev="sda1" ino=15909 res=0 [ 2504.791902] IPVS: Scheduler module ip_vs_ not found [ 2504.820041] MINIX-fs: mounting unchecked file system, running fsck is recommended 18:40:11 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) r1 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vga_arbiter\x00', 0x400000, 0x0) write$P9_RSETATTR(r1, &(0x7f0000000040)={0x7, 0x1b, 0x1}, 0x7) ioctl$TIOCGETD(r0, 0x5424, &(0x7f00000004c0)) 18:40:11 executing program 5: clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = memfd_create(&(0x7f00000001c0)='\vem5\xc1#*\xff\x00\x00\x00\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\xa2\xf0\xa6\xb6\xbf\xb1\x00\xf0\x97zR\xe2r\x04\x15b\xd0\xa9`\xbc\xad\x1f\xb7\xde\xf3k\xdcw\xab\xe9[>)6;\xabi\xf0\xee\xaa\xa8$\x15O', 0x0) write(r0, &(0x7f0000000040)="06", 0x1) mmap(&(0x7f0000000000/0x7000)=nil, 0x7000, 0x80000000004, 0x11, r0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = fcntl$dupfd(r1, 0x0, r1) setsockopt$IP_VS_SO_SET_ADD(r2, 0x0, 0x482, &(0x7f0000000000)={0x0, @remote, 0x0, 0x0, 'dh\x00'}, 0x2c) [ 2504.847082] audit: type=1804 audit(1590777611.655:1057): pid=28860 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="open_writers" comm="syz-executor.0" name="/root/syzkaller-testdir477172077/syzkaller.GVGvUQ/704/file0" dev="sda1" ino=15909 res=1 [ 2504.873737] Bluetooth: hci5: Frame reassembly failed (-84) 18:40:11 executing program 4: r0 = socket(0x200000000000011, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'sit0\x00', 0x0}) bind$packet(r0, &(0x7f0000000200)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @local}, 0x14) sendmmsg(r0, &(0x7f0000000d00), 0x400004e, 0x0) r2 = accept4$rose(r0, &(0x7f00000001c0)=@full={0xb, @remote, @bcast, 0x0, [@rose, @default, @remote, @null, @bcast, @netrom]}, &(0x7f0000000200)=0x40, 0x80800) ioctl$sock_inet_SIOCGIFNETMASK(r2, 0x891b, &(0x7f0000000240)={'ip6gretap0\x00', {0x2, 0x4e24, @multicast2}}) r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCGETD(r3, 0x5424, &(0x7f00000004c0)) 18:40:11 executing program 5: clone(0x3a3dd4008400af01, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = memfd_create(0x0, 0x0) write(r0, &(0x7f0000000040)="06", 0x1) mmap(&(0x7f0000000000/0x7000)=nil, 0x7000, 0x80000000004, 0x11, r0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = fcntl$dupfd(r1, 0x0, r1) setsockopt$IP_VS_SO_SET_ADD(r2, 0x0, 0x482, &(0x7f0000000000)={0x0, @remote, 0x0, 0x0, 'dh\x00'}, 0x2c) [ 2505.025074] IPVS: Scheduler module ip_vs_ not found 18:40:11 executing program 5: clone(0x3a3dd4008400af01, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = memfd_create(0x0, 0x0) write(r0, &(0x7f0000000040)="06", 0x1) mmap(&(0x7f0000000000/0x7000)=nil, 0x7000, 0x80000000004, 0x11, r0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = fcntl$dupfd(r1, 0x0, r1) setsockopt$IP_VS_SO_SET_ADD(r2, 0x0, 0x482, &(0x7f0000000000)={0x0, @remote, 0x0, 0x0, 'dh\x00'}, 0x2c) [ 2505.059768] IPVS: set_ctl: invalid protocol: 0 172.20.20.187:0 18:40:11 executing program 5: clone(0x3a3dd4008400af01, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = memfd_create(0x0, 0x0) write(r0, &(0x7f0000000040)="06", 0x1) mmap(&(0x7f0000000000/0x7000)=nil, 0x7000, 0x80000000004, 0x11, r0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = fcntl$dupfd(r1, 0x0, r1) setsockopt$IP_VS_SO_SET_ADD(r2, 0x0, 0x482, &(0x7f0000000000)={0x0, @remote, 0x0, 0x0, 'dh\x00'}, 0x2c) [ 2505.105365] IPVS: set_ctl: invalid protocol: 0 172.20.20.187:0 [ 2505.165904] IPVS: set_ctl: invalid protocol: 0 172.20.20.187:0 [ 2505.291855] minix_free_inode: bit 1 already cleared [ 2505.381131] Bluetooth: hci3 command 0x1003 tx timeout [ 2505.387467] Bluetooth: hci3 sending frame failed (-49) [ 2506.830980] Bluetooth: hci4 command 0x1003 tx timeout [ 2506.836323] Bluetooth: hci4 sending frame failed (-49) [ 2506.901004] Bluetooth: hci5 command 0x1003 tx timeout [ 2506.906343] Bluetooth: hci5 sending frame failed (-49) [ 2507.460986] Bluetooth: hci3 command 0x1001 tx timeout [ 2507.466313] Bluetooth: hci3 sending frame failed (-49) [ 2507.630959] Bluetooth: hci6 command 0x1003 tx timeout [ 2507.637662] Bluetooth: hci6 sending frame failed (-49) [ 2508.900887] Bluetooth: hci4 command 0x1001 tx timeout [ 2508.906329] Bluetooth: hci4 sending frame failed (-49) [ 2508.980838] Bluetooth: hci5 command 0x1001 tx timeout [ 2508.986159] Bluetooth: hci5 sending frame failed (-49) [ 2509.540933] Bluetooth: hci3 command 0x1009 tx timeout [ 2509.700826] Bluetooth: hci6 command 0x1001 tx timeout [ 2509.706192] Bluetooth: hci6 sending frame failed (-49) [ 2510.980732] Bluetooth: hci4 command 0x1009 tx timeout [ 2511.060686] Bluetooth: hci5 command 0x1009 tx timeout [ 2511.790647] Bluetooth: hci6 command 0x1009 tx timeout 18:40:20 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000240)={0x0, 0x0}, &(0x7f0000000280)=0x5) setuid(r2) ioprio_set$uid(0x3, r2, 0x2) ioctl$TIOCGETD(r0, 0x5424, &(0x7f00000004c0)) 18:40:22 executing program 0: r0 = gettid() ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0xf) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) sched_getaffinity(r0, 0x8, &(0x7f0000000100)) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) open(&(0x7f00000000c0)='./file0\x00', 0x40c2, 0x0) pipe(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000040)='/dev/cuse\x00', 0x2, 0x0) splice(r3, 0x0, r2, 0x0, 0x20000038, 0x0) write$UHID_CREATE(r2, &(0x7f0000000200)={0x0, {'syz0\x00', 'syz1\x00', 'syz0\x00', &(0x7f0000000000)=""/57, 0x39, 0x4, 0x3, 0x5, 0x0, 0x5}}, 0x120) open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x200000000, 0x2, &(0x7f00000001c0)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r4 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) write$binfmt_elf64(r4, &(0x7f0000000ec0)=ANY=[], 0x471) sendfile(r4, r4, &(0x7f0000000480), 0xa198) 18:40:22 executing program 5: clone(0x3a3dd4008400af01, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = memfd_create(&(0x7f00000001c0)='\vem5\xc1#*\xff\x00\x00\x00\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\xa2\xf0\xa6\xb6\xbf\xb1\x00\xf0\x97zR\xe2r\x04\x15b\xd0\xa9`\xbc\xad\x1f\xb7\xde\xf3k\xdcw\xab\xe9[>)6;\xabi\xf0\xee\xaa\xa8$\x15O', 0x0) write(0xffffffffffffffff, &(0x7f0000000040)="06", 0x1) mmap(&(0x7f0000000000/0x7000)=nil, 0x7000, 0x80000000004, 0x11, r0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = fcntl$dupfd(r1, 0x0, r1) setsockopt$IP_VS_SO_SET_ADD(r2, 0x0, 0x482, &(0x7f0000000000)={0x0, @remote, 0x0, 0x0, 'dh\x00'}, 0x2c) 18:40:22 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x4) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000040)) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'sit0\x00', 0x0}) pipe(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000040)='/dev/cuse\x00', 0x2, 0x0) splice(r3, 0x0, r2, 0x0, 0x20000038, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000140)={'tunl0\x00', 0x800}) bind$packet(0xffffffffffffffff, &(0x7f0000000200)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @local}, 0x14) sendmmsg(0xffffffffffffffff, &(0x7f0000000d00), 0x400004e, 0x0) pipe(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) openat$cuse(0xffffffffffffff9c, &(0x7f0000000040)='/dev/cuse\x00', 0x2, 0x0) read$snddsp(r4, &(0x7f00000000c0)=""/119, 0x77) getsockopt$packet_buf(0xffffffffffffffff, 0x107, 0xa, &(0x7f0000000000)=""/56, &(0x7f0000000080)=0x38) 18:40:22 executing program 4: openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptmx\x00', 0x22a80, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000040)) ioctl$TIOCGETD(r0, 0x5424, &(0x7f0000000080)) 18:40:22 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) pipe(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000040)='/dev/cuse\x00', 0x2, 0x0) splice(r3, 0x0, r2, 0x0, 0x10000000c0000005, 0x3) r4 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r4, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000000)={0xffffffffffffffff}, 0x13f}}, 0xffaf) write$RDMA_USER_CM_CMD_QUERY(r4, &(0x7f0000000100)={0x13, 0x10, 0xfa00, {&(0x7f0000001f00), r5, 0x1}}, 0x18) accept4$phonet_pipe(0xffffffffffffffff, &(0x7f0000000140), &(0x7f00000001c0)=0x10, 0x80000) write$RDMA_USER_CM_CMD_RESOLVE_ROUTE(r2, &(0x7f0000000000)={0x4, 0x8, 0xfa00, {r5, 0x1}}, 0x10) ioctl$RTC_IRQP_READ(r1, 0x8008700b, &(0x7f00000000c0)) ioctl$FS_IOC_GET_ENCRYPTION_POLICY(r3, 0x400c6615, &(0x7f0000000280)) ioctl$KDADDIO(r0, 0x400455c8, 0x0) ioctl$PPPIOCSMRU1(r1, 0x40047452, &(0x7f0000000200)=0x8) 18:40:23 executing program 5: clone(0x3a3dd4008400af01, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = memfd_create(&(0x7f00000001c0)='\vem5\xc1#*\xff\x00\x00\x00\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\xa2\xf0\xa6\xb6\xbf\xb1\x00\xf0\x97zR\xe2r\x04\x15b\xd0\xa9`\xbc\xad\x1f\xb7\xde\xf3k\xdcw\xab\xe9[>)6;\xabi\xf0\xee\xaa\xa8$\x15O', 0x0) write(0xffffffffffffffff, &(0x7f0000000040)="06", 0x1) mmap(&(0x7f0000000000/0x7000)=nil, 0x7000, 0x80000000004, 0x11, r0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = fcntl$dupfd(r1, 0x0, r1) setsockopt$IP_VS_SO_SET_ADD(r2, 0x0, 0x482, &(0x7f0000000000)={0x0, @remote, 0x0, 0x0, 'dh\x00'}, 0x2c) 18:40:23 executing program 0: socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket(0x200000000000011, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'sit0\x00', 0x0}) bind$packet(r1, &(0x7f0000000200)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @local}, 0x14) sendmmsg(r1, &(0x7f0000000d00), 0x400004e, 0x0) ioctl$EXT4_IOC_MIGRATE(r1, 0x6609) r3 = socket(0x200000000000011, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000080)={'sit0\x00', 0x0}) bind$packet(r3, &(0x7f0000000200)={0x11, 0x0, r4, 0x1, 0x0, 0x6, @local}, 0x14) sendmmsg(r3, &(0x7f0000000d00), 0x400004e, 0x0) bind$bt_hci(r3, &(0x7f0000000240)={0x1f, 0xffffffffffffffff, 0x2}, 0x6) open(&(0x7f00000000c0)='./file0\x00', 0x40c2, 0x0) open$dir(&(0x7f0000000080)='./file0\x00', 0x200, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x200000000, 0x2, &(0x7f0000000280)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r5 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) write$binfmt_elf64(r5, &(0x7f0000000ec0)=ANY=[], 0x471) r6 = openat$zero(0xffffffffffffff9c, &(0x7f0000000100)='/dev/zero\x00', 0x0, 0x0) ioctl$PPPIOCSNPMODE(r6, 0x4008744b, &(0x7f0000000180)={0x8057}) sendfile(r5, r5, &(0x7f0000000480), 0xa198) 18:40:23 executing program 2: r0 = syz_open_dev$audion(&(0x7f0000000000)='/dev/audio#\x00', 0x0, 0x4900) setsockopt$netlink_NETLINK_LISTEN_ALL_NSID(r0, 0x10e, 0x8, &(0x7f0000000080)=0x3bc8, 0x4) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'sit0\x00', 0x0}) bind$packet(0xffffffffffffffff, &(0x7f0000000200)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @local}, 0x14) sendmmsg(0xffffffffffffffff, &(0x7f0000000d00), 0x400004e, 0x0) getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(0xffffffffffffffff, 0x84, 0x7b, &(0x7f00000000c0)={0x0, 0x9}, &(0x7f0000000100)=0x8) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x76, &(0x7f0000000140)={r3, 0x3}, &(0x7f0000000180)=0x8) ioctl$TCXONC(r1, 0x540a, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0xf) r4 = socket(0x200000000000011, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000080)={'sit0\x00', 0x0}) bind$packet(r4, &(0x7f0000000200)={0x11, 0x0, r5, 0x1, 0x0, 0x6, @local}, 0x14) sendmmsg(r4, &(0x7f0000000d00), 0x400004e, 0x0) sendmsg$RDMA_NLDEV_CMD_STAT_SET(r4, &(0x7f00000002c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000280)={&(0x7f0000000340)=ANY=[@ANYBLOB="1800000010bad8899e1bc9feea0f0f67b1b67a3f1400dbdf2508004b0013002000"], 0x18}, 0x1, 0x0, 0x0, 0x20000000}, 0x20040040) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000000)={0xffffffffffffffff}, 0x13f}}, 0xffaf) write$RDMA_USER_CM_CMD_QUERY(0xffffffffffffffff, &(0x7f0000000100)={0x13, 0x10, 0xfa00, {&(0x7f0000001f00), r6, 0x1}}, 0x18) write$RDMA_USER_CM_CMD_RESOLVE_ROUTE(0xffffffffffffffff, &(0x7f0000000300)={0x4, 0x8, 0xfa00, {r6, 0x7}}, 0x10) ioctl$KDADDIO(r1, 0x400455c8, 0x0) ioctl$TIOCVHANGUP(r1, 0x5437, 0x0) [ 2516.178135] Bluetooth: hci3: Frame reassembly failed (-84) 18:40:23 executing program 5: clone(0x3a3dd4008400af01, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = memfd_create(&(0x7f00000001c0)='\vem5\xc1#*\xff\x00\x00\x00\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\xa2\xf0\xa6\xb6\xbf\xb1\x00\xf0\x97zR\xe2r\x04\x15b\xd0\xa9`\xbc\xad\x1f\xb7\xde\xf3k\xdcw\xab\xe9[>)6;\xabi\xf0\xee\xaa\xa8$\x15O', 0x0) write(0xffffffffffffffff, &(0x7f0000000040)="06", 0x1) mmap(&(0x7f0000000000/0x7000)=nil, 0x7000, 0x80000000004, 0x11, r0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = fcntl$dupfd(r1, 0x0, r1) setsockopt$IP_VS_SO_SET_ADD(r2, 0x0, 0x482, &(0x7f0000000000)={0x0, @remote, 0x0, 0x0, 'dh\x00'}, 0x2c) [ 2516.226847] Bluetooth: Unknown HCI packet type 5e [ 2516.236420] Bluetooth: Unknown HCI packet type 43 [ 2516.243437] Bluetooth: Unknown HCI packet type 00 [ 2516.252580] Bluetooth: Unknown HCI packet type 5e [ 2516.276318] Bluetooth: Unknown HCI packet type 50 [ 2516.307540] Bluetooth: Unknown HCI packet type 5e [ 2516.341342] Bluetooth: Unknown HCI packet type 40 [ 2516.357085] audit: type=1800 audit(1590777623.195:1058): pid=28973 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="collect_data" cause="failed(directio)" comm="syz-executor.0" name="file0" dev="sda1" ino=15913 res=0 18:40:23 executing program 5: clone(0x3a3dd4008400af01, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = memfd_create(&(0x7f00000001c0)='\vem5\xc1#*\xff\x00\x00\x00\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\xa2\xf0\xa6\xb6\xbf\xb1\x00\xf0\x97zR\xe2r\x04\x15b\xd0\xa9`\xbc\xad\x1f\xb7\xde\xf3k\xdcw\xab\xe9[>)6;\xabi\xf0\xee\xaa\xa8$\x15O', 0x0) write(r0, 0x0, 0x0) mmap(&(0x7f0000000000/0x7000)=nil, 0x7000, 0x80000000004, 0x11, r0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = fcntl$dupfd(r1, 0x0, r1) setsockopt$IP_VS_SO_SET_ADD(r2, 0x0, 0x482, &(0x7f0000000000)={0x0, @remote, 0x0, 0x0, 'dh\x00'}, 0x2c) [ 2516.390063] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 2516.437995] audit: type=1804 audit(1590777623.215:1059): pid=28973 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="open_writers" comm="syz-executor.0" name="/root/syzkaller-testdir477172077/syzkaller.GVGvUQ/706/file0" dev="sda1" ino=15913 res=1 18:40:23 executing program 5: clone(0x3a3dd4008400af01, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = memfd_create(&(0x7f00000001c0)='\vem5\xc1#*\xff\x00\x00\x00\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\xa2\xf0\xa6\xb6\xbf\xb1\x00\xf0\x97zR\xe2r\x04\x15b\xd0\xa9`\xbc\xad\x1f\xb7\xde\xf3k\xdcw\xab\xe9[>)6;\xabi\xf0\xee\xaa\xa8$\x15O', 0x0) write(r0, 0x0, 0x0) mmap(&(0x7f0000000000/0x7000)=nil, 0x7000, 0x80000000004, 0x11, r0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = fcntl$dupfd(r1, 0x0, r1) setsockopt$IP_VS_SO_SET_ADD(r2, 0x0, 0x482, &(0x7f0000000000)={0x0, @remote, 0x0, 0x0, 'dh\x00'}, 0x2c) 18:40:23 executing program 5: clone(0x3a3dd4008400af01, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = memfd_create(&(0x7f00000001c0)='\vem5\xc1#*\xff\x00\x00\x00\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\xa2\xf0\xa6\xb6\xbf\xb1\x00\xf0\x97zR\xe2r\x04\x15b\xd0\xa9`\xbc\xad\x1f\xb7\xde\xf3k\xdcw\xab\xe9[>)6;\xabi\xf0\xee\xaa\xa8$\x15O', 0x0) write(r0, 0x0, 0x0) mmap(&(0x7f0000000000/0x7000)=nil, 0x7000, 0x80000000004, 0x11, r0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = fcntl$dupfd(r1, 0x0, r1) setsockopt$IP_VS_SO_SET_ADD(r2, 0x0, 0x482, &(0x7f0000000000)={0x0, @remote, 0x0, 0x0, 'dh\x00'}, 0x2c) 18:40:23 executing program 5: clone(0x3a3dd4008400af01, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = memfd_create(&(0x7f00000001c0)='\vem5\xc1#*\xff\x00\x00\x00\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\xa2\xf0\xa6\xb6\xbf\xb1\x00\xf0\x97zR\xe2r\x04\x15b\xd0\xa9`\xbc\xad\x1f\xb7\xde\xf3k\xdcw\xab\xe9[>)6;\xabi\xf0\xee\xaa\xa8$\x15O', 0x0) write(r0, &(0x7f0000000040), 0x0) mmap(&(0x7f0000000000/0x7000)=nil, 0x7000, 0x80000000004, 0x11, r0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = fcntl$dupfd(r1, 0x0, r1) setsockopt$IP_VS_SO_SET_ADD(r2, 0x0, 0x482, &(0x7f0000000000)={0x0, @remote, 0x0, 0x0, 'dh\x00'}, 0x2c) 18:40:23 executing program 5: clone(0x3a3dd4008400af01, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = memfd_create(&(0x7f00000001c0)='\vem5\xc1#*\xff\x00\x00\x00\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\xa2\xf0\xa6\xb6\xbf\xb1\x00\xf0\x97zR\xe2r\x04\x15b\xd0\xa9`\xbc\xad\x1f\xb7\xde\xf3k\xdcw\xab\xe9[>)6;\xabi\xf0\xee\xaa\xa8$\x15O', 0x0) write(r0, &(0x7f0000000040), 0x0) mmap(&(0x7f0000000000/0x7000)=nil, 0x7000, 0x80000000004, 0x11, r0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = fcntl$dupfd(r1, 0x0, r1) setsockopt$IP_VS_SO_SET_ADD(r2, 0x0, 0x482, &(0x7f0000000000)={0x0, @remote, 0x0, 0x0, 'dh\x00'}, 0x2c) [ 2516.697409] audit: type=1804 audit(1590777623.536:1060): pid=28965 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="ToMToU" comm="syz-executor.0" name="/root/syzkaller-testdir477172077/syzkaller.GVGvUQ/706/file0" dev="loop0" ino=1 res=1 [ 2516.980656] minix_free_inode: bit 1 already cleared [ 2518.180095] Bluetooth: hci3 command 0x1003 tx timeout [ 2518.185575] Bluetooth: hci3 sending frame failed (-49) [ 2518.260084] Bluetooth: hci5 command 0x1003 tx timeout [ 2518.265617] Bluetooth: hci5 sending frame failed (-49) [ 2518.271918] Bluetooth: hci4 command 0x1003 tx timeout [ 2518.277246] Bluetooth: hci4 sending frame failed (-49) [ 2518.340136] Bluetooth: hci6 command 0x1003 tx timeout [ 2518.345502] Bluetooth: hci6 sending frame failed (-49) [ 2519.140090] Bluetooth: hci7 command 0x1003 tx timeout [ 2519.145573] Bluetooth: hci7 sending frame failed (-49) [ 2520.259991] Bluetooth: hci3 command 0x1001 tx timeout [ 2520.265346] Bluetooth: hci3 sending frame failed (-49) [ 2520.339999] Bluetooth: hci5 command 0x1001 tx timeout [ 2520.340005] Bluetooth: hci4 command 0x1001 tx timeout [ 2520.340084] Bluetooth: hci4 sending frame failed (-49) [ 2520.345420] Bluetooth: hci5 sending frame failed (-49) [ 2520.419936] Bluetooth: hci6 command 0x1001 tx timeout [ 2520.425431] Bluetooth: hci6 sending frame failed (-49) [ 2521.220076] Bluetooth: hci7 command 0x1001 tx timeout [ 2521.225405] Bluetooth: hci7 sending frame failed (-49) [ 2522.349811] Bluetooth: hci3 command 0x1009 tx timeout [ 2522.419773] Bluetooth: hci4 command 0x1009 tx timeout [ 2522.419813] Bluetooth: hci5 command 0x1009 tx timeout [ 2522.499816] Bluetooth: hci6 command 0x1009 tx timeout [ 2523.299738] Bluetooth: hci7 command 0x1009 tx timeout 18:40:33 executing program 3: pipe(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000040)='/dev/cuse\x00', 0x2, 0x0) splice(r1, 0x0, r0, 0x0, 0x20000038, 0x0) ioctl$VIDIOC_TRY_ENCODER_CMD(r0, 0xc028564e, &(0x7f0000000000)={0x3, 0x0, [0xf665, 0x2, 0x40, 0xcfa, 0x1, 0x3, 0x6a0d, 0x1]}) r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000040)=0xa) ioctl$KDADDIO(r2, 0x400455c8, 0x4) ioctl$TIOCSETD(r2, 0x5412, &(0x7f0000000040)) 18:40:33 executing program 5: clone(0x3a3dd4008400af01, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = memfd_create(&(0x7f00000001c0)='\vem5\xc1#*\xff\x00\x00\x00\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\xa2\xf0\xa6\xb6\xbf\xb1\x00\xf0\x97zR\xe2r\x04\x15b\xd0\xa9`\xbc\xad\x1f\xb7\xde\xf3k\xdcw\xab\xe9[>)6;\xabi\xf0\xee\xaa\xa8$\x15O', 0x0) write(r0, &(0x7f0000000040), 0x0) mmap(&(0x7f0000000000/0x7000)=nil, 0x7000, 0x80000000004, 0x11, r0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = fcntl$dupfd(r1, 0x0, r1) setsockopt$IP_VS_SO_SET_ADD(r2, 0x0, 0x482, &(0x7f0000000000)={0x0, @remote, 0x0, 0x0, 'dh\x00'}, 0x2c) 18:40:33 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) open(&(0x7f00000000c0)='./file0\x00', 0x40c2, 0x0) open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) r1 = epoll_create1(0x0) r2 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/fuse\x00', 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000100)) write$FUSE_STATFS(r2, &(0x7f0000000240)={0x60, 0xb, 0x1, {{0xffffffffffffff00, 0x8, 0xc, 0x7, 0x3, 0x8, 0x8, 0x9}}}, 0x60) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x200000000, 0x2, &(0x7f00000001c0)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r3 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) r4 = socket(0x200000000000011, 0x80000, 0x0) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000080)={'sit0\x00', 0x0}) bind$packet(r4, &(0x7f0000000200)={0x11, 0x0, r5, 0x1, 0x0, 0x6, @local}, 0x14) sendmmsg(r4, &(0x7f0000000d00), 0x400004e, 0x0) write$binfmt_elf64(r4, &(0x7f0000000ec0)=ANY=[], 0x471) sendfile(r3, r3, &(0x7f0000000480), 0xa198) 18:40:33 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x400, 0x0) ioctl$TIOCGETD(r0, 0x5424, &(0x7f00000004c0)) 18:40:33 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) r1 = socket(0x200000000000011, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'sit0\x00', 0x0}) bind$packet(r1, &(0x7f0000000200)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @local}, 0x14) sendmmsg(r1, &(0x7f0000000d00), 0x400004e, 0x0) r3 = creat(&(0x7f0000000280)='./file0\x00', 0x0) close(r3) r4 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r4, 0x84, 0x1d, &(0x7f0000000040)={0x1, [0x0]}, &(0x7f000095dffc)=0x8) getsockopt$inet_sctp6_SCTP_ASSOCINFO(r3, 0x84, 0x1, &(0x7f0000000180)={r5}, &(0x7f0000000200)=0x14) setsockopt$inet_sctp6_SCTP_RESET_ASSOC(r1, 0x84, 0x78, &(0x7f0000000000)=r5, 0x4) ioctl$KDADDIO(r0, 0x400455c8, 0x0) ioctl$KDADDIO(r0, 0x400455c8, 0x0) [ 2526.434847] audit: type=1800 audit(1590777633.266:1061): pid=29027 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="collect_data" cause="failed(directio)" comm="syz-executor.0" name="file0" dev="sda1" ino=16168 res=0 [ 2526.461717] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 2526.544837] audit: type=1804 audit(1590777633.266:1062): pid=29027 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="open_writers" comm="syz-executor.0" name="/root/syzkaller-testdir477172077/syzkaller.GVGvUQ/707/file0" dev="sda1" ino=16168 res=1 [ 2526.573096] Bluetooth: hci3: Frame reassembly failed (-84) [ 2526.600760] minix_free_inode: bit 1 already cleared [ 2526.617447] audit: type=1804 audit(1590777633.346:1063): pid=29027 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="ToMToU" comm="syz-executor.0" name="/root/syzkaller-testdir477172077/syzkaller.GVGvUQ/707/file0" dev="loop0" ino=1 res=1 18:40:34 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCXONC(r0, 0x540a, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) ioctl$TIOCVHANGUP(r0, 0x5437, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000000)='/dev/fuse\x00', 0x2, 0x0) fcntl$setflags(r1, 0x2, 0x0) 18:40:34 executing program 5: clone(0x3a3dd4008400af01, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = memfd_create(&(0x7f00000001c0)='\vem5\xc1#*\xff\x00\x00\x00\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\xa2\xf0\xa6\xb6\xbf\xb1\x00\xf0\x97zR\xe2r\x04\x15b\xd0\xa9`\xbc\xad\x1f\xb7\xde\xf3k\xdcw\xab\xe9[>)6;\xabi\xf0\xee\xaa\xa8$\x15O', 0x0) write(r0, &(0x7f0000000040)="06", 0x1) mmap(&(0x7f0000000000/0x7000)=nil, 0x7000, 0x0, 0x11, r0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = fcntl$dupfd(r1, 0x0, r1) setsockopt$IP_VS_SO_SET_ADD(r2, 0x0, 0x482, &(0x7f0000000000)={0x0, @remote, 0x0, 0x0, 'dh\x00'}, 0x2c) 18:40:34 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCGETD(r0, 0x5424, &(0x7f00000004c0)) r1 = socket(0x2, 0xedd92f2d9a231649, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'sit0\x00', 0x0}) bind$packet(r1, &(0x7f0000000200)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @local}, 0x14) sendmmsg(r1, &(0x7f0000000d00), 0x400004e, 0x0) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r1, 0x84, 0x1d, &(0x7f0000000000)={0x1, [0x0]}, &(0x7f0000000040)=0x8) 18:40:34 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) open(&(0x7f00000000c0)='./file0\x00', 0x40c2, 0x0) open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x400, 0x2, &(0x7f00000001c0)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x7f}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0xfffffffffffffdb6, 0x34fb}], 0x803000, 0x0) r1 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) write$binfmt_elf64(r1, &(0x7f0000000ec0)=ANY=[], 0x471) sendfile(r1, r1, &(0x7f0000000480), 0x1000a198) pipe(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000040)='/dev/cuse\x00', 0x2, 0x0) splice(r3, 0x0, r2, 0x0, 0x20000038, 0x0) ioctl$EVIOCSKEYCODE_V2(r2, 0x40284504, &(0x7f0000000000)={0x0, 0x1b, 0x5, 0x2, "145bbe810c4fc3ebfa7b3baafa605d746b74b7b0b3f4077ed083a452c8539802"}) 18:40:34 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r1, 0x400455c8, 0x1) ioctl$TIOCSETD(r1, 0x5412, &(0x7f0000000040)) ioctl$PIO_UNISCRNMAP(r1, 0x4b6a, &(0x7f0000000000)="8fd6360d39c0748d4c089c8dcf5bdc48e634f170be2c9443256c4c3380c7a773a0ced45bd6d2e146d5726c6618689b52ec9d1dcd1d5aafc34b10114c40ecadf0") ioctl$TCGETS2(0xffffffffffffffff, 0x802c542a, &(0x7f0000000080)) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x4) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000040)) [ 2527.736362] audit: type=1800 audit(1590777634.566:1064): pid=29071 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="collect_data" cause="failed(directio)" comm="syz-executor.0" name="file0" dev="sda1" ino=16183 res=0 18:40:34 executing program 5: clone(0x3a3dd4008400af01, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = memfd_create(&(0x7f00000001c0)='\vem5\xc1#*\xff\x00\x00\x00\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\xa2\xf0\xa6\xb6\xbf\xb1\x00\xf0\x97zR\xe2r\x04\x15b\xd0\xa9`\xbc\xad\x1f\xb7\xde\xf3k\xdcw\xab\xe9[>)6;\xabi\xf0\xee\xaa\xa8$\x15O', 0x0) write(r0, &(0x7f0000000040)="06", 0x1) mmap(&(0x7f0000000000/0x7000)=nil, 0x7000, 0x0, 0x11, r0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = fcntl$dupfd(r1, 0x0, r1) setsockopt$IP_VS_SO_SET_ADD(r2, 0x0, 0x482, &(0x7f0000000000)={0x0, @remote, 0x0, 0x0, 'dh\x00'}, 0x2c) 18:40:34 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCGETD(r0, 0x5424, &(0x7f00000004c0)) r1 = socket(0x22, 0x1, 0x3) ioctl$sock_SIOCGIFVLAN_SET_VLAN_INGRESS_PRIORITY_CMD(r1, 0x8982, &(0x7f00000000c0)={0x2, 'bond0\x00', {0xfffffff9}, 0x5}) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'sit0\x00', 0x0}) bind$packet(r1, &(0x7f0000000200)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @local}, 0x14) sendmmsg(r1, &(0x7f0000000d00), 0x400004e, 0x0) getsockopt$TIPC_NODE_RECVQ_DEPTH(r1, 0x10f, 0x83, &(0x7f0000000000), &(0x7f0000000040)=0x4) [ 2527.828188] audit: type=1804 audit(1590777634.566:1065): pid=29071 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="open_writers" comm="syz-executor.0" name="/root/syzkaller-testdir477172077/syzkaller.GVGvUQ/708/file0" dev="sda1" ino=16183 res=1 [ 2527.853861] Bluetooth: Unknown HCI packet type 00 [ 2527.854131] Bluetooth: Unknown HCI packet type 5e [ 2527.873476] Bluetooth: Unknown HCI packet type 43 18:40:34 executing program 5: clone(0x3a3dd4008400af01, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = memfd_create(&(0x7f00000001c0)='\vem5\xc1#*\xff\x00\x00\x00\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\xa2\xf0\xa6\xb6\xbf\xb1\x00\xf0\x97zR\xe2r\x04\x15b\xd0\xa9`\xbc\xad\x1f\xb7\xde\xf3k\xdcw\xab\xe9[>)6;\xabi\xf0\xee\xaa\xa8$\x15O', 0x0) write(r0, &(0x7f0000000040)="06", 0x1) mmap(&(0x7f0000000000/0x7000)=nil, 0x7000, 0x0, 0x11, r0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = fcntl$dupfd(r1, 0x0, r1) setsockopt$IP_VS_SO_SET_ADD(r2, 0x0, 0x482, &(0x7f0000000000)={0x0, @remote, 0x0, 0x0, 'dh\x00'}, 0x2c) [ 2527.897838] Bluetooth: Unknown HCI packet type 5e [ 2527.941136] Bluetooth: Unknown HCI packet type 50 18:40:34 executing program 5: clone(0x3a3dd4008400af01, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = memfd_create(&(0x7f00000001c0)='\vem5\xc1#*\xff\x00\x00\x00\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\xa2\xf0\xa6\xb6\xbf\xb1\x00\xf0\x97zR\xe2r\x04\x15b\xd0\xa9`\xbc\xad\x1f\xb7\xde\xf3k\xdcw\xab\xe9[>)6;\xabi\xf0\xee\xaa\xa8$\x15O', 0x0) write(r0, &(0x7f0000000040)="06", 0x1) mmap(&(0x7f0000000000/0x7000)=nil, 0x7000, 0x80000000004, 0x10, r0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = fcntl$dupfd(r1, 0x0, r1) setsockopt$IP_VS_SO_SET_ADD(r2, 0x0, 0x482, &(0x7f0000000000)={0x0, @remote, 0x0, 0x0, 'dh\x00'}, 0x2c) 18:40:34 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCGETD(r0, 0x5424, &(0x7f00000004c0)) r1 = socket(0x200000000000011, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'sit0\x00', 0x0}) bind$packet(r1, &(0x7f0000000200)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @local}, 0x14) r3 = socket(0x200000000000011, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000080)={'sit0\x00', 0x0}) bind$packet(r3, &(0x7f0000000200)={0x11, 0x0, r4, 0x1, 0x0, 0x6, @local}, 0x14) sendmmsg(r3, &(0x7f0000000d00), 0x400004e, 0x0) setsockopt$CAN_RAW_FD_FRAMES(r3, 0x65, 0x5, &(0x7f00000000c0)=0x1, 0x4) sendmmsg(r1, &(0x7f0000000d00), 0x400004e, 0x0) ioctl$sock_SIOCADDRT(r1, 0x890b, &(0x7f0000000000)={0x0, @l2={0x1f, 0x8, @fixed={[], 0x11}, 0x9, 0x2}, @nfc={0x27, 0x1, 0x2, 0x2}, @ax25={0x3, @default, 0x7}, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x4c, 0x9}) [ 2527.962932] audit: type=1804 audit(1590777634.696:1066): pid=29085 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="ToMToU" comm="syz-executor.0" name="/root/syzkaller-testdir477172077/syzkaller.GVGvUQ/708/file0" dev="sda1" ino=16183 res=1 [ 2527.983160] Bluetooth: Unknown HCI packet type 5e [ 2528.039606] Bluetooth: Unknown HCI packet type 40 [ 2528.047594] IPVS: set_ctl: invalid protocol: 0 172.20.20.187:0 [ 2528.054643] Bluetooth: Short BCSP packet [ 2528.309878] Bluetooth: Error in BCSP hdr checksum [ 2528.569961] Bluetooth: Error in BCSP hdr checksum [ 2528.589359] Bluetooth: hci3 command 0x1003 tx timeout [ 2528.594689] Bluetooth: hci3 sending frame failed (-49) [ 2528.830034] Bluetooth: Error in BCSP hdr checksum [ 2529.089359] Bluetooth: Error in BCSP hdr checksum [ 2529.349299] Bluetooth: Error in BCSP hdr checksum [ 2529.619962] Bluetooth: Error in BCSP hdr checksum [ 2529.859154] Bluetooth: hci5 command 0x1003 tx timeout [ 2529.859192] Bluetooth: hci6 command 0x1003 tx timeout [ 2529.864436] Bluetooth: hci4 command 0x1003 tx timeout [ 2529.874491] Bluetooth: hci6 sending frame failed (-49) [ 2529.878501] Bluetooth: hci4 sending frame failed (-49) [ 2529.881177] Bluetooth: Error in BCSP hdr checksum [ 2530.139813] Bluetooth: Error in BCSP hdr checksum [ 2530.399290] Bluetooth: Error in BCSP hdr checksum [ 2530.579132] Bluetooth: hci7 command 0x1003 tx timeout [ 2530.584485] Bluetooth: hci7 sending frame failed (-49) [ 2530.659069] Bluetooth: hci3 command 0x1001 tx timeout [ 2530.664571] Bluetooth: hci3 sending frame failed (-49) [ 2530.664792] Bluetooth: Error in BCSP hdr checksum [ 2530.919536] Bluetooth: Error in BCSP hdr checksum [ 2531.179262] Bluetooth: Error in BCSP hdr checksum [ 2531.439491] Bluetooth: Error in BCSP hdr checksum [ 2531.699281] Bluetooth: Error in BCSP hdr checksum [ 2531.938986] Bluetooth: hci6 command 0x1001 tx timeout [ 2531.938990] Bluetooth: hci4 command 0x1001 tx timeout [ 2531.939082] Bluetooth: hci4 sending frame failed (-49) [ 2531.944284] Bluetooth: hci6 sending frame failed (-49) [ 2531.960227] Bluetooth: hci5 command 0x1001 tx timeout [ 2531.965716] Bluetooth: Error in BCSP hdr checksum [ 2531.970958] Bluetooth: Error in BCSP hdr checksum [ 2532.219216] Bluetooth: Error in BCSP hdr checksum [ 2532.224288] Bluetooth: Error in BCSP hdr checksum [ 2532.479451] Bluetooth: Error in BCSP hdr checksum [ 2532.484448] Bluetooth: Error in BCSP hdr checksum [ 2532.659049] Bluetooth: hci7 command 0x1001 tx timeout [ 2532.664396] Bluetooth: hci7 sending frame failed (-49) [ 2532.739311] Bluetooth: Error in BCSP hdr checksum [ 2532.744307] Bluetooth: Error in BCSP hdr checksum [ 2532.748946] Bluetooth: hci3 command 0x1009 tx timeout [ 2532.999132] Bluetooth: Error in BCSP hdr checksum [ 2533.004124] Bluetooth: Error in BCSP hdr checksum [ 2533.010029] Bluetooth: Error in BCSP hdr checksum [ 2533.269091] Bluetooth: Error in BCSP hdr checksum [ 2533.274180] Bluetooth: Error in BCSP hdr checksum [ 2533.529144] Bluetooth: Error in BCSP hdr checksum [ 2533.534267] Bluetooth: Error in BCSP hdr checksum [ 2533.789093] Bluetooth: Error in BCSP hdr checksum [ 2533.794038] Bluetooth: Error in BCSP hdr checksum [ 2534.018845] Bluetooth: hci6 command 0x1009 tx timeout [ 2534.018849] Bluetooth: hci5 command 0x1009 tx timeout [ 2534.018920] Bluetooth: hci4 command 0x1009 tx timeout [ 2534.049233] Bluetooth: Error in BCSP hdr checksum [ 2534.054150] Bluetooth: Error in BCSP hdr checksum [ 2534.319170] Bluetooth: Error in BCSP hdr checksum [ 2534.324129] Bluetooth: Error in BCSP hdr checksum [ 2534.579359] Bluetooth: Error in BCSP hdr checksum [ 2534.584419] Bluetooth: Error in BCSP hdr checksum [ 2534.738872] Bluetooth: hci7 command 0x1009 tx timeout [ 2534.839060] Bluetooth: Error in BCSP hdr checksum [ 2534.844123] Bluetooth: Error in BCSP hdr checksum [ 2535.099038] Bluetooth: Error in BCSP hdr checksum [ 2535.103980] Bluetooth: Error in BCSP hdr checksum [ 2535.359024] Bluetooth: Error in BCSP hdr checksum [ 2535.363976] Bluetooth: Error in BCSP hdr checksum [ 2535.618889] Bluetooth: Error in BCSP hdr checksum [ 2535.624005] Bluetooth: Error in BCSP hdr checksum [ 2535.630041] Bluetooth: Error in BCSP hdr checksum [ 2535.879082] Bluetooth: Error in BCSP hdr checksum [ 2535.884090] Bluetooth: Error in BCSP hdr checksum [ 2536.139163] Bluetooth: Error in BCSP hdr checksum [ 2536.144172] Bluetooth: Error in BCSP hdr checksum [ 2536.399021] Bluetooth: Error in BCSP hdr checksum [ 2536.403948] Bluetooth: Error in BCSP hdr checksum 18:40:43 executing program 5: clone(0x3a3dd4008400af01, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = memfd_create(&(0x7f00000001c0)='\vem5\xc1#*\xff\x00\x00\x00\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\xa2\xf0\xa6\xb6\xbf\xb1\x00\xf0\x97zR\xe2r\x04\x15b\xd0\xa9`\xbc\xad\x1f\xb7\xde\xf3k\xdcw\xab\xe9[>)6;\xabi\xf0\xee\xaa\xa8$\x15O', 0x0) write(r0, &(0x7f0000000040)="06", 0x1) mmap(&(0x7f0000000000/0x7000)=nil, 0x7000, 0x80000000004, 0x10, r0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = fcntl$dupfd(r1, 0x0, r1) setsockopt$IP_VS_SO_SET_ADD(r2, 0x0, 0x482, &(0x7f0000000000)={0x0, @remote, 0x0, 0x0, 'dh\x00'}, 0x2c) 18:40:43 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptmx\x00', 0x54700, 0x0) ioctl$TIOCGETD(r0, 0x5424, &(0x7f00000004c0)) [ 2536.660855] Bluetooth: Error in BCSP hdr checksum [ 2536.665959] Bluetooth: Error in BCSP hdr checksum [ 2536.675597] IPVS: set_ctl: invalid protocol: 0 172.20.20.187:0 [ 2536.918965] Bluetooth: Error in BCSP hdr checksum [ 2536.923908] Bluetooth: Error in BCSP hdr checksum [ 2537.178901] Bluetooth: Error in BCSP hdr checksum [ 2537.183817] Bluetooth: Error in BCSP hdr checksum [ 2537.438750] Bluetooth: Error in BCSP hdr checksum [ 2537.443828] Bluetooth: Error in BCSP hdr checksum [ 2537.699001] Bluetooth: Error in BCSP hdr checksum [ 2537.704264] Bluetooth: Error in BCSP hdr checksum 18:40:46 executing program 1: r0 = socket(0x200000000000011, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'sit0\x00', 0x0}) bind$packet(r0, &(0x7f0000000200)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @local}, 0x14) sendmmsg(r0, &(0x7f0000000d00), 0x400004e, 0x0) setsockopt$inet_sctp6_SCTP_AUTOCLOSE(r0, 0x84, 0x4, &(0x7f0000000000)=0x7, 0x4) r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) pipe(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000040)='/dev/cuse\x00', 0x2, 0x0) splice(r4, 0x0, r3, 0x0, 0x20000038, 0x0) ioctl$VIDIOC_ENUM_DV_TIMINGS(r3, 0xc0945662, &(0x7f00000000c0)={0x8, 0x0, [], {0x0, @bt={0x0, 0x4, 0x1, 0x1, 0xb86, 0xbde, 0xc3d, 0x0, 0x80000000, 0x1ff, 0xd32, 0x1, 0x0, 0x0, 0x4, 0x20, {0x3, 0xffffffff}, 0x0, 0x15}}}) ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r2, 0x400455c8, 0x0) ioctl$KDADDIO(r2, 0x400455c8, 0x0) 18:40:46 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r1, 0x400455c8, 0x1) ioctl$TIOCSETD(r1, 0x5412, &(0x7f0000000040)) ioctl$VT_ACTIVATE(r1, 0x5606, 0xab66) r2 = open(&(0x7f00000000c0)='./file0\x00', 0x40c2, 0x0) open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x200000000, 0x2, &(0x7f00000001c0)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r3 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) write$FUSE_IOCTL(r2, &(0x7f0000000000)={0x20, 0x0, 0x4, {0x1, 0x4, 0x1, 0xfffffff7}}, 0x20) write$binfmt_elf64(r3, &(0x7f0000000ec0)=ANY=[], 0x471) sendfile(r3, r3, &(0x7f0000000480), 0xa198) 18:40:46 executing program 4: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x2000000000000074, 0x25d) bind$inet(r0, &(0x7f0000000280)={0x2, 0x4e23, @multicast1}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x220007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) sendto$inet(r0, &(0x7f0000000100)='6', 0x1, 0x0, 0x0, 0x0) recvmmsg(r0, &(0x7f0000005540)=[{{0x0, 0xe0040000, &(0x7f0000000240)=[{&(0x7f0000001340)=""/4067, 0x20002323}], 0x1, 0x0, 0xc00, 0x1f4}}], 0x138, 0x100, 0x0) setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000600), 0x4) sendto$inet(r0, &(0x7f00000012c0)="0c268a927f1f6588b967480a41ba7860f46ef65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95c25a3a07e758044ab4ea6f7ae55d88fecf90b1a7511bf746bec66ba", 0xfe6a, 0x11, 0x0, 0x170) 18:40:46 executing program 5: clone(0x3a3dd4008400af01, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = memfd_create(&(0x7f00000001c0)='\vem5\xc1#*\xff\x00\x00\x00\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\xa2\xf0\xa6\xb6\xbf\xb1\x00\xf0\x97zR\xe2r\x04\x15b\xd0\xa9`\xbc\xad\x1f\xb7\xde\xf3k\xdcw\xab\xe9[>)6;\xabi\xf0\xee\xaa\xa8$\x15O', 0x0) write(r0, &(0x7f0000000040)="06", 0x1) mmap(&(0x7f0000000000/0x7000)=nil, 0x7000, 0x80000000004, 0x10, r0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = fcntl$dupfd(r1, 0x0, r1) setsockopt$IP_VS_SO_SET_ADD(r2, 0x0, 0x482, &(0x7f0000000000)={0x0, @remote, 0x0, 0x0, 'dh\x00'}, 0x2c) 18:40:46 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptmx\x00', 0x422100, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x4) r1 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000080)='/dev/qat_adf_ctl\x00', 0x200000, 0x0) write$USERIO_CMD_SET_PORT_TYPE(r1, &(0x7f00000000c0)={0x1, 0x56}, 0x2) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000040)) 18:40:46 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCXONC(r0, 0x540a, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) pipe(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket(0x200000000000011, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000080)={'sit0\x00', 0x0}) bind$packet(r2, &(0x7f0000000200)={0x11, 0x0, r3, 0x1, 0x0, 0x6, @local}, 0x14) sendmmsg(r2, &(0x7f0000000d00), 0x400004e, 0x0) write$binfmt_misc(r2, &(0x7f0000000000)={'syz0', "807a87c375f94f57d52e03dfb881f3f408ff0ecf62981a1707dffd91edf6a173aa215ac84ae949c35e158448cf"}, 0x31) syz_genetlink_get_family_id$gtp(&(0x7f00000000c0)='gtp\x00') r4 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000040)='/dev/cuse\x00', 0x2, 0x0) splice(r4, 0x0, r1, 0x0, 0x20000038, 0x0) setsockopt$ax25_SO_BINDTODEVICE(0xffffffffffffffff, 0x101, 0x19, &(0x7f0000000100)=@rose={'rose', 0x0}, 0x10) ioctl$SNDRV_PCM_IOCTL_HWSYNC(r1, 0x4122, 0x0) ioctl$KDADDIO(r0, 0x400455c8, 0x0) ioctl$TIOCVHANGUP(r0, 0x5437, 0x0) 18:40:46 executing program 5: clone(0x3a3dd4008400af01, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = memfd_create(&(0x7f00000001c0)='\vem5\xc1#*\xff\x00\x00\x00\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\xa2\xf0\xa6\xb6\xbf\xb1\x00\xf0\x97zR\xe2r\x04\x15b\xd0\xa9`\xbc\xad\x1f\xb7\xde\xf3k\xdcw\xab\xe9[>)6;\xabi\xf0\xee\xaa\xa8$\x15O', 0x0) write(r0, &(0x7f0000000040)="06", 0x1) mmap(&(0x7f0000000000/0x7000)=nil, 0x7000, 0x80000000004, 0x11, 0xffffffffffffffff, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = fcntl$dupfd(r1, 0x0, r1) setsockopt$IP_VS_SO_SET_ADD(r2, 0x0, 0x482, &(0x7f0000000000)={0x0, @remote, 0x0, 0x0, 'dh\x00'}, 0x2c) 18:40:46 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r1, 0x400455c8, 0x1) ioctl$TIOCSETD(r1, 0x5412, &(0x7f0000000040)) ioctl$KDADDIO(r1, 0x400455c8, 0x4) r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r2, 0x400455c8, 0x1) ioctl$TIOCSETD(r2, 0x5412, &(0x7f0000000040)) ioctl$TCSBRK(r2, 0x5409, 0x400) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000040)) [ 2539.191742] IPVS: set_ctl: invalid protocol: 0 172.20.20.187:0 [ 2539.250631] audit: type=1800 audit(1590777646.087:1067): pid=29167 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="collect_data" cause="failed(directio)" comm="syz-executor.0" name="file0" dev="sda1" ino=15969 res=0 [ 2539.271534] Bluetooth: hci4: Frame reassembly failed (-84) [ 2539.284397] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 2539.313448] IPVS: set_ctl: invalid protocol: 0 172.20.20.187:0 18:40:46 executing program 5: clone(0x3a3dd4008400af01, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = memfd_create(&(0x7f00000001c0)='\vem5\xc1#*\xff\x00\x00\x00\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\xa2\xf0\xa6\xb6\xbf\xb1\x00\xf0\x97zR\xe2r\x04\x15b\xd0\xa9`\xbc\xad\x1f\xb7\xde\xf3k\xdcw\xab\xe9[>)6;\xabi\xf0\xee\xaa\xa8$\x15O', 0x0) write(r0, &(0x7f0000000040)="06", 0x1) mmap(&(0x7f0000000000/0x7000)=nil, 0x7000, 0x80000000004, 0x11, 0xffffffffffffffff, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = fcntl$dupfd(r1, 0x0, r1) setsockopt$IP_VS_SO_SET_ADD(r2, 0x0, 0x482, &(0x7f0000000000)={0x0, @remote, 0x0, 0x0, 'dh\x00'}, 0x2c) [ 2539.346236] audit: type=1804 audit(1590777646.087:1068): pid=29167 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="open_writers" comm="syz-executor.0" name="/root/syzkaller-testdir477172077/syzkaller.GVGvUQ/709/file0" dev="sda1" ino=15969 res=1 18:40:46 executing program 5: clone(0x3a3dd4008400af01, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = memfd_create(&(0x7f00000001c0)='\vem5\xc1#*\xff\x00\x00\x00\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\xa2\xf0\xa6\xb6\xbf\xb1\x00\xf0\x97zR\xe2r\x04\x15b\xd0\xa9`\xbc\xad\x1f\xb7\xde\xf3k\xdcw\xab\xe9[>)6;\xabi\xf0\xee\xaa\xa8$\x15O', 0x0) write(r0, &(0x7f0000000040)="06", 0x1) mmap(&(0x7f0000000000/0x7000)=nil, 0x7000, 0x80000000004, 0x11, 0xffffffffffffffff, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = fcntl$dupfd(r1, 0x0, r1) setsockopt$IP_VS_SO_SET_ADD(r2, 0x0, 0x482, &(0x7f0000000000)={0x0, @remote, 0x0, 0x0, 'dh\x00'}, 0x2c) [ 2539.422531] IPVS: set_ctl: invalid protocol: 0 172.20.20.187:0 18:40:46 executing program 5: clone(0x3a3dd4008400af01, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = memfd_create(&(0x7f00000001c0)='\vem5\xc1#*\xff\x00\x00\x00\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\xa2\xf0\xa6\xb6\xbf\xb1\x00\xf0\x97zR\xe2r\x04\x15b\xd0\xa9`\xbc\xad\x1f\xb7\xde\xf3k\xdcw\xab\xe9[>)6;\xabi\xf0\xee\xaa\xa8$\x15O', 0x0) write(r0, &(0x7f0000000040)="06", 0x1) mmap(&(0x7f0000000000/0x7000)=nil, 0x7000, 0x80000000004, 0x11, r0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = fcntl$dupfd(0xffffffffffffffff, 0x0, r1) setsockopt$IP_VS_SO_SET_ADD(r2, 0x0, 0x482, &(0x7f0000000000)={0x0, @remote, 0x0, 0x0, 'dh\x00'}, 0x2c) [ 2539.516003] IPVS: set_ctl: invalid protocol: 0 172.20.20.187:0 18:40:46 executing program 5: clone(0x3a3dd4008400af01, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = memfd_create(&(0x7f00000001c0)='\vem5\xc1#*\xff\x00\x00\x00\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\xa2\xf0\xa6\xb6\xbf\xb1\x00\xf0\x97zR\xe2r\x04\x15b\xd0\xa9`\xbc\xad\x1f\xb7\xde\xf3k\xdcw\xab\xe9[>)6;\xabi\xf0\xee\xaa\xa8$\x15O', 0x0) write(r0, &(0x7f0000000040)="06", 0x1) mmap(&(0x7f0000000000/0x7000)=nil, 0x7000, 0x80000000004, 0x11, r0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = fcntl$dupfd(0xffffffffffffffff, 0x0, r1) setsockopt$IP_VS_SO_SET_ADD(r2, 0x0, 0x482, &(0x7f0000000000)={0x0, @remote, 0x0, 0x0, 'dh\x00'}, 0x2c) [ 2539.663716] Bluetooth: Short BCSP packet [ 2539.919223] Bluetooth: Error in BCSP hdr checksum [ 2540.178955] Bluetooth: Error in BCSP hdr checksum [ 2540.438439] Bluetooth: Error in BCSP hdr checksum [ 2540.698397] Bluetooth: Error in BCSP hdr checksum [ 2540.958475] Bluetooth: Error in BCSP hdr checksum [ 2541.228528] Bluetooth: Error in BCSP hdr checksum [ 2541.298179] Bluetooth: hci4 command 0x1003 tx timeout [ 2541.298207] Bluetooth: hci3 command 0x1003 tx timeout [ 2541.303639] Bluetooth: hci4 sending frame failed (-49) [ 2541.313767] Bluetooth: hci3 sending frame failed (-49) [ 2541.378432] Bluetooth: hci5 command 0x1003 tx timeout [ 2541.383860] Bluetooth: hci5 sending frame failed (-49) [ 2541.468262] Bluetooth: hci7 command 0x1003 tx timeout [ 2541.473609] Bluetooth: hci6 command 0x1003 tx timeout [ 2541.474062] Bluetooth: Error in BCSP hdr checksum [ 2541.479272] Bluetooth: hci6 sending frame failed (-49) [ 2541.728358] Bluetooth: Error in BCSP hdr checksum [ 2541.733455] Bluetooth: Error in BCSP hdr checksum [ 2541.998282] Bluetooth: Error in BCSP hdr checksum [ 2542.003366] Bluetooth: Error in BCSP hdr checksum [ 2542.098104] Bluetooth: hci8 command 0x1003 tx timeout [ 2542.103483] Bluetooth: hci8 sending frame failed (-49) [ 2542.258449] Bluetooth: Error in BCSP hdr checksum [ 2542.518470] Bluetooth: Error in BCSP hdr checksum [ 2542.778459] Bluetooth: Error in BCSP hdr checksum [ 2543.038395] Bluetooth: Error in BCSP hdr checksum [ 2543.298421] Bluetooth: Error in BCSP hdr checksum [ 2543.378131] Bluetooth: hci3 command 0x1001 tx timeout [ 2543.378152] Bluetooth: hci4 command 0x1001 tx timeout [ 2543.383447] Bluetooth: hci3 sending frame failed (-49) [ 2543.394761] Bluetooth: hci4 sending frame failed (-49) [ 2543.458235] Bluetooth: hci5 command 0x1001 tx timeout [ 2543.463653] Bluetooth: hci5 sending frame failed (-49) [ 2543.538058] Bluetooth: hci6 command 0x1001 tx timeout [ 2543.543402] Bluetooth: hci6 sending frame failed (-49) [ 2543.548870] Bluetooth: hci7 command 0x1001 tx timeout [ 2543.554377] Bluetooth: Error in BCSP hdr checksum [ 2543.808497] Bluetooth: Error in BCSP hdr checksum [ 2543.813472] Bluetooth: Error in BCSP hdr checksum [ 2544.068363] Bluetooth: Error in BCSP hdr checksum [ 2544.073298] Bluetooth: Error in BCSP hdr checksum [ 2544.178006] Bluetooth: hci8 command 0x1001 tx timeout [ 2544.183438] Bluetooth: hci8 sending frame failed (-49) [ 2544.328394] Bluetooth: Error in BCSP hdr checksum [ 2544.333321] Bluetooth: Error in BCSP hdr checksum [ 2544.588337] Bluetooth: Error in BCSP hdr checksum [ 2544.593267] Bluetooth: Error in BCSP hdr checksum [ 2544.848397] Bluetooth: Error in BCSP hdr checksum [ 2544.853791] Bluetooth: Error in BCSP hdr checksum [ 2545.108161] Bluetooth: Error in BCSP hdr checksum [ 2545.113186] Bluetooth: Error in BCSP hdr checksum [ 2545.368179] Bluetooth: Error in BCSP hdr checksum [ 2545.373135] Bluetooth: Error in BCSP hdr checksum [ 2545.379215] Bluetooth: Error in BCSP hdr checksum [ 2545.457900] Bluetooth: hci4 command 0x1009 tx timeout [ 2545.463249] Bluetooth: hci3 command 0x1009 tx timeout [ 2545.537998] Bluetooth: hci5 command 0x1009 tx timeout [ 2545.617886] Bluetooth: hci6 command 0x1009 tx timeout [ 2545.627947] Bluetooth: hci7 command 0x1009 tx timeout [ 2545.633582] Bluetooth: Error in BCSP hdr checksum [ 2545.638538] Bluetooth: Error in BCSP hdr checksum [ 2545.888195] Bluetooth: Error in BCSP hdr checksum [ 2545.893112] Bluetooth: Error in BCSP hdr checksum [ 2546.148187] Bluetooth: Error in BCSP hdr checksum [ 2546.153167] Bluetooth: Error in BCSP hdr checksum [ 2546.257856] Bluetooth: hci8 command 0x1009 tx timeout [ 2546.408129] Bluetooth: Error in BCSP hdr checksum [ 2546.413157] Bluetooth: Error in BCSP hdr checksum [ 2546.668035] Bluetooth: Error in BCSP hdr checksum [ 2546.673015] Bluetooth: Error in BCSP hdr checksum [ 2546.928064] Bluetooth: Error in BCSP hdr checksum [ 2546.933124] Bluetooth: Error in BCSP hdr checksum [ 2547.188180] Bluetooth: Error in BCSP hdr checksum [ 2547.193613] Bluetooth: Error in BCSP hdr checksum [ 2547.458344] Bluetooth: Error in BCSP hdr checksum [ 2547.463754] Bluetooth: Error in BCSP hdr checksum [ 2547.718180] Bluetooth: Error in BCSP hdr checksum [ 2547.723117] Bluetooth: Error in BCSP hdr checksum [ 2547.978327] Bluetooth: Error in BCSP hdr checksum [ 2547.983267] Bluetooth: Error in BCSP hdr checksum [ 2548.237913] Bluetooth: Error in BCSP hdr checksum [ 2548.243107] Bluetooth: Error in BCSP hdr checksum [ 2548.498026] Bluetooth: Error in BCSP hdr checksum [ 2548.503878] Bluetooth: Error in BCSP hdr checksum [ 2548.757918] Bluetooth: Error in BCSP hdr checksum [ 2548.762863] Bluetooth: Error in BCSP hdr checksum [ 2549.017977] Bluetooth: Error in BCSP hdr checksum [ 2549.023003] Bluetooth: Error in BCSP hdr checksum [ 2549.277995] Bluetooth: Error in BCSP hdr checksum [ 2549.283197] Bluetooth: Error in BCSP hdr checksum 18:40:56 executing program 5: clone(0x3a3dd4008400af01, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = memfd_create(&(0x7f00000001c0)='\vem5\xc1#*\xff\x00\x00\x00\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\xa2\xf0\xa6\xb6\xbf\xb1\x00\xf0\x97zR\xe2r\x04\x15b\xd0\xa9`\xbc\xad\x1f\xb7\xde\xf3k\xdcw\xab\xe9[>)6;\xabi\xf0\xee\xaa\xa8$\x15O', 0x0) write(r0, &(0x7f0000000040)="06", 0x1) mmap(&(0x7f0000000000/0x7000)=nil, 0x7000, 0x80000000004, 0x11, r0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = fcntl$dupfd(0xffffffffffffffff, 0x0, r1) setsockopt$IP_VS_SO_SET_ADD(r2, 0x0, 0x482, &(0x7f0000000000)={0x0, @remote, 0x0, 0x0, 'dh\x00'}, 0x2c) 18:40:56 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x2, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) ioctl$KDADDIO(r0, 0x400455c8, 0x0) pipe(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000040)='/dev/cuse\x00', 0x2, 0x0) splice(r2, 0x0, r1, 0x0, 0x20000038, 0x0) ioctl$DRM_IOCTL_MODE_SETCRTC(r1, 0xc06864a2, &(0x7f0000000080)={&(0x7f0000000000)=[0x3, 0x3, 0x1, 0x800, 0x7, 0x69c, 0x2, 0x4, 0x6], 0x9, 0x8000, 0x2, 0x5, 0x3, 0x4, 0x7fff, {0x3, 0x4, 0x1565, 0x14e, 0x6, 0xabf2, 0x3, 0xd76c, 0x1000, 0x7, 0x200, 0xfff9, 0x9, 0xffff, "4c5bdb65a36277ed59e3c51da8d29836af1ec42da469655fc33678d43c77b10e"}}) 18:40:56 executing program 4: r0 = socket$packet(0x11, 0x3, 0x300) socketpair$unix(0x1, 0x40000000000001, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = fcntl$dupfd(r1, 0x0, r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000fbe000)={0x2, &(0x7f00000000c0)=[{0x28, 0x0, 0x0, 0xfffff034}, {0x80000006}]}, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000080)='nl80211\x00') 18:40:56 executing program 0: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) open(&(0x7f00000000c0)='./file0\x00', 0x40c2, 0x0) open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x200000000, 0x2, &(0x7f00000001c0)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r1 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) write$binfmt_elf64(r1, &(0x7f0000000ec0)=ANY=[], 0x471) sendfile(r1, r1, &(0x7f0000000480), 0xa198) 18:40:56 executing program 5: clone(0x3a3dd4008400af01, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = memfd_create(&(0x7f00000001c0)='\vem5\xc1#*\xff\x00\x00\x00\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\xa2\xf0\xa6\xb6\xbf\xb1\x00\xf0\x97zR\xe2r\x04\x15b\xd0\xa9`\xbc\xad\x1f\xb7\xde\xf3k\xdcw\xab\xe9[>)6;\xabi\xf0\xee\xaa\xa8$\x15O', 0x0) write(r0, &(0x7f0000000040)="06", 0x1) mmap(&(0x7f0000000000/0x7000)=nil, 0x7000, 0x80000000004, 0x11, r0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = fcntl$dupfd(r1, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(r2, 0x0, 0x482, &(0x7f0000000000)={0x0, @remote, 0x0, 0x0, 'dh\x00'}, 0x2c) [ 2549.484556] minix_free_inode: bit 1 already cleared [ 2549.504625] Bluetooth: hci3: Frame reassembly failed (-84) [ 2549.537878] Bluetooth: Error in BCSP hdr checksum [ 2549.542867] Bluetooth: Error in BCSP hdr checksum [ 2549.567183] audit: type=1800 audit(1590777656.398:1069): pid=29248 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="collect_data" cause="failed(directio)" comm="syz-executor.0" name="file0" dev="sda1" ino=16189 res=0 [ 2549.575037] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 2549.679736] audit: type=1804 audit(1590777656.408:1070): pid=29248 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="open_writers" comm="syz-executor.0" name="/root/syzkaller-testdir477172077/syzkaller.GVGvUQ/710/file0" dev="sda1" ino=16189 res=1 [ 2549.739235] audit: type=1804 audit(1590777656.508:1071): pid=29248 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="ToMToU" comm="syz-executor.0" name="/root/syzkaller-testdir477172077/syzkaller.GVGvUQ/710/file0" dev="loop0" ino=1 res=1 [ 2549.799335] minix_free_inode: bit 1 already cleared [ 2549.809008] Bluetooth: Error in BCSP hdr checksum [ 2549.814254] Bluetooth: Error in BCSP hdr checksum 18:40:57 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCXONC(r0, 0x540a, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r1, 0x400455c8, 0x1) ioctl$TIOCSETD(r1, 0x5412, &(0x7f0000000040)) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) ioctl$TIOCVHANGUP(r0, 0x5437, 0x0) 18:40:57 executing program 5: clone(0x3a3dd4008400af01, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = memfd_create(&(0x7f00000001c0)='\vem5\xc1#*\xff\x00\x00\x00\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\xa2\xf0\xa6\xb6\xbf\xb1\x00\xf0\x97zR\xe2r\x04\x15b\xd0\xa9`\xbc\xad\x1f\xb7\xde\xf3k\xdcw\xab\xe9[>)6;\xabi\xf0\xee\xaa\xa8$\x15O', 0x0) write(r0, &(0x7f0000000040)="06", 0x1) mmap(&(0x7f0000000000/0x7000)=nil, 0x7000, 0x80000000004, 0x11, r0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = fcntl$dupfd(r1, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(r2, 0x0, 0x482, &(0x7f0000000000)={0x0, @remote, 0x0, 0x0, 'dh\x00'}, 0x2c) 18:40:57 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) open(&(0x7f00000000c0)='./file0\x00', 0x40c2, 0x0) open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) r1 = socket(0x200000000000011, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'sit0\x00', 0x0}) bind$packet(r1, &(0x7f0000000200)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @local}, 0x14) sendmmsg(r1, &(0x7f0000000d00), 0x400004e, 0x0) ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(r1, 0xc0406618, &(0x7f0000000000)={{0x0, 0x0, @descriptor="ec80d94afdf32962"}}) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x200000000, 0x2, &(0x7f00000001c0)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r3 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) write$binfmt_elf64(r3, &(0x7f0000000ec0)=ANY=[], 0x471) sendfile(r3, r3, &(0x7f0000000480), 0xa198) semctl$GETVAL(0x0, 0x0, 0xc, &(0x7f0000000240)=""/78) 18:40:57 executing program 4: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='cgroup.stat\x00', 0x275a, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e21, @local}, 0x10) connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10) setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(0xffffffffffffffff, 0x6, 0x16, 0x0, 0x0) setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f0000000200), 0x88) sendto$inet(r0, &(0x7f0000000240)='\b', 0x1, 0x4004001, 0x0, 0x0) ioctl$EXT4_IOC_SWAP_BOOT(0xffffffffffffffff, 0x6611) socket$inet6(0xa, 0x0, 0x0) connect$inet6(0xffffffffffffffff, 0x0, 0x0) sendmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, 0x0) getsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, 0x0, 0x0) sendto$inet(r0, &(0x7f0000000000), 0xffffffffffffff94, 0x0, 0x0, 0x0) recvfrom$inet(r0, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0x4002000000000000, 0x0, 0xfffffffffffffd25) 18:40:57 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x4) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000040)) syz_open_dev$vivid(&(0x7f0000000000)='/dev/video#\x00', 0x3, 0x2) 18:40:57 executing program 5: clone(0x3a3dd4008400af01, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = memfd_create(&(0x7f00000001c0)='\vem5\xc1#*\xff\x00\x00\x00\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\xa2\xf0\xa6\xb6\xbf\xb1\x00\xf0\x97zR\xe2r\x04\x15b\xd0\xa9`\xbc\xad\x1f\xb7\xde\xf3k\xdcw\xab\xe9[>)6;\xabi\xf0\xee\xaa\xa8$\x15O', 0x0) write(r0, &(0x7f0000000040)="06", 0x1) mmap(&(0x7f0000000000/0x7000)=nil, 0x7000, 0x80000000004, 0x11, r0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = fcntl$dupfd(r1, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(r2, 0x0, 0x482, &(0x7f0000000000)={0x0, @remote, 0x0, 0x0, 'dh\x00'}, 0x2c) [ 2550.778592] Bluetooth: Unknown HCI packet type 00 [ 2550.785270] Bluetooth: Unknown HCI packet type 5e [ 2550.799444] audit: type=1800 audit(1590777657.638:1072): pid=29278 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="collect_data" cause="failed(directio)" comm="syz-executor.0" name="file0" dev="sda1" ino=16197 res=0 [ 2550.824392] Bluetooth: Unknown HCI packet type 43 [ 2550.859650] Bluetooth: Unknown HCI packet type 5e [ 2550.873585] Bluetooth: Unknown HCI packet type 50 [ 2550.885082] audit: type=1804 audit(1590777657.668:1073): pid=29290 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="open_writers" comm="syz-executor.0" name="/root/syzkaller-testdir477172077/syzkaller.GVGvUQ/711/file0" dev="sda1" ino=16197 res=1 18:40:57 executing program 5: clone(0x3a3dd4008400af01, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = memfd_create(&(0x7f00000001c0)='\vem5\xc1#*\xff\x00\x00\x00\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\xa2\xf0\xa6\xb6\xbf\xb1\x00\xf0\x97zR\xe2r\x04\x15b\xd0\xa9`\xbc\xad\x1f\xb7\xde\xf3k\xdcw\xab\xe9[>)6;\xabi\xf0\xee\xaa\xa8$\x15O', 0x0) write(r0, &(0x7f0000000040)="06", 0x1) mmap(&(0x7f0000000000/0x7000)=nil, 0x7000, 0x80000000004, 0x11, r0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) fcntl$dupfd(r1, 0x0, r1) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000000)={0x0, @remote, 0x0, 0x0, 'dh\x00'}, 0x2c) 18:40:57 executing program 5: clone(0x3a3dd4008400af01, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = memfd_create(&(0x7f00000001c0)='\vem5\xc1#*\xff\x00\x00\x00\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\xa2\xf0\xa6\xb6\xbf\xb1\x00\xf0\x97zR\xe2r\x04\x15b\xd0\xa9`\xbc\xad\x1f\xb7\xde\xf3k\xdcw\xab\xe9[>)6;\xabi\xf0\xee\xaa\xa8$\x15O', 0x0) write(r0, &(0x7f0000000040)="06", 0x1) mmap(&(0x7f0000000000/0x7000)=nil, 0x7000, 0x80000000004, 0x11, r0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) fcntl$dupfd(r1, 0x0, r1) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000000)={0x0, @remote, 0x0, 0x0, 'dh\x00'}, 0x2c) [ 2550.897792] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 2550.934409] Bluetooth: Unknown HCI packet type 5e [ 2550.971019] Bluetooth: Unknown HCI packet type 40 [ 2551.129355] audit: type=1804 audit(1590777657.968:1074): pid=29303 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="ToMToU" comm="syz-executor.0" name="/root/syzkaller-testdir477172077/syzkaller.GVGvUQ/711/file0" dev="loop0" ino=1 res=1 [ 2551.308203] minix_free_inode: bit 1 already cleared [ 2551.537410] Bluetooth: hci3 command 0x1003 tx timeout [ 2551.543168] Bluetooth: hci3 sending frame failed (-49) [ 2552.817457] Bluetooth: hci4 command 0x1003 tx timeout [ 2552.823204] Bluetooth: hci4 sending frame failed (-49) [ 2552.897387] Bluetooth: hci5 command 0x1003 tx timeout [ 2552.902744] Bluetooth: hci5 sending frame failed (-49) [ 2553.617256] Bluetooth: hci3 command 0x1001 tx timeout [ 2553.622749] Bluetooth: hci3 sending frame failed (-49) [ 2554.897300] Bluetooth: hci4 command 0x1001 tx timeout [ 2554.903007] Bluetooth: hci4 sending frame failed (-49) [ 2554.977180] Bluetooth: hci5 command 0x1001 tx timeout [ 2554.982655] Bluetooth: hci5 sending frame failed (-49) [ 2555.697142] Bluetooth: hci3 command 0x1009 tx timeout [ 2556.987107] Bluetooth: hci4 command 0x1009 tx timeout [ 2557.057099] Bluetooth: hci5 command 0x1009 tx timeout 18:41:06 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) r1 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/qat_adf_ctl\x00', 0x40600, 0x0) r2 = openat$thread_pidfd(0xffffffffffffff9c, &(0x7f0000000080)='/proc/thread-self\x00', 0x12280, 0x0) ioctl$FS_IOC_ENABLE_VERITY(r2, 0x40806685, &(0x7f00000001c0)={0x1, 0x0, 0x1000, 0x7a, &(0x7f00000000c0)="91cc65d5c14cebe61d321e6e7f3916cd6eb4a39c9b65aefeaed473672451c5a274af3e860ff770972c179a04d44948aa98ceba6ece4a6adcc596937f0124c22ba9d1e4d6a80cda2442d8b2e6fec04a590cca96098e6211d5fb8cffce67d49a409fc627172a8faa7a79a7e8efc8f5ef7af3781a57fb64c58fa43f", 0x79, 0x0, &(0x7f0000000140)="07f53cd8b31983d5e7c198d72fa91494c1c4f23d66508f37c16cacfd25e716b731721e0be088ddc58b2b2285feaa306ae40ee5fe04eb6cfa7d7f180369012810d2e8cf995ce698952374fc09bb844006e9e39c269303ec0e6bf1896bddff4f8c3f21dd5be628b55d2f7b8b196c4206cbfd5e400535d5a1cc5a"}) ioctl$KDADDIO(r1, 0x400455c8, 0x343) 18:41:06 executing program 5: clone(0x3a3dd4008400af01, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = memfd_create(&(0x7f00000001c0)='\vem5\xc1#*\xff\x00\x00\x00\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\xa2\xf0\xa6\xb6\xbf\xb1\x00\xf0\x97zR\xe2r\x04\x15b\xd0\xa9`\xbc\xad\x1f\xb7\xde\xf3k\xdcw\xab\xe9[>)6;\xabi\xf0\xee\xaa\xa8$\x15O', 0x0) write(r0, &(0x7f0000000040)="06", 0x1) mmap(&(0x7f0000000000/0x7000)=nil, 0x7000, 0x80000000004, 0x11, r0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) fcntl$dupfd(r1, 0x0, r1) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000000)={0x0, @remote, 0x0, 0x0, 'dh\x00'}, 0x2c) 18:41:06 executing program 0: r0 = openat$mice(0xffffffffffffff9c, &(0x7f0000000100)='/dev/input/mice\x00', 0x101000) r1 = socket(0x0, 0x0, 0x0) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000240)='NLBL_MGMT\x00') sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000380)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000280)={&(0x7f0000000300)={0x4c, r2, 0x0, 0x70bd2a, 0x0, {}, [@NLBL_MGMT_A_IPV4ADDR={0x8}, @NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @remote}, @NLBL_MGMT_A_DOMAIN={0x9, 0x1, 'TIPC\x00'}, @NLBL_MGMT_A_CLPDOI={0x8, 0xc, 0x3}, @NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @private=0xa010100}]}, 0x4c}}, 0x0) sendmsg$NLBL_MGMT_C_REMOVEDEF(r0, &(0x7f00000002c0)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000280)={&(0x7f0000000200)={0x5c, r2, 0x800, 0x70bd26, 0x25dfdbfc, {}, [@NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x1}, @NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x3}, @NLBL_MGMT_A_CV4DOI={0x8, 0x4, 0x3}, @NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x23}, @NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @rand_addr=0x64010100}, @NLBL_MGMT_A_IPV4MASK={0x8, 0x8, @multicast2}, @NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x3}, @NLBL_MGMT_A_CLPDOI={0x8, 0xc, 0x2}, @NLBL_MGMT_A_FAMILY={0x6, 0xb, 0xf}]}, 0x5c}, 0x1, 0x0, 0x0, 0x20004005}, 0x8000) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer\x00', 0x410480, 0x0) ioctl$SNDRV_PCM_IOCTL_HW_FREE(r4, 0x4112, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) open(&(0x7f00000000c0)='./file0\x00', 0x40c2, 0x0) ioctl$TIOCGPKT(r4, 0x80045438, &(0x7f0000000500)) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200)='nl80211\x00') sendmsg$NL80211_CMD_GET_SCAN(r5, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)={0x1c, r6, 0xab9535e9a6578fc1, 0x0, 0x0, {0x5}, [@NL80211_ATTR_IFINDEX={0x8}]}, 0x1c}}, 0x0) sendmsg$NL80211_CMD_NEW_MPATH(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x40, r6, 0x1, 0x70bd28, 0x25dfdbff, {}, [@NL80211_ATTR_WDEV={0xc, 0x99, {0xffff, 0xffffffffffffffff}}, @NL80211_ATTR_MAC={0xa, 0x6, @random="0148a3fa073e"}, @NL80211_ATTR_MPATH_NEXT_HOP={0xa, 0x1a, @dev={[], 0x3f}}, @NL80211_ATTR_WIPHY={0x8, 0x1, 0x1}]}, 0x40}, 0x1, 0x0, 0x0, 0x20000001}, 0x40000) open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x200000000, 0x2, &(0x7f00000001c0)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r7 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) write$binfmt_elf64(r7, &(0x7f0000000ec0)=ANY=[], 0x471) sendfile(r7, r7, &(0x7f0000000480), 0xa198) 18:41:06 executing program 4: ioctl$VIDIOC_PREPARE_BUF(0xffffffffffffffff, 0xc058565d, 0x0) perf_event_open(&(0x7f0000000100)={0x2, 0x70, 0xd5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mknod(&(0x7f0000000180)='./file0\x00', 0x0, 0x0) r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x180000105, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f000000a000)={0x4, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x8000000200004d1e, 0x800007c}, 0x0, 0x0, r0, 0x0) mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000fb5ffc)='nfs\x00', 0x0, &(0x7f000000a000)) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x1, &(0x7f00000007c0)=[{&(0x7f0000000580), 0x0, 0x1}], 0x100488, 0x0) ftruncate(0xffffffffffffffff, 0x200004) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x80001d00c0d0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r1, 0x0, 0x0) setsockopt$inet6_tcp_TCP_CONGESTION(0xffffffffffffffff, 0x6, 0xd, 0x0, 0x0) syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000680)='NLBL_CIPSOv4\x00') sendmsg$NLBL_CIPSOV4_C_LISTALL(0xffffffffffffffff, 0x0, 0x0) sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x20000004, &(0x7f0000b63fe4)={0xa, 0x2}, 0x1c) timer_create(0x0, &(0x7f0000000300)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080)) [ 2559.721252] Bluetooth: hci3: Frame reassembly failed (-84) [ 2559.727876] QAT: Invalid ioctl [ 2559.745506] audit: type=1800 audit(1590777666.579:1075): pid=29341 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="collect_data" cause="failed(directio)" comm="syz-executor.0" name="file0" dev="sda1" ino=16208 res=0 [ 2559.800413] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 2559.913815] audit: type=1804 audit(1590777666.609:1076): pid=29332 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="open_writers" comm="syz-executor.0" name="/root/syzkaller-testdir477172077/syzkaller.GVGvUQ/712/file0" dev="sda1" ino=16208 res=1 [ 2560.135490] audit: type=1804 audit(1590777666.959:1077): pid=29332 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="ToMToU" comm="syz-executor.0" name="/root/syzkaller-testdir477172077/syzkaller.GVGvUQ/712/file0" dev="loop0" ino=1 res=1 [ 2560.337860] minix_free_inode: bit 1 already cleared 18:41:07 executing program 5: clone(0x3a3dd4008400af01, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = memfd_create(&(0x7f00000001c0)='\vem5\xc1#*\xff\x00\x00\x00\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\xa2\xf0\xa6\xb6\xbf\xb1\x00\xf0\x97zR\xe2r\x04\x15b\xd0\xa9`\xbc\xad\x1f\xb7\xde\xf3k\xdcw\xab\xe9[>)6;\xabi\xf0\xee\xaa\xa8$\x15O', 0x0) write(r0, &(0x7f0000000040)="06", 0x1) mmap(&(0x7f0000000000/0x7000)=nil, 0x7000, 0x80000000004, 0x11, r0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = fcntl$dupfd(r1, 0x0, r1) setsockopt$IP_VS_SO_SET_ADD(r2, 0x0, 0x482, 0x0, 0x0) 18:41:07 executing program 4: r0 = socket$inet6(0xa, 0x3, 0x9) setsockopt$inet6_opts(r0, 0x29, 0x35, &(0x7f0000002500)=ANY=[@ANYRESOCT], 0x28) recvmmsg(r0, &(0x7f0000002b40)=[{{0x0, 0x40000, 0x0, 0x0, 0x0, 0x40000000}}], 0x4000000000003be, 0x0, 0x0) connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @empty}, 0x1c) sendmmsg(r0, &(0x7f00000092c0), 0x4ff, 0x0) 18:41:07 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x4001fc) open(&(0x7f00000000c0)='./file0\x00', 0x40c2, 0x0) open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x200000000, 0x2, &(0x7f00000001c0)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r1 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) r2 = openat$dlm_monitor(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dlm-monitor\x00', 0x80, 0x0) ioctl$KVM_ASSIGN_DEV_IRQ(r2, 0x4040ae70, &(0x7f0000000100)={0x5f7dff9, 0x10001, 0x8, 0x400}) write$binfmt_elf64(r1, &(0x7f0000000ec0)=ANY=[], 0x471) sendfile(r1, r1, &(0x7f0000000480), 0xa198) 18:41:07 executing program 5: clone(0x3a3dd4008400af01, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = memfd_create(&(0x7f00000001c0)='\vem5\xc1#*\xff\x00\x00\x00\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\xa2\xf0\xa6\xb6\xbf\xb1\x00\xf0\x97zR\xe2r\x04\x15b\xd0\xa9`\xbc\xad\x1f\xb7\xde\xf3k\xdcw\xab\xe9[>)6;\xabi\xf0\xee\xaa\xa8$\x15O', 0x0) write(r0, &(0x7f0000000040)="06", 0x1) mmap(&(0x7f0000000000/0x7000)=nil, 0x7000, 0x80000000004, 0x11, r0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = fcntl$dupfd(r1, 0x0, r1) setsockopt$IP_VS_SO_SET_ADD(r2, 0x0, 0x482, 0x0, 0x0) 18:41:07 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x2000, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r1, 0x400455c8, 0x1) ioctl$TIOCSETD(r1, 0x5412, &(0x7f0000000040)) syz_open_pts(r1, 0x48000) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) pipe(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) setsockopt$inet_sctp_SCTP_AUTH_ACTIVE_KEY(r3, 0x84, 0x18, &(0x7f0000000080)={0x0, 0x93b}, 0x8) mq_timedreceive(r2, &(0x7f00000000c0)=""/160, 0xa0, 0x9, &(0x7f00000001c0)) r4 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000040)='/dev/cuse\x00', 0x2, 0x0) splice(r4, 0x0, r3, 0x0, 0x20000038, 0x0) write$P9_RSETATTR(r3, &(0x7f0000000000)={0x7, 0x1b, 0x1}, 0x7) ioctl$KDADDIO(r0, 0x400455c8, 0x4) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000040)) 18:41:07 executing program 5: clone(0x3a3dd4008400af01, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = memfd_create(&(0x7f00000001c0)='\vem5\xc1#*\xff\x00\x00\x00\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\xa2\xf0\xa6\xb6\xbf\xb1\x00\xf0\x97zR\xe2r\x04\x15b\xd0\xa9`\xbc\xad\x1f\xb7\xde\xf3k\xdcw\xab\xe9[>)6;\xabi\xf0\xee\xaa\xa8$\x15O', 0x0) write(r0, &(0x7f0000000040)="06", 0x1) mmap(&(0x7f0000000000/0x7000)=nil, 0x7000, 0x80000000004, 0x11, r0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = fcntl$dupfd(r1, 0x0, r1) setsockopt$IP_VS_SO_SET_ADD(r2, 0x0, 0x482, 0x0, 0x0) 18:41:07 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCXONC(r0, 0x540a, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r1, 0x400455c8, 0x1) ioctl$TIOCSETD(r1, 0x5412, &(0x7f0000000040)) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) setuid(0x0) r2 = openat$autofs(0xffffffffffffff9c, 0x0, 0x0, 0x0) r3 = socket(0x100000000011, 0x0, 0x0) r4 = geteuid() setsockopt$inet_IP_IPSEC_POLICY(r3, 0x0, 0x10, &(0x7f0000000240)={{{@in6=@loopback, @in6=@local, 0x4e22, 0x8000, 0x4e22, 0x0, 0x2, 0x60, 0xa0, 0x3c, 0x0, r4}, {0x5, 0x100000001, 0xffff, 0x5, 0x8, 0x6, 0x0, 0x2}, {0x10001, 0x0, 0x1, 0x3}, 0x0, 0x6e6bb8, 0x1, 0x1, 0x2, 0x2}, {{@in6=@dev, 0x0, 0x32}, 0x2, @in6=@private0, 0x3505, 0x3, 0x3, 0x9b, 0xb650, 0x40, 0x400}}, 0xe4) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) r7 = socket$netlink(0x10, 0x3, 0x0) getsockopt$sock_cred(r7, 0x1, 0x11, &(0x7f0000000000)={0x0, 0x0, 0x0}, &(0x7f0000cab000)=0xc) mount$9p_fd(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000000)='9p\x00', 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r5}, 0x2c, {'wfdno', 0x3d, r6}, 0x2c, {[{@loose='loose'}, {@dfltgid={'dfltgid', 0x3d, r8}}]}}) sendmmsg$unix(0xffffffffffffffff, &(0x7f0000001bc0)=[{&(0x7f0000000040)=@abs={0x1, 0x0, 0x4e21}, 0x6e, &(0x7f00000000c0)=[{&(0x7f00000002c0)="6f5768e45f84a4040741ba96ff09ff8ad3def08acebc3f3525b9417337f0751d9729ca9dc1cd6786136cfc72f89f25790987008cb0ed6d2c9f0c20c28b67c78a979da0a86695d44f703a6b7159feefd4ee0fdd77201290e6c10ce435757052be03b82665f1e08e68e5465d15ad5f242a473a4d23c9adfcc4f6277607ae9b6881470db4d394b3e5f2fdab45732f83d0ac11ceb407a9fe5c4d6d3f286b00d9a0bbb7add7bd6ed768b65f9e3951ccf85ed9d70f589d69857d11bb54e96d86f5ff39a91ccf74b58332f04847e6d95cb96b2ee9d5dad9a85e0a3f9f23fd4115d512e829da9055af63baf33ccba1023cfd6a91d8a03b83b49bbccab5d5a024bb9572076d3a041cf8f5cb0dd2a22cc79106ec5237d3a6a23395bc0581d3fac7552b0c6cce5c3e89cf1cb95672c96ee994fdaad309f54b60f5e3073ac7e85f9bf524f5b9cd935d8b49aaf19814db9e2b8e2b134de72f1ec969c6fd32e96628c8457f3b2028ce486a4a13147e0a1d1e4a3f2745c55103a12aa593bef497b4f8b28d0dd05a73f05949fa9fb6cd2f704d4ddd76fbdfbd216cf3a82d3eb13d73b1d3168692228188ffe21e6286e6fa178bfc5f4717918f253e5f1f5d4b4d884f66f8341170a19cc92dd8fe938d2649c203f6fb02839d89002441405e044f3439fec8435935b213e6ecf50c14e3a9d5d5b229d29ab142dcc94e64b316e69fb944bda214a50d5b61fcc5eb71fdbefdd5ef72d71afb1ebab59fc61b37f293986b9240d8beef5746d90f75f7fb4a871473d6d57cec25a576d4512ca8594d0387341b82e41e64a8c967268aa7fb17beb03dec634679133cf36cf11e4706b1cee950c6c2614f4a4883a550137d4d0dca0574a3fc28d245090eff18591627894839384c90563ab544ddee1ba062f80c19d2619427f151b387dae1747d0a3667cc55da4f33d8b5a401927c5dcad2887c7caeeba9e50ad1065a80315eff1ff5af4848f3de4d016cb1051a4ab68a303fadc63093e5651458583cb8dce9edf686fb57844ec0c9b2926383cbab3dd3b8f5255002fb79ac2e4b14064781c7ee95f3686250e8fd41b302725669f0b487bd3b1ccc463ef2968a9a737ee46aba9a2f70ef0f7a51bf5cf8cd1934c8d785137b9f69e3dbdf516c9c92291d401cb3e91e56058927387017eb52fe0ecf5064a6dc0c13413f52d51ebee288f68169a3aa3f42b7e17486dd111edcec1aaa2e710d163dd2bea08b7c8d53673b9d7f574bf247130a134bd96e6a5153deb1d86a3da12833e0e0bb03a7352553e5884dd33a7b96460046e1bac0301c16466d546d3fffc6b42700e130787ac104c9f1e9c19b26349985af651414712a890d26824f7ac949330a2e526511288c28b277571eece02fc4fea25ee58c97f32228b3afa93632e7953cc887f59b0da6298d4240ec17317be633d68e76ac4dc3b4dd3687cf80aa0df77a4f5c6874f9a1fa1a04e58e2f13a61b87695596a4ebca9b0b151aae979398c2fe15593c55b558fb50b7bdc8fbc753d9a4b91714dd1aaff6c7db312708a9f53239af5efceb9aea850341ea999fc859f3f3b3fa8410783363efe4577e2f8e1b3d01b4b763f8b52b1afaa7d049f48d4408d06a2932cb554b42be82778ecc43ed919b1e8622aeeb5676f954862997e6fb76376814d7858b5389fcaeef735ee177ad04b184cd1e07a930523ad9458c870578821151a7f2dac90c4c4c9739d5187442638b2309113c4370931b269ba891f0d37c43669ff66762416c906672be4fd93cddd104f20c7de8a6a90294232740694f6291a3d62874c34a2a1fbf9db7eab9f863e2c2375bb71fc90f5e67e5cfa09fbd40c2423bb575665300344f9b19605354e1b8fc3bfcb84323d7c4f1049b8e1a931a836419050848bb7e1b62fb9bb3bc792aa7b491c00c66c4fc0f5cf8169e9d5d958a975b3e9e9c5ddc6c329e205d0375c039f2ec1a9a13a6e2d44e12185eff0a4c7c0676c0f182444ec27e555c702caeebab497b9e68e77460ff9e2b78eb99f31bc257f739993d5585c8a5ead074f20fb776baeaf5436edc807d17931d9d242f8e793762df3de3954afc694a53a2c4d836229ccd34464105aacba3e32c1d2c7e56af649274639022226c86633dd1c5d1b337470dd41bbb48c9b963a0ee5495d982bf8bc52229942f14fe70d422edf4914f43c21c51e9798c3c13e15ac4ec833fa7c9f7d6a986412cf092ade2af18d3a9eb92285463419d19cb58523b7c492452f73f9d88d2efda6bd6876d27378224575ca1780027ac31d5febf087a2c179af050b81d61de83c044fa83dedda2239618adf2f20b55e099b661c2fb61b2c7788adf15d096d7e4351fbbfc82e6a6b021fd20a5b85c2c18edd3fb0b8a791db04ad06703bf27954e5eaf509227a7d56d1dd3a27abf4292241f41976f6144b22a67e5c2b2faca6228a75dc1d8fc472139da25e446dc30170a57dd3c1b455dd897ab95426055682380890088215a702719afc79dddd2137dcad98976a8951e493847fc39c80ecc9928a5b7f6b92dc2816601998b078daacccb5ae66aed43fc5c286677a2a0eab5f61bf6c6d9d34db773382fe7cacbd20813edf6d548162d55739fec4fed52321ebcc68309a931ca118a56850223fc32aa06bb96846d6baa9467a0d286e8ff78a074eaf65cf5bd5dc065e510fdd212f07918fd4dd0a26269ad7d42e1d6dbef2da881bb349aebb05e14c1051c5a42db50cc4f1b080de3ac001d75c0443b8084bebe6474d46cef5e06262dda2974771c947f33fb125bbead8a3d4573cbb35d3ad6fde12e81fcaec90e82a1b6a0281eb49e146576cf893110ea14a6204327a1ebbc9d229a4fa5a0ba70a2ce044697408bdbf4d00bf5ea00274dd25bc00cca89f4d50cacbb205f511b9266933c48ff72f4b20410070526350e4c4b5fa5959012c2696ce7af61a4e2d338969e21009d993f6e1ffc3721a0927cb779d49fb685972f5d466ba30f1841cf796b263870a0873460063a770e4dc30dd2b9651f3008c1afc154d49aebaa82de40cd825c3121caab1bca8aed773370d71722ade925b8c6cae999ff592a3d624f4419c651eccd69034491e91ed4fff23eecdb5ee6571499e06423bc2a86df9451d437a09917a1ddf884e56b964ad32bf8d9333ec7ca792d957d7303f43f0ddf9d8b2d61db8b78a550462bde7be5e3bea92ac0491a417f3def4b76f99a958b86b3f790c4c71e63cc5a47e8b50f6e4bb12b348e5218d5ad9affb271422fba457c27ce22407994af4448366730ccfdb8ceb3604590fb210ab16cbf152db865c6fe31556e843acb79d6eff380773e8d9ec02831102e4ab642fdefa7929f8538a9c2ecedde93836654636942db11452d85c1d7eec3a46e34aa689601f92ee02f0506f1cf542067b9bb0f4e598e202e815598c6da9cf6e9d3d4c2b46112e580b45007bd8e8b5adcd0f08399d2fd86f62e725390a5b7b8b3a1d91f9b2200586d287e31bd4f7631e3e87b10cb8b6bde53aef44a3fe63bd8722000a15699f9d061f2409189b93e184ec59d8c1d0e957050c4e26f484b096f43b26668d2f8c7e71216d0941dbeecc66674835b8ebb9a9102a8783887d16c5109039ee88b19ac5d8a7b5da9b75161687c8d4cc92f7fe66c558a78f3076514950b2cf2e91a461896b1c9ab81dd3502fb302340bf5081248bfd4296d6e845fb8fc7616d65938c151bc6e42d5930caff1574e2f6ced8e3789d947038d10fbf489fa04df0483875ef9632a47ea1533d81ffec6ea79e1b9b110134066513533d2ff9b5f7cb7d78bb413d82d36428d15d79bdf6866d1331d45e49062146ccbe37622a1162681fe0df3ea1960f7042cdfbccef2953280e7fa15d7767baec8c0377b59562ebaa2ad2205f06cafd31d28b0d69980a94eaacbd2023e747956217a9ab66273d068b6775b60eef9b8d2731b461115a5c101b69ac64e2e5bc12080e80f81cd31e7a0e64bfb177c518e13dca0cbf710568aae1976d718443a85da75682ea902932f6bbe246a283daac6369167e34c7f02083d2422f4624937b958855ac9d7f1c3daf602f0ac77bbe2188c84acd790ac3ad2b2dc8ac7c4224891195588dbe1d18ea227cf6804926a857daec60a03200c2334f92397f9fa5bc94ea73320199cd7d21f620135d31c8ca66fa059668c2c169c52fcebb71f9327fca20938c59e28bc37439835cbbc373e482b0e433b99dcae69165c5d161bbf184ce1bd04730919f3b24d3bbbf0f79d03da76cc1dd5b57971c4e1dfaf98360408e871f96f7ac2703526bdf569f0dcf05a49b979c20a6340642f82d8a243a723d051e0ee1b7d66b1ac4fc3630b68cadbc4f0d3a43c65ef72a00bc998adaef2b90cb740c2c7cb04898e325694b37306642e635e8ee300fc103deeecf82d8f0dc13d39f8fd2b26187a40aa287eca53bf62d37a94b2aa5149964e691c10aeeeba5597d669ac0501b3aca14c74c14b9e159d9cc9fe7bb4daaef2799a637ebab7666b67b32d0cef4c6b4c70bef2538ad7f97365785406b50680495fda061b6719581bdc60cfdd1eddc645189ca329461478614f964f87ac45759f700a66b075c3f34600854ba81f3f3023c6b3481aefd47515223294dbd2484b2918ca9cb72d75a217b05440c7f151a8a514d141a9b73b5c49ec262eb47675426e5f9d8d8f288736b190cc5e1645b57095e17a5604d6a047914d3158e50aeb3a35b44182444b058e9252309f9c6473e138d8ceb66c35dfa4f315ac8a5dfb78919e0a27710150857544d897b98ff98db76e841e57937f78fffccae61c7c0861473e2001bbdf098091ddce94ab25aaa9e316c82609f25caa0636a715ea364cd108c3f33bea8e3812a669c8129473e3e383a18598f6119324ef94163de9ce64c288da4e88fc16868f3a42ab1ed0d9517eee820d2ad0191c0381040de4ed5489f67e728ffb5f8fb41dd89aa9e0bf95007837572e223226288a665dcb8e3411b2126f3c470bac6ba2d9ded0de60d9d7fbfbd512fb283cadfcf0822ebe10049a3e8d7dcf3177de3d50c6ce74468e3f678a14ae0ea59335b35ae4be7509bbca9141ef822eff07d6a32af26f5fde2efe6d6814053de8017d4e354292927cc90cad7229fd630dba9e66047bd3bdeb9795f9d8cdf8d6b4b81ceaf23d75cf8e92117b9a5cce1b9e16f6f9e716acd04ebbc437e97f22f38de374b747c46c56de9248d79b8a2c831291ceb7a15f6302edf7e8a201415a870659c0ae014e76c4cd26a18774dff3b18062912390a0e61cde1f2b14e47d4cd98476f7b66a35e21dcd4fc17b3aab153ceb293b8f07c65928ea7780f2563d931fbf04bc9b1dc9bb7554a86c747fbf6aa0e18190eced8ef5de10f88b135e1d6eefeb496f3733ac4d345932678eee7c3524fd014393b7551c5e8f8dfd137804d2965be4a12441d9281e1a9615dbbd0fb41e190c53ab874e2acf0a4563e9d0720348e23722b677a007918272fad0a5a34d1df874b8aab3e75a42e6bd90fe0f2adf12344f64559150c5bfe40a5c1c7f1b2c58643247456228ff069beca857311ae2bf95e42bddaa2ea7ea1197a0df1323a4e7350037bfbcd666be976e3ebd5b7cb2f551c8fdf487564288af7855d42aa2df64be775b112376835f6c76b69b153c4e87dfe7f610ac909db0f2fa8b33863bbb7ceb305601470c13a0a268657c251db1dd52f51b88290dfd003ed4bdcdc36f01964ba982e4adc4237397f91c4057f350f049e7933411dd230c0c0ab6ffe5e6e7bd68e75fe5b67deee8432a1bc90dccfe425fcd1a5f9748591a437cd27719e6876", 0x1000}], 0x1, 0x0, 0x0, 0x10}, {&(0x7f0000000100)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f00000001c0)=[{&(0x7f0000000180)="c35edabe64d3e5715fc3fbe5a549ea2d5805670d6025c4af6cc8ac648362522b5ab36061862eb5", 0x27}], 0x1, &(0x7f0000001540)=[@rights={{0x2c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, r2]}}, @rights={{0x24, 0x1, 0x1, [r2, r2, r2, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x1c, 0x1, 0x1, [r2, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}], 0xf0, 0x40008}, {&(0x7f0000001600)=@abs={0x1, 0x0, 0x4e22}, 0x6e, &(0x7f0000001ac0)=[{&(0x7f0000001680)="76f0eb8ba89e82ec72eeb275e327cdd7b38a8ae6eb5a1f8b4580afab14b01554a61b132381775421d11b94", 0x2b}, {&(0x7f00000016c0)="1b60ef7c4eaf91ee859dc673499c12698b0280af4905c2a1cbdc5bd8564f3b3a7a2cf9d351ec3c02185e5a6a855203f24ab8e4beef17bd46dd56dff05089152ff302de40135f69db7fe4a4aaba64cde135b9b0fde14608258ac4bc6076c7813d05b6e70593d90270e885c6ed992c13adeeccdc3bb74df2e1c09640f1f3e104eae25b5d2dcda15897149cd678dc74abc17470d744e1de87c180605e4cbc1d91ee254c8d04bce12992c619a49510b1a492b86545748943a74748d9c32f79408957dfd70036431de43d1a1fd6ed5239aa87cb015f83dbe204354a18dde175ad", 0xde}, {&(0x7f00000017c0)="c4fe9f834f655af8dfe5898f29f701d2ef0310dc2389800adc25bd1cb2dbb0afd2be016a290f028149403d29f80989148c16b4d9da31469936cbcff444f15de7f52a887b47bce14640e3fecbf51f3be9cfda384add44d84f0ddf8d79facd4674f08614b075fc44ea0fd361c895ab57be8dca3c36b9c0e6ac63890fef0b77e806fa61284244d8fe5ff48166e7cd9658476801026f581902a04b7d2056cd2ed2d76244", 0xa2}, {&(0x7f0000001880)="01", 0x1}, {&(0x7f0000001980)="365eb6389e10c66bacb717d0e5d2ea869d8d22f6c2ff0bbef495420f6a33bedf1f185a011edcb5d471b771e3c54b4a464215cfc2f58184f027dabb9b10079112415e36d22719ba93633369e9eb568c5d6bca7c9f60c7b0be2b668446af8c2dcd2f846742d8b927e0c7ad8e7c48032b114a", 0x71}], 0x5, &(0x7f0000001b80)=[@rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, r2, r2, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {0x0, r4, r8}}}], 0x48, 0x4c000}], 0x3, 0x4004090) fchownat(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', 0x0, r8, 0x1000) ioctl$TIOCVHANGUP(r0, 0x5437, 0x0) [ 2561.003681] audit: type=1800 audit(1590777667.839:1078): pid=29381 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="collect_data" cause="failed(directio)" comm="syz-executor.0" name="file0" dev="sda1" ino=16206 res=0 [ 2561.044573] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 2561.084855] audit: type=1804 audit(1590777667.859:1079): pid=29381 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="open_writers" comm="syz-executor.0" name="/root/syzkaller-testdir477172077/syzkaller.GVGvUQ/713/file0" dev="sda1" ino=16206 res=1 [ 2561.110159] Bluetooth: Unknown HCI packet type 00 [ 2561.115203] Bluetooth: Unknown HCI packet type 5e [ 2561.137017] Bluetooth: Unknown HCI packet type 43 18:41:08 executing program 5: memfd_create(&(0x7f0000000340)='-B\xd5NI\xc5j\xbappp\xf0\b\x84\xa2m\x00:)\x00\xbb\x8d\xac\xacva}knh#\xcb)\x0f\xc8\xc0:\x9cc\x10d\xee\xa9\x8bCc\xad\x89\x9ck\xde\xc5\xe96\xddU\xa9=\xcdJx\xaa\x8f~\xb90a\xa9\xb2\x04K\x98\x93?\x88Q\xf7\xd6\x1d\xa1\xce\x8b\x19\xea\xef\xe3\xab\xb6\xa5$4\xd6\xfe7\x0f\xe7\xd9$\xce \xabN\xae\xc9\xbd\xd3g@\xe1\'s\x0e\x90\xf2\xcdr\xb8(', 0x0) openat$mice(0xffffffffffffff9c, &(0x7f0000000080)='/dev/input/mice\x00', 0x0) syz_open_dev$sndpcmp(&(0x7f0000000040)='/dev/snd/pcmC#D#p\x00', 0x0, 0x0) openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040)='/dev/rfkill\x00', 0x0, 0x0) openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0) unshare(0x8000400) mq_open(&(0x7f0000000000)='-$\x00', 0x6e93ebbbcc0884ee, 0x0, 0x0) pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, 0x3938700}, 0x0) [ 2561.185717] Bluetooth: Unknown HCI packet type 5e [ 2561.231187] Bluetooth: Unknown HCI packet type 50 [ 2561.247679] Bluetooth: Unknown HCI packet type 5e [ 2561.253562] Bluetooth: Unknown HCI packet type 40 [ 2561.266378] audit: type=1804 audit(1590777668.099:1080): pid=29381 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="ToMToU" comm="syz-executor.0" name="/root/syzkaller-testdir477172077/syzkaller.GVGvUQ/713/file0" dev="loop0" ino=1 res=1 [ 2561.326830] Bluetooth: Error in BCSP hdr checksum [ 2561.338476] minix_free_inode: bit 1 already cleared [ 2561.588668] Bluetooth: Error in BCSP hdr checksum [ 2561.786669] Bluetooth: hci3 command 0x1003 tx timeout [ 2561.792005] Bluetooth: hci3 sending frame failed (-49) [ 2561.846730] Bluetooth: Error in BCSP hdr checksum [ 2562.106712] Bluetooth: Error in BCSP hdr checksum [ 2562.366758] Bluetooth: Error in BCSP hdr checksum [ 2562.626855] Bluetooth: Error in BCSP hdr checksum [ 2562.886703] Bluetooth: Error in BCSP hdr checksum [ 2563.136533] Bluetooth: hci5 command 0x1003 tx timeout [ 2563.141842] Bluetooth: hci4 command 0x1003 tx timeout [ 2563.141899] Bluetooth: hci5 sending frame failed (-49) [ 2563.149160] Bluetooth: Error in BCSP hdr checksum [ 2563.157548] Bluetooth: Error in BCSP hdr checksum [ 2563.226541] Bluetooth: hci6 command 0x1003 tx timeout [ 2563.231902] Bluetooth: hci6 sending frame failed (-49) [ 2563.416690] Bluetooth: Error in BCSP hdr checksum [ 2563.676661] Bluetooth: Error in BCSP hdr checksum [ 2563.856435] Bluetooth: hci3 command 0x1001 tx timeout [ 2563.861751] Bluetooth: hci3 sending frame failed (-49) [ 2563.936717] Bluetooth: Error in BCSP hdr checksum [ 2564.196772] Bluetooth: Error in BCSP hdr checksum [ 2564.466846] Bluetooth: Error in BCSP hdr checksum [ 2564.736644] Bluetooth: Error in BCSP hdr checksum [ 2564.996661] Bluetooth: Error in BCSP hdr checksum [ 2565.216347] Bluetooth: hci5 command 0x1001 tx timeout [ 2565.216402] Bluetooth: hci4 command 0x1001 tx timeout [ 2565.221661] Bluetooth: hci5 sending frame failed (-49) [ 2565.233551] Bluetooth: Error in BCSP hdr checksum [ 2565.306416] Bluetooth: hci6 command 0x1001 tx timeout [ 2565.311745] Bluetooth: hci6 sending frame failed (-49) [ 2565.486579] Bluetooth: Error in BCSP hdr checksum [ 2565.491731] Bluetooth: Error in BCSP hdr checksum [ 2565.497402] Bluetooth: Error in BCSP hdr checksum [ 2565.746596] Bluetooth: Error in BCSP hdr checksum [ 2565.751508] Bluetooth: Error in BCSP hdr checksum [ 2565.946288] Bluetooth: hci3 command 0x1009 tx timeout [ 2566.006577] Bluetooth: Error in BCSP hdr checksum [ 2566.011493] Bluetooth: Error in BCSP hdr checksum [ 2566.266549] Bluetooth: Error in BCSP hdr checksum [ 2566.271476] Bluetooth: Error in BCSP hdr checksum [ 2566.526445] Bluetooth: Error in BCSP hdr checksum [ 2566.531344] Bluetooth: Error in BCSP hdr checksum [ 2566.786488] Bluetooth: Error in BCSP hdr checksum [ 2566.791471] Bluetooth: Error in BCSP hdr checksum [ 2567.056552] Bluetooth: Error in BCSP hdr checksum [ 2567.061548] Bluetooth: Error in BCSP hdr checksum [ 2567.067705] Bluetooth: Error in BCSP hdr checksum [ 2567.296169] Bluetooth: hci4 command 0x1009 tx timeout [ 2567.301434] Bluetooth: hci5 command 0x1009 tx timeout [ 2567.316454] Bluetooth: Error in BCSP hdr checksum [ 2567.321354] Bluetooth: Error in BCSP hdr checksum [ 2567.376270] Bluetooth: hci6 command 0x1009 tx timeout [ 2567.576483] Bluetooth: Error in BCSP hdr checksum [ 2567.581386] Bluetooth: Error in BCSP hdr checksum [ 2567.836553] Bluetooth: Error in BCSP hdr checksum [ 2567.841480] Bluetooth: Error in BCSP hdr checksum [ 2568.096333] Bluetooth: Error in BCSP hdr checksum [ 2568.101381] Bluetooth: Error in BCSP hdr checksum [ 2568.356373] Bluetooth: Error in BCSP hdr checksum [ 2568.361329] Bluetooth: Error in BCSP hdr checksum [ 2568.616400] Bluetooth: Error in BCSP hdr checksum [ 2568.621331] Bluetooth: Error in BCSP hdr checksum [ 2568.876419] Bluetooth: Error in BCSP hdr checksum [ 2568.881341] Bluetooth: Error in BCSP hdr checksum [ 2569.136381] Bluetooth: Error in BCSP hdr checksum [ 2569.141298] Bluetooth: Error in BCSP hdr checksum [ 2569.396494] Bluetooth: Error in BCSP hdr checksum [ 2569.401485] Bluetooth: Error in BCSP hdr checksum [ 2569.656359] Bluetooth: Error in BCSP hdr checksum [ 2569.661389] Bluetooth: Error in BCSP hdr checksum 18:41:16 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) open(&(0x7f00000000c0)='./file0\x00', 0x40c2, 0x0) open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) signalfd(r0, &(0x7f0000000200)={[0x7fffffff]}, 0x8) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x200000000, 0x2, &(0x7f00000001c0)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r2 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) write$binfmt_elf64(r2, &(0x7f0000000ec0)=ANY=[], 0x471) lsetxattr$trusted_overlay_nlink(&(0x7f0000000000)='./file0/file0\x00', &(0x7f0000000100)='trusted.overlay.nlink\x00', &(0x7f0000000180)={'U+', 0x401}, 0x16, 0x3) sendfile(r2, r2, &(0x7f0000000480), 0xa198) pipe(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000040)='/dev/cuse\x00', 0x2, 0x0) splice(r5, 0x0, r4, 0x0, 0x20000038, 0x0) r6 = socket(0x200000000000011, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000080)={'sit0\x00', 0x0}) bind$packet(r6, &(0x7f0000000200)={0x11, 0x0, r7, 0x1, 0x0, 0x6, @local}, 0x14) write$FUSE_INTERRUPT(r3, &(0x7f00000002c0)={0x10, 0x0, 0x4}, 0x10) sendmmsg(r6, &(0x7f0000000d00), 0x400004e, 0x0) ioctl$VIDIOC_QBUF(r4, 0xc058560f, &(0x7f0000000240)={0x401, 0x3, 0x4, 0x4, 0x19, {0x77359400}, {0x5, 0x8, 0x2, 0xfe, 0x3, 0x3, "40fbfbd0"}, 0x0, 0x3, @fd, 0x4, 0x0, r6}) 18:41:16 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) mount$fuseblk(&(0x7f0000000080)='/dev/loop0\x00', 0x0, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000000b000/0x18000)=nil, &(0x7f00000008c0)=[@text32={0x20, &(0x7f00000000c0)="b805000000b9510000000f01c10f46a78900000066ba2100b067ee66ba4100edb9800000c00f3266ba400066ed0f30c4c271de9d0000000066b808008ed0660f38806f000f011c2666b8bf008ee0", 0x4e}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)) r3 = inotify_init() r4 = inotify_init() r5 = dup3(r3, r4, 0x0) ioctl$sock_inet_udp_SIOCINQ(r5, 0x541b, &(0x7f0000000040)) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4cb]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 18:41:16 executing program 4: mkdir(&(0x7f0000000100)='./bus\x00', 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) mount$overlay(0x400019, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000000)='overlay\x00', 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="04b5aa2ada6ae7548b7a5c2f"]) [ 2569.916295] Bluetooth: Error in BCSP hdr checksum [ 2569.921290] Bluetooth: Error in BCSP hdr checksum [ 2569.927131] overlayfs: unrecognized mount option "µª*ÚjçT‹z\/" or missing value [ 2569.943704] audit: type=1800 audit(1590777676.780:1081): pid=29431 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="collect_data" cause="failed(directio)" comm="syz-executor.0" name="file0" dev="sda1" ino=15889 res=0 [ 2569.949450] overlayfs: unrecognized mount option "µª*ÚjçT‹z\/" or missing value [ 2569.998363] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 2570.006961] audit: type=1804 audit(1590777676.820:1082): pid=29431 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="open_writers" comm="syz-executor.0" name="/root/syzkaller-testdir477172077/syzkaller.GVGvUQ/714/file0" dev="sda1" ino=15889 res=1 18:41:16 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x89c2, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) r1 = socket$inet6(0xa, 0x80002, 0x0) r2 = socket(0x11, 0x800000003, 0x0) bind(r2, &(0x7f0000000080)=@generic={0x11, "000001000000004f080044d44eeba71a4976e252922cb18f6e2e2dba000000012e0b3832005404b0e8301a4ce875f2e3ff5fb39c030000000000000000000000080101013c58110308d9123127ecce66080000000e5bf5ff1b0816f3f6db1c00010000000000326d3a09ffc2c654000000000400"}, 0x80) getsockname$packet(r2, &(0x7f0000000140)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f00000001c0)=0x14) ioctl$sock_SIOCGIFINDEX(r1, 0x8914, &(0x7f0000000000)={'ipvlan0\x00', r3}) r4 = socket$inet6(0xa, 0x80002, 0x0) r5 = socket(0x11, 0x800000003, 0x0) bind(r5, &(0x7f0000000080)=@generic={0x11, "000001000000004f080044d44eeba71a4976e252922cb18f6e2e2dba000000012e0b3832005404b0e8301a4ce875f2e3ff5fb39c030000000000000000000000080101013c58110308d9123127ecce66080000000e5bf5ff1b0816f3f6db1c00010000000000326d3a09ffc2c654000000000400"}, 0x80) getsockname$packet(r5, &(0x7f0000000140)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f00000001c0)=0x14) ioctl$sock_SIOCGIFINDEX(r4, 0x8914, &(0x7f0000000000)={'ipvlan0\x00', r6}) r7 = socket$inet6(0xa, 0x80002, 0x0) r8 = socket(0x11, 0x800000003, 0x0) bind(r8, &(0x7f0000000080)=@generic={0x11, "000001000000004f080044d44eeba71a4976e252922cb18f6e2e2dba000000012e0b3832005404b0e8301a4ce875f2e3ff5fb39c030000000000000000000000080101013c58110308d9123127ecce66080000000e5bf5ff1b0816f3f6db1c00010000000000326d3a09ffc2c654000000000400"}, 0x80) getsockname$packet(r8, &(0x7f0000000140)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f00000001c0)=0x14) ioctl$sock_SIOCGIFINDEX(r7, 0x8914, &(0x7f0000000000)={'ipvlan0\x00', r9}) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000016c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000001680)={&(0x7f0000000280)=@deltfilter={0x1384, 0x2d, 0x400, 0x70bd27, 0x25dfdbfd, {0x0, 0x0, 0x0, 0x0, {0x1}, {0x7, 0x3}, {0xc, 0x1}}, [@TCA_CHAIN={0x8, 0xb, 0x8a}, @TCA_RATE={0x6, 0x5, {0xff, 0x1}}, @filter_kind_options=@f_basic={{0xa, 0x1, 'basic\x00'}, {0x1304, 0x2, [@TCA_BASIC_CLASSID={0x8, 0x1, {0xfff2}}, @TCA_BASIC_EMATCHES={0x20, 0x2, 0x0, 0x1, [@TCA_EMATCH_TREE_HDR={0x8, 0x1, {0xfff}}, @TCA_EMATCH_TREE_LIST={0x14, 0x2, 0x0, 0x1, [@TCF_EM_IPSET={0x10, 0x1, 0x0, 0x0, {{0x100, 0x8, 0x80}, {0x2, 0x3, 0x2}}}]}]}, @TCA_BASIC_ACT={0x4dc, 0x3, [@m_sample={0xe0, 0x5, 0x0, 0x0, {{0xb, 0x1, 'sample\x00'}, {0xc, 0x2, 0x0, 0x1, [@TCA_SAMPLE_RATE={0x8, 0x3, 0x7913}]}, {0xa9, 0x6, "1752239e8cbd297ef416d385b60a896d98a430d6964c26eca04979e8d5729198782be8433e22e620f661dd3602a6b4fe9cebf3eb9aff1b5191319f7258f403d2c9d8711f1c3b08300f56837eebef68ab579a4c1f1a62d831192e429d4c1caaf2df5ee6fb96c37a7f796b14a0e372af3acffd72d1289fda8bbb0b85103c3543007c6e7e0cc525b4c3011cba04c0c0e30942ef04fb14af51d23accd8a23eb72062a76df83a85"}, {0xc}, {0xc, 0x8, {0x3, 0x3}}}}, @m_mirred={0xa4, 0x4, 0x0, 0x0, {{0xb, 0x1, 'mirred\x00'}, {0x24, 0x2, 0x0, 0x1, [@TCA_MIRRED_PARMS={0x20, 0x2, {{0x4, 0x7, 0x5, 0x4, 0xff}, 0x2, r6}}]}, {0x58, 0x6, "3227c8f247b89d25fff77273ec7364f64353c48c51deb02e50cf15b01f8f92e8b1581b0a080d50bfd87db0816b44f43a8bdd9485ffc98f0a2a8bb433e759dce21ae20d47d96ea45c2f6801ba91b724f3bdd42cef"}, {0xc}, {0xc, 0x8, {0x1, 0x1}}}}, @m_mirred={0x15c, 0xa, 0x0, 0x0, {{0xb, 0x1, 'mirred\x00'}, {0xc4, 0x2, 0x0, 0x1, [@TCA_MIRRED_PARMS={0x20, 0x2, {{0x39, 0x5, 0x0, 0x8, 0xdb47}, 0x4}}, @TCA_MIRRED_PARMS={0x20, 0x2, {{0x5a4, 0x7fffffff, 0x1, 0x7}, 0x4}}, @TCA_MIRRED_PARMS={0x20, 0x2, {{0x4c, 0x20d, 0x6, 0x2, 0x7}, 0x1}}, @TCA_MIRRED_PARMS={0x20, 0x2, {{0xffffffff, 0xfff, 0x8, 0x1, 0xfffffffe}, 0x2, r3}}, @TCA_MIRRED_PARMS={0x20, 0x2, {{0x0, 0x7b, 0x8, 0x7, 0x49}, 0x2, r6}}, @TCA_MIRRED_PARMS={0x20, 0x2, {{0x40, 0x6, 0x2, 0x40, 0x7fff}, 0x2, r9}}]}, {0x6e, 0x6, "284471455d1c80d39fa2d438811c7c233271a76b1f60b8807eeb55dfdfe45fb94004846a252500257b341f525bfe7a3ae7ee4ef4be56a51554001790a1118dfc64aa8393803022e4c91e825506738228520d05ac3b2a0050bece36033497ac24d9658c1a73899e78470d"}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x630f627dc9485b9c, 0x2}}}}, @m_skbedit={0x10c, 0xc, 0x0, 0x0, {{0xc, 0x1, 'skbedit\x00'}, {0x24, 0x2, 0x0, 0x1, [@TCA_SKBEDIT_PTYPE={0x6, 0x7, 0x2}, @TCA_SKBEDIT_PTYPE={0x6, 0x7, 0x3}, @TCA_SKBEDIT_MARK={0x8, 0x5, 0x8000}, @TCA_SKBEDIT_PTYPE={0x6, 0x7, 0x6}]}, {0xbe, 0x6, "3924e9d50a98e8c748fdac9f77de196361eaa89722385b04c4ff5185ea06aa4b5d5fefe70904ad48f3adeef1bb4520cc73a4769d9a19faf197ec543de170e7ef04e8cae94fd5baa398ff691835caa31976a460383c8c0346e6f1400905f4d520120c38f450d27c504239cd3258e64e0ce708ee9c78f3cb2fb52010be34165df68dd3875bfdcb48929ac0dbc59f1325ef4ef340660bf31e5024ecbb3229961e1c8e8060c036a6c5984a315c91f81c13f500a7b24eaa4d8169e78c"}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x3, 0x7}}}}, @m_skbmod={0xec, 0x13, 0x0, 0x0, {{0xb, 0x1, 'skbmod\x00'}, {0x50, 0x2, 0x0, 0x1, [@TCA_SKBMOD_ETYPE={0x6, 0x5, 0x9c96}, @TCA_SKBMOD_SMAC={0xa}, @TCA_SKBMOD_PARMS={0x24, 0x2, {{0x7fffffff, 0xf1c, 0x10000000, 0x6, 0x7ff}, 0xd}}, @TCA_SKBMOD_ETYPE={0x6}, @TCA_SKBMOD_DMAC={0xa, 0x3, @random="1be02768f4e2"}]}, {0x74, 0x6, "7f6ab20b8b6d94ecf699445b6fa3cdb077e9c21596010628e74f40493bb1c574eb7d8850a7b154d1a71d1e4d800dc4b52498c3c0cfdc2169f3d938e9960358d51595ffd4bfbe9eb38c49ce2eed85d108f31f14078c5d47949532184fa96abebf62b8e2dcb3c9f709f29d7cf1b19d91e1"}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}]}, @TCA_BASIC_EMATCHES={0x13c, 0x2, 0x0, 0x1, [@TCA_EMATCH_TREE_LIST={0x138, 0x2, 0x0, 0x1, [@TCF_EM_CONTAINER={0xdc, 0x2, 0x0, 0x0, {{0x7}, "dbfaffbc8f85383362cf30394b83ce1b5145a3402c6dee9fadb42dd221ec787378b1bed9b8e0e3293e6c0e591b3a7ba8d447211cff9e2eb5b3c46fee240cf8821ddc29ea2a459753624848857ea21b0309407ac065605d8a7f5d7ebe6d7e245eb21d5664d25955744af353b6929896102275d304b8590e0bfb709ac505796c3946f4870f2463d2868dfdf0a402c098d8646d4c80692cc133ddbbc1740ebd31baa9d18607419fffe5d58e63579d1ca47e98d107fb76692b5ca00ad34438d49f370d24ca7ccbf75708b558030c30d724f5"}}, @TCF_EM_CANID={0x14, 0x2, 0x0, 0x0, {{0x8, 0x7, 0x8}, {{0x4, 0x1}, {0x4, 0x1, 0x1}}}}, @TCF_EM_META={0x44, 0x3, 0x0, 0x0, {{0xf801, 0x4, 0x6}, [@TCA_EM_META_LVALUE={0xb, 0x2, [@TCF_META_TYPE_VAR="05b5", @TCF_META_TYPE_INT=0x5, @TCF_META_TYPE_VAR='C']}, @TCA_EM_META_LVALUE={0x29, 0x2, [@TCF_META_TYPE_INT=0x3, @TCF_META_TYPE_INT=0x2, @TCF_META_TYPE_VAR="cab9bdf3311b", @TCF_META_TYPE_VAR="10ba5fc22e3f39276ac2", @TCF_META_TYPE_VAR="dd0c870311", @TCF_META_TYPE_VAR="8b3051a0", @TCF_META_TYPE_INT=0x3]}]}}]}]}, @TCA_BASIC_EMATCHES={0x334, 0x2, 0x0, 0x1, [@TCA_EMATCH_TREE_HDR={0x8, 0x1, {0xfae}}, @TCA_EMATCH_TREE_LIST={0x9c, 0x2, 0x0, 0x1, [@TCF_EM_IPT={0x40, 0x3, 0x0, 0x0, {{0x5, 0x9, 0xfff}, [@TCA_EM_IPT_HOOK={0x8, 0x1, 0x3}, @TCA_EM_IPT_NFPROTO={0x5, 0x4, 0x3}, @TCA_EM_IPT_NFPROTO={0x5, 0x4, 0x3}, @TCA_EM_IPT_MATCH_DATA={0x4}, @TCA_EM_IPT_MATCH_REVISION={0x5, 0x3, 0x40}, @TCA_EM_IPT_NFPROTO={0x5, 0x4, 0xa}, @TCA_EM_IPT_MATCH_REVISION={0x5, 0x3, 0x4}]}}, @TCF_EM_IPSET={0x10, 0x2, 0x0, 0x0, {{0x0, 0x8, 0x8001}, {0x0, 0x2}}}, @TCF_EM_NBYTE={0x18, 0x3, 0x0, 0x0, {{0x4, 0x2, 0x8}, {0x1ff, 0x3, 0x0, "d306ed"}}}, @TCF_EM_U32={0x1c, 0x2, 0x0, 0x0, {{0x3, 0x3, 0xfff}, {0x9, 0x3, 0x8, 0x7}}}, @TCF_EM_CANID={0x14, 0x1, 0x0, 0x0, {{0x4, 0x7, 0x7}, {{0x4, 0x1, 0x0, 0x1}, {0x1}}}}]}, @TCA_EMATCH_TREE_LIST={0x138, 0x2, 0x0, 0x1, [@TCF_EM_NBYTE={0x18, 0x1, 0x0, 0x0, {{0x0, 0x2, 0x400}, {0x7, 0x4, 0x0, "ffd8041d"}}}, @TCF_EM_META={0x54, 0x1, 0x0, 0x0, {{0x9, 0x4, 0x5}, [@TCA_EM_META_HDR={0xc, 0x1, {{0x9, 0x80, 0x2}, {0x4, 0x7, 0x2}}}, @TCA_EM_META_RVALUE={0x8, 0x3, [@TCF_META_TYPE_INT=0xa]}, @TCA_EM_META_RVALUE={0x27, 0x3, [@TCF_META_TYPE_INT=0x1, @TCF_META_TYPE_INT=0x1, @TCF_META_TYPE_VAR="9d591da567626a4ab1", @TCF_META_TYPE_INT=0x6, @TCF_META_TYPE_VAR="f606d11c8a4f", @TCF_META_TYPE_INT=0x9, @TCF_META_TYPE_INT=0x6]}, @TCA_EM_META_RVALUE={0xc, 0x3, [@TCF_META_TYPE_VAR="cf0fb05a51215f3b"]}]}}, @TCF_EM_NBYTE={0x1c, 0x1, 0x0, 0x0, {{0x7}, {0xff, 0x8, 0x1, "57c1a7c05cfd02c0"}}}, @TCF_EM_CONTAINER={0xac, 0x3, 0x0, 0x0, {{0x8000, 0x0, 0x99e8}, "98fba07911c56d5a132d529c1ef0d21e8627adb861f04d6e250616f535a8657348cbb29d5c4f09328d4f762671e7b6232573a9525bc51fa9bf70343328f7d6d5762ce6352d3dacfb8bf69476d38e96807cdd528a8c4459a19ab105e338901ab1318acd93dedf0be40101bae70dbfb72035bbf47a2dcd34653f6580e835b23f9f28a96a541c3af8bc954f4616de4dbeb5638ef25f9a8fc3b97df9725e17"}}]}, @TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x5c}}, @TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x200}}, @TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x1}}, @TCA_EMATCH_TREE_LIST={0x134, 0x2, 0x0, 0x1, [@TCF_EM_IPT={0x14, 0x3, 0x0, 0x0, {{0x80, 0x9, 0x6}, [@TCA_EM_IPT_MATCH_REVISION={0x5, 0x3, 0x1}]}}, @TCF_EM_NBYTE={0x14, 0x2, 0x0, 0x0, {{0x2, 0x2, 0x1}, {0x1}}}, @TCF_EM_CMP={0x18, 0x1, 0x0, 0x0, {{0x6, 0x1, 0x20}, {0xfffffffa, 0x1, 0xe6, 0x1, 0x4, 0x0, 0x2}}}, @TCF_EM_CMP={0x18, 0x3, 0x0, 0x0, {{0x37}, {0x100, 0x0, 0x3f, 0x4, 0xb, 0x1}}}, @TCF_EM_CMP={0x18, 0x2, 0x0, 0x0, {{0x8001, 0x1, 0x4}, {0x2, 0x10000, 0x0, 0x5, 0x2, 0x2, 0x2}}}, @TCF_EM_META={0x78, 0x2, 0x0, 0x0, {{0x2, 0x4, 0xaebd}, [@TCA_EM_META_RVALUE={0x21, 0x3, [@TCF_META_TYPE_VAR='kn', @TCF_META_TYPE_VAR='Y', @TCF_META_TYPE_VAR="d8c0b8b437ec89858546", @TCF_META_TYPE_VAR="d6c2468cacdccf", @TCF_META_TYPE_INT=0x6, @TCF_META_TYPE_VAR="a44dacda2e"]}, @TCA_EM_META_HDR={0xc, 0x1, {{0x52, 0x40, 0x1}, {0x800, 0xfd}}}, @TCA_EM_META_LVALUE={0x28, 0x2, [@TCF_META_TYPE_INT=0x2, @TCF_META_TYPE_VAR="0aa61c212fad0209", @TCF_META_TYPE_VAR="7461f7ed", @TCF_META_TYPE_VAR="0081", @TCF_META_TYPE_INT=0x3, @TCF_META_TYPE_VAR="bd2fe7aa21df", @TCF_META_TYPE_INT=0xa, @TCF_META_TYPE_INT=0x5]}, @TCA_EM_META_HDR={0xc, 0x1, {{0x81, 0x0, 0x2}, {0x1f, 0x5a, 0x2}}}, @TCA_EM_META_LVALUE={0x8, 0x2, [@TCF_META_TYPE_INT=0x6]}]}}, @TCF_EM_NBYTE={0x18, 0x3, 0x0, 0x0, {{0x1, 0x2, 0xfffd}, {0x0, 0x3, 0x1, "80e0c2"}}}, @TCF_EM_CANID={0x14, 0x3, 0x0, 0x0, {{0x4479}, {{0x4, 0x0, 0x0, 0x1}, {0x0, 0x0, 0x1, 0x1}}}}, @TCF_EM_U32={0x1c, 0x2, 0x0, 0x0, {{0xa7f0, 0x3, 0x1000}, {0x5, 0xe5c, 0x2, 0x5}}}]}, @TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x4}}]}, @TCA_BASIC_EMATCHES={0xec, 0x2, 0x0, 0x1, [@TCA_EMATCH_TREE_HDR={0x8, 0x1, {0xb8}}, @TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x81}}, @TCA_EMATCH_TREE_LIST={0xd0, 0x2, 0x0, 0x1, [@TCF_EM_META={0xbc, 0x3, 0x0, 0x0, {{0x6, 0x4, 0x9}, [@TCA_EM_META_HDR={0xc, 0x1, {{0x7f, 0x0, 0x2}, {0x219b, 0x3, 0x1}}}, @TCA_EM_META_HDR={0xc, 0x1, {{0x80, 0x8, 0x1}, {0x6, 0x4, 0x1}}}, @TCA_EM_META_RVALUE={0x16, 0x3, [@TCF_META_TYPE_VAR="1277", @TCF_META_TYPE_VAR="321d1feb", @TCF_META_TYPE_VAR="b955e955", @TCF_META_TYPE_INT=0x7, @TCF_META_TYPE_INT=0x1]}, @TCA_EM_META_LVALUE={0x31, 0x2, [@TCF_META_TYPE_INT=0xa, @TCF_META_TYPE_INT=0x4, @TCF_META_TYPE_VAR="e2cff2", @TCF_META_TYPE_VAR="86", @TCF_META_TYPE_INT=0x9, @TCF_META_TYPE_VAR="6375ead46158186d357d", @TCF_META_TYPE_VAR="4c49bd0834b39b", @TCF_META_TYPE_INT=0x8, @TCF_META_TYPE_INT=0x6, @TCF_META_TYPE_INT=0x5]}, @TCA_EM_META_HDR={0xc, 0x1, {{0x999, 0x1f, 0x1}, {0xffff, 0x8, 0x2}}}, @TCA_EM_META_RVALUE={0x15, 0x3, [@TCF_META_TYPE_VAR="0f6f2af7209b3a03", @TCF_META_TYPE_INT=0xa, @TCF_META_TYPE_INT=0x9, @TCF_META_TYPE_VAR='3']}, @TCA_EM_META_RVALUE={0x25, 0x3, [@TCF_META_TYPE_INT=0xa, @TCF_META_TYPE_VAR="9a07e5a7fefb34", @TCF_META_TYPE_INT=0x8, @TCF_META_TYPE_INT=0x5, @TCF_META_TYPE_INT=0x2, @TCF_META_TYPE_VAR, @TCF_META_TYPE_VAR="8639779ee33e78b2e15f"]}]}}, @TCF_EM_IPSET={0x10, 0x3, 0x0, 0x0, {{0x51, 0x8, 0x4}, {0x4}}}]}, @TCA_EMATCH_TREE_HDR={0x8}]}, @TCA_BASIC_EMATCHES={0x364, 0x2, 0x0, 0x1, [@TCA_EMATCH_TREE_HDR={0x8, 0x1, {0xd0b8}}, @TCA_EMATCH_TREE_LIST={0x120, 0x2, 0x0, 0x1, [@TCF_EM_NBYTE={0x14, 0x3, 0x0, 0x0, {{0x8001}, {0xaa, 0x1, 0x2, "87"}}}, @TCF_EM_IPT={0x108, 0x1, 0x0, 0x0, {{0x4, 0x9, 0xffff}, [@TCA_EM_IPT_MATCH_DATA={0x8a, 0x5, "1454e2daba37418b48329e4c882bd31a246debd913831d7e0fde5e0297b50f9ba237b1400b5815bb0200205988180d70181c17602ad9a1681627595effe0f83731ed42bbd1e5d87562043b77ebd09204929be01d7080e9a871e07e5519b47c0080f85956433d4365f4f242c4bb3ef680c41f0a3d6af19204e14822db07e4d3432bb24505bf26"}, @TCA_EM_IPT_MATCH_DATA={0x66, 0x5, "b48fbaae7ddad6aacd1e59c4136412bf507b3aa6016b799ef1ffec1db39827e03dc2335b822021b36f18e4a2e05aa6ad9e7b45ffd4160ff916f3362e801402a14f69dde2be1599e892de091e3b6055dfa937a43670284a2fe1e2b104c76135224c94"}, @TCA_EM_IPT_MATCH_REVISION={0x5}]}}]}, @TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x957}}, @TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x5}}, @TCA_EMATCH_TREE_LIST={0x18, 0x2, 0x0, 0x1, [@TCF_EM_CANID={0x14, 0x2, 0x0, 0x0, {{0x0, 0x7, 0x3}, {{0x4, 0x0, 0x0, 0x1}, {0x2, 0x0, 0x1, 0x1}}}}]}, @TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x1}}, @TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x4}}, @TCA_EMATCH_TREE_LIST={0x1f0, 0x2, 0x0, 0x1, [@TCF_EM_CMP={0x18, 0x2, 0x0, 0x0, {{0x7, 0x1, 0xff}, {0x8, 0xffff6690, 0x7, 0x9, 0x7, 0x2, 0x2}}}, @TCF_EM_META={0x40, 0x1, 0x0, 0x0, {{0x0, 0x4, 0x7}, [@TCA_EM_META_RVALUE={0x28, 0x3, [@TCF_META_TYPE_VAR="4ab5c97970a5", @TCF_META_TYPE_INT=0x3, @TCF_META_TYPE_INT=0x3, @TCF_META_TYPE_VAR, @TCF_META_TYPE_INT=0x8, @TCF_META_TYPE_INT=0x5, @TCF_META_TYPE_VAR="7113", @TCF_META_TYPE_INT, @TCF_META_TYPE_INT=0x8, @TCF_META_TYPE_INT=0x4]}, @TCA_EM_META_HDR={0xc, 0x1, {{0x2, 0x5, 0x2}, {0x8000, 0xb7, 0x1}}}]}}, @TCF_EM_CONTAINER={0xac, 0x3, 0x0, 0x0, {{0x7, 0x0, 0x5}, "f2f891f12ece86c4a2c91952bc9368f87de4ba806b232e6e66d6b58a468a04316442f64aade7c1258e2eaca898b61d2e2afa6e7184f0ea1b6a41574e33335f4d760509358ecb7a753c1134d7e849403e864a99b5231a4b38a51ef2508310f9df0229559a3deb7718cf20f8f92e33818bb87ea40cb073ef2fb78259f08b100a520ff190b96a49bacf54cb962c2a872db171dba91af49181acd0d4b0c817"}}, @TCF_EM_META={0x68, 0x1, 0x0, 0x0, {{0x1000, 0x4, 0x1}, [@TCA_EM_META_LVALUE={0x2d, 0x2, [@TCF_META_TYPE_INT=0x7, @TCF_META_TYPE_VAR="e1313aa69c", @TCF_META_TYPE_INT, @TCF_META_TYPE_INT=0x3, @TCF_META_TYPE_VAR="1a1c", @TCF_META_TYPE_VAR="bc1d920e36bfe1f494", @TCF_META_TYPE_VAR="6f6f67f6953350a588", @TCF_META_TYPE_INT=0x8]}, @TCA_EM_META_LVALUE={0x2b, 0x2, [@TCF_META_TYPE_VAR="312cd176330874", @TCF_META_TYPE_VAR="ed22e894823602ef36ea", @TCF_META_TYPE_INT=0x9, @TCF_META_TYPE_VAR="532fbcc1cd72f97a41c7", @TCF_META_TYPE_INT=0x1, @TCF_META_TYPE_INT]}]}}, @TCF_EM_CMP={0x18, 0x3, 0x0, 0x0, {{0x1, 0x1, 0x9}, {0x0, 0x0, 0x2, 0x6, 0x5, 0x2, 0x2}}}, @TCF_EM_CANID={0x14, 0x2, 0x0, 0x0, {{0x6, 0x7, 0x7}, {{0x0, 0x1}, {0x0, 0x0, 0x0, 0x1}}}}, @TCF_EM_CANID={0x14, 0x1, 0x0, 0x0, {{0x8, 0x7, 0xfff}, {{0x2, 0x1, 0x1, 0x1}, {0x0, 0x0, 0x1, 0x1}}}}, @TCF_EM_CONTAINER={0x14, 0x1, 0x0, 0x0, {{0xc758, 0x0, 0x9}, "57a31180f46b918e"}}, @TCF_EM_CONTAINER={0x2c, 0x1, 0x0, 0x0, {{0x81, 0x0, 0x8}, "de760a014c92ea35a2233d1b296dc9c7ee83ccf630f9d96e08785798abaeb3ab"}}]}, @TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x5}}, @TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x4}}]}, @TCA_BASIC_EMATCHES={0x53c, 0x2, 0x0, 0x1, [@TCA_EMATCH_TREE_LIST={0x14, 0x2, 0x0, 0x1, [@TCF_EM_IPSET={0x10, 0x2, 0x0, 0x0, {{0x7, 0x8, 0xff}, {0xffffffffffffffff, 0x5, 0x2}}}]}, @TCA_EMATCH_TREE_HDR={0x8, 0x1, {0xff}}, @TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x2}}, @TCA_EMATCH_TREE_LIST={0x6c, 0x2, 0x0, 0x1, [@TCF_EM_U32={0x1c, 0x2, 0x0, 0x0, {{0x0, 0x3, 0x5}, {0x6, 0x2, 0x0, 0x1}}}, @TCF_EM_CANID={0x14, 0x1, 0x0, 0x0, {{0x1, 0x7, 0x7}, {{0x4, 0x1, 0x1}, {0x2, 0x0, 0x1}}}}, @TCF_EM_CANID={0x14, 0x2, 0x0, 0x0, {{0x800, 0x7, 0x1448}, {{0x1}, {0x3, 0x1, 0x1}}}}, @TCF_EM_CANID={0x14, 0x3, 0x0, 0x0, {{0x6, 0x7, 0x3fa}, {{0x3, 0x0, 0x1, 0x1}, {0x1, 0x0, 0x1, 0x1}}}}, @TCF_EM_IPSET={0x10, 0x1, 0x0, 0x0, {{0xff, 0x8, 0x3}, {0xffffffffffffffff, 0x6, 0x3}}}]}, @TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x3}}, @TCA_EMATCH_TREE_LIST={0x1a8, 0x2, 0x0, 0x1, [@TCF_EM_CANID={0x14, 0x1, 0x0, 0x0, {{0x8, 0x7, 0x100}, {{0x5, 0x0, 0x1}, {0x1, 0x1, 0x1, 0x1}}}}, @TCF_EM_IPSET={0x10, 0x2, 0x0, 0x0, {{0x9, 0x8, 0x4}, {0x1, 0x0, 0x2}}}, @TCF_EM_META={0x6c, 0x5, 0x0, 0x0, {{0x8, 0x4, 0xfff}, [@TCA_EM_META_HDR={0xc, 0x1, {{0x3, 0x0, 0x2}, {0xff80, 0x6, 0x2}}}, @TCA_EM_META_LVALUE={0x2f, 0x2, [@TCF_META_TYPE_INT=0x1, @TCF_META_TYPE_INT=0x9, @TCF_META_TYPE_VAR="4b84601b396ff5", @TCF_META_TYPE_INT=0x9, @TCF_META_TYPE_VAR="24f0a8dce6af", @TCF_META_TYPE_VAR="300045c37f2c965f", @TCF_META_TYPE_INT=0x1, @TCF_META_TYPE_VAR="aed4ab5f39dc"]}, @TCA_EM_META_RVALUE={0xc, 0x3, [@TCF_META_TYPE_INT=0x5, @TCF_META_TYPE_VAR, @TCF_META_TYPE_INT=0x8]}, @TCA_EM_META_LVALUE={0x15, 0x2, [@TCF_META_TYPE_INT=0x9, @TCF_META_TYPE_VAR="7b4e7069a6", @TCF_META_TYPE_INT=0x7, @TCF_META_TYPE_VAR="048a07", @TCF_META_TYPE_VAR="fc"]}]}}, @TCF_EM_IPSET={0x10, 0x2, 0x0, 0x0, {{0x9, 0x8, 0x81}, {0x0, 0x5}}}, @TCF_EM_NBYTE={0x14, 0x3, 0x0, 0x0, {{0xff, 0x2, 0x6}, {0x7ff}}}, @TCF_EM_CONTAINER={0x68, 0x3, 0x0, 0x0, {{0x1, 0x0, 0x9}, "58b17a55b43da983e0d612aba9bccdefb3988482f238c05858c628a2b0f3073f197b87cf38faa69dab853580e394bf0dacfa0c365bcc03450fc9659cd07711ba58409a2c57c0add277bfcb976787cf7f9871f7461139f42431d0c70b"}}, @TCF_EM_NBYTE={0x14, 0x3, 0x0, 0x0, {{0x8001, 0x2, 0x1000}, {0x8, 0x2, 0x0, "e5f0"}}}, @TCF_EM_CMP={0x18, 0x1, 0x0, 0x0, {{0x3, 0x1, 0x80}, {0x66c7, 0xe000, 0xffff, 0x6, 0xc, 0x2}}}, @TCF_EM_META={0x5c, 0x3, 0x0, 0x0, {{0x5}, [@TCA_EM_META_RVALUE={0x1b, 0x3, [@TCF_META_TYPE_INT=0x8, @TCF_META_TYPE_INT=0x9, @TCF_META_TYPE_INT=0x8, @TCF_META_TYPE_INT=0x8, @TCF_META_TYPE_VAR="3293efb752bb45"]}, @TCA_EM_META_HDR={0xc, 0x1, {{0x400, 0x5}, {0x0, 0x1}}}, @TCA_EM_META_LVALUE={0x8, 0x2, [@TCF_META_TYPE_INT=0x8]}, @TCA_EM_META_RVALUE={0x13, 0x3, [@TCF_META_TYPE_VAR="e0d3ef87201f35184eec", @TCF_META_TYPE_VAR="408e797ee3"]}, @TCA_EM_META_HDR={0xc, 0x1, {{0x200, 0xba, 0x2}, {0x1, 0x1f}}}]}}]}, @TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x3ff}}, @TCA_EMATCH_TREE_LIST={0x50, 0x2, 0x0, 0x1, [@TCF_EM_CONTAINER={0x4c, 0x1, 0x0, 0x0, {{0x101, 0x0, 0x8f}, "b16e7294ae309ee65a5ed355910e732822d9ac85e7321c68d08a3f7428da2997dad03ecc0a074135bcdf5624c42aaab09ad231e5699f497828cc76fa54"}}]}, @TCA_EMATCH_TREE_LIST={0x29c, 0x2, 0x0, 0x1, [@TCF_EM_CONTAINER={0xc8, 0x3, 0x0, 0x0, {{0x20, 0x0, 0x3}, "ca6ed199837e5fdab26c2b17cff105259a248358139a75c2039e1c9e24fd9449a140ecb352f9fe0efdc28d45db7f5032dc0f72ea80e86818c686c735badaef4d0e3758c71de37c212813d2675fcbcda0f5fc078d64302178fbec9c26e9c46594dff749f209ce3220ce4185cd4f6c71e10bea342ccd9a2f33ae099ac8a5989849cc3ca8765d14892e5bdcc9fbd73acb4f029c598130334e99983187a1540ac365a843f8ad2b5cf281ee650dfec0b1913e2ed599ac2927d52932d69f"}}, @TCF_EM_META={0x5c, 0x2, 0x0, 0x0, {{0x5}, [@TCA_EM_META_RVALUE={0xb, 0x3, [@TCF_META_TYPE_INT=0x7, @TCF_META_TYPE_VAR="c1c51f"]}, @TCA_EM_META_HDR={0xc, 0x1, {{0x8, 0x9, 0x1}, {0x3, 0x0, 0x2}}}, @TCA_EM_META_LVALUE={0x29, 0x2, [@TCF_META_TYPE_INT, @TCF_META_TYPE_VAR="acc35754f604c468", @TCF_META_TYPE_INT=0xa, @TCF_META_TYPE_VAR="e2a1f8046b6016072d", @TCF_META_TYPE_VAR="f09ab50d2940", @TCF_META_TYPE_VAR="158da436aadf"]}, @TCA_EM_META_LVALUE={0xc, 0x2, [@TCF_META_TYPE_VAR="a8c1859860c0acdb"]}]}}, @TCF_EM_META={0xf8, 0x3, 0x0, 0x0, {{0x7ff, 0x4, 0x3}, [@TCA_EM_META_LVALUE={0xc, 0x2, [@TCF_META_TYPE_INT=0xa, @TCF_META_TYPE_INT=0x2]}, @TCA_EM_META_RVALUE={0x26, 0x3, [@TCF_META_TYPE_VAR="fe0bcfa4c8", @TCF_META_TYPE_INT=0xa, @TCF_META_TYPE_INT=0x7, @TCF_META_TYPE_INT, @TCF_META_TYPE_VAR, @TCF_META_TYPE_VAR=' ', @TCF_META_TYPE_VAR="49d58ddb905e56e9d271", @TCF_META_TYPE_VAR="26e5a3", @TCF_META_TYPE_VAR="8cbec2"]}, @TCA_EM_META_LVALUE={0x15, 0x2, [@TCF_META_TYPE_VAR="952cb27e29eef33b21", @TCF_META_TYPE_VAR="da8241c3986edb7d"]}, @TCA_EM_META_LVALUE={0x1a, 0x2, [@TCF_META_TYPE_INT, @TCF_META_TYPE_INT=0x2, @TCF_META_TYPE_INT=0x7, @TCF_META_TYPE_VAR="7884", @TCF_META_TYPE_INT=0xa, @TCF_META_TYPE_INT=0x4]}, @TCA_EM_META_HDR={0xc, 0x1, {{0x81, 0x9, 0x2}, {0x1, 0xd1, 0x2}}}, @TCA_EM_META_RVALUE={0x26, 0x3, [@TCF_META_TYPE_VAR="b1", @TCF_META_TYPE_VAR, @TCF_META_TYPE_VAR="818423953f4cb204", @TCF_META_TYPE_INT=0xa, @TCF_META_TYPE_VAR="9b84e0", @TCF_META_TYPE_VAR="6ec4bf0d96c6adf4", @TCF_META_TYPE_VAR="1c04ce6cf639", @TCF_META_TYPE_VAR, @TCF_META_TYPE_INT=0x8]}, @TCA_EM_META_RVALUE={0xc, 0x3, [@TCF_META_TYPE_VAR="ecac6b412c7561e3"]}, @TCA_EM_META_LVALUE={0x37, 0x2, [@TCF_META_TYPE_INT=0x5, @TCF_META_TYPE_VAR="33553c6a171855", @TCF_META_TYPE_VAR="400cd3d6b61d", @TCF_META_TYPE_INT=0x2, @TCF_META_TYPE_INT=0x6, @TCF_META_TYPE_VAR="9fdcdb405e2f51f2acb3", @TCF_META_TYPE_VAR="fb76f3eeec4c17", @TCF_META_TYPE_VAR="fb", @TCF_META_TYPE_VAR="4a66966a", @TCF_META_TYPE_INT=0xa]}, @TCA_EM_META_HDR={0xc, 0x1, {{0x3ff, 0x1f}, {0x401, 0x6}}}]}}, @TCF_EM_CANID={0x14, 0x2, 0x0, 0x0, {{0x2, 0x7, 0xc2}, {{0x3}, {0x1, 0x1, 0x0, 0x1}}}}, @TCF_EM_META={0x30, 0x3, 0x0, 0x0, {{0x0, 0x4, 0x400}, [@TCA_EM_META_RVALUE={0x18, 0x3, [@TCF_META_TYPE_INT=0x8, @TCF_META_TYPE_INT=0x6, @TCF_META_TYPE_INT=0x1, @TCF_META_TYPE_VAR, @TCF_META_TYPE_VAR="5b463395", @TCF_META_TYPE_VAR="2cd7f985"]}, @TCA_EM_META_LVALUE={0xc, 0x2, [@TCF_META_TYPE_VAR="ef0f2156", @TCF_META_TYPE_INT=0x2]}]}}, @TCF_EM_IPT={0x28, 0x2, 0x0, 0x0, {{0x100, 0x9, 0x67}, [@TCA_EM_IPT_HOOK={0x8, 0x1, 0x2}, @TCA_EM_IPT_MATCH_NAME={0xb, 0x2, 'policy\x00'}, @TCA_EM_IPT_HOOK={0x8, 0x1, 0x4}]}}, @TCF_EM_IPSET={0x10, 0x3, 0x0, 0x0, {{0x6, 0x8, 0x401}, {0x4, 0x5}}}]}, @TCA_EMATCH_TREE_LIST={0x4}]}]}}, @TCA_CHAIN={0x8, 0xb, 0x19}, @TCA_RATE={0x6, 0x5, {0x20, 0x6}}, @filter_kind_options=@f_route={{0xa, 0x1, 'route\x00'}, {0xc, 0x2, [@TCA_ROUTE4_FROM={0x8, 0x3, 0xe0}]}}, @filter_kind_options=@f_rsvp6={{0xa, 0x1, 'rsvp6\x00'}, {0xc, 0x2, [@TCA_RSVP_CLASSID={0x8, 0x1, {0x10, 0x9}}]}}]}, 0x1384}, 0x1, 0x0, 0x0, 0xc840}, 0x40) ioctl$KDADDIO(r0, 0x400455c8, 0x0) 18:41:16 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x4001fc) open(&(0x7f00000000c0)='./file0\x00', 0x40c2, 0x0) open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x200000000, 0x2, &(0x7f00000001c0)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r1 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) r2 = openat$dlm_monitor(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dlm-monitor\x00', 0x80, 0x0) ioctl$KVM_ASSIGN_DEV_IRQ(r2, 0x4040ae70, &(0x7f0000000100)={0x5f7dff9, 0x10001, 0x8, 0x400}) write$binfmt_elf64(r1, &(0x7f0000000ec0)=ANY=[], 0x471) sendfile(r1, r1, &(0x7f0000000480), 0xa198) 18:41:17 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) mount$fuseblk(&(0x7f0000000080)='/dev/loop0\x00', 0x0, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000000b000/0x18000)=nil, &(0x7f00000008c0)=[@text32={0x20, &(0x7f00000000c0)="b805000000b9510000000f01c10f46a78900000066ba2100b067ee66ba4100edb9800000c00f3266ba400066ed0f30c4c271de9d0000000066b808008ed0660f38806f000f011c2666b8bf008ee0", 0x4e}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)) r3 = inotify_init() r4 = inotify_init() r5 = dup3(r3, r4, 0x0) ioctl$sock_inet_udp_SIOCINQ(r5, 0x541b, &(0x7f0000000040)) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4cb]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 2570.176326] Bluetooth: Error in BCSP hdr checksum [ 2570.181390] Bluetooth: Error in BCSP hdr checksum [ 2570.199946] audit: type=1800 audit(1590777677.040:1083): pid=29454 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="collect_data" cause="failed(directio)" comm="syz-executor.4" name="file0" dev="sda1" ino=15940 res=0 [ 2570.249090] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 2570.307767] audit: type=1804 audit(1590777677.070:1084): pid=29454 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="open_writers" comm="syz-executor.4" name="/root/syzkaller-testdir136762549/syzkaller.XFJfnY/504/file0" dev="sda1" ino=15940 res=1 18:41:17 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) mount$fuseblk(&(0x7f0000000080)='/dev/loop0\x00', 0x0, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000000b000/0x18000)=nil, &(0x7f00000008c0)=[@text32={0x20, &(0x7f00000000c0)="b805000000b9510000000f01c10f46a78900000066ba2100b067ee66ba4100edb9800000c00f3266ba400066ed0f30c4c271de9d0000000066b808008ed0660f38806f000f011c2666b8bf008ee0", 0x4e}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)) r3 = inotify_init() r4 = inotify_init() r5 = dup3(r3, r4, 0x0) ioctl$sock_inet_udp_SIOCINQ(r5, 0x541b, &(0x7f0000000040)) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4cb]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 2570.387416] audit: type=1804 audit(1590777677.170:1085): pid=29445 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="ToMToU" comm="syz-executor.0" name="/root/syzkaller-testdir477172077/syzkaller.GVGvUQ/714/file0" dev="loop0" ino=1 res=1 [ 2570.437033] Bluetooth: Error in BCSP hdr checksum [ 2570.444263] Bluetooth: Error in BCSP hdr checksum 18:41:17 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) ioctl$KDADDIO(r0, 0x400455c8, 0x0) pipe(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000040)='/dev/cuse\x00', 0x2, 0x0) splice(r2, 0x0, r1, 0x0, 0x20000038, 0x0) ioctl$SNDRV_TIMER_IOCTL_INFO(r1, 0x80e85411, &(0x7f0000000080)=""/114) [ 2570.548794] minix_free_inode: bit 1 already cleared [ 2570.583166] Bluetooth: hci3: Frame reassembly failed (-84) [ 2570.696161] Bluetooth: Error in BCSP hdr checksum [ 2570.701231] Bluetooth: Error in BCSP hdr checksum [ 2570.717100] minix_free_inode: bit 1 already cleared [ 2570.956404] Bluetooth: Error in BCSP hdr checksum [ 2570.961891] Bluetooth: Error in BCSP hdr checksum 18:41:18 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x4) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000040)) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'sit0\x00', 0x0}) pipe(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000040)='/dev/cuse\x00', 0x2, 0x0) splice(r3, 0x0, r2, 0x0, 0x20000038, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000140)={'tunl0\x00', 0x800}) bind$packet(0xffffffffffffffff, &(0x7f0000000200)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @local}, 0x14) sendmmsg(0xffffffffffffffff, &(0x7f0000000d00), 0x400004e, 0x0) pipe(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) openat$cuse(0xffffffffffffff9c, &(0x7f0000000040)='/dev/cuse\x00', 0x2, 0x0) read$snddsp(r4, &(0x7f00000000c0)=""/119, 0x77) getsockopt$packet_buf(0xffffffffffffffff, 0x107, 0xa, &(0x7f0000000000)=""/56, &(0x7f0000000080)=0x38) 18:41:18 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) mount$fuseblk(&(0x7f0000000080)='/dev/loop0\x00', 0x0, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000000b000/0x18000)=nil, &(0x7f00000008c0)=[@text32={0x20, &(0x7f00000000c0)="b805000000b9510000000f01c10f46a78900000066ba2100b067ee66ba4100edb9800000c00f3266ba400066ed0f30c4c271de9d0000000066b808008ed0660f38806f000f011c2666b8bf008ee0", 0x4e}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)) r3 = inotify_init() r4 = inotify_init() r5 = dup3(r3, r4, 0x0) ioctl$sock_inet_udp_SIOCINQ(r5, 0x541b, &(0x7f0000000040)) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4cb]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 2571.297188] Bluetooth: Unknown HCI packet type 5e [ 2571.302239] Bluetooth: Unknown HCI packet type 43 [ 2571.305921] Bluetooth: Unknown HCI packet type 00 [ 2571.325015] Bluetooth: Unknown HCI packet type 5e [ 2571.331180] Bluetooth: Unknown HCI packet type 50 [ 2571.346930] Bluetooth: Unknown HCI packet type 5e [ 2571.351923] Bluetooth: Unknown HCI packet type 40 18:41:18 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0xffffffff00000000) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000040)) 18:41:18 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) open(&(0x7f00000000c0)='./file0\x00', 0x40c2, 0x0) open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) pipe(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000040)='/dev/cuse\x00', 0x2, 0x0) splice(r2, 0x0, r1, 0x0, 0x20000038, 0x0) inotify_add_watch(r1, &(0x7f0000000280)='./file0\x00', 0x10) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x200000000, 0x2, &(0x7f00000001c0)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r3 = socket(0x28, 0x6, 0x81) getsockopt$PNPIPE_IFINDEX(0xffffffffffffffff, 0x113, 0x2, &(0x7f0000000100)=0x0, &(0x7f0000000180)=0x4) r5 = socket(0x200000000000011, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000080)={'sit0\x00', 0x0}) bind$packet(r5, &(0x7f0000000200)={0x11, 0x0, r6, 0x1, 0x0, 0x6, @local}, 0x14) sendmmsg(r5, &(0x7f0000000d00), 0x400004e, 0x0) sendmsg$nl_route_sched(r3, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000200)={&(0x7f0000000980)=@newchain={0x65b4, 0x64, 0x1, 0x70bd25, 0x25dfdbfe, {0x0, 0x0, 0x0, r4, {0x2, 0x8}, {0xb, 0x2}, {0xc, 0xc}}, [@filter_kind_options=@f_rsvp6={{0xa, 0x1, 'rsvp6\x00'}, {0x434, 0x2, [@TCA_RSVP_DST={0x14, 0x2, @private1}, @TCA_RSVP_POLICE={0x41c, 0x5, [@TCA_POLICE_RATE={0x404, 0x2, [0x40, 0x40, 0x0, 0x8, 0x98, 0xffff, 0x9, 0x1000, 0x7, 0x0, 0x0, 0xfff, 0x9, 0x0, 0x18, 0xffffff94, 0x2, 0x80000000, 0x7, 0xb, 0x9, 0x5, 0x7, 0x0, 0x0, 0x3, 0x7, 0xb14, 0x80000000, 0x3, 0x6, 0xfffffffe, 0x8, 0x8000, 0x0, 0xf4, 0x9, 0x7e, 0xffffff8c, 0x7024, 0x7, 0x40, 0x81, 0x9, 0x3, 0x100, 0x1b2, 0x0, 0x7, 0x9, 0x80, 0x7fffffff, 0xfffff801, 0xa29, 0x9, 0x3, 0x6, 0x2, 0x8001, 0x9, 0xfed, 0xdd, 0x3b, 0x1, 0x1, 0x4, 0xa3, 0xc5, 0x7, 0x100, 0x7fff, 0x3, 0x2, 0x2, 0xfb, 0x5, 0x1, 0x310, 0x9, 0xfffff800, 0x4, 0x2, 0x3, 0x3, 0x7fff, 0x1fa, 0x3, 0x3cc105d, 0x80000000, 0x3f, 0x40, 0x20, 0x0, 0x1, 0x1, 0x40, 0x9, 0x7ff, 0x3, 0x1, 0x1, 0x5, 0x100, 0xfffffffc, 0x100, 0x5a, 0x0, 0x0, 0x9, 0x1, 0x0, 0x6, 0x8, 0x2, 0x9, 0x81, 0x3, 0xfffffff9, 0x3, 0x1000000, 0x0, 0x1000, 0x4, 0x7, 0x7, 0x8, 0xff, 0x7, 0x2f6, 0x100, 0x5474, 0x3, 0x5, 0x6, 0x6d, 0x3ad, 0x80000001, 0xca, 0x3, 0x3, 0xd1, 0x1ff, 0xfffffffd, 0xd2, 0x7fff, 0x81, 0x6, 0x81, 0x0, 0xbe1, 0x8001, 0x10, 0x800, 0x3, 0x7, 0xfffffff8, 0x8, 0x7, 0xffffff00, 0x3, 0x2, 0x1f, 0x7cfc, 0x1, 0x8000, 0x7, 0x7fff, 0x20, 0x0, 0xa7b, 0x4, 0xffff8001, 0x6, 0x4, 0x2, 0xd78, 0x6, 0x5, 0x3c1, 0x5, 0x9, 0x401, 0x4, 0x1, 0x4, 0xffff, 0x6, 0x4, 0x6, 0x1, 0xe8, 0x1, 0xce2, 0x1, 0x4, 0x10000, 0x7f, 0x20, 0x9, 0x9, 0xfffc0000, 0xa8, 0xfff, 0xfffffffe, 0x7, 0x2, 0x0, 0x7fffffff, 0x3, 0x80000001, 0x20080, 0x3f, 0x7fffffff, 0x0, 0x4, 0x401, 0xffff, 0x8001, 0x990, 0x2, 0x80000001, 0xfff, 0x15b5, 0x1, 0xfe1, 0x8, 0xfff, 0x10001, 0x5, 0x4e9, 0x541, 0x4, 0x0, 0xab42, 0x7, 0x0, 0x7, 0x1ff, 0x101, 0x7, 0x3f52b8bb, 0x1, 0x81, 0x0, 0xfffffffe, 0x4, 0x10000, 0x80, 0x7, 0x9, 0x8c9, 0x7, 0x5, 0x3]}, @TCA_POLICE_RESULT={0x8, 0x5, 0x9}, @TCA_POLICE_RATE64={0xc, 0x8, 0x2}]}]}}, @filter_kind_options=@f_fw={{0x7, 0x1, 'fw\x00'}, {0x5124, 0x2, [@TCA_FW_POLICE={0x2c, 0x2, [@TCA_POLICE_AVRATE={0x8, 0x4, 0x3f}, @TCA_POLICE_PEAKRATE64={0xc}, @TCA_POLICE_RATE64={0xc}, @TCA_POLICE_RESULT={0x8, 0x5, 0x1f}]}, @TCA_FW_ACT={0x118, 0x4, [@m_tunnel_key={0x88, 0x10, 0x0, 0x0, {{0xf, 0x1, 'tunnel_key\x00'}, {0x44, 0x2, 0x0, 0x1, [@TCA_TUNNEL_KEY_ENC_KEY_ID={0x8, 0x7, 0x8}, @TCA_TUNNEL_KEY_PARMS={0x1c, 0x2, {{0x153, 0x6, 0x7, 0x80000001, 0x5}, 0x1}}, @TCA_TUNNEL_KEY_ENC_IPV6_DST={0x14, 0x6, @private2}, @TCA_TUNNEL_KEY_ENC_DST_PORT={0x6, 0x9, 0x4e23}]}, {0x18, 0x6, "144b9a8767b536d64e64fb2a2bb5659fc1fd6153"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x1, 0x2}}}}, @m_ct={0x8c, 0x4, 0x0, 0x0, {{0x7, 0x1, 'ct\x00'}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_MARK={0x8, 0x5, 0x6000000}, @TCA_CT_NAT_IPV4_MAX={0x8, 0xa, @private=0xa010102}, @TCA_CT_NAT_IPV4_MIN={0x8, 0x9, @initdev={0xac, 0x1e, 0x1, 0x0}}]}, {0x49, 0x6, "105e33eeedecb1be1ed5a656b72d0350b7ae6997853c535086509db16f8c491fa153dda46965766a9d6b557ca3e013c6b9ef956dd45e428ba47ccd9bf6b21bc2e78c208b47"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x2, 0x3}}}}]}, @TCA_FW_ACT={0x4a34, 0x4, [@m_pedit={0x4a30, 0x11, 0x0, 0x0, {{0xa, 0x1, 'pedit\x00'}, {0x492c, 0x2, 0x0, 0x1, [@TCA_PEDIT_PARMS={0xee0, 0x2, {{{0x8, 0x3, 0xfffffffffffffffd, 0xae3, 0x8}, 0x5, 0x6, [{0x6, 0x0, 0x9, 0x81, 0x20, 0x6cb0}, {0xff, 0x311a, 0xb, 0x7fffffff, 0xfffffff8, 0x1}, {0xfffffff8, 0x0, 0x9, 0xffffffff, 0x1, 0x1ff}, {0x8, 0x7, 0x0, 0x7, 0x52}, {0x3, 0x0, 0x2, 0x80, 0xfffffff8, 0x6}, {0x5, 0xffff, 0x9, 0x8, 0x400, 0x81}, {0xf8c, 0x9, 0x1e, 0x9, 0x9c0a, 0x1000}, {0xfffffff7, 0x28a9915, 0x7f, 0x0, 0x5, 0x7}]}, [{0x8, 0x1, 0x36, 0x3, 0x0, 0x8001}, {0x7, 0x8000, 0xd7, 0x1, 0x9, 0x5cf}, {0x0, 0x8, 0x7, 0x81, 0x89, 0x9}, {0x1, 0x3, 0x3000, 0x0, 0x1, 0xff}, {0x9, 0xfffffffc, 0x9, 0x5, 0xff}, {0x2, 0x10001, 0xff89, 0x10001, 0x0, 0xfffffffe}, {0x3ae, 0xe1, 0x100, 0x3f, 0x4, 0x80}, {0x7f, 0x3f, 0x8, 0x3, 0x8, 0x7}, {0x6, 0x4ce, 0x0, 0x1ff, 0x20}, {0x1, 0xfffffdb1, 0x4, 0x7, 0x7f, 0x1ff}, {0x2442, 0xa774, 0x3ff, 0x61, 0x2, 0x3}, {0xf50, 0x8, 0x5, 0x8, 0x7, 0x1454}, {0x8, 0x3, 0x1, 0x5, 0x8, 0x9}, {0x7f, 0xb99, 0x3, 0xa7, 0xfe, 0x5}, {0x1f, 0x1, 0x3, 0xf4, 0x8, 0x7}, {0x0, 0x608, 0xc5, 0x0, 0x2ba, 0x1}, {0x7, 0x3, 0x9, 0x1, 0xfffffffd, 0xfffffc00}, {0x4, 0x1, 0x5, 0x2, 0x0, 0x280000}, {0x6, 0x2, 0x10000, 0x10000, 0xf9a3, 0xd5}, {0x10000, 0x400, 0x9, 0x1, 0x4, 0x2}, {0x3c, 0x10001, 0xfffffffc, 0x8001, 0x4, 0x7ff}, {0x7, 0x401, 0x8, 0x800, 0x5, 0x80000001}, {0x5d2, 0x7959, 0x400, 0x2, 0x10000, 0x9}, {0x80000000, 0x7, 0x2000000, 0x8, 0x1, 0x4}, {0x40, 0x2, 0x2f36c109, 0x1000, 0x1, 0x9ef5}, {0x9, 0x80000000, 0x6, 0x7ff, 0x4, 0x8}, {0x3ff, 0x4, 0x5, 0x0, 0x6c6, 0x1000}, {0x1, 0x0, 0x8000, 0x0, 0xffff, 0x9}, {0xffff8000, 0x0, 0x1, 0x1000, 0x9, 0x2}, {0x3, 0x9, 0x1, 0x0, 0x1, 0x400}, {0x7, 0x5, 0x8, 0x8, 0x135, 0x20}, {0x8000, 0x2008, 0x81, 0xffffffff, 0x7f, 0x5}, {0x80, 0xea1e, 0x0, 0x4, 0x5, 0x5a}, {0x401, 0x8, 0x8, 0x4, 0x7, 0xffff}, {0x0, 0x984a, 0x80000000, 0x20, 0x1000, 0x8001}, {0x67fb, 0xfffffffa, 0x5d7, 0x0, 0xffff, 0x4}, {0x9, 0x1, 0xfff, 0x2, 0x3506, 0x6}, {0x9, 0x5, 0x2, 0x1000, 0x2, 0x101}, {0x7ff, 0xc16, 0x2, 0x1, 0x5644e78a, 0xbcd}, {0x10000, 0x63e3b203, 0x844a, 0x8, 0x8, 0x5}, {0x1, 0x0, 0x20, 0xff, 0x5, 0x413}, {0x80000000, 0x4, 0x1f, 0x4, 0x101, 0x10001}, {0xfffffff9, 0x9, 0x2, 0x6, 0x80000001, 0xf48}, {0x0, 0xe398, 0xfff, 0x8685, 0x8, 0x80000000}, {0x3, 0x7, 0x6, 0x7, 0x8, 0x8}, {0x7ff, 0xd1, 0x10001, 0x374, 0x7, 0x2}, {0x81, 0xfffffffd, 0x0, 0x8a, 0x4, 0x6}, {0xe9, 0x1, 0x5, 0xffffffff, 0x1, 0x100}, {0x9, 0x2, 0x400, 0x3, 0xff, 0xffff}, {0x200, 0x3ff, 0x9, 0x5, 0xfffffffb, 0x4}, {0x7fff, 0x54e, 0xffffffe1, 0x8001, 0x4, 0x947}, {0x4, 0x80000001, 0x6, 0x7ff, 0xffffff80, 0xffffffff}, {0x2e8c, 0xfffffffb, 0x8, 0x2, 0x401, 0x2}, {0x50, 0x20000, 0x5, 0x401, 0x80000000, 0x80}, {0x6, 0x1, 0x7, 0x5, 0x9, 0x100}, {0x80, 0x7, 0x5, 0xc0b, 0x101, 0xffff}, {0x6, 0x7, 0x7fff, 0x8001, 0x5, 0xfffffc00}, {0xfffffffc, 0x1, 0x4, 0x388aeafa, 0x1000, 0x3d5b}, {0xc8, 0xffff, 0x758, 0xffffffe1, 0x9, 0x175}, {0x800, 0x6, 0x72a, 0x2, 0x4800000, 0x9}, {0x1, 0x4000000, 0x5, 0x4, 0x8, 0x2}, {0xffff7b82, 0x7, 0x7, 0x7, 0x8, 0x93d}, {0xfff, 0x7, 0x400, 0x3, 0x3f, 0xfffffeff}, {0x2, 0x5, 0x1, 0x380000, 0xbb, 0x401}, {0xda, 0x80000001, 0x4, 0x800, 0x81, 0xffffff7f}, {0x5, 0x5, 0x100, 0x1, 0x80200000, 0x2}, {0x3, 0x4, 0x4, 0xffffffff, 0x3ff, 0xc1d7}, {0x4, 0x5, 0x0, 0x0, 0x12, 0x7}, {0x8, 0x7, 0x4, 0x7, 0x0, 0x1ff}, {0x1, 0x3f, 0x1f, 0xca9a, 0x7fffffff, 0x6}, {0x5, 0x0, 0x5, 0x3, 0x754}, {0xed0c, 0xc70e, 0x5, 0x3, 0x7fffffff, 0x4}, {0x40, 0x966, 0x0, 0xffffffff, 0x434, 0x6}, {0x8000000, 0x394, 0x40, 0x200, 0x9, 0xbe}, {0x71d, 0x1, 0x2, 0x163, 0x40000000, 0x9}, {0xff, 0x1, 0x3f, 0x0, 0x4, 0x5e}, {0x5, 0x20, 0x10000, 0x2, 0x81, 0x4}, {0xf8, 0x2, 0x7f, 0xd80, 0x3, 0x30}, {0xd2e2, 0x400, 0x80000001, 0x7ff, 0xfff, 0x8001}, {0xfffffffd, 0x9, 0x8, 0x4, 0x100, 0x5}, {0x23, 0xffff, 0x7, 0x0, 0x4, 0x10000}, {0x4, 0x7, 0x8000, 0x0, 0x80000001, 0x401}, {0xffff, 0xffffffff, 0x640, 0x200, 0x100, 0x7}, {0x8, 0x508d40c4, 0x3, 0xd40, 0x7, 0xfffffff7}, {0x5, 0x20, 0x0, 0x8, 0x401, 0x20}, {0x2, 0xff, 0x7, 0x3, 0x2, 0x5}, {0x6, 0x0, 0x2, 0x2, 0x9, 0x3}, {0x0, 0x5, 0x7, 0x5, 0x3, 0x200}, {0xe6, 0x81, 0x1, 0x3, 0xffff83ca, 0x81}, {0x7ff, 0x6, 0x3, 0x0, 0xffff4271, 0x40}, {0x224d, 0x3, 0x94, 0x7, 0x20, 0x7fff}, {0x1f, 0x8001, 0xffffffff, 0x32b, 0x1, 0xfffffd56}, {0x81, 0x5, 0x100, 0x5, 0x0, 0x662}, {0x40, 0x1000, 0xff, 0x10000, 0x401, 0x1}, {0x80000000, 0x4, 0x80, 0xffff, 0xffffff81, 0x81}, {0x6, 0x800, 0x1, 0x1, 0x2, 0x400}, {0x10001, 0x1, 0x9861, 0x40, 0x9, 0x5}, {0x2, 0x499, 0x57c, 0x800, 0x4, 0x6}, {0xffffff80, 0x8, 0x400, 0x8, 0x80000001, 0x7}, {0x320, 0x49c8, 0x9f, 0x9, 0xe53fcdc, 0xfff}, {0x7, 0x0, 0x746, 0x8, 0xf4f, 0x8}, {0x3, 0x4205, 0x5, 0x6, 0x7fffffff, 0xc6f}, {0x3, 0x8, 0x0, 0x2c92, 0x5, 0x8}, {0x4, 0x796, 0x3, 0x2, 0x6, 0xb7}, {0xaa000000, 0x3, 0x7ff, 0x0, 0x8, 0x3}, {0x6, 0x5, 0xffffffff, 0x2, 0x8, 0xfc}, {0x8, 0x7, 0x7, 0xffff1a03, 0xc88, 0x8}, {0xfffffff9, 0x1f, 0x7, 0x9, 0x7, 0x5}, {0x6, 0x7, 0x8, 0x7, 0x1, 0x40}, {0x7, 0x9, 0x2, 0xdbc9, 0x9, 0xb5e6}, {0xffffffff, 0x2, 0xcd, 0x100, 0x3, 0x58}, {0x14, 0x2, 0x7fffffff, 0x5, 0x0, 0xfffffffb}, {0x0, 0x400, 0x3, 0x200, 0x100, 0x10000}, {0x4, 0x1c800000, 0x7, 0x2, 0x20, 0x10000}, {0x8000, 0x7, 0x4, 0x401, 0x7fff, 0x9}, {0x9, 0x7f, 0x80000001, 0x8, 0x9, 0x9}, {0x3, 0x5, 0x8020, 0x2, 0x5, 0x2}, {0x8, 0x4, 0x3d5, 0x0, 0x100, 0x1}, {0x9, 0x0, 0x2, 0x5, 0x4, 0x1}, {0x101, 0x2, 0x4, 0x7, 0x6, 0xff}, {0x7, 0x9, 0x400, 0x97b5, 0xfffff000, 0x6}, {0x5, 0xfffff4a7, 0xf99, 0x7, 0xfffffc01, 0x5}, {0x6, 0x9, 0xe87, 0xdb, 0x5, 0x7f}, {0x3, 0x7, 0x7f, 0x1000, 0x9, 0x7ff}, {0x3, 0xbe, 0x8, 0x7, 0xb6, 0x1}, {0x1, 0xfab, 0x0, 0x1, 0x7fa2, 0x800}, {0x8, 0x1ff, 0x7fffffff, 0x10000, 0x3, 0x1}, {0x8000, 0x2, 0x9, 0x0, 0xff, 0xffffffff}], [{0x5}, {0x1, 0x1}, {0x5, 0x1}, {0x5, 0x1}, {0x1}, {0x4, 0x1}, {0x5}, {0x1, 0x1}, {0x0, 0x1}, {0x4}, {0x5, 0x1}, {0x5, 0x1}, {0x4, 0x1}, {0x5, 0x1}, {0x4, 0x1}, {0x3, 0x1}, {0x0, 0x1}, {0x5}, {0x3, 0x1}, {0x6, 0x1}, {0x4}, {0x4, 0x1}, {0x5, 0x1}, {0x5, 0x1}, {0x1, 0x1}, {0x3, 0x1}, {0x3, 0x1}, {0x4}, {0x5, 0x1}, {}, {0x0, 0x1}, {0x4}, {0x0, 0x1}, {0x0, 0x1}, {0x1, 0x1}, {}, {0x0, 0x1}, {0x5, 0x1}, {0x4, 0x1}, {0x2}, {0x2, 0x1}, {0x1}, {0x5, 0x1}, {0x0, 0x1}, {0x1, 0x1}, {0x3}, {0x5}, {0x0, 0x1}, {0x3, 0x1}, {0x1}, {0x4}, {0x0, 0x1}, {0x1, 0x1}, {0x5}, {}, {0x0, 0x1}, {0x2, 0x1}, {0x4}, {0x2}, {0x3, 0x1}, {0x2}, {0xa, 0x1}, {0x0, 0x1}, {0x5}, {0x2}, {0x6, 0x1}, {0x2}, {0x1, 0x1}, {0x4, 0x1}, {0x1}, {0x0, 0x1}, {0x1}, {0x4}, {0x2}, {0x1, 0x1}, {0x2, 0x1}, {0x2}, {}, {0x1}, {0x4, 0x1}, {0x3, 0x1}, {}, {0x4, 0x1}, {0x3, 0x1}, {0x1}, {0x3, 0x1}, {0x3, 0x1}, {0x5}, {0x1}, {0x0, 0x1}, {0x2}, {0x4, 0x1}, {0x2}, {0x3}, {0x3, 0x1}, {0x1}, {0x4}, {}, {}, {0x0, 0x1}, {0x1, 0x1}, {0x2}, {0x1}, {0x2, 0x1}, {0x0, 0x1}, {0x1}, {0x2, 0x1}, {0x3, 0x1}, {0x5}, {0x3}, {0x2}, {0x3, 0x1}, {0x0, 0x1}, {0x2}, {0x5}, {0x4, 0x1}, {0x9d5b5c6ab9bdd566}, {0x1}, {0x6}, {0x2, 0x1}, {0x4, 0x1}, {0x3}, {0x5}, {0x5, 0x1}, {0x4}, {0x2, 0x1}, {0x5}, {0x2}]}}, @TCA_PEDIT_PARMS={0xec8, 0x2, {{{0x38000000, 0x1, 0x10000000, 0x2, 0x100}, 0xff, 0x6, [{0x4, 0x1000, 0xfffffff8, 0x3, 0x0, 0xd02}, {0x6, 0x4b8, 0x3ff, 0xf9, 0xff, 0x400}, {0xffff, 0x100000, 0x0, 0x101, 0x0, 0x81}, {0xfffffffd, 0x8, 0x1, 0x6, 0x3ff, 0x5}, {0x709, 0x69, 0xdc, 0x3, 0x7644, 0x8}, {0x5, 0x9, 0x1ff, 0x7, 0x8, 0x6}, {0x1, 0x8, 0x6, 0x8000, 0x0, 0x2}]}, [{0x0, 0x1, 0x78, 0x4, 0x4, 0xf7}, {0x5fcbdac4, 0x8, 0x9, 0x1, 0x4}, {0x1, 0x7fff, 0x4, 0x2, 0x200, 0xffffffff}, {0x2, 0x200, 0x9, 0x7, 0x7, 0x9}, {0x2, 0x1, 0x40, 0xae, 0x1f000, 0xfb8}, {0x7fffffff, 0x7, 0x81, 0x3, 0x5, 0x7}, {0x3, 0x16, 0x9, 0xf9, 0xfe000000}, {0x6, 0x80000001, 0x7f, 0x5, 0x3ff, 0x3}, {0x5, 0xef, 0x8000, 0x8, 0x5, 0x3c}, {0x40000, 0x1f, 0xbe8e, 0x2, 0x800, 0x7}, {0x6, 0x800, 0xaa, 0x0, 0x1, 0x9}, {0x2000000, 0x7f, 0x1, 0xaf, 0x10001, 0x83}, {0x3, 0xae39, 0x2, 0x6, 0x61, 0xbbb5}, {0xfffffff9, 0x1e2, 0x4, 0x4b649abf, 0x7ff, 0x5}, {0x6, 0x2, 0x6, 0x5, 0x507, 0xb94}, {0x8000, 0x9, 0x3f, 0x401, 0x6, 0xcf}, {0xc7, 0x7, 0x9, 0x0, 0x401, 0xc744}, {0x8001, 0x8000, 0x1, 0xfff, 0x7eb, 0x5}, {0x3, 0x81, 0x4, 0x6, 0x9, 0x9}, {0x80000000, 0x80, 0x5, 0x80000001, 0x80, 0x3}, {0x7, 0x6, 0x0, 0xffff10b0, 0x3, 0x7}, {0x6, 0x3, 0x66, 0x7, 0x6, 0x7}, {0x5c, 0xff, 0x1, 0x78b, 0xcb60, 0x80000000}, {0x3, 0x3, 0x101, 0x9, 0x4, 0x5}, {0x100, 0x8bc, 0x3b91, 0x6, 0x6, 0xff}, {0x1, 0xc10, 0x1, 0x5, 0x6, 0x1c00000}, {0x6, 0x9, 0x27, 0x2, 0x3ff, 0x7}, {0xff, 0x42, 0x2, 0x867, 0xac6, 0xfffffffc}, {0x2471d41c, 0x7539, 0x7, 0x7, 0x0, 0x7336}, {0x1, 0x4, 0x101, 0x7}, {0x200, 0x4, 0x800, 0x1, 0x1f, 0x3}, {0x2, 0x7, 0x80000000, 0x81, 0x9, 0x20}, {0x20000, 0x1ff, 0x7, 0xfff, 0x3f, 0x7ff}, {0xc, 0x9, 0xffff, 0xffff, 0x0, 0x517d733b}, {0x1, 0x3, 0x4, 0x1000, 0x0, 0x341d}, {0x844, 0x8000, 0x7, 0x95, 0x6, 0x7ff}, {0x5, 0x1, 0xed, 0x1c4c3f26, 0x778294fc, 0x80000001}, {0x83, 0xffff, 0x8001, 0x267e, 0x5, 0xd0f5}, {0x2eb1, 0xfff, 0x7, 0x6, 0x6, 0x180}, {0x0, 0x2, 0x11e, 0x80, 0x7fe, 0x2}, {0x805, 0x6ad, 0x0, 0x35, 0x400, 0x8fd2}, {0x0, 0x9, 0x9, 0xaaaa, 0x400, 0xbecb}, {0x2, 0x400, 0x800, 0x0, 0xa49}, {0x200, 0x1, 0x1, 0x5, 0x3, 0x892c}, {0x80000000, 0x7, 0x2, 0x7, 0x2, 0x7f}, {0xb9, 0xa5, 0x8, 0x80000001, 0x6, 0x7}, {0x15, 0x7, 0x1, 0x4, 0xfffffffa, 0x5}, {0x8000, 0x1, 0x6, 0x0, 0x8}, {0x7ff, 0x1, 0x8, 0x9, 0x8, 0xb47f}, {0x1000, 0xfff, 0x0, 0x20, 0x4, 0x6}, {0x5, 0x9, 0x2, 0x800, 0xc7b5, 0xae3}, {0x0, 0x3, 0x3, 0xfffffff7, 0xbb, 0xfffffff9}, {0xc89f, 0x7fff, 0x2, 0x3, 0x0, 0x2}, {0x8, 0x1, 0xffffffff, 0x8001, 0x543, 0x3}, {0x6, 0x6, 0x7, 0x100, 0x8, 0x10001}, {0x0, 0x4, 0x100, 0xfff, 0x0, 0x9}, {0x5, 0xfff, 0x5, 0xa000, 0x4, 0x7}, {0x3, 0xa5, 0x23, 0x5, 0xb44, 0x6}, {0x8, 0x3, 0x9, 0x7, 0xfffffff9}, {0x800, 0x2, 0x5, 0x6, 0x4, 0x6}, {0x1ff00, 0x4, 0x0, 0x7, 0xff, 0x10001}, {0x6, 0x81, 0x0, 0x5, 0x200, 0x2}, {0xffff0001, 0x1f, 0x10000, 0x80, 0x1000}, {0x6cb, 0x9, 0xbe4cd000, 0x2, 0x4, 0xa5}, {0xe84, 0x10000, 0x3, 0x1, 0x7, 0x1}, {0x1, 0x0, 0x8000, 0x7ff, 0x6, 0x80000001}, {0x58a0a446, 0x5, 0x0, 0xffffffff, 0x80, 0x20}, {0x9, 0x2, 0x9, 0x200, 0x9, 0xffffffc0}, {0x800, 0x40, 0x7, 0x1, 0x2, 0x4}, {0x7, 0x4, 0x9, 0x567d, 0x5, 0x5}, {0x5, 0x0, 0x0, 0x3, 0x5, 0x2}, {0x7f, 0x9, 0x2, 0x401, 0x101, 0xffffff00}, {0x1, 0x1, 0xfffffff8, 0xffffffff, 0x4, 0x6}, {0x81, 0x5, 0x40000000, 0x64, 0x80, 0xfffffffa}, {0x6, 0x6ef, 0x80000000, 0x80, 0x1, 0x355}, {0x1, 0xff, 0x2, 0x4, 0x1f, 0x2}, {0x7, 0xfffff2e9, 0x6, 0x6, 0xfffffffb, 0xffffffff}, {0x3ff, 0x6, 0x9, 0x1, 0x40000000, 0x3}, {0xffffffff, 0x37e, 0x2c0, 0xf815, 0xd5f6}, {0x80, 0x4, 0x3, 0x9, 0xc9c, 0x389}, {0x7, 0x1, 0x6, 0x1f, 0x3, 0xffffffff}, {0xfff, 0x6, 0xdd, 0x7f, 0x6, 0x1}, {0x7fff, 0x20, 0x10001, 0x100, 0x9, 0x8}, {0x7, 0x4, 0x80a, 0x5, 0x5, 0x3}, {0x100, 0x2, 0x8, 0x8001, 0xda0b, 0x100}, {0x6, 0x8, 0x10, 0xf1, 0x0, 0x90000000}, {0x9, 0x6, 0x4, 0xfffffffe, 0x1, 0xb18e}, {0x7, 0x513, 0x8, 0x8ed9, 0xfff, 0x4}, {0x7, 0x8, 0x81, 0x8, 0xff, 0x7fffffff}, {0xa781, 0x400, 0x2, 0x1, 0x1000, 0xfff}, {0x3, 0xff, 0x6, 0x101, 0x9, 0xc45}, {0x8, 0x5, 0x3, 0x0, 0x80000000, 0x20}, {0x4, 0x4, 0x5, 0x1, 0x0, 0x1}, {0x1, 0x8, 0x66cca7f9, 0x5, 0x3, 0x1}, {0xdfc, 0x2a880aaa, 0x4, 0x8001, 0x1, 0x9}, {0x1ff, 0x34, 0x80000001, 0xb7, 0xc0d, 0x200}, {0x80, 0x3f93f425, 0x1000, 0x1, 0x10000, 0x3}, {0x10001, 0x5, 0x3, 0x0, 0x10000, 0x3f}, {0x8, 0x6, 0x7fff, 0x9, 0x80f, 0xd6}, {0x8001, 0x7, 0x2, 0xff, 0x0, 0x8}, {0x961, 0x10001, 0x1, 0xbcab, 0x1, 0x9}, {0x3, 0x5e43, 0x1, 0x3ff, 0x5, 0x40}, {0x9, 0x6, 0x9, 0x6, 0x0, 0x7}, {0x7, 0x8, 0x7, 0x1, 0x0, 0x80000001}, {0xaec, 0xcccb, 0xfa4, 0x3, 0xdf65, 0x7}, {0x7fff, 0xbabea07, 0x400, 0x20, 0x5, 0x7}, {0x1, 0x101, 0x5, 0x8, 0x9}, {0xff, 0x27c7, 0x200, 0x2, 0x4, 0x5d3c}, {0x61f6, 0x80, 0x7, 0xfff, 0x20, 0x3}, {0x10b20, 0x2, 0x9, 0x10001, 0x80000001, 0x9}, {0x6, 0xb60, 0x40, 0x1, 0x1, 0x4}, {0x1, 0x7, 0xffffffee, 0x1, 0x401, 0x10001}, {0x80000001, 0x80000000, 0x0, 0xff, 0xa1, 0x1a5}, {0x7, 0x81, 0x55, 0x6, 0x100, 0x9}, {0x8, 0x8, 0x0, 0x786, 0x8001, 0x97}, {0x7f, 0x400, 0x3f, 0xad2e, 0x90f, 0x4}, {0xc195, 0x5, 0x10000, 0x0, 0x100}, {0x2, 0x0, 0x8, 0x101, 0x68e, 0x8}, {0x90a9, 0x9, 0x2, 0x7, 0x7, 0x763c}, {0x4, 0x5, 0x6, 0x4, 0x3ff, 0x81}, {0x3, 0x7, 0x0, 0xce, 0x7fff, 0xffffffff}, {0x7, 0x7bfb, 0xfffff000, 0xffffffff, 0x4, 0x1}, {0x5, 0x4, 0x21, 0x8, 0xe, 0x9}, {0xdf2a, 0x6, 0x4, 0x82052d6, 0x5, 0x1fb2}, {0x7, 0x0, 0x4ba, 0x0, 0xff, 0x2}, {0x8001, 0x1, 0x2, 0x100, 0x200, 0x80000000}, {0x0, 0xf570, 0x9, 0xbbb1, 0x1800000}, {0x10, 0x7, 0x80000001, 0x5e0, 0x5, 0xff}], [{0x2, 0x1}, {0x2, 0x1}, {0x1, 0x1}, {0x1}, {0x5}, {0x5, 0x1}, {0x2}, {0x3, 0x1}, {0x1}, {0x1}, {0x3}, {}, {0x3, 0x1}, {0x5}, {0x3, 0x1}, {0x0, 0x1}, {0x2}, {0x1}, {0x4, 0x1}, {0x3, 0x1}, {0x3}, {0x1, 0x1}, {0x4}, {0x5, 0x1}, {0x5eda68b4af036046}, {0xe965e7cb1fba3a75}, {0x0, 0x1}, {0x1, 0x1}, {0x3, 0x1}, {0x2, 0x1}, {0x0, 0x1}, {0x3}, {0x2, 0x1}, {0x3}, {0x3, 0x1}, {0x4}, {}, {0x0, 0x1}, {}, {}, {0x5}, {0x3}, {0x3, 0x1}, {0x4, 0x1}, {}, {}, {0x5, 0x1}, {0x2, 0x1}, {0x7, 0x1}, {0x2, 0x1}, {0x5}, {}, {0x1, 0x1}, {0x1, 0x1}, {0x1}, {0x5, 0x1}, {0x1, 0x1}, {0x2, 0x1}, {0x5}, {0x1, 0x1}, {}, {0x2, 0x1}, {0x1, 0x1}, {0x5, 0x1}, {0x4, 0x1}, {0x5, 0x1}, {0x3}, {0x3}, {0x1}, {}, {0x5}, {0x0, 0x1}, {0x5, 0x1}, {0x5}, {0x2}, {0x1}, {}, {0x1}, {0x4}, {0x3, 0x1}, {0x0, 0x1}, {0x4, 0x1}, {0x2}, {0x3, 0x1}, {0x4, 0x1}, {0x1, 0x1}, {0x1, 0x1}, {0x0, 0x1}, {0x1}, {0x3}, {0x3}, {0x1, 0x1}, {0x4}, {0x5, 0x1}, {}, {0x1}, {0x5, 0x1}, {0x2, 0x1}, {0x0, 0x1}, {0x1, 0x1}, {0x5, 0x1}, {0x5, 0x1}, {0x3, 0x1}, {}, {0x5, 0x1}, {0x6, 0x1}, {0x5, 0x1}, {}, {0x1}, {0x0, 0x1}, {0x5, 0x1}, {0x5, 0x1}, {0x2, 0x1}, {0x5}, {0x5, 0x1}, {0x5}, {0x5, 0x1}, {0x1, 0x1}, {0x2}, {0x4}, {0x4, 0x1}, {0x4, 0x1}, {0x2, 0x1}, {0x1, 0x1}, {0x3}, {0x2, 0x1}, {0x3}, {0x4, 0x1}]}}, @TCA_PEDIT_PARMS_EX={0xe80, 0x4, {{{0x5, 0x3692, 0x8, 0x3, 0x1}, 0x6, 0xff, [{0xee, 0x2, 0x2, 0x5, 0xfffffffa, 0x8001}, {0x3, 0xffffa51b, 0x5, 0x5, 0x8001, 0x262}, {0x101, 0x7, 0x3, 0x3, 0x0, 0x9}, {0x8, 0x4, 0x7ff, 0x3, 0x4}]}, [{0x4, 0x7, 0x5, 0x2b, 0x1, 0x56a}, {0xe4ad, 0x8, 0x7, 0x6, 0x3, 0x8}, {0x0, 0xc036, 0x9, 0x9, 0x4, 0xfff}, {0x3, 0x1, 0x7, 0x7, 0x164d, 0x5}, {0x1, 0x9700, 0x826, 0x9, 0x401, 0x1}, {0x2, 0x10000000, 0x7fff, 0xff, 0x200, 0x1ff}, {0x8, 0x3, 0x3, 0x1ff, 0x7fffffff, 0xffff12b0}, {0x6, 0xcc, 0x400, 0x7598e97b, 0x0, 0x5}, {0xfffffffc, 0x7fff, 0x2, 0xfffffffb, 0xffff, 0x6}, {0x1ca5, 0x5, 0x40, 0x0, 0x8eff, 0x6}, {0x9, 0x2, 0x10000, 0xff, 0x210e26b8, 0xfffffffa}, {0x2, 0x8, 0x4, 0x1, 0x7, 0x7}, {0xfd5, 0x8, 0x7fffffff, 0x5, 0x9}, {0xfffffeff, 0x8, 0x10000, 0xfffffffa, 0x1ff, 0x89cb}, {0x9f, 0x3, 0x9, 0x81, 0x8, 0xb2}, {0x66, 0x3f, 0xd3, 0x2, 0x9, 0x9}, {0x800, 0x6ba, 0x5, 0xfffff800, 0x10001, 0x2}, {0x7, 0x10000, 0x0, 0x20, 0x0, 0x800}, {0x40, 0x5, 0x0, 0x1, 0x5, 0x92ab}, {0x80000000, 0xfff, 0x9, 0x7fff, 0x1ff, 0x9}, {0x200, 0xc014, 0x1f, 0x8, 0x3, 0x4}, {0x41, 0x1f, 0x7f, 0x1000, 0x4, 0x377}, {0x0, 0x5, 0x5, 0x1, 0x7ff, 0x80000000}, {0x8, 0x10001, 0xcb, 0x1, 0x4c3, 0x3955}, {0x1, 0x6, 0x0, 0x9, 0x5048a578, 0x3}, {0x407e, 0x1a3, 0x1, 0x393, 0x1f, 0x1}, {0xffffffc1, 0x3, 0x2, 0x6, 0x6, 0x1f000000}, {0x5, 0x2, 0x7, 0x6, 0x6, 0x8}, {0x0, 0x6, 0x1000, 0x10001, 0x7, 0x9}, {0x3f, 0xafd0, 0x8, 0x7, 0xd6, 0x401}, {0x3, 0x1000, 0x7, 0x4, 0xfc, 0x3}, {0x8, 0x1, 0x7, 0x2, 0x4, 0x1}, {0x40, 0x4, 0x34e0, 0x5, 0xffff, 0x1}, {0x3, 0x4, 0x1, 0x5, 0x0, 0x10000}, {0x80000001, 0x5, 0x1, 0x8, 0x10000, 0xffffffff}, {0x3, 0x9, 0x0, 0x22, 0x4, 0x2}, {0x7, 0x54e, 0x1, 0x1, 0x7, 0x8001}, {0xe0d, 0x2fd5, 0x9, 0x5, 0x9, 0x643}, {0x0, 0x8, 0x8, 0x6, 0x1, 0x2c7}, {0x2, 0x6, 0x3, 0x7, 0x0, 0x3ff}, {0x20, 0x3, 0x291, 0x67cc, 0xffffff37}, {0x5, 0x1, 0x246e, 0x0, 0x80000001, 0x4}, {0x7fff, 0x9, 0x3, 0x200, 0x1, 0x4}, {0x8, 0x0, 0x4, 0x1ff, 0x7fffffff, 0x1ff}, {0x451d87bd, 0x7, 0x6c, 0x800, 0x1, 0x3ff}, {0x100, 0x8, 0x5, 0x1f, 0x6, 0xff000000}, {0x9, 0xd43d, 0x0, 0xfffffffb, 0x5, 0xfff}, {0x7, 0x4, 0xb5, 0xffffb1bf, 0x80000001, 0x6}, {0x3, 0xb7, 0x7, 0xb599, 0x10000, 0x9}, {0x9, 0x278f, 0xffff, 0x7fff, 0x0, 0x3}, {0x98, 0xfffff0ff, 0x167b, 0x401, 0xc0, 0x7}, {0x0, 0x91, 0x4, 0x3, 0x3, 0x1}, {0x4, 0x401, 0x8001, 0x8, 0x1, 0x8}, {0x1, 0x5, 0xe987, 0x4e2, 0x8, 0x4}, {0x81, 0x8bb, 0x4, 0x5, 0xe3d, 0x101}, {0x37b, 0xfffffaf7, 0xe2, 0x80000000, 0x2, 0x5ac}, {0x8000, 0x100, 0x80, 0x0, 0x1, 0x5}, {0x150d, 0x8, 0x3, 0x7, 0x100, 0x2}, {0x3, 0x1, 0xb837, 0x6, 0x4, 0x8001}, {0x8, 0x20, 0x8, 0x0, 0x1f, 0x80000001}, {0x6, 0x3f, 0x3ff, 0xadf, 0xc047, 0x3}, {0x6, 0x4, 0x6, 0x3, 0x2}, {0x41, 0x1, 0x1f, 0x899, 0x50e, 0x40}, {0x6, 0x1, 0x0, 0x4aa, 0x200, 0x3ff}, {0x5, 0x2, 0x1, 0x3, 0x66a0251c, 0x9}, {0x5, 0x0, 0xffffffff, 0x8000, 0x5, 0x4}, {0x7ff, 0x0, 0x36c, 0x855, 0x8001, 0x2}, {0xffffff74, 0x6c381382, 0x2, 0xffffffc1, 0x7fff, 0x100}, {0x8, 0x1, 0x7, 0xffff902c, 0x5a9, 0x7e5}, {0x8001, 0x100, 0x7, 0x7, 0x3, 0x2}, {0xfffffff9, 0x10000, 0x8, 0x1000, 0x3, 0x1}, {0x6, 0x7fff, 0x4, 0x1, 0x6, 0xfffff30c}, {0x8000, 0x0, 0x10001, 0xf5a5, 0x6, 0xfffffff7}, {0x3, 0x2, 0x6, 0x401, 0x1, 0xffff}, {0x9, 0x3, 0x6, 0x7, 0x100, 0x2}, {0xeae7, 0x1, 0xeb01, 0x49d, 0x8001, 0x551}, {0x85f4, 0x1, 0x3, 0x81, 0x400, 0x5}, {0x4, 0x239c, 0x7, 0x1cb7, 0x9, 0xffff}, {0x7, 0x4, 0x9, 0x2, 0x401, 0x6}, {0x80000001, 0x4, 0x3, 0x3, 0x0, 0xffff2b34}, {0x9, 0x1, 0x81, 0x7ff, 0xfffffbff, 0x4}, {0x0, 0x28000000, 0x18463675, 0x3, 0x9637, 0xfff}, {0x7, 0x4, 0x80, 0x401, 0x1, 0x4f10}, {0x9, 0xc0e3, 0x0, 0x1, 0x8, 0x8}, {0xf3, 0x3, 0x40, 0x2be, 0x890, 0x7}, {0x7, 0x201f5292, 0x5, 0xfffffffd, 0x30, 0x1}, {0x8, 0x2, 0x3, 0x759, 0x2, 0x7fffffff}, {0x9, 0x1, 0x2, 0x80000000, 0x7, 0xff}, {0x2, 0xfffffff8, 0x10001, 0x0, 0x8, 0x180000}, {0x7, 0x5fd, 0x7ff, 0x1, 0x20, 0x77c}, {0xff80, 0x68, 0x0, 0x1000, 0x8001, 0x5}, {0x2, 0x7, 0x0, 0x20, 0x9, 0x4}, {0x7fffffff, 0x4, 0x4, 0xd4c, 0x400, 0x2}, {0x401, 0x1, 0x1d, 0x3, 0xffffffff, 0x800}, {0xc5c, 0xb9ed, 0xfffeffff, 0x3, 0x49, 0xffffffff}, {0x2, 0x7, 0x3ff, 0x90000, 0x4, 0x100}, {0x5, 0x7, 0x6, 0x8001, 0x80000001, 0x4}, {0xaf, 0xfff, 0x0, 0x8, 0x5, 0x3f}, {0xb39, 0xfff, 0x8, 0x81, 0x3, 0x3f}, {0x1ff, 0x2, 0x9, 0xffff, 0xab6a, 0x80000000}, {0x7f, 0x0, 0x5, 0x9, 0x1, 0x3}, {0xb2c, 0x3f, 0x800, 0x1, 0xd09, 0x289}, {0x2, 0xcc, 0x101, 0x800, 0x6}, {0x3, 0x1, 0x7, 0x13a, 0x3ff}, {0x7, 0x2, 0x60000000, 0x3, 0x80, 0x8d4}, {0x7, 0x0, 0x6, 0x5, 0x6}, {0x80000001, 0x8, 0x80000001, 0x28, 0x3ff, 0x80000000}, {0xfffffffd, 0x0, 0x1, 0x8000, 0x800, 0x3}, {0x4, 0x0, 0xfff, 0x5, 0x7, 0x3f}, {0x6, 0x8, 0x487cabbe, 0x8000, 0x9, 0x21d5}, {0x18, 0x7f, 0x7d68, 0x8, 0xfffeffff, 0x2}, {0x5, 0x7f, 0x6, 0x800, 0x7ff, 0xa93e}, {0x28b, 0x2, 0x8, 0x40, 0xb98e, 0xbf64}, {0x6, 0x7a, 0x80, 0x3, 0xfff, 0x3}, {0x28, 0x0, 0x8b74, 0x4, 0x24e, 0x20}, {0x80000001, 0xb6, 0x20, 0x3, 0x1, 0x7}, {0x4, 0xfffffffb, 0x7fffffff, 0x8, 0x9, 0xff80}, {0x80000001, 0x5, 0x5, 0x5, 0x0, 0x6}, {0x40, 0x7, 0x1, 0x3, 0x7, 0x2}, {0x8, 0x74, 0x101, 0x8, 0xfffffff9, 0xd9}, {0xf9, 0x1, 0x8, 0xffff8001, 0xa13, 0x512}, {0x7fff, 0xbc, 0x1, 0x8ea, 0x5, 0x3}, {0x80, 0x0, 0x80000000, 0xfffff001, 0x7bdb855, 0x8}, {0x1ff, 0x0, 0x2, 0x3f, 0x40, 0xff}, {0x40df, 0x7fffffff, 0xac9c, 0x3, 0x4, 0x3}, {0x5, 0x8, 0x448, 0x7, 0x8, 0x7fff}, {0x0, 0x1, 0x9, 0x8001, 0x40, 0x7f}, {0xb5e, 0x85d42ac, 0xffffffc1, 0x8, 0x20, 0xb627}], [{0x3, 0x1}, {0x1}, {0x0, 0x1}, {0x5, 0x1}, {0x2, 0x1}, {0x3, 0x1}, {0x3}, {0x3}, {}, {0x4, 0x1}, {0x2, 0x1}, {0x0, 0x1}, {0x6}, {0x5}, {0x2}, {0x3}, {}, {0x2}, {0x2, 0x1}, {0x0, 0x1}, {0x5}, {0x2, 0x1}, {0x5}, {0x5, 0x1}, {0x1}, {}, {0x4, 0x1}, {0x5}, {0x3, 0x1}, {0x1}, {0x5}, {0x4}, {0x1, 0x1}, {0x5, 0x1}, {0x3}, {0x4}, {0x2, 0x1}, {0x4}, {0x3, 0x1}, {}, {0x1}, {0x4, 0x1}, {0x0, 0x1}, {}, {}, {}, {}, {0x0, 0x1}, {0x1}, {0x3, 0x1}, {0x1, 0x1}, {0x3}, {0x0, 0x1}, {0x0, 0x1}, {0x4, 0x1}, {0x1}, {0x0, 0x1}, {}, {0x0, 0x1}, {0x2, 0x1}, {0x4}, {0x5}, {0x1, 0x1}, {0x5, 0x1}, {0x2}, {0x0, 0x1}, {0x4}, {0x3, 0x1}, {0x4, 0x1}, {0x2}, {0x2, 0x1}, {0x3}, {0x3, 0x1}, {0x2}, {0x5, 0x1}, {0x4}, {0x5, 0x1}, {0x2}, {0x3}, {0x4, 0x1}, {0x4}, {0x2}, {0x2}, {0x1, 0x1}, {0x5}, {0x3}, {0x5, 0x6d2b7bcfc8194c3c}, {0x4, 0x1}, {0x2, 0x1}, {0x3}, {0x0, 0x1}, {0x0, 0x1}, {0x5, 0x1}, {0x1, 0x1}, {0x4}, {0x4}, {}, {0x4, 0x1}, {0x3}, {0x4, 0x1}, {0x6, 0x1}, {0x5, 0x1}, {0x1, 0x1}, {0x4}, {0x1, 0x1}, {0x5}, {0x1, 0x1}, {0x2, 0x1}, {0x4}, {0x1, 0x1}, {0xcb660cc0adceafdd}, {0x2, 0x1}, {0x0, 0xef648a334368f3c7}, {0x0, 0x1}, {0x2}, {0x5}, {0x2, 0x1}, {0x5, 0x1}, {0x1, 0x1}, {0x93e0890f12c3bc9c}, {0x1}, {0x2, 0x1}, {0x1}, {0x2, 0x1}, {0x3, 0x1}, {0x3, 0x1}, {0x1, 0x4872c585a15e03d4}]}}, @TCA_PEDIT_PARMS_EX={0xe20, 0x4, {{{0x9, 0x67451e52, 0x20000000, 0x9, 0x81}, 0x6, 0xf7}, [{0x5, 0x1, 0x7f, 0x0, 0x6, 0x6}, {0x5b2d, 0x10000, 0x9, 0x800, 0x40, 0x4}, {0xffff, 0x4, 0x5, 0x8, 0x2, 0x4}, {0x6, 0x400, 0x20, 0x1, 0x4, 0x7}, {0x2df, 0x3, 0x2, 0x40, 0x80000001, 0x1}, {0x7ff, 0x5, 0x0, 0xffffffff, 0x7f, 0xfffffbff}, {0x4, 0x2, 0x3f, 0xe61, 0x1, 0x3}, {0x3f, 0x1f, 0x1, 0x7, 0x0, 0x800}, {0x10000, 0x8, 0x9, 0x80, 0xfff, 0xf0b}, {0x5, 0x10001, 0x178, 0x4, 0x0, 0x7fffffff}, {0x0, 0x0, 0x2, 0x8000, 0x0, 0x8}, {0x8e2c, 0x1, 0x8, 0x4, 0xf99, 0x4}, {0x7ff, 0x20, 0x7f, 0xffff0000, 0x0, 0x9}, {0x4, 0x7fffffff, 0xfff, 0xc2, 0x3, 0x2}, {0x5, 0x100, 0xfff, 0x5, 0x0, 0x8001}, {0x7, 0xfffffff7, 0x101, 0x7, 0x8, 0x8}, {0x200, 0x1, 0x2, 0x5, 0x200, 0x800}, {0x73c, 0x0, 0x9, 0x10000000, 0x7fffffff, 0x4}, {0x1, 0x7f, 0x0, 0x5, 0x80, 0x3}, {0x5, 0x80000001, 0x20, 0x2, 0x3, 0x2}, {0x1f, 0xffffffff, 0x259, 0x6, 0x1, 0x7}, {0x0, 0x7fffffff, 0x8, 0x6, 0x4, 0x4}, {0x101, 0x5, 0x3, 0x2f11, 0x7, 0x6d}, {0x1, 0x1, 0x9, 0x100, 0x3, 0x8}, {0x545, 0x9, 0x8001, 0x2, 0x5, 0x80000000}, {0x101, 0x7ff, 0x1, 0x101, 0x1}, {0x5, 0x63, 0x6, 0x200, 0x25, 0x9}, {0x6, 0x8, 0x5, 0x3d, 0x3, 0x5}, {0x969c, 0x6, 0x2, 0x0, 0x3, 0x3}, {0x2, 0x6, 0x1, 0x6, 0x85}, {0x1, 0x10001, 0xfff, 0xfffffeb3, 0x28, 0x10001}, {0x8, 0x0, 0x4, 0x8, 0x8, 0x6}, {0x4, 0x200, 0x2, 0xfff, 0x401, 0x8001}, {0x400, 0x3, 0x6, 0x80000001, 0xffffffff}, {0xffffffff, 0x8001, 0x6, 0x698, 0x10000, 0x5}, {0xffffffff, 0x3, 0x3ff, 0xfd7, 0x7fff, 0x1}, {0x9, 0x9, 0x38, 0x5, 0x2, 0x7}, {0x8, 0xfff, 0x7, 0x7, 0xfffffffd, 0x1ff}, {0x6, 0x9, 0x4, 0xffff, 0x5832c85b, 0x200}, {0x9, 0x1f, 0xfffffff9, 0x401, 0x3, 0x4}, {0x8001, 0xffffffff, 0xfffffffd, 0x1, 0x6, 0x8}, {0x8000, 0x0, 0x4, 0x1, 0xed580000, 0x9}, {0x8b, 0x2, 0xbbf041e, 0x0, 0x97b, 0x7}, {0x2, 0x1fe0, 0x3, 0x5, 0x401, 0x8000}, {0x80000001, 0x7, 0x3ff, 0xffffffff, 0xfffffff9, 0x1}, {0x5, 0x2, 0x1, 0x8, 0x8}, {0x8000, 0x9, 0x3f, 0x7fffffff, 0xfffffc40, 0x7}, {0x13ea000, 0x96, 0x3, 0x5, 0x6}, {0x8000, 0x8, 0x6, 0x243, 0xffff}, {0x91, 0xe0, 0x3, 0xffffff81, 0xffffffa6, 0x2}, {0x9, 0x0, 0x7, 0x5, 0x20, 0x400}, {0x0, 0x798, 0x3, 0x6, 0x9, 0x4f}, {0x8001, 0xfff, 0x7f, 0x7ff, 0x0, 0x5}, {0x8000, 0x3, 0x2, 0x0, 0x0, 0x9}, {0x36c1, 0x6, 0xa7, 0x360, 0x3, 0x84}, {0x5, 0x7, 0xf6cc, 0x80, 0x9, 0x4}, {0x7, 0x4, 0x100, 0x12, 0x9, 0x8}, {0x7, 0x3, 0x2, 0x9, 0x4d, 0x1}, {0x7, 0x5, 0x1, 0x81, 0x200, 0x1}, {0x81, 0x2, 0x401, 0x10001, 0xc6, 0x7fffffff}, {0xe35, 0x6, 0x1000, 0xcc, 0x3, 0x1000}, {0x7, 0x7, 0x1, 0x400, 0x100, 0xffffffff}, {0x448, 0x4, 0x3, 0x80000001, 0xfffffffd, 0x81}, {0x0, 0x3f, 0x41e, 0x4, 0x47979b47, 0x3f}, {0x0, 0x1, 0x3, 0xffffffff, 0x0, 0xfff}, {0x0, 0x3, 0x2, 0x8, 0xc000, 0x7}, {0xf211, 0xffff79df, 0x7, 0x1000, 0x1, 0x4}, {0x9b, 0x800, 0x0, 0x4, 0x3, 0xffffff80}, {0x4, 0x2, 0x8, 0x5, 0x8ba1}, {0x1ff, 0x5, 0x4, 0x400, 0x9, 0x62}, {0x5, 0x0, 0xd5c9, 0x8, 0xb09d, 0x9}, {0x6, 0x80, 0x7, 0xfffffff7, 0xf1, 0x3}, {0xfff, 0xfffffffb, 0x4, 0x2, 0x4bd, 0x8001}, {0x8, 0x9, 0x5, 0x5, 0x101, 0x4}, {0x5, 0xa8c, 0xa3, 0x7f, 0x101, 0xe6b}, {0xfffffffc, 0x9750, 0x1ff, 0x81, 0x2, 0x8b}, {0x0, 0x40000000, 0x10000, 0xa0d9, 0x5827, 0x9}, {0x1, 0xf, 0x6, 0x100, 0x184}, {0x80000000, 0x6, 0x80000001, 0x5, 0x5, 0x1}, {0x20, 0x1000, 0x800, 0x4, 0x3, 0x5}, {0xff, 0xfffffffd, 0x1e8, 0x3f, 0x3, 0x1000}, {0x1, 0x4, 0x1ff, 0x3, 0x40, 0x7f}, {0x5, 0x4, 0x3, 0x2, 0x66}, {0x5, 0x9, 0x8, 0x72c4, 0x4}, {0x7fffffff, 0x89, 0x101, 0x1, 0x80000000, 0x8d}, {0x5, 0x81, 0x6, 0xc2d, 0x0, 0x2}, {0x81, 0xfffffff8, 0x6, 0x8bb, 0xfff, 0x3}, {0xffffffff, 0xfffff121, 0x1000, 0x80, 0xed65, 0x5}, {0x3, 0x7fff, 0xffff8000, 0xffff, 0xfffffc01, 0x1}, {0x61e, 0x1, 0x3, 0xb9, 0xfe, 0x53}, {0x6, 0x6, 0x800, 0x5, 0x4, 0x40}, {0x5, 0x401, 0x0, 0xffffffff, 0x80, 0x2}, {0x4, 0x3, 0x8586, 0x0, 0x6, 0x3}, {0x0, 0x5, 0x10001, 0xfffffffa, 0x6, 0x26}, {0x1000, 0x1, 0x0, 0xc49, 0x3, 0x1f}, {0x1, 0x7, 0x100, 0x4, 0x401, 0x4}, {0x9, 0x5, 0x4, 0x8a, 0x9, 0xff}, {0xf8, 0x4, 0x2ee, 0x80000000, 0x9, 0x4}, {0xf03, 0x1, 0x0, 0x6, 0x2000, 0x5}, {0x200, 0x81, 0x6, 0x9821, 0x3, 0x7}, {0x7fff, 0x7fff, 0x0, 0x800, 0x1}, {0x0, 0x3, 0xb969, 0x1, 0x10000, 0x6}, {0x7, 0x8, 0x5, 0x96, 0xe0, 0xfffffff7}, {0x9, 0x297, 0x1, 0x8, 0x9, 0x3}, {0x6, 0x78b, 0x3, 0x68b3, 0x1, 0x101}, {0x4, 0x4, 0x6, 0x7, 0x3ff, 0x8}, {0x100, 0x1, 0xf3e8, 0x8, 0x5658, 0x6}, {0x5, 0x9, 0x4c37, 0x0, 0x3, 0x4}, {0x0, 0x6, 0x7, 0x6, 0x7, 0x7}, {0x6518, 0xfff, 0xe5, 0xe4e7, 0xd15a, 0x2}, {0x5, 0x1, 0x81, 0x80000000, 0x3, 0x80000000}, {0x7, 0xc0, 0x8, 0x4, 0x1, 0x200}, {0x7, 0x401, 0x3203, 0x454, 0x4, 0x5e06}, {0x8, 0x7, 0xe8de, 0x1, 0x9, 0xf0}, {0x6, 0x100, 0x2, 0x8f2, 0x7, 0x9}, {0x4, 0x0, 0x0, 0x400, 0x9, 0x1}, {0x7, 0x81, 0x9, 0x4, 0xa8, 0x21a}, {0x7f, 0x5, 0x20, 0x0, 0x2, 0x9}, {0x80000000, 0x530, 0xe208, 0x80000001, 0x7ff, 0x3}, {0xb618c1a2, 0xffff, 0xcc4, 0xff, 0x9, 0x101}, {0xfffffff9, 0x6, 0x5, 0x5, 0x8, 0x80000000}, {0x2, 0xbe, 0xff, 0xfffffffc, 0x7d, 0x7}, {0x5, 0x5, 0x1c50, 0x2, 0x8, 0xc92}, {0x81, 0x6, 0x1, 0x6b, 0x8, 0x5}, {0x8, 0x9, 0x4, 0x5, 0x80000000, 0x874}, {0x0, 0x8cf, 0x8, 0x3, 0x9, 0x3}, {0x1, 0x20, 0x4, 0x60000000, 0x80000000, 0x40}, {0x2, 0x80000001, 0x1, 0xffff7fff, 0x7, 0x7ff}], [{0x5, 0x1}, {0x2, 0x1}, {}, {0x2, 0x1}, {0x1, 0x1}, {0x0, 0x1}, {0x2}, {}, {0x5}, {0x1, 0x1}, {0x4, 0x1}, {0x5}, {0x0, 0x1}, {0x4, 0x1}, {}, {0x3}, {0x1, 0x1}, {0x1}, {0x1, 0x1}, {0x3, 0x1}, {0x5}, {0x2}, {0x5, 0x1}, {0x3, 0x1}, {0xa, 0x1}, {0x4, 0x1}, {0x3, 0x1}, {0x3, 0x1}, {0x3}, {0x3, 0x1}, {0x5, 0x1}, {0x2}, {0x5}, {}, {0x5, 0x1}, {0x3}, {0x2, 0x1}, {0x3, 0x1}, {0x2, 0x1}, {0x0, 0x1}, {}, {0x1}, {0x2, 0x1}, {0x3, 0x1}, {0x5, 0x1}, {}, {0x5}, {}, {0x4}, {0x4, 0x1}, {0x0, 0x1}, {0x1, 0x1}, {0x0, 0x1}, {0x5}, {0x0, 0x1}, {0x1}, {0x0, 0x1}, {}, {0x2, 0x1}, {0x1, 0x1}, {0x0, 0x1}, {0x2, 0x1}, {0x1}, {}, {0x7, 0x1}, {0x0, 0x1}, {0x4, 0x1}, {0x4, 0x1}, {}, {0x1, 0x3}, {0x4}, {0x1, 0x1}, {0x0, 0x1}, {0x3, 0x1}, {}, {0x3}, {0x5}, {0x1}, {0x5}, {0x1}, {0x4, 0x1}, {0x2, 0x1}, {}, {0x2, 0x1}, {}, {0x1}, {0x2, 0x1}, {0x0, 0x1}, {0x0, 0x1}, {0x2}, {0x1, 0x1}, {0x2, 0x1}, {0x4, 0x1}, {0x2, 0x1}, {0x4, 0x1}, {0x2, 0x1}, {0x5, 0x1}, {0x0, 0x1}, {0x4}, {0x3, 0x1}, {0x4}, {0x4}, {0x4}, {0x5}, {0x4}, {0x5, 0x1}, {0x5, 0x1}, {0x4}, {}, {0x3}, {0x2}, {0x4, 0x1}, {0x5}, {0x5}, {0x4, 0x1}, {0x0, 0x1}, {0x5}, {0x3, 0x1}, {0x6}, {0x7, 0x1}, {0x4}, {0x5}, {0x2, 0x1}, {0x4, 0x1}, {0x3, 0x1}, {0x5}, {0x2, 0x1}, {0x0, 0x1}]}}, @TCA_PEDIT_PARMS={0xee0, 0x2, {{{0x9, 0x7, 0x3, 0x7, 0x3ff}, 0x2c, 0x3, [{0x0, 0xf8b, 0x1, 0x916, 0x1, 0x2}, {0x400, 0x4, 0x1, 0x2, 0x2, 0x2}, {0x0, 0x0, 0x5f9, 0x8, 0x0, 0xffff}, {0x40, 0x351a, 0x9, 0x2, 0x4, 0x200}, {0x2, 0x6, 0x1a07, 0x6, 0xf0a8, 0x2}, {0xa40, 0x2, 0x5, 0x1, 0x4, 0x10000}, {0x6e0, 0x4607, 0x67, 0x5, 0x1000, 0x7}, {0x9, 0x401, 0x9, 0x3, 0x8, 0xfffff85b}]}, [{0x1000, 0x8, 0x6, 0x1000, 0x0, 0x7544}, {0x4, 0xfff, 0x97, 0x9, 0x20, 0x5}, {0x9, 0x3, 0x1f, 0xbaa9, 0x3}, {0x7fff, 0x2, 0xfffffffd, 0x1, 0xd5, 0x519}, {0x9, 0xe5, 0xfffffffc, 0x1, 0x2, 0x100}, {0x101, 0x6, 0x8, 0x2, 0xffffffff, 0x80000000}, {0x52, 0x9, 0x4, 0x6, 0x3, 0xff1}, {0x9d0, 0x1, 0x8, 0x6, 0xffff0000, 0xffffffff}, {0x0, 0xe547, 0x0, 0x3, 0x80000000, 0x800}, {0x3, 0x2, 0x8000, 0x80000001, 0x5, 0x2}, {0x3b7e, 0xff, 0xd2, 0x10001, 0x1, 0x10000}, {0x0, 0x6, 0x7, 0x3, 0x4, 0x101}, {0x4, 0x1f, 0x10001, 0xe2, 0x0, 0x2}, {0x7, 0x401, 0x7bfa, 0x6, 0x6, 0x5}, {0xc8c000, 0x6, 0x81, 0x10000, 0xfff, 0x880}, {0x5, 0x6, 0xfffffffb, 0x6, 0x4, 0x7ff}, {0x8001, 0xd91, 0x44f, 0x401, 0x40, 0x2}, {0x1, 0x4, 0x9, 0x1, 0x8001, 0x6}, {0x6, 0x9, 0x5a85, 0x0, 0x6, 0x7fff}, {0x5, 0x5, 0x20, 0x200, 0x101, 0xe682}, {0x3, 0x8001, 0x40000000, 0xffff, 0x8, 0x20}, {0x401, 0x1df, 0x347, 0xae, 0x8, 0xfffffffc}, {0x2aee7fe5, 0x7, 0x1, 0x9, 0x10000, 0x4}, {0x1, 0x80000001, 0xe8, 0xdfa, 0x0, 0x8000}, {0x9d35, 0xfff, 0x0, 0x9f6, 0x2, 0x1000}, {0x1, 0x3, 0x9, 0xffff, 0x1, 0x20}, {0x1, 0x2, 0x400, 0x6, 0xd0f, 0x7}, {0x200, 0x0, 0x13f, 0x0, 0xb7, 0xffffffff}, {0x8, 0x0, 0x40, 0x2, 0x81, 0x7f}, {0x4, 0x6, 0x1b700000, 0x9, 0x2f6, 0x1f}, {0x4a, 0x6, 0xffff, 0x27f, 0x7fffffff, 0x10000}, {0x2, 0x3, 0x2, 0xb4d, 0x6}, {0x3fa, 0x6, 0x9, 0x0, 0x3, 0x86bc}, {0xffffffff, 0x8, 0x3, 0x0, 0x7, 0x4de}, {0x2e, 0x0, 0xfffffff8, 0x7ff, 0x1, 0x81}, {0x6, 0x7, 0x1000, 0x80000000, 0x9dd5, 0x400}, {0x0, 0x1ff, 0x3, 0x1f, 0x5, 0x6}, {0x38, 0x0, 0x10001, 0x9, 0x10001, 0x8}, {0x2, 0x4, 0x200, 0x800, 0x4, 0x7}, {0x101, 0x7, 0xfffffffc, 0x7, 0x9, 0x7}, {0x2, 0x5, 0x0, 0xb9a8}, {0xabda, 0x0, 0x4000800, 0xfff, 0x400, 0x7fff}, {0x79d, 0xe4, 0x9, 0x800, 0x5, 0x9c5}, {0x7fffffff, 0x0, 0x505b, 0xffff, 0x0, 0x2}, {0x5, 0x80000001, 0x1, 0x3, 0x101, 0x1}, {0x20, 0x3, 0x4800000, 0x4, 0x7ff, 0x5}, {0x3, 0x8, 0x6, 0x4, 0x59, 0x1}, {0x5, 0x3, 0x4, 0x9, 0x200, 0x8000}, {0x7, 0x7, 0xfffffe00, 0xfffffffc, 0x3f, 0x80000001}, {0x117, 0x6, 0x5, 0x0, 0x402, 0x5}, {0x0, 0x10001, 0x9, 0x1, 0x3, 0x3}, {0xfffffff9, 0x2, 0xfffffff9, 0x80000001, 0x8, 0xffffffff}, {0x2, 0x3, 0x3fc, 0x7f, 0xff, 0x2}, {0x5, 0x2, 0xffffff81, 0x3, 0x9, 0x3a}, {0x1, 0x7fffffff, 0x81, 0x9, 0x80, 0xffffff5f}, {0xa5a, 0x9, 0x7fffffff, 0x5, 0x4, 0x1}, {0x6, 0x10001, 0x93, 0x2, 0x101, 0x1}, {0xe258, 0x7, 0x1, 0x4, 0x4, 0x9}, {0x5, 0x81, 0x0, 0x741, 0x6, 0x4}, {0x1000, 0x7, 0x4, 0x800, 0x9, 0x1}, {0x3f, 0xfffffffd, 0x9, 0xff, 0x40, 0xf4f}, {0x81, 0x8, 0x0, 0x1, 0x1ff, 0xfcf}, {0x9, 0x4, 0xfe6, 0x20, 0xff, 0x8}, {0x7ff, 0x46, 0x4, 0x200, 0xa5d2, 0x3ff}, {0x8bc, 0xfffffc01, 0xfa, 0x5, 0x81, 0x81}, {0x8, 0x2, 0x62c, 0x200, 0xffffffe0, 0x9}, {0xa7bb, 0x4, 0x9, 0x6, 0xffffedd1, 0x1}, {0x0, 0x8, 0x1ff, 0xbf2, 0x20, 0x3}, {0x4f62, 0x8001, 0x2, 0x5, 0x1, 0x4}, {0xd54, 0x9, 0x4, 0x4604a0bc, 0x8}, {0x9, 0x200, 0xfffffc01, 0x10001, 0xcf, 0x80}, {0x4, 0x7, 0x0, 0x7, 0x9}, {0x5, 0x0, 0x3, 0xa00, 0x8, 0x8}, {0xeb0c, 0x1ff, 0x2, 0x2, 0x10001, 0x6}, {0x7, 0x8001, 0x0, 0x9, 0x0, 0xffff}, {0xfff, 0x10001, 0x5, 0x1, 0x7, 0x180000}, {0x1, 0xfffffffd, 0x5, 0x9, 0xfffff801, 0x1}, {0x1, 0x4, 0x9, 0x1, 0xffffffff, 0x8}, {0x400, 0x1ff, 0x0, 0x9, 0x3, 0x800}, {0xdc0, 0x0, 0x8, 0x5, 0x7, 0x80}, {0x5, 0xfffffff7, 0x0, 0x1ff, 0x80000000, 0x5}, {0x7, 0x8, 0x0, 0x1ff, 0xb0, 0x4}, {0x10001, 0x2, 0x7, 0x3, 0xff, 0x4}, {0x7, 0x3, 0x0, 0xfff, 0x3, 0x9}, {0x5, 0x0, 0x5c0, 0x81, 0xfff, 0x2}, {0x3, 0x1, 0x4, 0x5, 0x81, 0x9}, {0x3ff, 0x5, 0x0, 0xb55, 0x101, 0x1800}, {0x1, 0x5, 0x2, 0x1f, 0x5, 0x40000}, {0xfffffe00, 0x4, 0xb61, 0x7, 0x2, 0x5}, {0x0, 0x897, 0x9000, 0x0, 0xd31b, 0xff}, {0x9896, 0x7ff, 0x101, 0x26b, 0x81, 0x81}, {0x7ff, 0x99, 0x3, 0x100, 0x2, 0x6}, {0x6, 0x2, 0x1, 0x1, 0x401, 0xd1}, {0x3, 0x24bc2add, 0xd6dd, 0x6, 0xfff, 0x1}, {0x5, 0x80000001, 0x1, 0x4, 0x100, 0x8000}, {0x9, 0x2, 0x5, 0xe, 0x2, 0x8a15}, {0x0, 0x5, 0x101, 0x4e, 0x7f, 0x9}, {0x80000001, 0xa9c, 0x0, 0x7, 0x80000000}, {0x5, 0x0, 0x800, 0x7, 0x8, 0xa4}, {0x0, 0xffff, 0x10001, 0x8, 0x7fff, 0x8}, {0x4, 0x6, 0x9, 0x8, 0x8, 0x80}, {0x7f, 0x1ff, 0x5, 0xde4b, 0x2, 0x7f}, {0x5b4, 0x80000001, 0x7, 0x9, 0x9, 0x2}, {0x7, 0x1, 0x5, 0x4, 0x5}, {0xcd, 0x9, 0x8, 0x20, 0x3f, 0x1000}, {0xff, 0x8000, 0x6, 0x9, 0x80000000, 0x2}, {0x8, 0x300, 0xffffffff, 0x1b8, 0x1f, 0x81}, {0xb1a4, 0x80, 0x0, 0x1, 0x6, 0x8}, {0x8, 0x0, 0x640a, 0x7, 0x6, 0x400}, {0x8, 0x7, 0x1, 0xb9, 0x10001, 0x5}, {0xfffff01a, 0x1, 0x45, 0x2, 0x1f}, {0x6, 0x2, 0x5, 0x6, 0x3, 0x1}, {0x2, 0xfde, 0x21b8, 0x2, 0x0, 0x1}, {0x4, 0x1, 0x2, 0x9, 0x3f, 0x4}, {0xfffffff7, 0x1, 0x82, 0x8, 0x9, 0x2}, {0x2, 0x8bb, 0x1, 0x545, 0x3, 0x1}, {0xfffffe01, 0x40, 0xbd, 0x7, 0x0, 0xfff}, {0x7f, 0x81, 0x2, 0x7ff, 0x9379, 0x20}, {0x4d8e, 0x5, 0x1f, 0x6, 0x3, 0x3}, {0x0, 0x471, 0x2, 0x0, 0x6ef3, 0xfff}, {0x7fff, 0x200, 0x9, 0x32d28d37, 0x80000001, 0x9}, {0x5, 0x9, 0x3, 0x8, 0x101, 0xb57d}, {0x1, 0x6, 0x2, 0x0, 0x3, 0x40}, {0x3, 0x18000000, 0x5, 0x7f, 0x7fff, 0x4}, {0x7, 0x7, 0x7, 0x8, 0x9, 0x7}, {0xfff, 0x9, 0x7, 0xffff, 0x5, 0xff800000}, {0x5, 0x7fff, 0x2, 0x4, 0x0, 0x8000}, {0xfffffffd, 0x8, 0x38f6, 0x401, 0x9, 0xfff}], [{0x2, 0x1}, {0x0, 0x1}, {0x4}, {0x2, 0x1}, {0x2, 0x1}, {0x2, 0x1}, {0x1, 0x1}, {0x1}, {0x4, 0x1}, {0x4}, {0x5}, {0x4, 0x1}, {0x4, 0x1}, {0x5}, {0x4}, {0x2}, {}, {0x3, 0x1}, {0x3}, {}, {}, {0x3}, {0x2, 0x1}, {0x3, 0x1}, {0x1}, {0x0, 0x1}, {0x0, 0x1}, {0x3, 0x1}, {0x3}, {0x3, 0x1}, {0x2, 0x1}, {0x1, 0x1}, {0x5, 0x1}, {0x3}, {0x3}, {0x2}, {0x2, 0x1}, {0x1, 0x1}, {0x1, 0xd180cdeda462a4f9}, {0x0, 0x1}, {0x2, 0x1}, {0x3, 0x283b52abf84471ae}, {0x3, 0x1}, {0x5}, {0x0, 0x1}, {0x4}, {0x1}, {0x4, 0x1}, {0x3}, {0x4}, {0x1}, {0x4}, {0x2, 0x1}, {0x3, 0x1}, {0x2, 0x1}, {0x3}, {0x3, 0x3}, {0x2, 0x1}, {0x28a6a7868f238da7}, {0x2, 0x1}, {0x1, 0x1}, {0x1, 0x1}, {0x4, 0x1}, {0x4}, {0x5, 0x1}, {0x2, 0x1}, {0x1, 0x1}, {0x2}, {0x0, 0xae005740e5ae41ff}, {0x4}, {0x4, 0x1}, {0x2, 0x1}, {}, {}, {0x0, 0x1}, {}, {0x1}, {}, {0x2, 0x1}, {0x5}, {0x4, 0x1}, {0x3}, {0x2}, {0x1, 0x1}, {0x5}, {0x5}, {0x5}, {0x4, 0x1}, {0x1, 0x1}, {0x2, 0x1}, {0x5}, {0x3, 0x1}, {0x5, 0x1}, {0x5, 0x1}, {0x1}, {}, {0x3, 0x1}, {}, {0x2, 0x1}, {0x1, 0x1}, {0x5}, {0x5, 0x1}, {0x4}, {0x5, 0x1}, {0x1, 0x1}, {}, {0x3}, {0x3}, {0x2}, {0x5}, {0x2, 0x1}, {0x4, 0x1}, {0x4, 0x1}, {0x1}, {0x2}, {0x5, 0x1}, {0x5}, {0x4, 0x1}, {0x7}, {}, {0x4, 0x1}, {0x2, 0x1}, {0x5, 0x1}, {0x1}, {0x1, 0x1}, {0x4}, {0x0, 0x1}, {0x3, 0x1}], 0x1}}]}, {0xdb, 0x6, "9991e6f3471f6c5a6c2b2173f7fa26a9ab109102a5aad1337c14216efbd208000095a63759f3e7c400c8d3da757103fe5072d3dc2a2f15b6ef0ecd788fab9af8f851cd2b2a1caa4c732e9bdfbbff3046155ee2230a1e6663fafe0b6f84988b986d3f8075aec8bf8c5c0e7fec5a28f4952717b6b316800af4fc8f144258f2999556a3d7b6a2f3a924fff2e03b31a22c8ad79eafdf6b3c43aa2a88ab8b93efe5f56245eb531aa5b64a51fbd551c92cd5d9dc4b5c851db2ec28c7e0840a731e6f7a4965ee5074bfd818fb01aeb01a982158272b60cfd48a3c"}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x3}}}}]}, @TCA_FW_CLASSID={0x8, 0x1, {0xa, 0xffe6}}, @TCA_FW_MASK={0x8, 0x5, 0x8}, @TCA_FW_ACT={0x590, 0x4, [@m_vlan={0x130, 0xf, 0x0, 0x0, {{0x9, 0x1, 'vlan\x00'}, {0x48, 0x2, 0x0, 0x1, [@TCA_VLAN_PUSH_VLAN_PRIORITY={0x5, 0x6, 0x6}, @TCA_VLAN_PUSH_VLAN_PRIORITY={0x5, 0x6, 0x6}, @TCA_VLAN_PUSH_VLAN_PRIORITY={0x5, 0x6, 0x7}, @TCA_VLAN_PARMS={0x1c, 0x2, {{0x3f, 0x16ad, 0x3, 0x5, 0x3aac}, 0x3}}, @TCA_VLAN_PUSH_VLAN_PRIORITY={0x5, 0x6, 0x4}, @TCA_VLAN_PUSH_VLAN_PROTOCOL={0x6, 0x4, 0x8100}]}, {0xbe, 0x6, "f34c81f82d67156d30863da925d619395559a55982bd236ab4415e3bb511cc2459a687a5cc8db9ddbedaf4b8b0da0b60100e290e97aceb29061f63d8523d0b51dcc18f5ff7ad70afbb2813b835d2a847db3bec32f5b995b152f4056bcd471a9ca8fcfc09af56fcdfdaca422d71dc0385c511c26b7658b3f6f7a85110991c8203cb07618228da2c4ea5235acb94865361356ddb0e3838662bfc312f07431837bcb5358613b7d1ee0d9a1401c5285db2d950425e0c251879522026"}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x2, 0x3}}}}, @m_bpf={0x12c, 0x1b, 0x0, 0x0, {{0x8, 0x1, 'bpf\x00'}, {0x34, 0x2, 0x0, 0x1, [@TCA_ACT_BPF_FD={0x8, 0x5, r5}, @TCA_ACT_BPF_OPS={0x14, 0x4, [{0x2000, 0x5, 0xda, 0x3}, {0x0, 0x7, 0xff, 0xffff}]}, @TCA_ACT_BPF_OPS={0x14, 0x4, [{0xc6, 0x8, 0x7f, 0x26808843}, {0xf7, 0x57, 0x80}]}]}, {0xd4, 0x6, "a8ca3aa8d44d95fe4681e83508661e85105e3f4691352e7b7dad2b175cd5bdf897a4b38d53ef99df6bbc0aff7cc13bfa1d02b3ec4685f5828b64fc91b9172460faced8d6b1bdcf897fe6ed10018173b638b1e6da5b9e15ff8b490281d5ad32f8ebb667fcb32f0803f3d0a6c53f2f1d339df944dcb1883fad13b418b66c59274b022220314eb541a3cc3223e911529b379ae3753d6e30b4f76a5b0917231f0d197c76720578a72b44614b47daa17625c2ae5ec5d4501848c0d977d8313da31af5773393005dfcdce5a132b599725e4688"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x2, 0x1}}}}, @m_nat={0x114, 0x1e, 0x0, 0x0, {{0x8, 0x1, 'nat\x00'}, {0x7c, 0x2, 0x0, 0x1, [@TCA_NAT_PARMS={0x28, 0x1, {{0x3, 0x1, 0x20000000, 0xc81f, 0x8c}, @dev={0xac, 0x14, 0x14, 0x24}, @remote, 0xff000000, 0x1}}, @TCA_NAT_PARMS={0x28, 0x1, {{0x8, 0x80, 0x8, 0xc8c, 0x3}, @multicast2, @multicast1, 0xffffff00}}, @TCA_NAT_PARMS={0x28, 0x1, {{0x9, 0x55, 0xffffffffefffffff, 0x0, 0x3}, @rand_addr=0x64010100, @local, 0xffffffff, 0x1}}]}, {0x73, 0x6, "9d26a77554c8c2a3a831ab1b5ed45635ef076f7d37a891b5aa230b5844a45decd102f43e0d92b586eb0d84454a9657e0115cc4e652c8f0bc68017b4409a2e9c48a6a3afacc4471aaa83f2dc83f8556083dd106b02c0b1beaf2f97df0425e210d04b57083082c608af2b9e3984c463f"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x1, 0x1}}}}, @m_mpls={0x114, 0x8, 0x0, 0x0, {{0x9, 0x1, 'mpls\x00'}, {0x44, 0x2, 0x0, 0x1, [@TCA_MPLS_PARMS={0x1c, 0x2, {{0x81, 0x7fff, 0x3, 0x74, 0x6}, 0x2}}, @TCA_MPLS_LABEL={0x8, 0x5, 0x8dc1c}, @TCA_MPLS_PARMS={0x1c, 0x2, {{0x71, 0x8f9, 0x10000006, 0x8, 0x7}, 0x1}}]}, {0xa6, 0x6, "fd972fdd0b436c7453cf8b9162f58cfbb70df1b8a0a77d2287c1ae5a0f2d5f4b67d7490595ccaead54dc2faeee00bde1845171a0eab9619734ddb8a90c3ed2fa8b3a23123545d538eeff8b9fdd3eea74bd99541f94815e1ada5eee201a45a66f6acab75385aba72751cdc948b7cdce098a1efa84dde6ad262322d7bd85ba4194292be0bcf3db8a0e0e134de142367f7182610aaa56eb5dbe5bf71fdcf542bfca84ff"}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x1}}}}, @m_simple={0x108, 0x11, 0x0, 0x0, {{0xb, 0x1, 'simple\x00'}, {0xac, 0x2, 0x0, 0x1, [@TCA_DEF_DATA={0xa, 0x3, 'minix\x00'}, @TCA_DEF_PARMS={0x18, 0x2, {0x10, 0x0, 0x20000000, 0x8, 0x8}}, @TCA_DEF_DATA={0xa, 0x3, 'minix\x00'}, @TCA_DEF_PARMS={0x18, 0x2, {0xfff, 0x0, 0x10000000, 0x3f, 0x7}}, @TCA_DEF_PARMS={0x18, 0x2, {0x7, 0x7, 0x4, 0xffffffff}}, @TCA_DEF_PARMS={0x18, 0x2, {0x8001, 0x1ff, 0xb, 0x10000, 0x9}}, @TCA_DEF_PARMS={0x18, 0x2, {0x70, 0x10000, 0x6, 0x8001, 0x45f}}, @TCA_DEF_PARMS={0x18, 0x2, {0x6, 0x8, 0x1, 0x4, 0xffffff70}}]}, {0x32, 0x6, "53ffca7b4f5d873f215b46eb74e551b8a230059f5e0abd8145208c3c7b3a2dc0bbe1980a585b7d9333ec1286103c"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x2, 0x2}}}}]}, @TCA_FW_CLASSID={0x8, 0x1, {0xd, 0x1}}]}}, @filter_kind_options=@f_rsvp6={{0xa, 0x1, 'rsvp6\x00'}, {0x1018, 0x2, [@TCA_RSVP_CLASSID={0x8, 0x1, {0xffe0, 0x10}}, @TCA_RSVP_CLASSID={0x8, 0x1, {0xfff3, 0xfff1}}, @TCA_RSVP_ACT={0x3b4, 0x6, [@m_sample={0xe4, 0xa, 0x0, 0x0, {{0xb, 0x1, 'sample\x00'}, {0x24, 0x2, 0x0, 0x1, [@TCA_SAMPLE_RATE={0x8, 0x3, 0x8}, @TCA_SAMPLE_TRUNC_SIZE={0x8, 0x4, 0xc2a}, @TCA_SAMPLE_TRUNC_SIZE={0x8, 0x4, 0x8001}, @TCA_SAMPLE_TRUNC_SIZE={0x8, 0x4, 0x7696}]}, {0x97, 0x6, "6977da606499ea9c7abd165fde9c5e369805cae5d722442c5ee88bd8164d2c810b520fa44e8b71b0372de8b567ee11f196c3d718dab7dbb3281d94531a2314c590120f1b728256121c528b6a598d47fbfdbbaf667ff6436b93011e26baa3b12dec0fd8e0c126e1551289aae0c12629871e52e79763f6ea59ff6872b0269d6c503c31f66cfb97aeca535272ddfcdcaa8b7e04cc"}, {0xc}, {0xc, 0x8, {0x0, 0x3}}}}, @m_gact={0x124, 0x14, 0x0, 0x0, {{0x9, 0x1, 'gact\x00'}, {0x1c, 0x2, 0x0, 0x1, [@TCA_GACT_PARMS={0x18, 0x2, {0xfffffffa, 0x1, 0x5, 0x2, 0x3}}]}, {0xdd, 0x6, "a7cf05a9a80216710b5006faaef3a2ac09c01d165618e674baf1b99a9e89062e4a04c7d1be7bed1943d8637a61263075b08618ea6d043b8d6c017ecb7489120d463d900ffdb04350ca39231f19ffedead40273fb8417292b063ea48410970b8ff570136a65999aa8459eeace323b946e40d529f22a2d89cd6b4811083ef2f0472cf38bc996a3c409320e19029835d2399bed9543e5107fe92a35aa7757f2f1a1453c456e32edd4c601ca1dcec23b831ccce6c5f041879a45014ca69add219c9d0f4887e71152bd45724f0861c8e1468a6bf8bf93f0b9815f38"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x3}}}}, @m_simple={0xfc, 0x15, 0x0, 0x0, {{0xb, 0x1, 'simple\x00'}, {0x40, 0x2, 0x0, 0x1, [@TCA_DEF_PARMS={0x18, 0x2, {0x1095, 0x1f, 0x1, 0x824, 0xe4f2}}, @TCA_DEF_DATA={0x22, 0x3, './trusted{%mime_type!vboxnet1\x00'}]}, {0x93, 0x6, "3e574ac9bea9da3a2a8fd61fcf0b18fe2ff57e5cb6364d27279ff96d4a74ceff83362203b54aadce99cb06459f0fc94d72b52b53d4e91f8c1f71537e022f18221474405ff6cf698747c4cf5ec5ad1d9ceb321248cafd917a07b732574b61e1b444e7e3545587274f827f1987962b6f38cb06d9026bcc5581d2c9891e2068a937341258fbf9e923ee0acda8bee056f7"}, {0xc}, {0xc, 0x8, {0x3}}}}, @m_csum={0xac, 0x6, 0x0, 0x0, {{0x9, 0x1, 'csum\x00'}, {0x3c, 0x2, 0x0, 0x1, [@TCA_CSUM_PARMS={0x1c, 0x1, {{0x5, 0x0, 0x5, 0x1, 0x9}, 0x3f}}, @TCA_CSUM_PARMS={0x1c, 0x1, {{0x0, 0x1, 0x6, 0x8, 0x800}, 0x10}}]}, {0x45, 0x6, "ff8db8fea480efd30149a850c46c9d7ce6344ff3362523ff73e9e738f755bf535671a3c03e09efbc18c60e867d1670dd444a521f300d1305dbdfb6aa1e49733299"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x1, 0x1}}}}]}, @TCA_RSVP_POLICE={0xc48, 0x5, [@TCA_POLICE_PEAKRATE64={0xc, 0x9, 0x68}, @TCA_POLICE_RESULT={0x8, 0x5, 0x8}, @TCA_POLICE_RATE64={0xc, 0x8, 0x2}, @TCA_POLICE_RESULT={0x8, 0x5, 0x2}, @TCA_POLICE_PEAKRATE={0x404, 0x3, [0x400, 0x1, 0x800, 0x40, 0x5, 0x8, 0x8, 0x2, 0xffffff0b, 0x3, 0x2, 0x4, 0x4, 0x6, 0x2, 0x6, 0x8, 0x0, 0xfd, 0x7ff, 0x5, 0x9, 0x2, 0x3, 0x4, 0x2, 0x7, 0x2, 0x6, 0x0, 0x4, 0x9, 0xb5, 0x6, 0x400, 0x7, 0x2, 0x5, 0x1, 0x9f, 0x5, 0x8, 0x80, 0x9d, 0x1, 0x7c0000, 0x7, 0xffff8001, 0x400, 0x2, 0x0, 0x800, 0x9, 0x372, 0x100, 0x5, 0x6, 0x81, 0x3, 0x9, 0x7ff, 0x9, 0x7ff, 0x5, 0x2, 0xfffffbff, 0x10001, 0x8000, 0x6, 0x80, 0x7, 0x7ff, 0x7, 0x3, 0x1, 0x101, 0x4, 0xff, 0x1000, 0x7ff, 0x81, 0x8000, 0x3, 0x3ff, 0x5, 0x10001, 0x4, 0xfff, 0x7, 0x0, 0x8, 0x5, 0xffffffff, 0x3, 0x9, 0x7, 0x9e6, 0x10000, 0x4, 0x1, 0x5, 0x81, 0x2d, 0x8945, 0xe1, 0xa7c1, 0xe9, 0x2, 0x5, 0x13, 0x6, 0x7f, 0xfffffffb, 0x4, 0x4, 0x10000, 0x100, 0x2, 0x7fff, 0x8, 0x0, 0xf9, 0x4, 0x0, 0x9, 0x8, 0x7, 0x0, 0x81, 0xdd5c, 0x2888, 0x0, 0x8, 0x80, 0x7, 0x400, 0x2, 0x8, 0x8, 0xc0, 0x5, 0x4, 0x6, 0x2, 0x8, 0xffff, 0x80000001, 0x8, 0x7, 0x7fffffff, 0x8, 0x3, 0x4, 0x3f, 0x7f, 0x4, 0x0, 0x4, 0x9, 0xfffffffe, 0x237, 0x2, 0xfffffffd, 0x6, 0x10001, 0x80000001, 0x7, 0x8, 0x80000001, 0x8, 0x7ff, 0x8f, 0x3f, 0x6, 0x55, 0x40, 0x401, 0xe51, 0x5, 0xfc8f, 0x7, 0x0, 0xee7, 0x5, 0xc0000, 0xfff, 0x4, 0x8, 0x7fff, 0x80000000, 0x8, 0x9, 0x20, 0x9, 0x8, 0x7, 0x0, 0x9, 0x7, 0x2ad, 0x6, 0xcb, 0x80000001, 0x9, 0x0, 0x3, 0x7, 0x7, 0x7, 0x7, 0x10000, 0x4, 0x101, 0x176, 0x3ff, 0x3, 0x400, 0x7, 0x331a, 0xfffffff7, 0x8, 0xfffffff7, 0x4, 0x4, 0xa, 0x1f, 0x6, 0x9, 0x80000000, 0x101, 0x8, 0x6, 0x4, 0x1398514d, 0x3ff, 0x49, 0x3, 0x0, 0x8, 0x5f, 0x2, 0x3, 0xff, 0xffffffff, 0x9, 0x1, 0x9, 0x87d, 0x6, 0x7f, 0xe2b, 0xff, 0x20, 0x1, 0x8, 0xfffffffe]}, @TCA_POLICE_AVRATE={0x8, 0x4, 0x3f}, @TCA_POLICE_AVRATE={0x8, 0x4, 0x1000}, @TCA_POLICE_PEAKRATE={0x404, 0x3, [0x43aaf274, 0x2, 0x6, 0x968a, 0xff, 0xfffffff9, 0x8d9, 0x3, 0x2, 0x6, 0x5, 0x9, 0x7ff, 0x0, 0x8001, 0x6, 0x5, 0x0, 0xfffffff9, 0x3, 0x2, 0x8, 0x401, 0x2, 0x0, 0x1, 0x2, 0x3e0, 0x1, 0x2, 0x0, 0x80000000, 0xe00, 0x7f, 0x5, 0x8, 0x0, 0x7, 0x4, 0x0, 0x1ffc00, 0x7fff, 0x0, 0x83, 0x81, 0x7, 0x4, 0x2, 0x8001, 0x0, 0x200, 0x4, 0x7f, 0x1, 0x4, 0xc93, 0x8, 0x2, 0x3ff, 0x2, 0x1, 0x4, 0x10000, 0x80, 0x9, 0x4dd8, 0x81, 0x10000, 0x0, 0x8, 0x2, 0x8, 0x1, 0x4, 0x0, 0x5, 0x7f, 0x1, 0x20, 0xbfe, 0x100, 0x8000, 0x3, 0x3c71, 0x6, 0x0, 0x4, 0x9, 0xff, 0x3, 0x0, 0x5, 0x10000, 0x3, 0x6, 0xda86, 0x1, 0x3, 0x1, 0x2, 0x81, 0x4, 0x20, 0xbf46, 0x2, 0x400, 0x0, 0x8, 0x2, 0x2, 0x7, 0x6, 0x9, 0x2, 0x1, 0xff, 0x9, 0x8001, 0x101, 0xfffffe00, 0xa13, 0x9, 0x1000, 0x5, 0x2, 0x5, 0x0, 0xc5, 0x1f, 0x9, 0x1, 0x2, 0x800, 0xff, 0x0, 0xffff, 0x273, 0x0, 0x8001, 0xfffffff9, 0xfffffffa, 0x5, 0xfffffffc, 0x3, 0x3, 0x0, 0x5, 0x468, 0x1000, 0x828, 0x22, 0x101, 0x3, 0x0, 0xfffffffc, 0x1, 0x7, 0x7fffffff, 0x10000, 0x0, 0xe1, 0xbb, 0x6, 0x38, 0x4, 0x3, 0x54, 0x7, 0x8, 0x44, 0x3, 0x8, 0x5a, 0x80000001, 0x5, 0x1cdb5ec2, 0x8, 0x2, 0x401, 0x1, 0x731, 0x8000, 0x2, 0xf28, 0x100, 0xc5bd, 0x1, 0xea, 0x400, 0x10001, 0x7c8, 0x8, 0x7b2, 0x31e1, 0x3, 0x0, 0x8, 0x1, 0x112, 0x401, 0x3, 0x7, 0x3, 0x7ff, 0x1f, 0x1, 0x1, 0x4, 0x1, 0x400, 0x6, 0xcd, 0xfffffffa, 0x7, 0x9, 0x1, 0x800, 0x6, 0x3, 0x9, 0x0, 0x892, 0xfffffffd, 0x9, 0x4, 0x1, 0x8, 0x8, 0x8001, 0x7fffffff, 0x7ff, 0x5a, 0xffff, 0x1dea, 0x3, 0x6, 0x1, 0x7f, 0xe9, 0x7, 0x7, 0x6, 0x20, 0x3, 0x7, 0x80000000, 0x380, 0x4, 0x2, 0xffffffff, 0x8, 0x2, 0x81, 0x5, 0x2, 0x7f]}, @TCA_POLICE_RATE={0x404, 0x2, [0x469, 0x1000, 0x2, 0xcb, 0x7, 0xbc, 0x6, 0x2, 0x15c2, 0x2, 0x7ff, 0x10000, 0x0, 0x218d71c4, 0x6, 0x8000, 0xfff, 0x30000000, 0x1ff, 0x4, 0xbee, 0x10000, 0x7fff, 0x0, 0x7, 0x2, 0x6, 0xfffff000, 0x5, 0x1f, 0xdc74, 0x9, 0x470, 0x1, 0x1, 0x7, 0x5, 0xfffffff8, 0x400, 0x6, 0x3, 0x4, 0x0, 0x80000001, 0x0, 0x1, 0x80000001, 0x1, 0xc21c, 0x7fffffff, 0x400, 0x100, 0x8, 0x101, 0xffffffdf, 0x6, 0xcbb, 0x401, 0x0, 0x7fff, 0x3ff, 0x8, 0xff, 0x1, 0x8000, 0x4, 0x8001, 0xfff, 0x400, 0x5, 0x400, 0x98, 0x0, 0x1000, 0x8, 0x3, 0x8, 0xa41, 0x5, 0x6ec, 0x5, 0x7, 0xa63, 0x3, 0x80000000, 0xe31, 0x9, 0x8, 0x523a, 0x2, 0x8001, 0x2, 0x6, 0x8, 0x5, 0x7ab, 0x5, 0x5, 0x2, 0x5, 0x3, 0x40, 0x2, 0x1, 0x4, 0x100, 0x3, 0x7, 0x1, 0x2, 0x8, 0x6, 0x3, 0x2c99, 0x2, 0x81, 0x5, 0xd6, 0x9, 0x200, 0x0, 0x9, 0x3, 0x40, 0xfc5c, 0x9c, 0x8001, 0xc98d, 0x1, 0x401, 0x7fffffff, 0x7, 0x7, 0x10001, 0x800, 0x64e, 0xb9, 0x1556, 0x80000000, 0x6, 0xd5f5, 0x6, 0x19, 0x1, 0xc8d, 0x9, 0x0, 0x3f, 0x8, 0x2, 0xe9, 0x5, 0x4, 0x1d2, 0x2, 0x7ff, 0xffff, 0xffffffd3, 0x4, 0x7, 0x1000, 0x4, 0x8, 0x8001, 0xffff, 0x3f, 0x1, 0xff, 0x7fffffff, 0xa, 0x80, 0x3, 0x7b6e, 0x8001, 0x0, 0x4, 0x8, 0x7, 0x0, 0x40, 0x5, 0x9, 0x7, 0x10, 0xc1d, 0x3, 0x7ff, 0x1, 0x1, 0x800, 0x6, 0x80, 0x81, 0x2, 0x81, 0x0, 0x6, 0xffffff80, 0x80000000, 0xd53, 0x4, 0x6, 0x1, 0xf16, 0x401, 0x3f, 0x3, 0x4, 0x5, 0x7fff, 0x7, 0x2, 0x4, 0x4, 0x208, 0x7, 0x3, 0xfffffffb, 0x4a, 0x5, 0xc00, 0xfffffeff, 0x73, 0xb7b3, 0x8e, 0x3, 0x5, 0x100, 0x6, 0x3, 0x2, 0xfffff800, 0x2, 0x8, 0x5, 0xfffffffc, 0xff, 0x2, 0xb578, 0xffffffff, 0x9, 0x1, 0xfffffbff, 0x2, 0x100, 0x7fff, 0x9, 0xa000, 0x8, 0x1, 0x80, 0x3, 0x7fff, 0xfff, 0x6, 0x8]}]}, @TCA_RSVP_CLASSID={0x8, 0x1, {0xf, 0x2}}]}}]}, 0x65b4}, 0x1, 0x0, 0x0, 0x804}, 0x40) r7 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) ioctl$sock_kcm_SIOCKCMCLONE(r5, 0x89e2, &(0x7f00000002c0)) write$binfmt_elf64(r7, &(0x7f0000000ec0)=ANY=[], 0x471) sendfile(r7, r7, &(0x7f0000000480), 0xa198) 18:41:18 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) mount$fuseblk(&(0x7f0000000080)='/dev/loop0\x00', 0x0, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000000b000/0x18000)=nil, &(0x7f00000008c0)=[@text32={0x20, &(0x7f00000000c0)="b805000000b9510000000f01c10f46a78900000066ba2100b067ee66ba4100edb9800000c00f3266ba400066ed0f30c4c271de9d0000000066b808008ed0660f38806f000f011c2666b8bf008ee0", 0x4e}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)) r3 = inotify_init() r4 = inotify_init() r5 = dup3(r3, r4, 0x0) ioctl$sock_inet_udp_SIOCINQ(r5, 0x541b, &(0x7f0000000040)) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4cb]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 2571.810183] Bluetooth: hci5: Frame reassembly failed (-84) [ 2571.817970] Bluetooth: hci5: Frame reassembly failed (-84) [ 2571.898396] audit: type=1800 audit(1590777678.740:1086): pid=29531 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="collect_data" cause="failed(directio)" comm="syz-executor.0" name="file0" dev="sda1" ino=16203 res=0 18:41:18 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCXONC(r0, 0x540a, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$tipc(&(0x7f0000000080)='TIPC\x00') sendmsg$TIPC_CMD_RESET_LINK_STATS(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)={0x30, r2, 0x1, 0x0, 0x0, {{}, {0x0, 0xb}, {0x14, 0x14, 'broadcast-link\x00'}}}, 0x30}}, 0x0) sendmsg$TIPC_CMD_GET_BEARER_NAMES(r0, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x1c, r2, 0x400, 0x70bd2a, 0x25dfdbfe, {}, ["", "", "", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x44001}, 0x20004040) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) ioctl$TIOCVHANGUP(r0, 0x5437, 0x0) 18:41:18 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) mount$fuseblk(&(0x7f0000000080)='/dev/loop0\x00', 0x0, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000000b000/0x18000)=nil, &(0x7f00000008c0)=[@text32={0x20, &(0x7f00000000c0)="b805000000b9510000000f01c10f46a78900000066ba2100b067ee66ba4100edb9800000c00f3266ba400066ed0f30c4c271de9d0000000066b808008ed0660f38806f000f011c2666b8bf008ee0", 0x4e}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)) r3 = inotify_init() r4 = inotify_init() r5 = dup3(r3, r4, 0x0) ioctl$sock_inet_udp_SIOCINQ(r5, 0x541b, &(0x7f0000000040)) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4cb]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 2571.943348] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 2571.945966] audit: type=1804 audit(1590777678.740:1087): pid=29531 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="open_writers" comm="syz-executor.0" name="/root/syzkaller-testdir477172077/syzkaller.GVGvUQ/715/file0" dev="sda1" ino=16203 res=1 18:41:18 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) mount$fuseblk(&(0x7f0000000080)='/dev/loop0\x00', 0x0, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000000b000/0x18000)=nil, &(0x7f00000008c0)=[@text32={0x20, &(0x7f00000000c0)="b805000000b9510000000f01c10f46a78900000066ba2100b067ee66ba4100edb9800000c00f3266ba400066ed0f30c4c271de9d0000000066b808008ed0660f38806f000f011c2666b8bf008ee0", 0x4e}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)) r3 = inotify_init() r4 = inotify_init() r5 = dup3(r3, r4, 0x0) ioctl$sock_inet_udp_SIOCINQ(r5, 0x541b, &(0x7f0000000040)) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4cb]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 2572.141721] audit: type=1804 audit(1590777678.980:1088): pid=29537 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="ToMToU" comm="syz-executor.0" name="/root/syzkaller-testdir477172077/syzkaller.GVGvUQ/715/file0" dev="loop0" ino=1 res=1 18:41:19 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) open(&(0x7f00000000c0)='./file0\x00', 0x40c2, 0x0) open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x200000000, 0x2, &(0x7f00000001c0)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r1 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) write$binfmt_elf64(r1, &(0x7f0000000ec0)=ANY=[], 0x471) sendfile(r1, r1, &(0x7f0000000480), 0xa198) r2 = accept4(0xffffffffffffffff, &(0x7f0000000200)=@rc, &(0x7f0000000000)=0x80, 0x80000) r3 = syz_genetlink_get_family_id$tipc(&(0x7f0000000180)='TIPC\x00') sendmsg$TIPC_CMD_GET_LINKS(r2, &(0x7f0000000300)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x24, r3, 0x800, 0x70bd28, 0x25dfdbfd, {{}, {}, {0x8, 0x11, 0x3}}, ["", "", "", ""]}, 0x24}, 0x1, 0x0, 0x0, 0x24040000}, 0x81) 18:41:19 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) mount$fuseblk(&(0x7f0000000080)='/dev/loop0\x00', 0x0, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000000b000/0x18000)=nil, &(0x7f00000008c0)=[@text32={0x20, &(0x7f00000000c0)="b805000000b9510000000f01c10f46a78900000066ba2100b067ee66ba4100edb9800000c00f3266ba400066ed0f30c4c271de9d0000000066b808008ed0660f38806f000f011c2666b8bf008ee0", 0x4e}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)) r3 = inotify_init() r4 = inotify_init() r5 = dup3(r3, r4, 0x0) ioctl$sock_inet_udp_SIOCINQ(r5, 0x541b, &(0x7f0000000040)) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 2572.262929] minix_free_inode: bit 1 already cleared [ 2572.334943] audit: type=1800 audit(1590777679.170:1089): pid=29568 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="collect_data" cause="failed(directio)" comm="syz-executor.0" name="file0" dev="sda1" ino=16236 res=0 [ 2572.339774] MINIX-fs: mounting unchecked file system, running fsck is recommended 18:41:19 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) mount$fuseblk(&(0x7f0000000080)='/dev/loop0\x00', 0x0, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000000b000/0x18000)=nil, &(0x7f00000008c0)=[@text32={0x20, &(0x7f00000000c0)="b805000000b9510000000f01c10f46a78900000066ba2100b067ee66ba4100edb9800000c00f3266ba400066ed0f30c4c271de9d0000000066b808008ed0660f38806f000f011c2666b8bf008ee0", 0x4e}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)) r3 = inotify_init() r4 = inotify_init() r5 = dup3(r3, r4, 0x0) ioctl$sock_inet_udp_SIOCINQ(r5, 0x541b, &(0x7f0000000040)) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 2572.382508] audit: type=1804 audit(1590777679.170:1090): pid=29568 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="open_writers" comm="syz-executor.0" name="/root/syzkaller-testdir477172077/syzkaller.GVGvUQ/716/file0" dev="sda1" ino=16236 res=1 [ 2572.537004] minix_free_inode: bit 1 already cleared [ 2572.655726] Bluetooth: hci3 command 0x1003 tx timeout [ 2572.661287] Bluetooth: hci3 sending frame failed (-49) [ 2573.375632] Bluetooth: hci4 command 0x1003 tx timeout [ 2573.381052] Bluetooth: hci4 sending frame failed (-49) [ 2573.855872] Bluetooth: hci5 command 0x1003 tx timeout [ 2573.861222] Bluetooth: hci5 sending frame failed (-49) [ 2574.095549] Bluetooth: hci6 command 0x1003 tx timeout [ 2574.100937] Bluetooth: hci6 sending frame failed (-49) [ 2574.735603] Bluetooth: hci3 command 0x1001 tx timeout [ 2574.740943] Bluetooth: hci3 sending frame failed (-49) [ 2574.905566] Bluetooth: hci7 command 0x1003 tx timeout [ 2574.910980] Bluetooth: hci7 sending frame failed (-49) [ 2575.455575] Bluetooth: hci4 command 0x1001 tx timeout [ 2575.461031] Bluetooth: hci4 sending frame failed (-49) [ 2575.935759] Bluetooth: hci5 command 0x1001 tx timeout [ 2575.941103] Bluetooth: hci5 sending frame failed (-49) [ 2576.175490] Bluetooth: hci6 command 0x1001 tx timeout [ 2576.180809] Bluetooth: hci6 sending frame failed (-49) [ 2576.815469] Bluetooth: hci3 command 0x1009 tx timeout [ 2576.975439] Bluetooth: hci7 command 0x1001 tx timeout [ 2576.980764] Bluetooth: hci7 sending frame failed (-49) [ 2577.535360] Bluetooth: hci4 command 0x1009 tx timeout [ 2578.025591] Bluetooth: hci5 command 0x1009 tx timeout [ 2578.255303] Bluetooth: hci6 command 0x1009 tx timeout [ 2579.055225] Bluetooth: hci7 command 0x1009 tx timeout 18:41:27 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = open(&(0x7f00000000c0)='./file0\x00', 0x40c2, 0x0) r2 = socket(0x200000000000011, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000080)={'sit0\x00', 0x0}) bind$packet(r2, &(0x7f0000000200)={0x11, 0x0, r3, 0x1, 0x0, 0x6, @local}, 0x14) sendmmsg(r2, &(0x7f0000000d00), 0x400004e, 0x0) ioctl$sock_bt_bnep_BNEPCONNADD(r2, 0x400442c8, &(0x7f0000000980)={r1, 0xb8a7, 0x8, "4e6ef2f01c0b48d6d3719ffab27feed033a9a4c19c7a36fe79603a096f463c4ce449107a6a1c5a191dd519126db566511bd41a2e829d0fe80c21e507229e29b9867d9b728c8dfb011047777f3d16a35e164cd853be90916c47339e9d56c27ac6833dc3bb99c12772188b303b31fcab717b83e849e36a0fd404cecf8270b750f6ecc4a8e3cb3ca7c02093e9bd00557f273c2076a6f827fb67da87e3093d98718bfee0bfe1a5b716b00146c38cd69c603f723c0c649bcae991bf43a56b0f607b016b97e6c715d58cc82206fdef810883e68183e17a4e04c38879c31fcc3d5547894b991b9935e513ce9d1c94766ea5b909b06a9beda68993fff0369a17963e1998f3e3efdf1a4ce92d5c41481ad79c9659fa1707f6dfcfb3d900a74455d8eac82fdcf827045b3ae0552f667d57a1d30a8687602e69ab9bcca5f1b69abd34e70d5edd20dc59f3d865d972f53930c609d2d7aaf91666ad1317cc783da9a7f6ddb543fb7f78e28dcd4e1ddb09bee421a9d22683757df92d99e14215297a5d62c06a74cb80eae2060728bb733f00c90b55a4e5a455ff40b92083e14813e058d4ef79bad42d262cff4302dffdd58f81cb39b2a36864b268f5749239b4edf13523803f686f217a5fa2e1b510b251c68f9b37f3ad785e8cab69b365b904484f7f4b41db0d9de7a33d7cd65f455969efb60a91ca90accac41c8ba6b538e60953360153f3054d63d8920221fec6d1c83a4d0177de2fb8bd434c578dfe6539dc3306120e6339a6678ca69d43ba262554709c9a171ba356c528e3f45abf6b9fee167a532a485aba0f0fac9ffdaa3409d53f046f7e8fd551696e928eacaab148d1986ac8c86021469dea3371f6eaea3e18385b26e5ade9eca041145dc4ccc77e16122d2b5ef6b76f93efe81687b3fe182f3ce712c8128548e5ae6c8015f034dd58462268340e2a6240c78ccdb5229328bf921e6f784e9006ad80e4bc91af4a139b72e54445ff35e12b1f4b2a1ce6aac4e4292231cef2baec586b5dcab1b6badf82d43747eb2ddf72214258e71073864cee064fd4cb69172e148e9b65783d39cd3c722d4f7c1dc8716bac6ad3a256b67fa99629d3629266425ac8735debb2bd09763349ae7c784ac79f855822e456216b36cbb50e95f5e5bd88e2daaa60cb34e94521adf2e2a1673d725e5ec907285c883365841f0d33f8c456fcb53533fd9b6aa4edd643881783b9404989de78d906f290ec70075e215b384e93c90324cfea92836d1046ef158ae114a59c4e3e19fb2dfb6eb40136e47d179efd9b83e22da5b5b2ec70cf2027f0a5253fa244e5ef632a17890c2c3a0cb82478a6759fe4829bd1d26789fb24bb490f7e900db20baf8b54d180948e176b83aa5f254ce40c5efcd43e428be39c43bd3bd63b7165f26d2af9df4cdf8cecd0d2347261fb796bf2bc992d47da3f4e863d4554418edf68583b0f5cbe3e67011f852c23d4a1df65db0ba370debaaa12cb0288bcb96a5512fb650fd006cf81a22af1a9534aee0b889d5a69bab517f6eaa393cd60c55fb10aa6259dd9fc2c3fbd724d31028fe9047e400e66db6967d81313805c9ce8ffd734f9ce63a5f1ee4d22b8cf41fc8da017dddd12e32597ff7e6a98c8c3c4f4310cbd4bf53f0320082862926c500af799f70daab8ea4376c1de49919f8d264b9d982e17367af5b75bef5ff5785914b7cd4eef963734c28151d58d5c52560eab176b89cfc0b3092e8e6ea90ea8ea5093eed17ed22da166feacf385cedb179a473bd4980b762c10265554f6218ca3e942bb8756274a824002b4149b163312fcfe2fb19cfe1b7b2b4bb6538dde8cebc539fd1f8fb36bd782420284673700b14c6ffebdc6109fefcc9210899ccdb75af31a841b0cccdae7e3074dbbaf819d13ebac32ff7f0eea496f0a89e26001d1a75bfc2bd7ef43736210074ba85d85e4b9dd6c628c5b34bfb8fd053cca6a7955da241045ea8af1034597eea06bc66c7f6ec655b0856dfe4949aedaa594744f5550a59f9f91d8f2353a60b112eac9c9d0dfae68c1a11f6a32ec4fc896cf114255f589dc80d096c981da68cbfbe406e3aeb9a29d964627f688c8213388aff7e894a1e9d7af3c3b746243211a747d8434efbc8fede12ceb7aff290f1bffe2d802e6791435cb1e013dc0291880f6757be6c7b1e38b87a076b951610c4d2eef20543aabb9729e143337d0ede2b446db0ed7ee0b7cd3eb08cf1a073c5716d119efeae260d699540b1cc2e4de325875accc5a088d96657f768836c5ba33c394398c81b61074e7269df13ba717904a4ad8699e4725e8eadb932f2a53d0204e6f4dc7e2b2088d7f4bc86766d82f96b7af4f956d0212948f6558e6f001d34b676f4296b815d3b9b5613823c86804fec5d19037071cb6160451a938fe900f368cf1cf5d17fbd26e986c3fe12ed00e55b7a0a9e3929ff2dd88b4b5ca642d26cc56191d9dd624ab4743b574233ad9ae5f20b1f348bfab59951ae46d8730b365632942d710f084f9b428e4eed6a46443a0d1fa4973778f0dc4b2cef93538b8b6e07470556bf33fdc69b1d97737aeee13e35d22bc4b73aa4957d0de28e4f4ebd91b7023efe9b6c13e9e6aa569dbfcbc6e3b030a56e8cb017ca8126dec1693eef40588ac6bcd59fef2d051ecd59dd3b905bce8d73050bf94b30fa498c29c0db7d363479dd7b6f5890d5fe6096a469b01d51223d2d684c894ff788c3c11d80756a5c2a6404c1d4cc8f52c19ab7224c1d8e4db98221fc334cb0080ecb4e0460d11d80e88a8319209ae78b341dc40edab60a01682344e5541d1d93ed124c874a1e6cd1392810b23386dc40223733fa7cdaac4156cc2e08a1d45eb00f7c822736d83878805b525429e1051f834acbd5fbc6a131676130ca0e0cf326175ca04590990b40c36a10c8bc96c19e9458264c3b6132082dc5976381aade27900f7016dc0770f466b0d19a4e0159420060d199d46380cf490eda724d973502c809691e3db26cc893ae6e258ce4516b273306f29d6bc0775fbfd2751950be17e58f2628eee34c552ead8f8858b6b4d25aeb8ccfa6cfa9a87aa22abafa40106e04aefd8854dd859ece33dc2c066286a98cd9759d3bde588fd37520da726da5e5aab8f34a8ea7b0ba770d2afa07a4440e8a68aa61cee25a222586011cfd92f97628ed50c6a407b81ee86cffc30084a5f58899a8c2e4cd07d85c3e21679254a0253687b592fa8a0f52b85ae58989ff1fea06130ebeadc71824d5a96ed2d5f54275649dee4bbefcba1a0074671249cb23ecbceb5ac332917e56bade0849e2abb49a29efb4cc9f0dde0769bf9f64c5dc5f5252e751b3c466ed730f85f55d95039aaaf0573944950ab9b353767fe97a8d22879116f6d35481ec69d84835a59e8dc0ac8806d65a8e28d9d7be550691b9171749257cf2a117d02172275a6236c30d4c31e04d69cc0e646160aaa990c6270e3a07086b4cad541bc135cf63a258dc2e3d07d06b9adecc2b2eb10a9a32066a518abaf46812d0761ef37f47fa0226e342d53e4806926b3d3c188e9bf30170759e68e7d6cf91ca76c158da5c05c54c5c407c2ec949b739385f29224c60f0063411b761bfeda9f1b078c7c8e4ea4728c63a071eb554277f9fcb47f0bf68b28f6dcd80769328acb901c8fe223d4559cb3f575f10fef97294d1af72a78edb903bd0ceebd6d15dda21a73b4f34c387b83139148c6ecee51e888bfcef7dde61ea2f3e9a232df5bc2d351b464c212494308de67db349e4416c877c5fd2bfc3f900f23c501c5504be4301cbb020f79d55c8983c873eb7589593cea888c49832f8e4b0481c4f5ca2b1d74e3f8f23aa6f851bee5d6c11020071798a5fc0d464d43d892f4d2d99544ad76e384a9c927e60ed0f5b671869604a2a90f1c3c264222cc7825adda8253029d4c6493ae6d48320b6adfbc095fc7d96c457f6a7fc50171e2821dbaed2fa09083ee6f30790eefca76d3b6263e9f7522ab338289961334ec61fd44ecd1a3881875fb5f651f9ed6d86c075b0125733a963e3ef50b0b9d7d68f3d186a5fd55cd7ba97bc6761d987dee5a033229080f4226e86f0c4abb69e078fb9113230490e8281dda3cc5f9421c5173d34b014811f87cbd407dc21d5504c959bb68a591a5a60353f04af18eab69d8dcc32e3ade0fa3644b98ad21fa9b78aa73cba8e649be991aeaa49583595fbd42e284679c3d2c73fa3ebf67c48e9428720ef6e966b8fe3b218f754ce1c4c2abcad19d317bd0dca115b2131ec51146450d3778ec8727e619eed3ccbb8c1f5348b7c9f0e455829da057d93a0d4ad9c478f3cc17cd4f9fa9d04d8d371bc0269222f7ab0810df9ebeaca74931da31e2641f996e973a5c3fea4fbca3d83ae379ce07b48c836c791a258809829baf3326a8879508830fb5e7b4f1a7905ae6612099423ec547964badc04162161d0f4b68b0bc43fd5a6773447e2a4100888a14d737f82f1c6d1d77c3767b3d6b94d43879794d12dd9bca27d9507a2a0688d09952ff79d91ff66e5d1a82b5969a7d3d64e9b9235691e0813b299c7db941edb221d6ede8b126f6df3a2e10ab876bd32d5552513da4608478513e700bcfbc11111b2950a672b617d55141ec9d7f3857ec12deefbfea5ae0c1f77d962cedf9e330dac821c01a69c1fcb5fa135ba34810b7431968d7784614f4661a7768cb754d1d053d146b71458afda311b0cad76526dc17ce6ce066cf3efde2b833035a1d2db683fb0a4b2e6a634dabe2d6eef166b3f5760abcf0d32cb23146fb6e272556e62f5da06fdb9300e7401815ae8d5eec0fc46627220b25c0e202847a4e50c450854d8859587b3316b481a613baa1d674821221270b23592c615aef1b4c8ff039caf9f3d64f51ba19389def9b14e7b969fc94db37d0686caaa69b6cb3e8fd5f1260f45bfc66a77e5ac40a894a6bc265284e376d8ab666e4423a19e3ca1739c862a79826986ea3b077ac86c16236ecc90f39d42e712d1a002d1ebc66f7e8f0f06f82497bbd48c79cae891aa00720fb7885a7042b7641cb33e612a74673942d4648de9410a3d7aab9fcaeb131928e71a68bdc12ab9965877a682ff1b5a24cd15a4db207a1d97936b10301bacebf5a49b56e3cf3c8ca411783a656ea7592fcc5c1be214014ca5273bac41008b3e49cc60060633109221963a7abcd37dfc2e5fc1a9507d0ebf94a19b62ed0c2a04327f59af62bb730ec79f1e9ca5010c090637744afae668bf02ebfb0dd99db7514a355118ce8fd209b5de4593e29ee84a38cbb77144f5eb4757a0e2eb340f1492cf44a147c21ac5d0bb8aaa5d8c2374f0775acc3eeb3620ea482e6835260b1dd5a4655a45c36e0129fe680804c42d36011dd61f351dfd3272deb073af69c7cd6e9ad7e8a6eade63335e09f597d2fc4433d84da3c6537c8da185ff2f22ac54cd5561e1c991a7534e662e07b0b3e7500efa29d5d2eb89cf83bfc40d83d923d8032a23fcc0ab139c4e69098649192c5f83764ec4742999f17bbe98a5c8144a30be588ee9f0dd275655a7ca1cabacfb877232b4c683c4d7d686e1e8e8aa832a87148908dbd6141721f9e58d9b0e9f52bb37ad3468213c8adaeb33a38a75b4d18fcf3977e55def7a4257047e102ec630fdfd7e43bc9abf8bb459e9076f0e5417e42033331eaa886d9b585d6809fcf10b6c56c977db89b9acaaa05b587ecc0595a684b0aa84b214600d5891ac8dc13e4ad4fcc29e9368e6f562ab661f1a09ab9e9326e74f896caefe5bb0af79657b1e092082fbfe70c91eb6308e39add5ff91d87b80faf00"}) open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x200000000, 0x2, &(0x7f00000001c0)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r4 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) write$binfmt_elf64(r4, &(0x7f0000000ec0)=ANY=[], 0x471) sendfile(r4, r4, &(0x7f0000000480), 0xa198) [ 2580.778463] kauditd_printk_skb: 1 callbacks suppressed [ 2580.778472] audit: type=1800 audit(1590777687.621:1092): pid=29597 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="collect_data" cause="failed(directio)" comm="syz-executor.0" name="file0" dev="sda1" ino=15847 res=0 [ 2580.879917] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 2580.883809] audit: type=1804 audit(1590777687.721:1093): pid=29597 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="open_writers" comm="syz-executor.0" name="/root/syzkaller-testdir477172077/syzkaller.GVGvUQ/717/file0" dev="sda1" ino=15847 res=1 [ 2580.997355] audit: type=1804 audit(1590777687.841:1094): pid=29601 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="ToMToU" comm="syz-executor.0" name="/root/syzkaller-testdir477172077/syzkaller.GVGvUQ/717/file0" dev="loop0" ino=1 res=1 [ 2581.115961] minix_free_inode: bit 1 already cleared 18:41:28 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCXONC(r0, 0x540a, 0x0) r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ttyS3\x00', 0x105100, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000080)=0x16) ioctl$KDADDIO(r0, 0x400455c8, 0x0) r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000040)=0xf) chdir(&(0x7f0000000000)='./file0\x00') ioctl$KDADDIO(r2, 0x400455c8, 0x1) ioctl$TIOCSETD(r2, 0x5412, &(0x7f0000000040)) ioctl$TIOCVHANGUP(r0, 0x5437, 0x0) 18:41:28 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) mount$fuseblk(&(0x7f0000000080)='/dev/loop0\x00', 0x0, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000000b000/0x18000)=nil, &(0x7f00000008c0)=[@text32={0x20, &(0x7f00000000c0)="b805000000b9510000000f01c10f46a78900000066ba2100b067ee66ba4100edb9800000c00f3266ba400066ed0f30c4c271de9d0000000066b808008ed0660f38806f000f011c2666b8bf008ee0", 0x4e}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)) r3 = inotify_init() r4 = inotify_init() r5 = dup3(r3, r4, 0x0) ioctl$sock_inet_udp_SIOCINQ(r5, 0x541b, &(0x7f0000000040)) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 18:41:28 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) r1 = syz_open_dev$vcsa(&(0x7f00000000c0)='/dev/vcsa#\x00', 0xfffffffffffffffd, 0x200802) r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r1, 0x400455c8, 0x1) ioctl$TIOCSETD(r2, 0x5412, &(0x7f0000000040)) ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000040)=0x80000a) r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) open(0x0, 0x0, 0x0) r4 = creat(0x0, 0x0) ftruncate(r4, 0x2008001) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x60010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x1000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x3) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x11) ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r3, 0x400455c8, 0x1) ioctl$TIOCSETD(r3, 0x5412, &(0x7f0000000040)) ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000000)=0xe) ioctl$KDADDIO(r0, 0x400455c8, 0x0) ioctl$KDADDIO(r0, 0x400455c8, 0x0) 18:41:28 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) open(&(0x7f00000000c0)='./file0\x00', 0x40c2, 0x0) r1 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) fstat(r1, &(0x7f0000000200)) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x200000000, 0x2, &(0x7f00000001c0)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r2 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) write$binfmt_elf64(r2, &(0x7f0000000ec0)=ANY=[], 0x471) sendfile(r2, r2, &(0x7f0000000480), 0xa198) 18:41:28 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) mount$fuseblk(&(0x7f0000000080)='/dev/loop0\x00', 0x0, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000000b000/0x18000)=nil, &(0x7f00000008c0)=[@text32={0x20, &(0x7f00000000c0)="b805000000b9510000000f01c10f46a78900000066ba2100b067ee66ba4100edb9800000c00f3266ba400066ed0f30c4c271de9d0000000066b808008ed0660f38806f000f011c2666b8bf008ee0", 0x4e}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)) r3 = inotify_init() r4 = inotify_init() dup3(r3, r4, 0x0) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4cb]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 2582.069244] audit: type=1800 audit(1590777688.911:1095): pid=29639 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="collect_data" cause="failed(directio)" comm="syz-executor.0" name="file0" dev="sda1" ino=16214 res=0 [ 2582.097714] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 2582.154253] audit: type=1804 audit(1590777688.931:1096): pid=29639 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="open_writers" comm="syz-executor.0" name="/root/syzkaller-testdir477172077/syzkaller.GVGvUQ/718/file0" dev="sda1" ino=16214 res=1 [ 2582.237820] audit: type=1804 audit(1590777689.081:1097): pid=29651 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="ToMToU" comm="syz-executor.0" name="/root/syzkaller-testdir477172077/syzkaller.GVGvUQ/718/file0" dev="loop0" ino=1 res=1 [ 2582.326220] minix_free_inode: bit 1 already cleared 18:41:30 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0x10f) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r1, 0x400455c8, 0x1) ioctl$TIOCSETD(r1, 0x5412, &(0x7f0000000040)) ioctl$KDADDIO(r1, 0x400455c8, 0x6) r2 = openat$ocfs2_control(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ocfs2_control\x00', 0x4200, 0x0) ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000080)=0x13) pipe(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000040)='/dev/cuse\x00', 0x2, 0x0) splice(r4, 0x0, r3, 0x0, 0x20000038, 0x0) ioctl$KVM_GET_XCRS(r3, 0x8188aea6, &(0x7f00000000c0)={0x6, 0x3, [{0x7, 0x0, 0x5}, {0x9, 0x0, 0xe3d}, {0x7fffffff, 0x0, 0x9}, {0x7, 0x0, 0x5}, {0x8001, 0x0, 0x80}, {0x2, 0x0, 0x800}]}) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000040)) 18:41:30 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) mount$fuseblk(&(0x7f0000000080)='/dev/loop0\x00', 0x0, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000000b000/0x18000)=nil, &(0x7f00000008c0)=[@text32={0x20, &(0x7f00000000c0)="b805000000b9510000000f01c10f46a78900000066ba2100b067ee66ba4100edb9800000c00f3266ba400066ed0f30c4c271de9d0000000066b808008ed0660f38806f000f011c2666b8bf008ee0", 0x4e}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)) r3 = inotify_init() r4 = inotify_init() dup3(r3, r4, 0x0) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4cb]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 18:41:30 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) mount$fuseblk(&(0x7f0000000080)='/dev/loop0\x00', 0x0, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000000b000/0x18000)=nil, &(0x7f00000008c0)=[@text32={0x20, &(0x7f00000000c0)="b805000000b9510000000f01c10f46a78900000066ba2100b067ee66ba4100edb9800000c00f3266ba400066ed0f30c4c271de9d0000000066b808008ed0660f38806f000f011c2666b8bf008ee0", 0x4e}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)) r3 = inotify_init() r4 = inotify_init() dup3(r3, r4, 0x0) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4cb]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 2583.534945] Bluetooth: hci3 command 0x1003 tx timeout [ 2583.554258] Bluetooth: hci3 sending frame failed (-49) 18:41:30 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) mount$fuseblk(&(0x7f0000000080)='/dev/loop0\x00', 0x0, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000000b000/0x18000)=nil, &(0x7f00000008c0)=[@text32={0x20, &(0x7f00000000c0)="b805000000b9510000000f01c10f46a78900000066ba2100b067ee66ba4100edb9800000c00f3266ba400066ed0f30c4c271de9d0000000066b808008ed0660f38806f000f011c2666b8bf008ee0", 0x4e}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)) inotify_init() inotify_init() ioctl$sock_inet_udp_SIOCINQ(0xffffffffffffffff, 0x541b, &(0x7f0000000040)) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4cb]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 18:41:30 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCXONC(r0, 0x540a, 0x0) r1 = socket(0x200000000000011, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'sit0\x00', 0x0}) bind$packet(r1, &(0x7f0000000200)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @local}, 0x14) sendmmsg(r1, &(0x7f0000000d00), 0x400004e, 0x0) fallocate(r1, 0x39, 0x8, 0x80000000) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) r3 = socket(0x10, 0x2, 0x0) getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, 0x0}, &(0x7f0000cab000)=0xc) r6 = add_key$keyring(&(0x7f00000004c0)='keyring\x00', &(0x7f0000000180)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffe) keyctl$setperm(0x5, r6, 0x202002) keyctl$chown(0x4, r6, r4, r5) r7 = add_key(&(0x7f0000000000)='pkcs7_test\x00', &(0x7f0000000080)={'syz', 0x1}, &(0x7f0000000100)="df", 0x1, r6) dup3(r0, r1, 0x0) keyctl$invalidate(0x15, r7) ioctl$KDADDIO(r0, 0x400455c8, 0x0) 18:41:30 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) mount$fuseblk(&(0x7f0000000080)='/dev/loop0\x00', 0x0, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000000b000/0x18000)=nil, &(0x7f00000008c0)=[@text32={0x20, &(0x7f00000000c0)="b805000000b9510000000f01c10f46a78900000066ba2100b067ee66ba4100edb9800000c00f3266ba400066ed0f30c4c271de9d0000000066b808008ed0660f38806f000f011c2666b8bf008ee0", 0x4e}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)) inotify_init() inotify_init() ioctl$sock_inet_udp_SIOCINQ(0xffffffffffffffff, 0x541b, &(0x7f0000000040)) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4cb]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 18:41:30 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) mount$fuseblk(&(0x7f0000000080)='/dev/loop0\x00', 0x0, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000000b000/0x18000)=nil, &(0x7f00000008c0)=[@text32={0x20, &(0x7f00000000c0)="b805000000b9510000000f01c10f46a78900000066ba2100b067ee66ba4100edb9800000c00f3266ba400066ed0f30c4c271de9d0000000066b808008ed0660f38806f000f011c2666b8bf008ee0", 0x4e}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)) inotify_init() inotify_init() ioctl$sock_inet_udp_SIOCINQ(0xffffffffffffffff, 0x541b, &(0x7f0000000040)) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4cb]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 2584.424778] Bluetooth: hci4 command 0x1003 tx timeout [ 2584.430113] Bluetooth: hci4 sending frame failed (-49) [ 2585.134677] Bluetooth: hci5 command 0x1003 tx timeout [ 2585.140002] Bluetooth: hci5 sending frame failed (-49) [ 2585.464658] Bluetooth: hci6 command 0x1003 tx timeout [ 2585.469975] Bluetooth: hci6 sending frame failed (-49) [ 2585.614694] Bluetooth: hci3 command 0x1001 tx timeout [ 2585.620264] Bluetooth: hci3 sending frame failed (-49) [ 2585.854699] Bluetooth: hci7 command 0x1003 tx timeout [ 2585.860026] Bluetooth: hci7 sending frame failed (-49) [ 2586.498046] Bluetooth: hci4 command 0x1001 tx timeout [ 2586.503541] Bluetooth: hci4 sending frame failed (-49) [ 2587.214630] Bluetooth: hci5 command 0x1001 tx timeout [ 2587.220897] Bluetooth: hci5 sending frame failed (-49) [ 2587.534646] Bluetooth: hci6 command 0x1001 tx timeout [ 2587.540023] Bluetooth: hci6 sending frame failed (-49) [ 2587.694556] Bluetooth: hci3 command 0x1009 tx timeout [ 2587.934534] Bluetooth: hci7 command 0x1001 tx timeout [ 2587.939851] Bluetooth: hci7 sending frame failed (-49) [ 2588.574455] Bluetooth: hci4 command 0x1009 tx timeout [ 2589.294434] Bluetooth: hci5 command 0x1009 tx timeout [ 2589.614459] Bluetooth: hci6 command 0x1009 tx timeout [ 2590.014417] Bluetooth: hci7 command 0x1009 tx timeout 18:41:38 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$IPC_STAT(0x0, 0x2, 0x0) ioctl$EVIOCGPROP(0xffffffffffffffff, 0x40047438, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000440)='pagemap\x00') r2 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x841, 0x0) ioctl$SNDCTL_DSP_SPEED(r2, 0xc0045002, &(0x7f0000000080)) sendfile(r2, r1, 0x0, 0x1c02) ioctl$TUNSETTXFILTER(0xffffffffffffffff, 0x400454d1, &(0x7f0000000100)={0x1, 0x5, [@local, @random="8cf213cac4d4", @local, @dev={[], 0x3d}, @random="cb7f8bc8d1ab"]}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) open(&(0x7f00000000c0)='./file0\x00', 0x40c2, 0x0) open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x200000000, 0x2, &(0x7f00000001c0)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) pipe(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000040)='/dev/cuse\x00', 0x2, 0x0) splice(r4, 0x0, r3, 0x0, 0x20000038, 0x0) write$P9_RXATTRWALK(r3, &(0x7f0000000000)={0xf, 0x1f, 0x1, 0x3}, 0xf) r5 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) write$binfmt_elf64(r5, &(0x7f0000000ec0)=ANY=[], 0x471) sendfile(0xffffffffffffffff, r5, &(0x7f0000000480)=0x81, 0xa196) 18:41:38 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) mount$fuseblk(&(0x7f0000000080)='/dev/loop0\x00', 0x0, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000000b000/0x18000)=nil, &(0x7f00000008c0)=[@text32={0x20, &(0x7f00000000c0)="b805000000b9510000000f01c10f46a78900000066ba2100b067ee66ba4100edb9800000c00f3266ba400066ed0f30c4c271de9d0000000066b808008ed0660f38806f000f011c2666b8bf008ee0", 0x4e}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)) r3 = inotify_init() r4 = dup3(r3, 0xffffffffffffffff, 0x0) ioctl$sock_inet_udp_SIOCINQ(r4, 0x541b, &(0x7f0000000040)) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4cb]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 2591.767324] audit: type=1800 audit(1590777698.612:1098): pid=29738 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="collect_data" cause="failed(directio)" comm="syz-executor.4" name="file0" dev="sda1" ino=15794 res=0 [ 2591.809401] audit: type=1804 audit(1590777698.632:1099): pid=29738 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="open_writers" comm="syz-executor.4" name="/root/syzkaller-testdir136762549/syzkaller.XFJfnY/507/file0" dev="sda1" ino=15794 res=1 [ 2591.829183] MINIX-fs: mounting unchecked file system, running fsck is recommended 18:41:40 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = open(&(0x7f00000000c0)='./file0\x00', 0x40c2, 0x0) open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x200000000, 0x2, &(0x7f00000001c0)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r2 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vcsa\x00', 0x18100, 0x0) ioctl$DRM_IOCTL_GEM_OPEN(r1, 0xc010640b, &(0x7f0000000100)={0x0, 0x0, 0x401}) ioctl$DRM_IOCTL_GEM_CLOSE(r2, 0x40086409, &(0x7f0000000180)={r3}) r4 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) write$binfmt_elf64(r4, &(0x7f0000000ec0)=ANY=[], 0x471) sendfile(r4, r4, &(0x7f0000000480), 0xa198) 18:41:40 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) mount$fuseblk(&(0x7f0000000080)='/dev/loop0\x00', 0x0, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000000b000/0x18000)=nil, &(0x7f00000008c0)=[@text32={0x20, &(0x7f00000000c0)="b805000000b9510000000f01c10f46a78900000066ba2100b067ee66ba4100edb9800000c00f3266ba400066ed0f30c4c271de9d0000000066b808008ed0660f38806f000f011c2666b8bf008ee0", 0x4e}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)) r3 = inotify_init() r4 = dup3(r3, 0xffffffffffffffff, 0x0) ioctl$sock_inet_udp_SIOCINQ(r4, 0x541b, &(0x7f0000000040)) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4cb]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 18:41:40 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x4) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000040)) r1 = openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dlm-control\x00', 0x2000, 0x0) ioctl$TIOCL_SELLOADLUT(r1, 0x541c, &(0x7f0000000080)={0x5, 0xf2b, 0x8000, 0x2b57ac6c, 0xffff}) 18:41:40 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) r1 = socket(0x200000000000011, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'sit0\x00', 0x0}) bind$packet(r1, &(0x7f0000000200)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @local}, 0x14) sendmmsg(r1, &(0x7f0000000d00), 0x400004e, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$tipc(&(0x7f0000000080)='TIPC\x00') sendmsg$TIPC_CMD_RESET_LINK_STATS(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)={0x30, r4, 0x1, 0x0, 0x0, {{}, {0x0, 0xb}, {0x14, 0x14, 'broadcast-link\x00'}}}, 0x30}}, 0x0) sendmsg$TIPC_CMD_SET_NODE_ADDR(r1, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40020000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x24, r4, 0x200, 0x70bd26, 0x25dfdbfb, {{}, {}, {0x8, 0x11, 0x8}}, ["", ""]}, 0x24}, 0x1, 0x0, 0x0, 0x80}, 0x20000000) ioctl$KDADDIO(r0, 0x400455c8, 0x0) [ 2593.667232] Bluetooth: Unknown HCI packet type 00 [ 2593.672281] audit: type=1800 audit(1590777700.512:1100): pid=29766 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="collect_data" cause="failed(directio)" comm="syz-executor.0" name="file0" dev="sda1" ino=16244 res=0 [ 2593.700870] Bluetooth: Unknown HCI packet type 5e [ 2593.709886] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 2593.726959] Bluetooth: Unknown HCI packet type 43 [ 2593.748976] Bluetooth: Unknown HCI packet type 5e 18:41:40 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) mount$fuseblk(&(0x7f0000000080)='/dev/loop0\x00', 0x0, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000000b000/0x18000)=nil, &(0x7f00000008c0)=[@text32={0x20, &(0x7f00000000c0)="b805000000b9510000000f01c10f46a78900000066ba2100b067ee66ba4100edb9800000c00f3266ba400066ed0f30c4c271de9d0000000066b808008ed0660f38806f000f011c2666b8bf008ee0", 0x4e}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)) r3 = inotify_init() r4 = dup3(r3, 0xffffffffffffffff, 0x0) ioctl$sock_inet_udp_SIOCINQ(r4, 0x541b, &(0x7f0000000040)) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4cb]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 2593.769968] audit: type=1804 audit(1590777700.542:1101): pid=29766 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="open_writers" comm="syz-executor.0" name="/root/syzkaller-testdir477172077/syzkaller.GVGvUQ/719/file0" dev="sda1" ino=16244 res=1 [ 2593.816647] Bluetooth: Unknown HCI packet type 50 18:41:40 executing program 0: ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x7fff) open(&(0x7f00000000c0)='./file0\x00', 0x40c2, 0x0) open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x200000000, 0x2, &(0x7f00000001c0)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) ioctl$FBIO_WAITFORVSYNC(r0, 0x40044620, 0x0) write$binfmt_elf64(r0, &(0x7f0000000ec0)=ANY=[], 0x471) sendfile(r0, r0, &(0x7f0000000480), 0xa198) [ 2593.840400] Bluetooth: hci4: Frame reassembly failed (-84) [ 2593.849285] Bluetooth: Unknown HCI packet type 5e [ 2593.851522] Bluetooth: hci4: Frame reassembly failed (-84) [ 2593.875670] Bluetooth: Unknown HCI packet type 40 18:41:40 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) mount$fuseblk(&(0x7f0000000080)='/dev/loop0\x00', 0x0, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000000b000/0x18000)=nil, &(0x7f00000008c0)=[@text32={0x20, &(0x7f00000000c0)="b805000000b9510000000f01c10f46a78900000066ba2100b067ee66ba4100edb9800000c00f3266ba400066ed0f30c4c271de9d0000000066b808008ed0660f38806f000f011c2666b8bf008ee0", 0x4e}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)) r3 = inotify_init() r4 = dup3(0xffffffffffffffff, r3, 0x0) ioctl$sock_inet_udp_SIOCINQ(r4, 0x541b, &(0x7f0000000040)) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4cb]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 2593.909413] audit: type=1804 audit(1590777700.642:1102): pid=29782 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="ToMToU" comm="syz-executor.0" name="/root/syzkaller-testdir477172077/syzkaller.GVGvUQ/719/file0" dev="loop0" ino=1 res=1 [ 2593.944991] minix_free_inode: bit 1 already cleared [ 2594.023043] audit: type=1800 audit(1590777700.862:1103): pid=29798 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="collect_data" cause="failed(directio)" comm="syz-executor.0" name="file0" dev="sda1" ino=16244 res=0 [ 2594.058088] audit: type=1804 audit(1590777700.872:1104): pid=29798 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="open_writers" comm="syz-executor.0" name="/root/syzkaller-testdir477172077/syzkaller.GVGvUQ/720/file0" dev="sda1" ino=16244 res=1 [ 2594.060106] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 2594.129469] audit: type=1804 audit(1590777700.972:1105): pid=29808 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="ToMToU" comm="syz-executor.0" name="/root/syzkaller-testdir477172077/syzkaller.GVGvUQ/720/file0" dev="sda1" ino=16244 res=1 18:41:41 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) mount$fuseblk(&(0x7f0000000080)='/dev/loop0\x00', 0x0, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000000b000/0x18000)=nil, &(0x7f00000008c0)=[@text32={0x20, &(0x7f00000000c0)="b805000000b9510000000f01c10f46a78900000066ba2100b067ee66ba4100edb9800000c00f3266ba400066ed0f30c4c271de9d0000000066b808008ed0660f38806f000f011c2666b8bf008ee0", 0x4e}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)) r3 = inotify_init() r4 = dup3(r3, 0xffffffffffffffff, 0x0) ioctl$sock_inet_udp_SIOCINQ(r4, 0x541b, &(0x7f0000000040)) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4cb]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 18:41:41 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) mount$fuseblk(&(0x7f0000000080)='/dev/loop0\x00', 0x0, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000000b000/0x18000)=nil, &(0x7f00000008c0)=[@text32={0x20, &(0x7f00000000c0)="b805000000b9510000000f01c10f46a78900000066ba2100b067ee66ba4100edb9800000c00f3266ba400066ed0f30c4c271de9d0000000066b808008ed0660f38806f000f011c2666b8bf008ee0", 0x4e}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)) r3 = inotify_init() r4 = dup3(0xffffffffffffffff, r3, 0x0) ioctl$sock_inet_udp_SIOCINQ(r4, 0x541b, &(0x7f0000000040)) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4cb]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 18:41:41 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) mount$fuseblk(&(0x7f0000000080)='/dev/loop0\x00', 0x0, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000000b000/0x18000)=nil, &(0x7f00000008c0)=[@text32={0x20, &(0x7f00000000c0)="b805000000b9510000000f01c10f46a78900000066ba2100b067ee66ba4100edb9800000c00f3266ba400066ed0f30c4c271de9d0000000066b808008ed0660f38806f000f011c2666b8bf008ee0", 0x4e}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)) r3 = inotify_init() r4 = dup3(0xffffffffffffffff, r3, 0x0) ioctl$sock_inet_udp_SIOCINQ(r4, 0x541b, &(0x7f0000000040)) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4cb]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 2594.287744] audit: type=1804 audit(1590777701.122:1106): pid=29808 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="ToMToU" comm="syz-executor.0" name="/root/syzkaller-testdir477172077/syzkaller.GVGvUQ/720/file0" dev="loop0" ino=1 res=1 [ 2594.338288] minix_free_inode: bit 1 already cleared 18:41:41 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$IPC_STAT(0x0, 0x2, 0x0) ioctl$EVIOCGPROP(0xffffffffffffffff, 0x40047438, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000440)='pagemap\x00') r2 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x841, 0x0) ioctl$SNDCTL_DSP_SPEED(r2, 0xc0045002, &(0x7f0000000080)) sendfile(r2, r1, 0x0, 0x1c02) ioctl$TUNSETTXFILTER(0xffffffffffffffff, 0x400454d1, &(0x7f0000000100)={0x1, 0x5, [@local, @random="8cf213cac4d4", @local, @dev={[], 0x3d}, @random="cb7f8bc8d1ab"]}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) open(&(0x7f00000000c0)='./file0\x00', 0x40c2, 0x0) open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x200000000, 0x2, &(0x7f00000001c0)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) pipe(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000040)='/dev/cuse\x00', 0x2, 0x0) splice(r4, 0x0, r3, 0x0, 0x20000038, 0x0) write$P9_RXATTRWALK(r3, &(0x7f0000000000)={0xf, 0x1f, 0x1, 0x3}, 0xf) r5 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) write$binfmt_elf64(r5, &(0x7f0000000ec0)=ANY=[], 0x471) sendfile(0xffffffffffffffff, r5, &(0x7f0000000480)=0x81, 0xa196) 18:41:41 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = open(&(0x7f00000000c0)='./file0\x00', 0x40c2, 0x0) open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x200000000, 0x2, &(0x7f00000001c0)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r2 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x148) write$binfmt_elf64(r2, &(0x7f0000000ec0)=ANY=[], 0x471) r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000040)=0xf) ioctl$KVM_SET_CPUID2(r1, 0x4008ae90, &(0x7f0000000100)={0x1, 0x0, [{0x40000000, 0xfa48, 0x6, 0x0, 0x80000000, 0x4, 0xff}]}) ioctl$KDADDIO(r3, 0x400455c8, 0x1) ioctl$TIOCSETD(r3, 0x5412, &(0x7f0000000040)) ioctl$KDGETKEYCODE(r3, 0x4b4c, &(0x7f0000000000)={0x7, 0x2}) sendfile(r2, r2, &(0x7f0000000480), 0xa198) 18:41:41 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) mount$fuseblk(&(0x7f0000000080)='/dev/loop0\x00', 0x0, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000000b000/0x18000)=nil, &(0x7f00000008c0)=[@text32={0x20, &(0x7f00000000c0)="b805000000b9510000000f01c10f46a78900000066ba2100b067ee66ba4100edb9800000c00f3266ba400066ed0f30c4c271de9d0000000066b808008ed0660f38806f000f011c2666b8bf008ee0", 0x4e}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) r3 = inotify_init() r4 = inotify_init() r5 = dup3(r3, r4, 0x0) ioctl$sock_inet_udp_SIOCINQ(r5, 0x541b, &(0x7f0000000040)) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4cb]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 18:41:41 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) mount$fuseblk(&(0x7f0000000080)='/dev/loop0\x00', 0x0, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000000b000/0x18000)=nil, &(0x7f00000008c0)=[@text32={0x20, &(0x7f00000000c0)="b805000000b9510000000f01c10f46a78900000066ba2100b067ee66ba4100edb9800000c00f3266ba400066ed0f30c4c271de9d0000000066b808008ed0660f38806f000f011c2666b8bf008ee0", 0x4e}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)) r3 = inotify_init() r4 = dup3(0xffffffffffffffff, r3, 0x0) ioctl$sock_inet_udp_SIOCINQ(r4, 0x541b, &(0x7f0000000040)) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4cb]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 2594.679441] audit: type=1800 audit(1590777701.522:1107): pid=29842 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="collect_data" cause="failed(directio)" comm="syz-executor.0" name="file0" dev="sda1" ino=16244 res=0 [ 2594.710912] minix_free_inode: bit 1 already cleared [ 2594.732503] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 2595.018600] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 2595.693870] Bluetooth: hci3 command 0x1003 tx timeout [ 2595.699224] Bluetooth: hci3 sending frame failed (-49) [ 2595.853935] Bluetooth: hci4 command 0x1003 tx timeout [ 2595.859338] Bluetooth: hci4 sending frame failed (-49) [ 2596.813859] Bluetooth: hci5 command 0x1003 tx timeout [ 2596.819235] Bluetooth: hci5 sending frame failed (-49) [ 2597.773723] Bluetooth: hci3 command 0x1001 tx timeout [ 2597.779242] Bluetooth: hci3 sending frame failed (-49) [ 2597.874151] minix_free_inode: bit 1 already cleared [ 2597.933760] Bluetooth: hci4 command 0x1001 tx timeout [ 2597.939080] Bluetooth: hci4 sending frame failed (-49) [ 2598.893718] Bluetooth: hci5 command 0x1001 tx timeout [ 2598.899095] Bluetooth: hci5 sending frame failed (-49) [ 2599.853682] Bluetooth: hci3 command 0x1009 tx timeout [ 2600.023755] Bluetooth: hci4 command 0x1009 tx timeout [ 2600.973506] Bluetooth: hci5 command 0x1009 tx timeout 18:41:50 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) mount$fuseblk(&(0x7f0000000080)='/dev/loop0\x00', 0x0, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000000b000/0x18000)=nil, &(0x7f00000008c0)=[@text32={0x20, &(0x7f00000000c0)="b805000000b9510000000f01c10f46a78900000066ba2100b067ee66ba4100edb9800000c00f3266ba400066ed0f30c4c271de9d0000000066b808008ed0660f38806f000f011c2666b8bf008ee0", 0x4e}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) r3 = inotify_init() r4 = inotify_init() r5 = dup3(r3, r4, 0x0) ioctl$sock_inet_udp_SIOCINQ(r5, 0x541b, &(0x7f0000000040)) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4cb]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 18:41:51 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xe) ioctl$KDADDIO(r0, 0x400455c8, 0x0) ioctl$KDADDIO(r0, 0x400455c8, 0x0) 18:41:51 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xd) ioctl$KDADDIO(r0, 0x400455c8, 0x0) r1 = openat$full(0xffffffffffffff9c, &(0x7f0000000080)='/dev/full\x00', 0x3b1b02, 0x0) ioctl$TIOCVHANGUP(r1, 0x5437, 0x0) pipe(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000040)='/dev/cuse\x00', 0x2, 0x0) splice(r3, 0x0, r2, 0x0, 0x20000038, 0x0) ioctl$TUNGETIFF(r2, 0x800454d2, &(0x7f0000000000)) ioctl$KDADDIO(r0, 0x400455c8, 0x43) 18:41:51 executing program 4: r0 = socket(0x200000000000011, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'sit0\x00', 0x0}) bind$packet(r0, &(0x7f0000000200)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @local}, 0x14) sendmmsg(r0, &(0x7f0000000d00), 0x400004e, 0x0) accept$nfc_llcp(r0, &(0x7f0000000080), &(0x7f0000000000)=0x60) r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000040)=0xf) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'sit0\x00', 0x0}) bind$packet(0xffffffffffffffff, &(0x7f0000000200)={0x11, 0x0, r3, 0x1, 0x0, 0x6, @local}, 0x14) sendmmsg(0xffffffffffffffff, &(0x7f0000000d00), 0x400004e, 0x0) ioctl$PPPOEIOCSFWD(0xffffffffffffffff, 0x4008b100, &(0x7f00000001c0)={0x18, 0x0, {0x3, @broadcast, 'veth1_vlan\x00'}}) r4 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ubi_ctrl\x00', 0x600, 0x0) r5 = creat(&(0x7f0000000280)='./file0\x00', 0x0) close(r5) r6 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r6, 0x84, 0x1d, &(0x7f0000000040)=ANY=[@ANYBLOB="01000800", @ANYRES32=0x0], &(0x7f000095dffc)=0x8) getsockopt$inet_sctp6_SCTP_ASSOCINFO(r5, 0x84, 0x1, &(0x7f0000000180)={r7}, &(0x7f0000000200)=0x14) setsockopt$inet_sctp6_SCTP_PR_SUPPORTED(r4, 0x84, 0x71, &(0x7f0000000140)={r7}, 0x8) ioctl$KDADDIO(r2, 0x400455c8, 0x0) ioctl$TIOCSETD(r2, 0x5412, &(0x7f0000000040)) 18:41:51 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r1, 0x400455c8, 0x1) ioctl$TIOCSETD(r1, 0x5412, &(0x7f0000000040)) r2 = semget$private(0x0, 0x2, 0x2) semctl$GETPID(r2, 0x3, 0xb, &(0x7f0000000140)=""/48) ioctl$KDADDIO(r1, 0x400455c8, 0x4) ioctl$TCGETS2(0xffffffffffffffff, 0x802c542a, &(0x7f0000000100)) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000040)) pipe(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000040)='/dev/cuse\x00', 0x2, 0x0) splice(r4, 0x0, r3, 0x0, 0x20000038, 0x0) futimesat(r3, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)={{0x77359400}}) r5 = openat$ocfs2_control(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ocfs2_control\x00', 0x44000, 0x0) ioctl$TIOCSBRK(r5, 0x5427) 18:41:51 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) mount$fuseblk(&(0x7f0000000080)='/dev/loop0\x00', 0x0, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000000b000/0x18000)=nil, &(0x7f00000008c0)=[@text32={0x20, &(0x7f00000000c0)="b805000000b9510000000f01c10f46a78900000066ba2100b067ee66ba4100edb9800000c00f3266ba400066ed0f30c4c271de9d0000000066b808008ed0660f38806f000f011c2666b8bf008ee0", 0x4e}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) r3 = inotify_init() r4 = inotify_init() r5 = dup3(r3, r4, 0x0) ioctl$sock_inet_udp_SIOCINQ(r5, 0x541b, &(0x7f0000000040)) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4cb]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 18:41:51 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xd) ioctl$KDADDIO(r0, 0x400455c8, 0x0) r1 = openat$full(0xffffffffffffff9c, &(0x7f0000000080)='/dev/full\x00', 0x3b1b02, 0x0) ioctl$TIOCVHANGUP(r1, 0x5437, 0x0) pipe(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000040)='/dev/cuse\x00', 0x2, 0x0) splice(r3, 0x0, r2, 0x0, 0x20000038, 0x0) ioctl$TUNGETIFF(r2, 0x800454d2, &(0x7f0000000000)) ioctl$KDADDIO(r0, 0x400455c8, 0x43) 18:41:51 executing program 1: r0 = socket$inet6(0xa, 0x80002, 0x0) r1 = socket(0x11, 0x800000003, 0x0) bind(r1, &(0x7f0000000080)=@generic={0x11, "000001000000004f080044d44eeba71a4976e252922cb18f6e2e2dba000000012e0b3832005404b0e8301a4ce875f2e3ff5fb39c030000000000000000000000080101013c58110308d9123127ecce66080000000e5bf5ff1b0816f3f6db1c00010000000000326d3a09ffc2c654000000000400"}, 0x80) getsockname$packet(r1, &(0x7f0000000140)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f00000001c0)=0x14) ioctl$sock_SIOCGIFINDEX(r0, 0x8914, &(0x7f0000000000)={'ipvlan0\x00', r2}) sendmmsg(0xffffffffffffffff, &(0x7f0000001300)=[{{&(0x7f0000000080)=@ll={0x11, 0x9, r2, 0x1, 0x9, 0x6, @link_local}, 0x80, &(0x7f0000000000)=[{&(0x7f0000000100)="fadf10724c36d63fc989361d3a1d37b8c87fd85b6dad7fbafa9c597581126ea2baa6df56019e7f3a65e1621471f6e3cef10b377425d48527427eaaf551d499f41f7eb198f05c124e2b3281bf42b3d94f68056f18aecb514fa9c1622619d721d483ec4262de52edcbb7545c5e0c369c153c1bbc9a4fd91995e599c04c7fa35b6492ed659e273c300b3697a5ba4910d718e61be3fb80354ada119cb049026fb4985a463e0e55416a4e0d3d681067e51ad783d478ec63e23dbabf046aff168c7ea658fdcd227d4b0e7d59ac3dc19d31d813c295386647a9631cef8ff62d2f6b6ee9657f501200968d62cd3e4f342a2ddba8196e3e287fc73697c29ef5e0c0ee487fd18425f63f67bec3e30ed74a67d06a0621d28448c2b87ed5e9cbae51ce724c0320eea4629d9112776d548c48f7eb928b823cdc91cd2ffa30fe425cf521bd4bd0528afcf266dd106dfd8b9476dcb055f8c4500e547639cbcbb5db3c11d125d64e7d368d083224731f84e71df2d77a57c8d791e609a663a1983689921662881ad2cbe75da88f0c3d6420f958e5df829cf4e97e0c7f9efed70d50956f764b09452c884e6947cf5ffdbb37d3e0187b4af84fe62c5c1345fa132f8cbbd520ea46900772f61cbc822748c5f388ebf8d40afb556aa220e570193ae08424d08b271e0fd4c4f4b466139849dc5d454f38c213dd069b77099baa70109dfa9f2fab0a38f79247e39018f8ff261559178cd40e2f9fc7c06538ef05ab10689228366641e35f284d714e275c82145959987770adc213964c7c0385a91c38bcdedd7af67c7b45b470eeb41dc961d6a4b364ff6afd93b5c0aa19112311a3949683ea8b489fe9dc50d8d5c25a8b4c799555ecf9772e08de9ece5591fbb5b2df6dbbde5c9f04451c126eb6e7e7a8259d0779989e030d45560bde025c827d15337fe2cbefaaba7976bc739a17fcdcb14c023fd255b12a2458ae32f766171221aea67d9af9f9f09d1e7c3c298f3a6533c6cb83e91ae257865bcc232f906b969cbc2d5fb4d46a9b306e8d42cf414722a12471772adf1a9cff37f5efa7ef359c5d725a780e8e52a877ab374dda855edc15bf1dda62b0969024107a66bfcff3fb36b9e619c416a3618cd5f8c48d88b63b14286915d0e9d49719f621bd85d896d0bf9f03e94fc6a7dc1cac78169d8e041b367f06fb2e12a42358245e23ae1734e500f89843a844c05846138744d010508acf6778a45b35f21809effd225c1d851309226260033dc8e97b0cff8c72b72f8cc8294cc24826548b97d09e4f4b47b517a2569c49d68ebfc15815a896daf5c3608d82310a7641cb5a10713b0c81ef8d36a77c01de7be426d70073d6e5bf00993c8640338e9b8dd0744865f60e2232359d06cbfc5416007c6a725927b380d72078d400dd27b79ab4ec3724580c4e4fe045f9ae7506e7a02b23e22cbf4359efbf949a19aa2e59270a9ca0c79164a9edcb59f0444cd9af839bdd212c8370837c521a44fcad6e05bcebae5ce23f9be472f8cf76f4ad8ee55b11f3a6eebb1572ecec2e199cfd49398889baba2247f01f3939742bd37aa52ad91cdd1aea6b42b4c70f330b1652b0cf7c53eff80dd3ed7dc015fb9b37faa0dbc176d578313c6f7083790827637cfbd773eb8bfc11597b90f7614cc484072a3d3ea3cfd04c418d04681116ee470a0049408c537719c0c2a7fe0666f424061b96bfe0b437604a10cfdc7adaaf3cd1eed8f3122fb59e412c77bab54b1bf4fc12ea3a9216915bd3acf50ada5b3a0d4595f2190dc1c07e372a0f035436ac53e3a81662542d63f397f2234b2b9191fced485b99ca4f7c905eb7aa7102e143419745275317a7ba1d03baf4e352ff1fbbc835f392db2238ed50b201ef12efd7725b62436f581c1de9240edd2c959af3e76bd76dfff8112a9cdd6305a7894aa174150bd88b300066f17022757e164e3449aedc56c16a41ed95512a12a7c346ecf23016c772dedfc5f1d1607533fc2924044dca8ab05990cc99efc247065439a72b4dccc17f5008377528f609941397ccca7f353ce261fcf32f70f0a4384d120f868ab2450999d266ff5e90d3f888d5ce6dc9615088d8eaa43582a72e54f084fd129dd52ca1dc8d3cb52bb4e4a6467d7467b645393ec529e730aa1ff4ab227db1d7571b24b2da66d76914121fd363e2b9dd5e5aeae2bd659f9e0019e2b182d20e93db692c8270cac352751eb743ad882276cf32d2f8c7600db12b26ed2a8058cb1b10de3570fc4d7b5fa1d1892268e6f0b49a12fcf75c8f4075f5735dbd728f4869ed53789823da3deae03752c43b23634ca36e32e228d1c7f856190f41d7069381235e60f19e8b6d7006d5a664c20742996035d3b2213ac1058cb6d36e03721ed29232269ba3ff7e87af61ae33356dd5a47586544a390a2a7f65473042093f6b4670aa0f59bf7ce65f7124b7b46b582862365a2f98f991e039ecdc51e8f4230dc80da423c75d501ce0a4f22aa75c18e8790e7448182cd99f9530bbac45f30b017b91f383dc0e967628bdaf8706c110c4bbd8a05cb005517f972cbc1025395806bff9f41aca97f4c5eaafcff65d8b320fdf82b45c3fb12669057eecd96c8ec87c1e89ba6c640f58bbe15d2131c785bb6610b103f84332bdcbb38ab1d4de58143ad35db0755125c083d86818bf894e038c35b249ec42e89f6b9ca18aa855a67e64fa91cac14a89e3eecbb34bfd6240f6c25cb616f03b13d779bd2207c4b9539a7a9dfba4a52bce3e23e6146ae36808f7598aa900321eadce9c5cebb409387dd7e2ebaf4d12844ba0fc9ba1dbc646913e891a23c76c799aac11388983cc7bfa584b5879fdcd0d78be83b19a620f4d1218285a9397557c572aea0ba3ecf97ee104443545cff49920644ec78c3950bfdcc0d681b1ced5e5d902c5e61862e7d418d1974f6e1ea9f5836c51de28ffb499fb08c5cf214a7df2b43b2a4791dd24e7e18844acb4af5539cceedb94b963931fea03303263c2f9328ef688660052cc53453793bd2cd5b5d2a90926dfc5a98438c011f2992e479332b6c55e84f24ac9415b5d97679fdecc5d0dabf2e1ba59cd55ddc8f5342d64c389aa969419f1a0757dba0b12d23aec87ec888f371b8eac2a2ca0444e14b0f89c02bb0fb3185a722755f8506047dd229855f9eab87c933d79445be1238559e22f3a56129853b4b11c9e4d24bfac7884b80a04071d170d30e78f833df1ac8d4cb0ee483ac410686dd012c030eaba8db933f87bd6b29a6d521f2fecb7a8b9bb991a2da34be3b40fbc7c59ff4807462cc0279561bf62360bcf16532d4133cdaa9eb6a38763a53dba79e8a8bd08d1d3744411da43d01cce3abc8581ffc9015221fdc782126c830c5065a8872bec7fc226e79f07c8051e461587588d6409f36b5d8886bb2429a0529bd6cfbe90c6d1eb8d48112a267baf0e53e8a755736b3c1a1cfb1d7e8477b071ce93c65c1e5ae77eee99c9d2e26677f23a2268fb39211cc3d63230b9a95442c1cc638a8241da17abc5254ac1c23fe81b3119fb765984861291ca6581f464875a063b921fc3c0dcb5501b2db91d44de4c9eb2135d940f8075c368bfcce17ec5401fd1e93b29fddbed5032787f2c6b20d87a4bd6d80a19ba94babfd7e0c618329d4f768a9d06cfa25807ce1e65ce9fe6858fd6020e9788622b0d983ac14273f7ebb9d74a11ab7899adcb78ac2f620a153f9fcac7fbc1e563646bc9c069052edcbfba343a668544ff46221596e7e661330f45a0258447016e3090fccc780a8deb36a8fc5b715ffb596289077e09277507c9525070cac75695f3360a3ac66650c340eb78d089ddb817f1c97134ea6c600b6ad462b3b05f4e8d4b40e7cc57c96bcc77440676ad32ccde48998b05d9c2d034086a519b4a94337446f25858018621c3da66fb5a57d3f1ec25f15d27722ce74542b3d49170e8b8f5091914a5d850b25ecfed1430ce68a7e2bb624a55485b189953ec49fe897f77128ce6ec34338fe0847a4aa1a1ce296a6198b65314d0cb7f94c5dbc9bae57e2a55fc3b3609747867f29b36ac744f335634dbafc6a33fc95f8b051ca166ce4e9c2427fa7b66f469261a7dad70dd872baca0f01d9ec23c3fb8c84911da63271e2dfdbbe03c433932c91543cbc2f924cd4f489af1b8912e376cc4f606be5089b293c9030040ab056ccdb3c1433af82dd398290a3748e57e97821ffdfc70f9d053df0b39ee90f34756ef6c5bcf7ce9df9ddf11b332dfef945ce7b1e1ff9d94dab726383cd11f472a026323d0df39102b11651f018e04837e7c362f16c30d50cec2100b08210edbabe9dd5814d67a31afcacf36e3a3e2e7873ec8a498f2550f69ef846bb9ee9203ff9c9ed966b777cc3f649723d7b130aef77277fbb6944618fa53b07df2621bd4093553d99b016ee97da65adfa61868f027b956b3904d4a09095fb4ccf7436f9285bd8e9fabd606dd8fcb298a755a72fb935f8aff95c98349e7a1e6405baff57f8854725518bf9b786af7c0860489fea211d9184fa519ced191ad307a56332b79d3a22f587ece51cffb014c40947cad6f0d10810c538b0b35ba1336fd94d3f8b1ebad7342da3137d77e1452262d4e8577d9a889ffb2fbf50131e00b10a2afff57fa22481d59de5b0ff3d61088c1444f286ea0092c75204f04d781a759550cc9cae9cf3f761a8f94972e87da01d47a56f8470bf5482d768a2a91fe571a77cb6f3ab0f20a3fe99f69034236cecd0444f46cc5d0d1a644b852c16072d8dd15300a313418355261b1ef9debeb3fd56e4f898e01f17b958d6f92dfd1369b64f9babd4040d91726a0a57d1872b0426f2f4199b7ee9e57e28cf4d5905d07ddb571618fa68a73e40449366a517251027ff7afc4c64b08e93731e17a81f6944cbdc23b92731a79cbb385528d1e04e8e20b2a1cd66a42322d34751f351f1e9826733a10e3a1d9342affb9c368936166b4261a339535f1a376bd54b5955ff5ac120d066a92beaaa3becdcb74f51acf8029a5015a412d8f67e73f23182ee4c2879f148901ef55953b53cb70b0197dd770aab1909df248616cef3d738a8864ea0d9214ef656d9d4f37775017a95f69c7700f0b4c56ba049797a4ec3f873344bb696e0b9f238c1e6f28f3a1857ec87ed2c691da6c1ab388ae6b474c166f02bd60fbf648f77d2b3578df4a8f6b07a041a9a06c7f07dca2457f087db019f6b4e608f71bfb5ec24599548c78bd9903c115f4f52ab567a20f8619026f9a998f4e65a522cff5e11383cefb9ee184389fcaf8285174f3d52a2cb92c712c5c00d05b977db8b5d94f99af5b27d1d2d80b7bfdc5ea48239bcdad0b76016333bfc93d0c4f3448a60fd610b21e8a63f98e7cf02d0056b6331797040da497c2f263e6994587c7fffb7fd82cd314d0bfbf650e75e829e60ec733903671fd651748a6567be5d3900e6d3f84894fdef5d5afc96fab6106783c33c06374dd4745d837294c0dab914ad380b1bb4caeb527dfb5fdca9a96271acbf12f4fee4cfabf795569c1d482a0ff7a1fe7e735e49d58eee262dbaa0631443afccbc24d7673416e277705f532314001bae44a771652378a48674f82faf71dd7c42040522f0a692532bc76ebc52288cdd340e572d3449e4f54d14c882d3a50e4f83d456ba285bf77336ef4cb7e9b2ec4b56dad936b6c924397cd017ee8ce47bf28e41be8519df97fb35ecde10b5acdc8fe94fc5c5396eae5687df6338e7fa137c79ebf9bd6fd26739b2a6ff7722494a373f5532978271d637678b574b84a70a90a259baf971647fdf3348543", 0x1000}, {&(0x7f0000001100)="0c82024474d74a318f16026abe0e4739453488721abf40816b92037f040a57b38b4a3a2bf53387eb03a5029e42277a127379810bfc793e1c0e1fd916f87e59aeb9e07b313f43e1361244c519da515a10aa2bb084da7e460a472c55ec640ff03ed74fec302feac5abb9be3f21655efaa24f0d073a057badeadb7687ee82c7b5608be26344cc709e335cc7b83b3f6998e81aa83f5a99fa82afe69c6b404f468d35472df0bb71a11a6409069f76940d283c9b43bd494fd8eb7510f3b0c4b664f1c563bb", 0xc2}, {&(0x7f0000001200)="82a529713d4d628ff6ff50f77d66360ce36d985a80010c459833a2702da9b14269d29c08f8d4ca3aef9a76099649207fe3a4994abf7748110b3502258359be4a0abfe719d6ffaf82087f4fe5a750af50ead9ae654fe03f760d438fe0550b982439", 0x61}], 0x3, &(0x7f0000001280)=[{0x48, 0x29, 0x1000, "99cb49de678c9ce4c9ef790df252aedf114afddc732d4efe22646776ed71b1a23ca9f97eb99a40feade2687ee9b03ad4b8731cb9119b014e"}], 0x48}}], 0x1, 0x4004) r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r3, 0x400455c8, 0x0) ioctl$KDADDIO(r3, 0x400455c8, 0x0) 18:41:51 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) mount$fuseblk(&(0x7f0000000080)='/dev/loop0\x00', 0x0, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000000b000/0x18000)=nil, &(0x7f00000008c0)=[@text32={0x20, &(0x7f00000000c0)="b805000000b9510000000f01c10f46a78900000066ba2100b067ee66ba4100edb9800000c00f3266ba400066ed0f30c4c271de9d0000000066b808008ed0660f38806f000f011c2666b8bf008ee0", 0x4e}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)) r3 = inotify_init() r4 = inotify_init() r5 = dup3(r3, r4, 0x0) ioctl$sock_inet_udp_SIOCINQ(r5, 0x541b, &(0x7f0000000040)) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4cb]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 2604.548900] Bluetooth: hci3: Frame reassembly failed (-84) [ 2604.567600] Bluetooth: hci3: Frame reassembly failed (-84) [ 2604.677592] Bluetooth: hci6: Frame reassembly failed (-84) 18:41:51 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) open(&(0x7f00000000c0)='./file0\x00', 0x40c2, 0x0) open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x200000000, 0x2, &(0x7f00000001c0)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r1 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) write$binfmt_elf64(r1, &(0x7f0000000ec0)=ANY=[], 0x471) ioctl$FITHAW(0xffffffffffffffff, 0xc0045878) sendfile(r1, r1, &(0x7f0000000480), 0xa198) 18:41:51 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) mount$fuseblk(&(0x7f0000000080)='/dev/loop0\x00', 0x0, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000000b000/0x18000)=nil, &(0x7f00000008c0)=[@text32={0x20, &(0x7f00000000c0)="b805000000b9510000000f01c10f46a78900000066ba2100b067ee66ba4100edb9800000c00f3266ba400066ed0f30c4c271de9d0000000066b808008ed0660f38806f000f011c2666b8bf008ee0", 0x4e}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)) r3 = inotify_init() r4 = inotify_init() r5 = dup3(r3, r4, 0x0) ioctl$sock_inet_udp_SIOCINQ(r5, 0x541b, &(0x7f0000000040)) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4cb]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 18:41:51 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xd) ioctl$KDADDIO(r0, 0x400455c8, 0x0) r1 = openat$full(0xffffffffffffff9c, &(0x7f0000000080)='/dev/full\x00', 0x3b1b02, 0x0) ioctl$TIOCVHANGUP(r1, 0x5437, 0x0) pipe(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000040)='/dev/cuse\x00', 0x2, 0x0) splice(r3, 0x0, r2, 0x0, 0x20000038, 0x0) ioctl$TUNGETIFF(r2, 0x800454d2, &(0x7f0000000000)) ioctl$KDADDIO(r0, 0x400455c8, 0x43) 18:41:51 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xd) ioctl$KDADDIO(r0, 0x400455c8, 0x0) r1 = openat$full(0xffffffffffffff9c, &(0x7f0000000080)='/dev/full\x00', 0x3b1b02, 0x0) ioctl$TIOCVHANGUP(r1, 0x5437, 0x0) pipe(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000040)='/dev/cuse\x00', 0x2, 0x0) splice(r3, 0x0, r2, 0x0, 0x20000038, 0x0) ioctl$TUNGETIFF(r2, 0x800454d2, &(0x7f0000000000)) [ 2605.114218] minix_free_inode: bit 1 already cleared 18:41:52 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xd) ioctl$KDADDIO(r0, 0x400455c8, 0x0) r1 = openat$full(0xffffffffffffff9c, &(0x7f0000000080)='/dev/full\x00', 0x3b1b02, 0x0) ioctl$TIOCVHANGUP(r1, 0x5437, 0x0) pipe(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000040)='/dev/cuse\x00', 0x2, 0x0) splice(r3, 0x0, r2, 0x0, 0x20000038, 0x0) 18:41:52 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) mount$fuseblk(&(0x7f0000000080)='/dev/loop0\x00', 0x0, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000000b000/0x18000)=nil, &(0x7f00000008c0)=[@text32={0x20, &(0x7f00000000c0)="b805000000b9510000000f01c10f46a78900000066ba2100b067ee66ba4100edb9800000c00f3266ba400066ed0f30c4c271de9d0000000066b808008ed0660f38806f000f011c2666b8bf008ee0", 0x4e}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)) r3 = inotify_init() r4 = inotify_init() r5 = dup3(r3, r4, 0x0) ioctl$sock_inet_udp_SIOCINQ(r5, 0x541b, &(0x7f0000000040)) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4cb]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 2605.212011] kauditd_printk_skb: 3 callbacks suppressed [ 2605.212021] audit: type=1800 audit(1590777712.053:1111): pid=29948 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="collect_data" cause="failed(directio)" comm="syz-executor.0" name="file0" dev="sda1" ino=15924 res=0 [ 2605.254667] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 2605.269413] audit: type=1804 audit(1590777712.083:1112): pid=29948 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="open_writers" comm="syz-executor.0" name="/root/syzkaller-testdir477172077/syzkaller.GVGvUQ/722/file0" dev="sda1" ino=15924 res=1 [ 2605.386636] audit: type=1804 audit(1590777712.233:1113): pid=29948 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="ToMToU" comm="syz-executor.0" name="/root/syzkaller-testdir477172077/syzkaller.GVGvUQ/722/file0" dev="loop0" ino=1 res=1 [ 2605.454110] minix_free_inode: bit 1 already cleared [ 2606.573088] Bluetooth: hci4 command 0x1003 tx timeout [ 2606.578389] Bluetooth: hci3 command 0x1003 tx timeout [ 2606.578425] Bluetooth: hci4 sending frame failed (-49) [ 2606.585222] Bluetooth: hci3 sending frame failed (-49) [ 2606.733039] Bluetooth: hci6 command 0x1003 tx timeout [ 2606.738365] Bluetooth: hci6 sending frame failed (-49) [ 2608.652995] Bluetooth: hci4 command 0x1001 tx timeout [ 2608.653060] Bluetooth: hci3 command 0x1001 tx timeout [ 2608.659525] Bluetooth: hci4 sending frame failed (-49) [ 2608.669801] Bluetooth: hci3 sending frame failed (-49) [ 2608.812981] Bluetooth: hci6 command 0x1001 tx timeout [ 2608.818388] Bluetooth: hci6 sending frame failed (-49) [ 2610.732767] Bluetooth: hci3 command 0x1009 tx timeout [ 2610.738054] Bluetooth: hci4 command 0x1009 tx timeout [ 2610.892792] Bluetooth: hci6 command 0x1009 tx timeout 18:42:01 executing program 4: r0 = socket(0x200000000000011, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'sit0\x00', 0x0}) bind$packet(r0, &(0x7f0000000200)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @local}, 0x14) sendmmsg(r0, &(0x7f0000000d00), 0x400004e, 0x0) accept$nfc_llcp(r0, &(0x7f0000000080), &(0x7f0000000000)=0x60) r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000040)=0xf) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'sit0\x00', 0x0}) bind$packet(0xffffffffffffffff, &(0x7f0000000200)={0x11, 0x0, r3, 0x1, 0x0, 0x6, @local}, 0x14) sendmmsg(0xffffffffffffffff, &(0x7f0000000d00), 0x400004e, 0x0) ioctl$PPPOEIOCSFWD(0xffffffffffffffff, 0x4008b100, &(0x7f00000001c0)={0x18, 0x0, {0x3, @broadcast, 'veth1_vlan\x00'}}) r4 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ubi_ctrl\x00', 0x600, 0x0) r5 = creat(&(0x7f0000000280)='./file0\x00', 0x0) close(r5) r6 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r6, 0x84, 0x1d, &(0x7f0000000040)=ANY=[@ANYBLOB="01000800", @ANYRES32=0x0], &(0x7f000095dffc)=0x8) getsockopt$inet_sctp6_SCTP_ASSOCINFO(r5, 0x84, 0x1, &(0x7f0000000180)={r7}, &(0x7f0000000200)=0x14) setsockopt$inet_sctp6_SCTP_PR_SUPPORTED(r4, 0x84, 0x71, &(0x7f0000000140)={r7}, 0x8) ioctl$KDADDIO(r2, 0x400455c8, 0x0) ioctl$TIOCSETD(r2, 0x5412, &(0x7f0000000040)) 18:42:01 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xd) ioctl$KDADDIO(r0, 0x400455c8, 0x0) r1 = openat$full(0xffffffffffffff9c, &(0x7f0000000080)='/dev/full\x00', 0x3b1b02, 0x0) ioctl$TIOCVHANGUP(r1, 0x5437, 0x0) pipe(&(0x7f0000000180)) openat$cuse(0xffffffffffffff9c, &(0x7f0000000040)='/dev/cuse\x00', 0x2, 0x0) 18:42:01 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) mount$fuseblk(&(0x7f0000000080)='/dev/loop0\x00', 0x0, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000000b000/0x18000)=nil, &(0x7f00000008c0)=[@text32={0x20, &(0x7f00000000c0)="b805000000b9510000000f01c10f46a78900000066ba2100b067ee66ba4100edb9800000c00f3266ba400066ed0f30c4c271de9d0000000066b808008ed0660f38806f000f011c2666b8bf008ee0", 0x4e}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)) r2 = inotify_init() r3 = inotify_init() r4 = dup3(r2, r3, 0x0) ioctl$sock_inet_udp_SIOCINQ(r4, 0x541b, &(0x7f0000000040)) ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4cb]}) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) 18:42:01 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) open(&(0x7f00000000c0)='./file0\x00', 0x40c2, 0x0) open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x200000000, 0x2, &(0x7f00000001c0)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r1 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) r2 = msgget$private(0x0, 0x0) msgrcv(r2, 0x0, 0x0, 0x2, 0x0) msgsnd(r2, &(0x7f0000000200)={0x2}, 0x8, 0x0) msgctl$MSG_STAT(r2, 0xb, &(0x7f0000000200)=""/99) write$binfmt_elf64(r1, &(0x7f0000000ec0)=ANY=[], 0x471) sendfile(r1, r1, &(0x7f0000000480), 0xa198) [ 2614.749306] audit: type=1800 audit(1590777721.593:1114): pid=29980 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="collect_data" cause="failed(directio)" comm="syz-executor.0" name="file0" dev="sda1" ino=15943 res=0 [ 2614.799326] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 2614.807792] Bluetooth: hci3: Frame reassembly failed (-84) [ 2614.823511] Bluetooth: hci3: Frame reassembly failed (-84) [ 2614.843424] audit: type=1804 audit(1590777721.623:1115): pid=29980 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="open_writers" comm="syz-executor.0" name="/root/syzkaller-testdir477172077/syzkaller.GVGvUQ/723/file0" dev="sda1" ino=15943 res=1 [ 2614.973653] audit: type=1804 audit(1590777721.823:1116): pid=29980 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="ToMToU" comm="syz-executor.0" name="/root/syzkaller-testdir477172077/syzkaller.GVGvUQ/723/file0" dev="loop0" ino=1 res=1 [ 2615.043486] minix_free_inode: bit 1 already cleared 18:42:02 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xd) ioctl$KDADDIO(r0, 0x400455c8, 0x0) r1 = openat$full(0xffffffffffffff9c, &(0x7f0000000080)='/dev/full\x00', 0x3b1b02, 0x0) ioctl$TIOCVHANGUP(r1, 0x5437, 0x0) pipe(&(0x7f0000000180)) 18:42:02 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x4) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000040)=0x3) 18:42:02 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) mount$fuseblk(&(0x7f0000000080)='/dev/loop0\x00', 0x0, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000000b000/0x18000)=nil, &(0x7f00000008c0)=[@text32={0x20, &(0x7f00000000c0)="b805000000b9510000000f01c10f46a78900000066ba2100b067ee66ba4100edb9800000c00f3266ba400066ed0f30c4c271de9d0000000066b808008ed0660f38806f000f011c2666b8bf008ee0", 0x4e}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)) r2 = inotify_init() r3 = inotify_init() r4 = dup3(r2, r3, 0x0) ioctl$sock_inet_udp_SIOCINQ(r4, 0x541b, &(0x7f0000000040)) ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4cb]}) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) 18:42:02 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) open(&(0x7f00000000c0)='./file0\x00', 0x40c2, 0x0) open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x200000000, 0x2, &(0x7f00000001c0)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r1 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) write$binfmt_elf64(r1, &(0x7f0000000ec0)=ANY=[], 0x471) sendfile(r1, r1, &(0x7f0000000480), 0xa198) openat$cgroup_int(r1, &(0x7f0000000000)='pids.max\x00', 0x2, 0x0) 18:42:02 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r1, 0x400455c8, 0x1) ioctl$TIOCSETD(r1, 0x5412, &(0x7f0000000040)) ioctl$KDADDIO(r1, 0x400455c8, 0x1) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'sit0\x00', 0x0}) bind$packet(0xffffffffffffffff, &(0x7f0000000200)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @local}, 0x14) sendmmsg(0xffffffffffffffff, &(0x7f0000000d00), 0x400004e, 0x0) r3 = socket(0x200000000000011, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000080)={'sit0\x00', 0x0}) bind$packet(r3, &(0x7f0000000200)={0x11, 0x0, r4, 0x1, 0x0, 0x6, @local}, 0x14) sendmmsg(r3, &(0x7f0000000d00), 0x400004e, 0x0) r5 = socket(0x200000000000011, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000080)={'sit0\x00', 0x0}) bind$packet(r5, &(0x7f0000000200)={0x11, 0x0, r6, 0x1, 0x0, 0x6, @local}, 0x14) sendmmsg(r5, &(0x7f0000000d00), 0x400004e, 0x0) sendmmsg$sock(0xffffffffffffffff, &(0x7f0000002a80)=[{{&(0x7f0000000080)=@un=@abs={0x0, 0x0, 0x4e23}, 0x80, &(0x7f0000000680)=[{&(0x7f0000000100)="ae0b1badff7a5b7e5ef1ac3425537c5d1b183e117294f76e5e2ee653d43b7e35c22fa218744c9f382e1709004febb3405d710e1399c34d598a391306080d94f6b60235b673aff247050184f304cfc644f2405718e6cca4a279a55542785a4475d5880d8a01889417a90953722c051205e84be33a2f008f9684f20866ff19d4e6b1346a114409168f8f832496466a3ed4b65e9064e86bd5f062e97dad5e24854b81962ba4d2ee056fd85ec49ecc371b8e9cde5a3e7f02b30b73d1945fb2f679f72890dbfbf6ef5b6d09abcb4c", 0xcc}, {&(0x7f0000000000)="b8417817b5ef4f0fc12c428f4d4f0143cbc67d5a7ce537a6ad43844bb9", 0x1d}, {&(0x7f0000000200)="bed516528c3af60d059ab25cbc9692e64457fe37a0d65e7bed2e3ef4152bebc630720397c8b43eca8ff125db222eabed46bdf1231c9ca7c24646c9e8b781ae10489fce4be0a90d5b239778574c22edca6765c44c0178007af90b52040c5343119fcec590653ff495f81bbbece2bf10696bcd32f399de119a9223b20654c6a7bef0d87778cdb5189cb70eac840df61b1ab3996f8afad1027f5814aeee32f90e015feeff9ac9b6d602d772fd5f8a78071399bf22a6cebcccdcb8fb138b87c3e93de76a68051c941c9d39eb59c6cd9079ad140dd73114ed7f750bcbe1d328575a00a721e9e16cb3014068974a4f1ae590471c5511c07e28aeae80d1e0", 0xfb}, {&(0x7f0000000300)="07e743071ab73cc833cb4cdd0a96403e02e96f52a7527420bfe09192e9c93bb03dab08d24c11abbea3ffde60182f129c2941fc0b9ebf2814290799a59998b4a68669658617c3dc108bbbd9267638703ec86c34fb4e6e7fca70ec9a5ec7dd1860a612685a928cbe64113c56bfd6c19b58a510bfabea7390e09a73f3eac8f011363b6e84830c43652dd680f9c10a06da9045dd80207a90ec195551cbcf18add3", 0x9f}, {&(0x7f00000003c0)="7824a88223be1e5c099228b4f6408e04b86223b50e79a91d08d9f7f164593e4b05d9163a8d9b606f565d505603e2085e126f78f206a5293447433eccf2d3a37e965ff11161157d16fafdd348d3422c41b1dc8cfa2675ca90d0ecbbe0", 0x5c}, {&(0x7f0000000440)="65fd7be576a9eafe9e11694e8d6819245369d932be892acda3a3aba2a862785a91864d", 0x23}, {&(0x7f0000000480)="76d3cb546227487b322934d499ae47089b191108892c64fdebbae282742254af7723eb33db35e6e7b5e9512fe3e193a913b739ff5e722ffb4b3a86424a4ddba976d775864cbb8473ab47ea6a679133621ce0ff6a95b4ecec871ed682c342b227ceaa2a6519c5ea1fbd24822c76a728df0def1cc6c2aac18888a08d7c4f6c5b39f97578e8432664cfc1c410c23c70a9fa233918685b9634073a522dd37df389f4030fa139c3c6dab074c2aa1937cdb0189f35f3920963a51daba0f83789e745a71f41e142f4c74cc20eed561805eaebe26494", 0xd2}, {&(0x7f0000000580)="ec0641e1438c2fb17756b1fc77a203cd4b46589d98bc241f22b43275c7b69a24f5d65151560bbdd1df4f53a6c8078efd716f39db266e9e5d7fc1d452ecdf9636354fa0d633d156be7a1afb09db82a852d847498d32d7379435a17d5d25a4bc13e42985ef9d2d59499a1d5cdddf031609f4b26efd34a9d8ea9dc1fb685668086f15f735b05750bdb7783df2051cbe5f83c4c68916c81ae121836ac750d643cffeb27991a527890943", 0xa8}, {&(0x7f0000000640)="6bc8c9433dfb1b0050f5d489cbbeeb25a9e50fd7af203fc476d32d6b55c82e0e0c6090d83f1d328dad4a12d8bdf084698f77038b01b4d810ec", 0x39}], 0x9, &(0x7f0000000740)=[@txtime={{0x18, 0x1, 0x3d, 0x1f}}, @timestamping={{0x14}}, @mark={{0x14, 0x1, 0x24, 0x4}}, @mark={{0x14, 0x1, 0x24, 0x5}}], 0x60}}, {{&(0x7f00000007c0)=@rxrpc=@in6={0x21, 0x3, 0x2, 0x1c, {0xa, 0x4e24, 0x12, @private1={0xfc, 0x1, [], 0x1}, 0x7}}, 0x80, &(0x7f0000000e40)=[{&(0x7f0000000840)="963b59b05092e41d14ea7bf9b859af697b36c3e5f47cda104bccc96442dc5abcce8f6fe0d75168e7dd697e0992cc18e5aee2b9a08fc699ac6e64336ecc6df22f521d0bde8b7bfc360e0ba14d43a94206078b0824482a8083aeb8b2572bc88ebbf784d06f38cf34abca2fb891295fe52be96bff81d80c1725478ce7c2b243f94b8f047632e2ea3b091e04e4992f7bf7566cead7e397f0a4c827b56cf6663a", 0x9e}, {&(0x7f0000000900)="d7a76862fd1f6c5b923493ea0c603e94fd892b4bee0bcb258c2c0abaab83cd", 0x1f}, {&(0x7f0000002cc0)="185314b9dc1c51ecd396356f0fbdd54f5b3fcd0ce6f15e5e98c6d6f00571850d53ced5765850d7bf715b0a7c2da1eb6b8231e31928fafe88641d99fdb97ae2dd5c73defc534342d57024634102d663eb724f86857727779099a45952e7f3637c6b04355e1d0412198b732f7b17ffae01518739e38ca29d71d128e3a0c030c66e8fad23f4afaf03d20fd21ec385f255d468dec3857093ead91e098ed693f81dd97149935c3afdff4d203e36cef2845785ec0f36e0f3b113e6c08411a6f7f6e3643156b774f6c35a90a25e145c932647ac59f486dc36b76cbbefe23409283a075919977fd219d370c64a4f6698df8bde5aaed058562303e0ea7dcedeed1e51909878403bb9381172bb57fad78fac46553e3020aa0a24a41e29e4da069905d0b1199bef0c59ab5463d5f83f66df2f7f55689dbdaf4e410edaac17701c58722fb3fe885e9e036a8e86818d6e67825ebf933245a8335804285cf55ebde4b6f191beccb6067c242e123d1cd8a1db08d33a6abeec34d238fe2364434704422d66ae8b60b1b74fd247be29a51b52ef807be801534892f6850a71a1c7d8e6947bbb6bcd", 0x19f}, {&(0x7f00000009c0)="27938fc970c0ebd558489625386a9d07689c7abaaa8c0b642a174e75d13d545232965b04e2f39e99b500d7e6da5bca10320e802028eb3252372d187645a5c125afcae1007f58685d313be96485fb8ab48ebf7720d3314fe41a30e0c5a5f390078ff81d032e6a88cca950a0", 0x6b}, {&(0x7f0000000a40)="c076f3bbd11c68dbf49be4af21bc99a3d1b86528dc718a6944425c1ef60d3a7b3167ac6b4ee953b52083c665ef598537682957", 0x33}, {&(0x7f0000000a80)="ca7e79bdbf7852f75988c708964f24ec795fe9bbab79d02f7033fdb4e44d08701784e72f37e8826a19798f9273f1671731151167abd6776b6646eb00e18855f81be65c08aa6f295196c9616fb53a1437b6c5fb2d7a6b990d37dc6875420f77a5ac5ff7de95ad344ac62653040a8fe6ecabb790d2d2479cfdab08c6b787e497396a4b23f403c153a82521d039704681d7fd9b4c4e0330369bcccfd8a5217ddb49856ac88d0f05bd88561df6290c8c34600a11248042df1ea20415c12361fd23ab8f9f9f42146d4eeba3316e8c3e9d", 0xce}, {&(0x7f0000000b80)="7113cad3b0dca92b505d41faa274837394a38256db33f22cd172056430579402b4c8296d4689f58e1387488cf4f736ac05f919cf5669658b6722a433768ebf68faf970142c632adaf1786cd0bd0590e2", 0x50}, {&(0x7f0000000c00)="f3ca517797d3301d2040e03d040290486ecce50c9565679b5e997e9322ebc1953581f1e783ba5aa5ddfed941ccb11bcc17674479acd5966d56a69873d07c9bec32ebf0a66005b1decd92e736170869730b37999fcdf8096c2d048d6e51c8508e8b4c2a795a35e7c30acb276da98fae64f7d9253e1a75a756b098be1170a2f49e35f693b207d10536c3258ff4d5f89afb00d1be39d99a881ebc9c55a420f5e77dc8d805570da21d2ac0dbb7ce379a04c95a63e31f29f884a0229aa1e6b2ee0bc9", 0xc0}, {&(0x7f0000000cc0)="b705f6618f4f7ac39d6fa6e6dab06f517997edf721cf4630d7ed6b11fa6457aa0ef118c816070415cb67fcea134aaf1c0f581b6fb19d5079bc2af0c7a3c0b5336b5d9b686c28a2d96e6cd67b7e6f1586ea1b688c9545fcb16aa64844ec6664d92087c6cc1406ac83d149426e88fa24da761febe3b22eb8cda4c0456edb446a5f9e0173dd2cbd7a9312d2b9384766031b61d95db9952cd6", 0x97}, {&(0x7f0000000d80)="fe38a15b8ea1b2195d8b7d5e941cbf836330fc6403b790bf4535c84b5fc44253069758d3212abb077ce45c90c5d074d66ccf6f0ace03cb8f704647463bcb3c53ccd630a9341c855f2c9e93ada389015bb0c7b9c464d6b15fd359a40e581521195a8e078bad0b0941f931f4e7a4719f81fe3d0efa01466486dd9c820c2ac448083733f6e06ef7a7968e1703ae03a63ae811ec53d983f9af23b23c2a132ab0a46a063efe81999bbf40c7a8ae4fa110ca2e3ebb9a549d5e5fbbbbdc62", 0xbb}], 0xa}}, {{&(0x7f0000000f00)=@l2tp6={0xa, 0x0, 0x28b3, @dev={0xfe, 0x80, [], 0x37}, 0x0, 0x4}, 0x80, &(0x7f0000001180)=[{&(0x7f0000000f80)="2fd6425c3ddf648966de41901728bd78359fbab58207a7943a8f7adfaeeac20b75f26c792c11b77bb2340a7adad50c1307004b46a66d419a371880f8e916dc283eaa45f8667d55eb3a4b1aeb13c724a190f36fd2aec0189ad7919eea3a032938a0f17258025bfb7464d0404f14da2d72e245bd40e26742d4ea7e6999cb973b12dacaac3f5306eede30e64696647035c6bfb1c7bf86e0b0ec267ee950e28da5b5e141769d72058eb44e358b145fa79c1f9940a33234c79fa7d1421facd4a003a8c630d08fb42cdfda075140ddfd05cbf8e73f6fd0996165b9c4b7c468cb48f187c2b93a", 0xe3}, {&(0x7f0000001080)="eb5463561c4a2cddd33a95f3e9ea0a42ab1c9fa0b3af3d36f6747e202f69d609ddfe4b80fc26165e1fc84a2bc056a7edfb73e2824df32d68a27aa226665d76373b13f2d5f8", 0x45}, {&(0x7f0000001100)="c431774c6debe84198a2961bc0a0c0d78777ba504538ad0b466122fde595fe9699ad728119cdf28a58cc0a262fcc1acb94c962d5614a171920b79b4b6ecaa7b5963b0b5a29babf06775c4ec28ad57bea", 0x50}], 0x3, &(0x7f00000011c0)=[@timestamping={{0x14, 0x1, 0x25, 0x3}}, @txtime={{0x18, 0x1, 0x3d, 0x20}}, @txtime={{0x18, 0x1, 0x3d, 0x3ff}}, @mark={{0x14, 0x1, 0x24, 0x3131e365}}, @mark={{0x14, 0x1, 0x24, 0x5}}, @mark={{0x14, 0x1, 0x24, 0x8}}], 0x90}}, {{&(0x7f0000001280)=@pppol2tp={0x18, 0x1, {0x0, r3, {0x2, 0x4e20, @rand_addr=0x64010102}, 0x1, 0x2, 0x4}}, 0x80, &(0x7f00000019c0)=[{&(0x7f0000001300)="e6f546d39e39cff585c3fa8c424cc8f585abcf63ef7d4d90e50d2a0eb8244979463ae346a68bd9a870e332352b209e8f8b39101cab8362cd10b1539341934ba2b7935c4a2181fa1f2969fa2b79d83fa21ae18c1962716f82da08e7ebdcaa2b9258135c9ed6949e6e3f0fc71b28db0ec66637dfe0270a05af96a40f5052bfb9426c04e597b2cff92895517ae921daf5feaf6bde3c7537c42f3c533256c194", 0x9e}, {&(0x7f00000013c0)="3d8b34d6305d0232d1970e6fd0e977f273571ca60edc2896045907f1570c59543aa639e7d2567d8c6be6e53d6643ff153917c1074339af1bb1b564cb5bfe493c2a2488b2d88bd22a88d6e8866097b574b4d7ca7602ed8580bf2bedd25f146acd46146682f40447f99a698717f155af97726be817f58c4ea0818a12b3ce40979af7aa95ffde2fa3549ad56c27d2332693b5e4ec8d53352548588377e9cc39638bc6967d5de68b078b3a", 0xa9}, {&(0x7f0000001480)="8d8f8d58c9075611192906fbd05cfe161a311a8900e402e802b2a370d42a01a39407d271756bd8a3b8b05f6bbfa9ce27848cf1affdd9f0b182ae9f14dac97ca9b639c78e982fa9faaf3535770c4ba1fe65013e11867b38884bd9b8ba6bb4e50db30955a2b9394afb07618411904219b1949b4427fc7e5af9d9435ea6d58b8722064d6bdf600e3c19314e4ef0443d4d2aa9309391cbfde3a04a521c59736e4f50744a4d8565bdd756b4f1d081c5b2ad587b01e164ec9ceeb38aa0e2a7bdf832a93af987e09dd08561022fa2103f0b913cf1059e2dc862faf2fc6fb8a3ad54a4667654091c", 0xe4}, {&(0x7f0000001580)="f7bd54864e33ce548cb04d912b634e9ddffa09ef523f4ce2cac9a51ee19e3aa5470073bcc36e02ca3ac82b76839f9da590e10faecaf65c9f4adf10b6c55963d37f359297b19be2e225ec0e4d0d54bc11637c6120439df5d4eec513182bc0198473144fbf50676e", 0x67}, {&(0x7f0000001600)="58f05beae2502af5cf5e9e7238c47a3e071c209d9fdeaaf7cdb3c1a157909038456168fe580fdf9976a194d8ac6bf5bf5b017b06dda565fe88da03b526dd47db48b96fc5f7c10b1259e39f6b2e5f271fa8e0fe7008731b65798f6f8cc92fe4ad5bf48b10999407b4b624a119d4217d41f2f354bc0843fc90b237e700c4e98ab5944dc187d6b857b87fbc0df72449f780f11ad844896a3e2cab8a6a5812200065bf90344019b43f838f7e0f251c55b42365c146022dc5a0cd808aaf7d2d1e41df337264f604bc994b486d562cf519bb8f77c3e9ee87b49a1d2faf305408106d8a76aaae70ee63b2afd9e63287080ab55813a102f240", 0xf5}, {&(0x7f0000001700)="a2a978c615dfa028299fdec23d766afe1bdbf99cb052999f83b1ba6240f36a54fbca2efb704fdfab58911c04a087e05c9b3e87eba2fb25970bb6d7d3d6fbc88ff9e1613da6d3ef82b10bfe55f68e27139e9cb4cd31cf9380a3d6519e6ef2714048d1f0ea0c2cc4295eba667aa990bef41d33fa2372d7e2ed03fdaec45b959b6939c8b5e43386b618851af0d217021c40ef580d7287e6f0d7", 0x98}, {&(0x7f00000017c0)="d0c3efe9a5066f014a444ff3281383e6d5282ab4904805fdd8a762944ab344f5f217706931531144c1d274d0b604caaee3f0e14f41af2747a7b0d6593a66140f357b66bec9ed58ac62be320bc12da58c4be97ab109d5d25d85f96f86c194933bb0d7e6200636281a01db94ba03ea3e04519020446f88f4e8c4a9e0a846470a3d19678477debbdf49fb67ea1bc51507505808d1d47903c6c18b9abb2ff0611eea80d820bd72f44cd96acec8e833e4", 0xae}, {&(0x7f0000001880)="e53a7729af3c7f56129598039addcb17d969a377d2ef0422d841c5ec71ffc034ef99e7409fe64328af866bcb457f58065853888ca7ded552b40210274f6bfb06d43a2f110bcda0614f2846121a0120cd777c01a51af20d3350cfc239919038a692cf024389a5db2fa96c6f9b0812f3ee48448f2e1fb892c7078c10ef3f3e558e861f242055f52a19e350b5c3aa5886b626ed7101", 0x94}, {&(0x7f0000001940)="0c913b8ced88289be6edd31e3e85fb50d1acb5b2fcdc06ea16b527a75d943f2b6fa5f9d44651c8d3", 0x28}, {&(0x7f0000001980)="69b085464d36568fb81fc53141311630edc5f9377216e3", 0x17}], 0xa, &(0x7f0000001a80)=[@mark={{0x14, 0x1, 0x24, 0x6}}, @timestamping={{0x14, 0x1, 0x25, 0xff}}, @timestamping={{0x14, 0x1, 0x25, 0x6}}, @timestamping={{0x14, 0x1, 0x25, 0x1}}], 0x60}}, {{&(0x7f0000001b00)=@generic={0x11, "9b0f8fd9e38ad0965927d3e1748421fbd5e70b4bde4ad31ad328039535b3bec2a2799f098e4468be53cc8cb47571e0499d2c61012859eee20bcde2b3788f32c45d6184f88d38af23ca2fc9774dda9a1cde263fd1019dc928f36d0a47353faaf71d1856175c9f90a042cfbf3f03e44f660fe22ea79803104a147990e75b6d"}, 0x80, &(0x7f0000001f80)=[{&(0x7f0000001b80)="9d7f0738ac621adc049fea7913eced03b02422895de80ad95d9f9a693bdd9a2b9db9432e61598609b0f38112ac6136f85fd6d77824ad864694209fdec580c3db13406ab8f0639218d3d23944888b46bbebc5ce48bdc1ca0720ab2646bce97314321265719ded41df22ec3c2525f0c8e17ca894cbbe18f874ca721fe4a7391449de53beacc3d786b9143822ca", 0x8c}, {&(0x7f0000001c40)="c067bf049107be7328ae762f870c3ad9389c6c23ba5c0ebcedac75def905cddf93078e0523249d9dc7f39e9136f550ee846ad2fdd3f1a9cc597c6ea77f94e248e25c194baba46fa49a9740360d7e36e8ba240c79c6796572c31dddce4245d5e9303081ff17638f46f19880c9d0c165d0171e407f43af3158a1406ec739db4dad75e5f00794e08b376d9007b011c97fe7f3d8ea5333942a886c2985e5ac833dfe68a319bae8485467b95a7fb5baa43d99dd8a2ed81b02ca89b5f001903ae7d874b22457cf98d8a8f5591f5fe22984c6e0d5410be9ee9e", 0xd6}, {&(0x7f0000001d40)="eb7060eaf01570293a1f8466ea34154d705e7829ae4d8caecf4fc6d250b968ca2180241cc1ae232aff06fa1b410303f55f0e0d681ca30d2c257e29b4174d0caa7e3e2e4f4c3d7b0b4ecc5ae8b39480d2d09734bbb1b1ce2169095ec56f36a9dddb171825bff345c6920dc002fc26c496f585b44d1aa47121c5e7eae204cb43860f1b6131e3664134996fdf939aa16908f9d09b90e4bf74f2be75eabe6a2f1bfa670a61126eedc7d23f772f624f7d140b19cfa18b973dd2a6031ea02a5f0f54afbb6ba1ccf0f0beb9f575b47b270135d0a1682fddc99c9315c542aa5a2b1713a6bd3ecf", 0xe3}, {&(0x7f0000001e40)="6c41758d3e23307b5a70115e975e8f576411312c8f7cfbf384f9f90ad9f51571ca91f9649446d7a88c488385da9cc78a400de27e4de6c0703ec641f271258ae546eb84a7c8eb80d700fdeac05eea9c8489366b6abfea7ed31cd6c8985295f3635ef9f1f3c7e676e2542c55a585eb38bf51ad1eb33ef7d5f573a3be0cbd59ab79934acafdd41ddd", 0x87}, {&(0x7f0000001f00)="4ffbfcc05ed43d241950ba84d982dfd8cf174f8e86f064d9e1c979f1a178f3f2fd3ea36d6cbc9edea0bc293ca2568e167dd8c9a05dc4527c81c4990e5c08f60f99f94156625c7231a43d4b200b1bd6917ac14e356ddf1f2ec04ec9449a03a9eceff1792002d8abe3c66f3c2ee19ac552ad6fab", 0x73}], 0x5}}, {{&(0x7f0000002000)=@sco={0x1f, @fixed={[], 0x11}}, 0x80, &(0x7f0000002380)=[{&(0x7f0000002080)="819a9e8a82f4d1ed55881c9bdfd99872ab3dcc4a0139c06f0732611501a91ba274fd65a27c4d9829716014b5ce69315dd9c5f3e3279d67963a272a9845f6ac156224c2d1195dc2cab5098df1fe7afa46c21136ae8d3b029793742d3c35aac2d65cd438a004dbe2659861c5409db68f7501a9e98ccda31a282ceb43e40137366ca73828629a90d025d74632ccf37318bd", 0x90}, {&(0x7f0000002140)="3d2b146cfb88dc783ee7dc7f6b32941d89570a7e913ead2272312b8defabe8c7edaafaa5ddd022285fadb1937a522be6bb85e089084506e5d226b21e004aa822053e653f4746cfb2cb162f0e68d9df00e516aa30cd0fde8ab90851235c86440d4452a603d6d04aa2bf2248ff903427a68b398183c53c056b71b688987e7e486dde02b157206b6994366a80642fb07de3cf68a2641f7f5ce11c80a2750c9233b75b1730c8bf2ba630b61efe46fbfa6ddbb826d1f792ae4ecde7d71412779cce65385f5881f245107a9f4f96d98a9d272268da1db7fd8b176e26460ea0d748266532049922b90e25aa49c5775357ff42b6cb0a1b89da996ab184d7725cc152ee", 0xff}, {&(0x7f0000002240)="627b51fdd7441d8d52", 0x9}, {&(0x7f0000002280)="f9b86aa7eafeebcea4b340d7397273ce908d0e7c1ff1f47393da7817b617c6affc95e6a1e9f27ad244c5e76c6b0b3ff4e576b0b959fd6771f07a34ce23737cd588", 0x41}, {&(0x7f0000002300)="f8ea19c926a882e365be95593db8e2af8f9bd14503d187f7abbe8f182422ad007ce2a52c5f601f97ebe95c5587a3274fd38fe0cd3315056af8dffbdaf179111b4dd2623c41fa0ef8b8b6d20ed0aca41e31e6fe2229", 0x55}], 0x5, &(0x7f0000002400)=[@timestamping={{0x14, 0x1, 0x25, 0x5}}], 0x18}}, {{0x0, 0x0, &(0x7f0000002680)=[{&(0x7f0000002440)="59f0f8dd25c973f9afc631727d81dfe103b8faf56de6a493123a59e82c3046d67b62ab5a78e70885c8697124a19a8dbf30ec2d6fcf62b115d5adc8e17f9cc2931922da78b2f7d52c1cf325de6971b1c301c303f67b8388bfe515bf3d0acc2d315b8ac8439888981fc678a746a5aa82915ffbe0e8eb9910ce47073191ea5f848a5638d3772fa72b186f98896389bb111e661629c71ea2d7b3771d4810418a7ed4aea3bd6ea8e6e0e2fed4", 0xaa}, {&(0x7f0000002500)="c2f473f642658f5f63d1f02a76c610ed2d21da7f687502b3859b6977e012cda8a55ab3c755be0ed02b663b883b422907d8dbd4e6b2053cb788f92aa4fdf6b8775b941932ef0d113e07218fb20fb5c34e", 0x50}, {&(0x7f0000002580)="ddade25022315648bcf2816a24ce2a2ff5fbb01a26245aa82055516bf301461be76f2ab17d056423dc7f195b998351b1400f9915dbdd16b903ac39d9c605b90c1b1208ae11456e43498d09e012485ced394ad8f976f8f3cf9af8ac4cb060036011cfaada0b8efb248d4b4d1f958bbf7341d62a18d971123646e8e081645da80da9cd2127f78b7158f4ad3a352b0c1892af018299ef82fe2b5a2664937e1296ab89179a003a7a6329a19aca5273bddb7bacf2c14ac0069b22dbb63f6de44fadc217a9823dc9d1d6a081b785432fdf22946d59e08db9ca4b4a660dc6b3b69a202df78d3c2a79dc6a5b20feecfb8205404dc560e7d45f2b", 0xf6}], 0x3}}, {{0x0, 0x0, &(0x7f0000002780)=[{&(0x7f00000026c0)="61745e3fdb71f077fc9d7acd6bf16553ea2144f9ae34dafce1c16e6ddfa082e60773578f551b47060f81af2fc47da13e82e2144efc7494aa5c013f14559035a86ce68df23b1e91ce91af2489af50580bad04dc3664e317a8d3be5381600bd33471f2b6de3128fec3eaf2a295cc6a2ace8f4207180cc417c1b0220d5fe7337950db623ad5ed31a3ffe1f6dba0b80c811cf11dd8f9d73cf189a9a14706bd8eb9d2ee9f32b58a793490c4af1b1f8005cd05", 0xb0}], 0x1, &(0x7f00000027c0)=[@mark={{0x14, 0x1, 0x24, 0x1}}, @mark={{0x14, 0x1, 0x24, 0x5}}, @timestamping={{0x14, 0x1, 0x25, 0x7}}, @mark={{0x14, 0x1, 0x24, 0xfff}}], 0x60}}, {{&(0x7f0000002840)=@pppol2tpin6={0x18, 0x1, {0x0, r5, 0x2, 0x0, 0x3, 0x3, {0xa, 0x4e23, 0x100, @private0={0xfc, 0x0, [], 0x1}, 0x8}}}, 0x80, &(0x7f0000002980)=[{&(0x7f00000028c0)="848fd3a9e72c7d2851a42cf9f8e23bc572ed17b2cef9359c6c4becc629362176000113c5994f8b6282f808f9740a173e5027f6dca4e5de8c7816a42a0090c1c2bc8c79b7af0b317badd6c4f97990b6199bd177cc87d7a8653806cc2d8b23373000b70fe3be1af71a9f88bd2d54953020807445b9899a01de2145ffa706476716b26aa3b705e6319b1f611dff1b00a0e9be08474f1d618ae6b24cf417332ec2f9a07e07af6f9edf36bf28cb2e4b8aded05769819bf2", 0xb5}], 0x1, &(0x7f00000029c0)=[@mark={{0x14, 0x1, 0x24, 0x6}}, @timestamping={{0x14, 0x1, 0x25, 0x1000}}, @timestamping={{0x14, 0x1, 0x25, 0x1}}, @timestamping={{0x14, 0x1, 0x25, 0xfff}}, @txtime={{0x18, 0x1, 0x3d, 0x1}}, @txtime={{0x18, 0x1, 0x3d, 0x6}}, @mark={{0x14, 0x1, 0x24, 0x1}}, @mark={{0x14, 0x1, 0x24, 0x8}}], 0xc0}}], 0x9, 0x2400c045) ioctl$KDADDIO(r0, 0x400455c8, 0x0) [ 2615.350157] audit: type=1800 audit(1590777722.193:1117): pid=30014 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="collect_data" cause="failed(directio)" comm="syz-executor.0" name="file0" dev="sda1" ino=16114 res=0 18:42:02 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) mount$fuseblk(&(0x7f0000000080)='/dev/loop0\x00', 0x0, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000000b000/0x18000)=nil, &(0x7f00000008c0)=[@text32={0x20, &(0x7f00000000c0)="b805000000b9510000000f01c10f46a78900000066ba2100b067ee66ba4100edb9800000c00f3266ba400066ed0f30c4c271de9d0000000066b808008ed0660f38806f000f011c2666b8bf008ee0", 0x4e}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)) r2 = inotify_init() r3 = inotify_init() r4 = dup3(r2, r3, 0x0) ioctl$sock_inet_udp_SIOCINQ(r4, 0x541b, &(0x7f0000000040)) ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4cb]}) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) [ 2615.403561] MINIX-fs: mounting unchecked file system, running fsck is recommended 18:42:02 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xd) ioctl$KDADDIO(r0, 0x400455c8, 0x0) r1 = openat$full(0xffffffffffffff9c, &(0x7f0000000080)='/dev/full\x00', 0x3b1b02, 0x0) ioctl$TIOCVHANGUP(r1, 0x5437, 0x0) [ 2615.454892] audit: type=1804 audit(1590777722.223:1118): pid=30014 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="open_writers" comm="syz-executor.0" name="/root/syzkaller-testdir477172077/syzkaller.GVGvUQ/724/file0" dev="sda1" ino=16114 res=1 [ 2615.524053] Bluetooth: hci6: Frame reassembly failed (-84) 18:42:02 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xd) ioctl$KDADDIO(r0, 0x400455c8, 0x0) openat$full(0xffffffffffffff9c, &(0x7f0000000080)='/dev/full\x00', 0x3b1b02, 0x0) [ 2615.629003] audit: type=1804 audit(1590777722.443:1119): pid=30034 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="ToMToU" comm="syz-executor.0" name="/root/syzkaller-testdir477172077/syzkaller.GVGvUQ/724/file0" dev="loop0" ino=1 res=1 [ 2615.674360] Bluetooth: Short BCSP packet [ 2615.687796] minix_free_inode: bit 1 already cleared [ 2615.942526] Bluetooth: Error in BCSP hdr checksum [ 2616.202441] Bluetooth: Error in BCSP hdr checksum [ 2616.462462] Bluetooth: Error in BCSP hdr checksum [ 2616.722409] Bluetooth: Error in BCSP hdr checksum [ 2616.812238] Bluetooth: hci3 command 0x1003 tx timeout [ 2616.818553] Bluetooth: hci3 sending frame failed (-49) [ 2616.982409] Bluetooth: Error in BCSP hdr checksum [ 2617.242447] Bluetooth: Error in BCSP hdr checksum [ 2617.452182] Bluetooth: hci5 command 0x1003 tx timeout [ 2617.452186] Bluetooth: hci4 command 0x1003 tx timeout [ 2617.452282] Bluetooth: hci4 sending frame failed (-49) [ 2617.457799] Bluetooth: Error in BCSP hdr checksum [ 2617.532363] Bluetooth: hci6 command 0x1003 tx timeout [ 2617.537807] Bluetooth: hci6 sending frame failed (-49) [ 2617.712438] Bluetooth: Error in BCSP hdr checksum [ 2617.972337] Bluetooth: Error in BCSP hdr checksum [ 2617.977335] Bluetooth: Error in BCSP hdr checksum [ 2618.232410] Bluetooth: Error in BCSP hdr checksum [ 2618.492472] Bluetooth: Error in BCSP hdr checksum [ 2618.752314] Bluetooth: Error in BCSP hdr checksum [ 2618.757291] Bluetooth: Error in BCSP hdr checksum [ 2618.892172] Bluetooth: hci3 command 0x1001 tx timeout [ 2618.897784] Bluetooth: hci3 sending frame failed (-49) [ 2619.012347] Bluetooth: Error in BCSP hdr checksum [ 2619.272305] Bluetooth: Error in BCSP hdr checksum [ 2619.277276] Bluetooth: Error in BCSP hdr checksum [ 2619.532089] Bluetooth: hci4 command 0x1001 tx timeout [ 2619.532107] Bluetooth: hci5 command 0x1001 tx timeout [ 2619.537418] Bluetooth: hci4 sending frame failed (-49) [ 2619.548575] Bluetooth: Error in BCSP hdr checksum [ 2619.553630] Bluetooth: Error in BCSP hdr checksum [ 2619.612437] Bluetooth: hci6 command 0x1001 tx timeout [ 2619.617951] Bluetooth: hci6 sending frame failed (-49) [ 2619.802301] Bluetooth: Error in BCSP hdr checksum [ 2619.807271] Bluetooth: Error in BCSP hdr checksum [ 2620.062289] Bluetooth: Error in BCSP hdr checksum [ 2620.067471] Bluetooth: Error in BCSP hdr checksum [ 2620.322284] Bluetooth: Error in BCSP hdr checksum [ 2620.327303] Bluetooth: Error in BCSP hdr checksum [ 2620.332661] Bluetooth: Error in BCSP hdr checksum [ 2620.582162] Bluetooth: Error in BCSP hdr checksum [ 2620.587130] Bluetooth: Error in BCSP hdr checksum [ 2620.842349] Bluetooth: Error in BCSP hdr checksum [ 2620.847326] Bluetooth: Error in BCSP hdr checksum [ 2620.971916] Bluetooth: hci3 command 0x1009 tx timeout [ 2621.102257] Bluetooth: Error in BCSP hdr checksum [ 2621.107179] Bluetooth: Error in BCSP hdr checksum [ 2621.362423] Bluetooth: Error in BCSP hdr checksum [ 2621.367427] Bluetooth: Error in BCSP hdr checksum [ 2621.611923] Bluetooth: hci5 command 0x1009 tx timeout [ 2621.617177] Bluetooth: hci4 command 0x1009 tx timeout [ 2621.632141] Bluetooth: Error in BCSP hdr checksum [ 2621.637179] Bluetooth: Error in BCSP hdr checksum [ 2621.692181] Bluetooth: hci6 command 0x1009 tx timeout [ 2621.892272] Bluetooth: Error in BCSP hdr checksum [ 2621.897199] Bluetooth: Error in BCSP hdr checksum [ 2622.152252] Bluetooth: Error in BCSP hdr checksum [ 2622.157319] Bluetooth: Error in BCSP hdr checksum [ 2622.412205] Bluetooth: Error in BCSP hdr checksum [ 2622.417144] Bluetooth: Error in BCSP hdr checksum [ 2622.681989] Bluetooth: Error in BCSP hdr checksum [ 2622.687064] Bluetooth: Error in BCSP hdr checksum [ 2622.942024] Bluetooth: Error in BCSP hdr checksum [ 2622.946982] Bluetooth: Error in BCSP hdr checksum [ 2623.202334] Bluetooth: Error in BCSP hdr checksum [ 2623.207385] Bluetooth: Error in BCSP hdr checksum [ 2623.462134] Bluetooth: Error in BCSP hdr checksum [ 2623.467054] Bluetooth: Error in BCSP hdr checksum [ 2623.722807] Bluetooth: Error in BCSP hdr checksum [ 2623.727729] Bluetooth: Error in BCSP hdr checksum [ 2623.982863] Bluetooth: Error in BCSP hdr checksum [ 2623.987791] Bluetooth: Error in BCSP hdr checksum [ 2624.242443] Bluetooth: Error in BCSP hdr checksum [ 2624.247549] Bluetooth: Error in BCSP hdr checksum [ 2624.502452] Bluetooth: Error in BCSP hdr checksum [ 2624.507472] Bluetooth: Error in BCSP hdr checksum [ 2624.772016] Bluetooth: Error in BCSP hdr checksum [ 2624.776950] Bluetooth: Error in BCSP hdr checksum 18:42:11 executing program 4: r0 = socket(0x200000000000011, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'sit0\x00', 0x0}) bind$packet(r0, &(0x7f0000000200)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @local}, 0x14) sendmmsg(r0, &(0x7f0000000d00), 0x400004e, 0x0) accept$nfc_llcp(r0, &(0x7f0000000080), &(0x7f0000000000)=0x60) r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000040)=0xf) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'sit0\x00', 0x0}) bind$packet(0xffffffffffffffff, &(0x7f0000000200)={0x11, 0x0, r3, 0x1, 0x0, 0x6, @local}, 0x14) sendmmsg(0xffffffffffffffff, &(0x7f0000000d00), 0x400004e, 0x0) ioctl$PPPOEIOCSFWD(0xffffffffffffffff, 0x4008b100, &(0x7f00000001c0)={0x18, 0x0, {0x3, @broadcast, 'veth1_vlan\x00'}}) r4 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ubi_ctrl\x00', 0x600, 0x0) r5 = creat(&(0x7f0000000280)='./file0\x00', 0x0) close(r5) r6 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r6, 0x84, 0x1d, &(0x7f0000000040)=ANY=[@ANYBLOB="01000800", @ANYRES32=0x0], &(0x7f000095dffc)=0x8) getsockopt$inet_sctp6_SCTP_ASSOCINFO(r5, 0x84, 0x1, &(0x7f0000000180)={r7}, &(0x7f0000000200)=0x14) setsockopt$inet_sctp6_SCTP_PR_SUPPORTED(r4, 0x84, 0x71, &(0x7f0000000140)={r7}, 0x8) ioctl$KDADDIO(r2, 0x400455c8, 0x0) ioctl$TIOCSETD(r2, 0x5412, &(0x7f0000000040)) 18:42:11 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) mount$fuseblk(&(0x7f0000000080)='/dev/loop0\x00', 0x0, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000000b000/0x18000)=nil, &(0x7f00000008c0)=[@text32={0x20, &(0x7f00000000c0)="b805000000b9510000000f01c10f46a78900000066ba2100b067ee66ba4100edb9800000c00f3266ba400066ed0f30c4c271de9d0000000066b808008ed0660f38806f000f011c2666b8bf008ee0", 0x4e}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)) r3 = inotify_init() r4 = inotify_init() r5 = dup3(r3, r4, 0x0) ioctl$sock_inet_udp_SIOCINQ(r5, 0x541b, &(0x7f0000000040)) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4cb]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 18:42:11 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) open(&(0x7f00000000c0)='./file0\x00', 0x40c2, 0x0) open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x200000000, 0x2, &(0x7f00000001c0)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r1 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) write$binfmt_elf64(r1, &(0x7f0000000ec0)=ANY=[], 0x471) sendfile(r1, r1, &(0x7f0000000480), 0xa198) pipe(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000040)='/dev/cuse\x00', 0x2, 0x0) splice(r3, 0x0, r2, 0x0, 0x20000038, 0x0) ioctl$SNDRV_PCM_IOCTL_HW_REFINE(r2, 0xc2604110, &(0x7f0000000200)={0x5, [[0x1a9, 0xfff, 0x3ff, 0x401, 0x11, 0x6, 0x4, 0x8], [0x80000001, 0x5, 0x4, 0x40, 0x9, 0x7, 0x9], [0x80000001, 0x4, 0x7f, 0x401, 0x2, 0x3f, 0x5, 0x4]], [], [{0x6, 0x603, 0x0, 0x0, 0x1}, {0x3ef7, 0x7, 0x1, 0x0, 0x1}, {0xfffffff9, 0x5, 0x0, 0x1}, {0xe000000, 0x1000, 0x0, 0x1}, {0x9, 0x5, 0x0, 0x1, 0x0, 0x1}, {0x7, 0x0, 0x1, 0x0, 0x1}, {0x1, 0x1, 0x0, 0x0, 0x0, 0x1}, {0x101, 0x3, 0x0, 0x0, 0x1}, {0x5c63, 0x5, 0x0, 0x1, 0x1, 0x1}, {0x2, 0x6}, {0x3, 0x0, 0x0, 0x0, 0x0, 0x1}, {0x0, 0x18, 0x1, 0x0, 0x1, 0x1}], [], 0x3}) 18:42:11 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xd) ioctl$KDADDIO(r0, 0x400455c8, 0x0) 18:42:11 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) ioctl$KDADDIO(r0, 0x400455c8, 0x0) [ 2624.973548] audit: type=1800 audit(1590777731.824:1120): pid=30064 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="collect_data" cause="failed(directio)" comm="syz-executor.0" name="file0" dev="sda1" ino=16256 res=0 [ 2625.003475] Bluetooth: hci3: Frame reassembly failed (-84) [ 2625.023946] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 2625.043749] Bluetooth: Error in BCSP hdr checksum [ 2625.048938] Bluetooth: Error in BCSP hdr checksum [ 2625.057822] audit: type=1804 audit(1590777731.844:1121): pid=30064 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="open_writers" comm="syz-executor.0" name="/root/syzkaller-testdir477172077/syzkaller.GVGvUQ/725/file0" dev="sda1" ino=16256 res=1 [ 2625.059912] Bluetooth: hci3: Frame reassembly failed (-84) [ 2625.155045] audit: type=1804 audit(1590777731.974:1122): pid=30078 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="ToMToU" comm="syz-executor.0" name="/root/syzkaller-testdir477172077/syzkaller.GVGvUQ/725/file0" dev="sda1" ino=16256 res=1 [ 2625.259307] audit: type=1804 audit(1590777732.104:1123): pid=30064 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="ToMToU" comm="syz-executor.0" name="/root/syzkaller-testdir477172077/syzkaller.GVGvUQ/725/file0" dev="loop0" ino=1 res=1 [ 2625.302812] Bluetooth: Error in BCSP hdr checksum [ 2625.307748] Bluetooth: Error in BCSP hdr checksum [ 2625.332518] minix_free_inode: bit 1 already cleared 18:42:12 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x4) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000040)) r1 = eventfd(0x2) fsetxattr$trusted_overlay_nlink(r1, &(0x7f0000000000)='trusted.overlay.nlink\x00', &(0x7f0000000080)={'U+', 0x7}, 0x16, 0x3) 18:42:12 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) mount$fuseblk(&(0x7f0000000080)='/dev/loop0\x00', 0x0, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000000b000/0x18000)=nil, &(0x7f00000008c0)=[@text32={0x20, &(0x7f00000000c0)="b805000000b9510000000f01c10f46a78900000066ba2100b067ee66ba4100edb9800000c00f3266ba400066ed0f30c4c271de9d0000000066b808008ed0660f38806f000f011c2666b8bf008ee0", 0x4e}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)) r3 = inotify_init() r4 = inotify_init() r5 = dup3(r3, r4, 0x0) ioctl$sock_inet_udp_SIOCINQ(r5, 0x541b, &(0x7f0000000040)) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4cb]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 18:42:12 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) ioctl$KDADDIO(r0, 0x400455c8, 0x0) [ 2625.573541] Bluetooth: Error in BCSP hdr checksum [ 2625.578932] Bluetooth: Error in BCSP hdr checksum [ 2625.613599] Bluetooth: Unknown HCI packet type 5e 18:42:12 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) open(&(0x7f00000000c0)='./file0\x00', 0x40c2, 0x0) r1 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x200000000, 0x2, &(0x7f00000001c0)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r2 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) getsockopt$IP_SET_OP_GET_BYNAME(0xffffffffffffffff, 0x1, 0x53, &(0x7f0000000100)={0x6, 0x7, 'syz0\x00'}, &(0x7f0000000180)=0x28) write$binfmt_elf64(r2, &(0x7f0000000ec0)=ANY=[], 0x471) sendfile(r1, 0xffffffffffffffff, &(0x7f0000000480)=0x1, 0x9) r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r3, 0x400455c8, 0x1) ioctl$TIOCSETD(r3, 0x5412, &(0x7f0000000040)) ioctl$KDFONTOP_COPY(r3, 0x4b72, &(0x7f0000000000)={0x3, 0x1, 0x5, 0xf, 0x1b1, &(0x7f0000000980)}) [ 2625.619769] Bluetooth: Unknown HCI packet type 43 [ 2625.624986] Bluetooth: Unknown HCI packet type 00 [ 2625.635101] Bluetooth: Unknown HCI packet type 5e 18:42:12 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) ioctl$KDADDIO(r0, 0x400455c8, 0x0) 18:42:12 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) mount$fuseblk(&(0x7f0000000080)='/dev/loop0\x00', 0x0, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000000b000/0x18000)=nil, &(0x7f00000008c0)=[@text32={0x20, &(0x7f00000000c0)="b805000000b9510000000f01c10f46a78900000066ba2100b067ee66ba4100edb9800000c00f3266ba400066ed0f30c4c271de9d0000000066b808008ed0660f38806f000f011c2666b8bf008ee0", 0x4e}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)) r3 = inotify_init() r4 = inotify_init() r5 = dup3(r3, r4, 0x0) ioctl$sock_inet_udp_SIOCINQ(r5, 0x541b, &(0x7f0000000040)) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4cb]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 2625.693574] Bluetooth: Unknown HCI packet type 50 18:42:12 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) bind$packet(0xffffffffffffffff, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local}, 0x14) sendmmsg(0xffffffffffffffff, &(0x7f0000000d00), 0x400004e, 0x0) r1 = socket(0x200000000000011, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'sit0\x00', 0x0}) bind$packet(r1, &(0x7f0000000200)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @local}, 0x14) sendmmsg(r1, &(0x7f0000000d00), 0x400004e, 0x0) r3 = creat(&(0x7f0000000280)='./file0\x00', 0x0) close(r3) r4 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r4, 0x84, 0x1d, &(0x7f0000000040)={0x1, [0x0]}, &(0x7f000095dffc)=0x8) getsockopt$inet_sctp6_SCTP_ASSOCINFO(r3, 0x84, 0x1, &(0x7f0000000180)={r5}, &(0x7f0000000200)=0x14) getsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r1, 0x84, 0x75, &(0x7f0000000000)={r5, 0x80000001}, &(0x7f0000000080)=0x8) setsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f00000000c0)=@sack_info={r6, 0x6, 0x5}, 0xc) pipe(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r8 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000040)='/dev/cuse\x00', 0x2, 0x0) splice(r8, 0x0, r7, 0x0, 0x20000038, 0x0) setns(r7, 0x8000000) ioctl$KDADDIO(r0, 0x400455c8, 0x0) ioctl$KDADDIO(r0, 0x400455c8, 0x0) [ 2625.714954] Bluetooth: Unknown HCI packet type 5e [ 2625.720629] audit: type=1800 audit(1590777732.564:1124): pid=30114 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="collect_data" cause="failed(directio)" comm="syz-executor.0" name="file0" dev="sda1" ino=15764 res=0 [ 2625.751705] Bluetooth: Unknown HCI packet type 40 [ 2625.760507] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 2625.812998] audit: type=1804 audit(1590777732.594:1125): pid=30114 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="open_writers" comm="syz-executor.0" name="/root/syzkaller-testdir477172077/syzkaller.GVGvUQ/726/file0" dev="sda1" ino=15764 res=1 [ 2627.051489] Bluetooth: hci3 command 0x1003 tx timeout [ 2627.056819] Bluetooth: hci3 sending frame failed (-49) [ 2627.691474] Bluetooth: hci4 command 0x1003 tx timeout [ 2627.696802] Bluetooth: hci4 sending frame failed (-49) [ 2627.851376] Bluetooth: hci5 command 0x1003 tx timeout [ 2627.856750] Bluetooth: hci5 sending frame failed (-49) [ 2629.131334] Bluetooth: hci3 command 0x1001 tx timeout [ 2629.136678] Bluetooth: hci3 sending frame failed (-49) [ 2629.771383] Bluetooth: hci4 command 0x1001 tx timeout [ 2629.776708] Bluetooth: hci4 sending frame failed (-49) [ 2629.931288] Bluetooth: hci5 command 0x1001 tx timeout [ 2629.936752] Bluetooth: hci5 sending frame failed (-49) [ 2631.211192] Bluetooth: hci3 command 0x1009 tx timeout [ 2631.851241] Bluetooth: hci4 command 0x1009 tx timeout [ 2632.011095] Bluetooth: hci5 command 0x1009 tx timeout 18:42:22 executing program 2: ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000040)=0xd) ioctl$KDADDIO(0xffffffffffffffff, 0x400455c8, 0x0) 18:42:22 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) r1 = socket(0x200000000000011, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)) sendmmsg(r1, &(0x7f0000000d00), 0x400004e, 0x0) r2 = creat(&(0x7f0000000280)='./file0\x00', 0x0) close(r2) r3 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r3, 0x84, 0x1d, &(0x7f0000000040)={0x1, [0x0]}, &(0x7f000095dffc)=0x8) ioctl$FIBMAP(0xffffffffffffffff, 0x1, &(0x7f00000001c0)=0x3) getsockopt$inet_sctp6_SCTP_ASSOCINFO(r2, 0x84, 0x1, &(0x7f0000000240)={r4, 0x8, 0x0, 0x2, 0x8, 0x400}, &(0x7f0000000140)=0x14) setsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(r1, 0x84, 0x7b, &(0x7f0000000000)={r4}, 0x8) pipe(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r6 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000040)='/dev/cuse\x00', 0x2, 0x0) splice(r6, 0x0, r5, 0x0, 0x20000038, 0x0) r7 = openat$cgroup_ro(r5, &(0x7f00000000c0)='pids.current\x00', 0x0, 0x0) setsockopt$netlink_NETLINK_TX_RING(r7, 0x10e, 0x7, &(0x7f0000000100)={0x1, 0x6, 0x8001, 0xb3b1}, 0x10) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) ioctl$KDADDIO(r0, 0x400455c8, 0x0) 18:42:22 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x4) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000040)=0x3) 18:42:22 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) mount$fuseblk(&(0x7f0000000080)='/dev/loop0\x00', 0x0, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)) r3 = inotify_init() r4 = inotify_init() r5 = dup3(r3, r4, 0x0) ioctl$sock_inet_udp_SIOCINQ(r5, 0x541b, &(0x7f0000000040)) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4cb]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 18:42:22 executing program 2: ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000040)=0xd) ioctl$KDADDIO(0xffffffffffffffff, 0x400455c8, 0x0) [ 2635.236751] Bluetooth: Unknown HCI packet type 5e [ 2635.297609] Bluetooth: hci6: Frame reassembly failed (-84) 18:42:22 executing program 2: ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000040)=0xd) ioctl$KDADDIO(0xffffffffffffffff, 0x400455c8, 0x0) 18:42:22 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x4) ioctl$VT_RELDISP(r0, 0x5605) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000040)) r1 = gettid() ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0xf) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000040)) ioctl$KDSKBENT(0xffffffffffffffff, 0x4b47, &(0x7f0000000100)={0xff, 0xf0, 0x3}) ptrace$cont(0x7, r1, 0x0, 0x0) get_thread_area(&(0x7f00000000c0)={0x43f, 0x20001000, 0xffffffffffffffff, 0x1, 0x3, 0x1, 0x0, 0x1, 0x1}) r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000040)=0xf) ioctl$TIOCSETD(r2, 0x5412, &(0x7f0000000040)) semget(0x0, 0x4, 0x218) ioctl$TIOCMBIC(r2, 0x5417, &(0x7f0000000080)=0x400) ioctl$TIOCSPGRP(r0, 0x5410, &(0x7f0000000000)=r1) 18:42:22 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) mount$fuseblk(&(0x7f0000000080)='/dev/loop0\x00', 0x0, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)) r3 = inotify_init() r4 = inotify_init() r5 = dup3(r3, r4, 0x0) ioctl$sock_inet_udp_SIOCINQ(r5, 0x541b, &(0x7f0000000040)) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4cb]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 2635.820596] Bluetooth: Unknown HCI packet type 5e [ 2635.825802] Bluetooth: Unknown HCI packet type 43 [ 2635.832040] Bluetooth: Unknown HCI packet type 00 [ 2635.838647] Bluetooth: Unknown HCI packet type 5e [ 2635.860007] Bluetooth: Unknown HCI packet type 50 [ 2635.877823] Bluetooth: Unknown HCI packet type 5e [ 2635.883400] Bluetooth: Unknown HCI packet type 40 18:42:23 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xd) ioctl$KDADDIO(r0, 0x400455c8, 0x0) 18:42:23 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) mount$fuseblk(&(0x7f0000000080)='/dev/loop0\x00', 0x0, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)) r3 = inotify_init() r4 = inotify_init() r5 = dup3(r3, r4, 0x0) ioctl$sock_inet_udp_SIOCINQ(r5, 0x541b, &(0x7f0000000040)) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4cb]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 18:42:23 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) recvfrom$x25(0xffffffffffffffff, &(0x7f0000000380)=""/95, 0x5f, 0x1, &(0x7f0000000100)={0x9, @remote={[], 0x1}}, 0x12) r2 = open(&(0x7f00000000c0)='./file0\x00', 0x40c2, 0x0) open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x200000000, 0x2, &(0x7f00000001c0)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r3 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) pipe(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000040)='/dev/cuse\x00', 0x2, 0x0) splice(r5, 0x0, r4, 0x0, 0x20000038, 0x0) fgetxattr(r0, &(0x7f0000000000)=@known='trusted.overlay.redirect\x00', &(0x7f00000002c0)=""/157, 0x9d) ioctl$TUNDETACHFILTER(r4, 0x401054d6, 0x0) write$binfmt_elf64(r3, &(0x7f0000000ec0)=ANY=[], 0x471) ioctl$VIDIOC_DQEVENT(r2, 0x80885659, &(0x7f0000000200)={0x0, @data}) sendfile(r3, r3, &(0x7f0000000480), 0xa198) 18:42:23 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xd) ioctl$KDADDIO(r0, 0x400455c8, 0x0) 18:42:23 executing program 5: openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) mount$fuseblk(&(0x7f0000000080)='/dev/loop0\x00', 0x0, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000000b000/0x18000)=nil, &(0x7f00000008c0)=[@text32={0x20, &(0x7f00000000c0)="b805000000b9510000000f01c10f46a78900000066ba2100b067ee66ba4100edb9800000c00f3266ba400066ed0f30c4c271de9d0000000066b808008ed0660f38806f000f011c2666b8bf008ee0", 0x4e}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60) r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_CREATE_PIT2(0xffffffffffffffff, 0x4040ae77, &(0x7f0000000000)) r1 = inotify_init() r2 = inotify_init() r3 = dup3(r1, r2, 0x0) ioctl$sock_inet_udp_SIOCINQ(r3, 0x541b, &(0x7f0000000040)) ioctl$KVM_SET_REGS(r0, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4cb]}) ioctl$KVM_RUN(r0, 0xae80, 0x0) ioctl$KVM_RUN(r0, 0xae80, 0x0) [ 2636.471252] minix_free_inode: bit 1 already cleared [ 2636.566739] audit: type=1800 audit(1590777743.415:1126): pid=30212 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="collect_data" cause="failed(directio)" comm="syz-executor.0" name="file0" dev="sda1" ino=16034 res=0 [ 2636.607948] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 2636.635821] audit: type=1804 audit(1590777743.445:1127): pid=30212 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="open_writers" comm="syz-executor.0" name="/root/syzkaller-testdir477172077/syzkaller.GVGvUQ/727/file0" dev="sda1" ino=16034 res=1 [ 2636.728055] audit: type=1804 audit(1590777743.575:1128): pid=30221 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="ToMToU" comm="syz-executor.0" name="/root/syzkaller-testdir477172077/syzkaller.GVGvUQ/727/file0" dev="loop0" ino=1 res=1 [ 2636.812428] minix_free_inode: bit 1 already cleared [ 2637.290639] Bluetooth: hci3 command 0x1003 tx timeout [ 2637.296031] Bluetooth: hci3 sending frame failed (-49) [ 2637.370707] Bluetooth: hci6 command 0x1003 tx timeout [ 2637.376088] Bluetooth: hci6 sending frame failed (-49) [ 2637.860632] Bluetooth: hci4 command 0x1003 tx timeout [ 2637.865986] Bluetooth: hci4 sending frame failed (-49) [ 2639.370565] Bluetooth: hci3 command 0x1001 tx timeout [ 2639.376043] Bluetooth: hci3 sending frame failed (-49) [ 2639.450517] Bluetooth: hci6 command 0x1001 tx timeout [ 2639.456016] Bluetooth: hci6 sending frame failed (-49) [ 2639.930583] Bluetooth: hci4 command 0x1001 tx timeout [ 2639.935957] Bluetooth: hci4 sending frame failed (-49) [ 2641.450438] Bluetooth: hci3 command 0x1009 tx timeout [ 2641.530452] Bluetooth: hci6 command 0x1009 tx timeout [ 2642.010344] Bluetooth: hci4 command 0x1009 tx timeout 18:42:32 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x4) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000040)=0x3) 18:42:32 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0x10000019) ioctl$KDADDIO(r1, 0x400455c8, 0x1) ioctl$TIOCSETD(r1, 0x5412, &(0x7f0000000040)) ioctl$KDADDIO(r1, 0x400455c8, 0x9) ioctl$KDADDIO(r0, 0x400455c8, 0x0) 18:42:32 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xd) ioctl$KDADDIO(r0, 0x400455c8, 0x0) 18:42:32 executing program 5: openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) mount$fuseblk(&(0x7f0000000080)='/dev/loop0\x00', 0x0, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000000b000/0x18000)=nil, &(0x7f00000008c0)=[@text32={0x20, &(0x7f00000000c0)="b805000000b9510000000f01c10f46a78900000066ba2100b067ee66ba4100edb9800000c00f3266ba400066ed0f30c4c271de9d0000000066b808008ed0660f38806f000f011c2666b8bf008ee0", 0x4e}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60) r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_CREATE_PIT2(0xffffffffffffffff, 0x4040ae77, &(0x7f0000000000)) r1 = inotify_init() r2 = inotify_init() r3 = dup3(r1, r2, 0x0) ioctl$sock_inet_udp_SIOCINQ(r3, 0x541b, &(0x7f0000000040)) ioctl$KVM_SET_REGS(r0, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4cb]}) ioctl$KVM_RUN(r0, 0xae80, 0x0) ioctl$KVM_RUN(r0, 0xae80, 0x0) 18:42:32 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = socket(0x200000000000011, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'sit0\x00', 0x0}) bind$packet(r1, &(0x7f0000000200)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @local}, 0x14) sendmmsg(r1, &(0x7f0000000d00), 0x400004e, 0x0) bind$bt_rfcomm(r1, &(0x7f0000000000)={0x1f, @fixed={[], 0x10}}, 0xa) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) open(&(0x7f00000000c0)='./file0\x00', 0x40c2, 0x0) open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x200000000, 0x2, &(0x7f00000001c0)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r3 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) write$binfmt_elf64(r3, &(0x7f0000000ec0)=ANY=[], 0x471) sendfile(r3, r3, &(0x7f0000000480), 0xa198) [ 2645.547321] Bluetooth: Unknown HCI packet type 5e [ 2645.552475] Bluetooth: Unknown HCI packet type 43 [ 2645.563709] audit: type=1800 audit(1590777752.406:1129): pid=30251 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="collect_data" cause="failed(directio)" comm="syz-executor.0" name="file0" dev="sda1" ino=15768 res=0 [ 2645.573148] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 2645.626415] audit: type=1804 audit(1590777752.406:1130): pid=30251 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="open_writers" comm="syz-executor.0" name="/root/syzkaller-testdir477172077/syzkaller.GVGvUQ/728/file0" dev="sda1" ino=15768 res=1 [ 2645.794930] audit: type=1804 audit(1590777752.636:1131): pid=30251 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="ToMToU" comm="syz-executor.0" name="/root/syzkaller-testdir477172077/syzkaller.GVGvUQ/728/file0" dev="loop0" ino=1 res=1 [ 2645.931052] minix_free_inode: bit 1 already cleared 18:42:32 executing program 5: openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) mount$fuseblk(&(0x7f0000000080)='/dev/loop0\x00', 0x0, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000000b000/0x18000)=nil, &(0x7f00000008c0)=[@text32={0x20, &(0x7f00000000c0)="b805000000b9510000000f01c10f46a78900000066ba2100b067ee66ba4100edb9800000c00f3266ba400066ed0f30c4c271de9d0000000066b808008ed0660f38806f000f011c2666b8bf008ee0", 0x4e}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60) r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_CREATE_PIT2(0xffffffffffffffff, 0x4040ae77, &(0x7f0000000000)) r1 = inotify_init() r2 = inotify_init() r3 = dup3(r1, r2, 0x0) ioctl$sock_inet_udp_SIOCINQ(r3, 0x541b, &(0x7f0000000040)) ioctl$KVM_SET_REGS(r0, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4cb]}) ioctl$KVM_RUN(r0, 0xae80, 0x0) ioctl$KVM_RUN(r0, 0xae80, 0x0) 18:42:32 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000040)=0xd) ioctl$KDADDIO(r0, 0x400455c8, 0x0) 18:42:32 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) open(&(0x7f00000000c0)='./file0\x00', 0x8c0c0, 0x0) open$dir(&(0x7f0000000080)='./file0\x00', 0x434043, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000180)='./file0\x00', 0x200000000, 0x2, &(0x7f0000000100)=[{&(0x7f0000000140)="604084e002000a00f70040ce01c748c91773", 0x12, 0x400}, {&(0x7f0000000980)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x80000001}], 0x0, 0x0) r1 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) r2 = socket$l2tp(0x2, 0x2, 0x73) getsockopt$ARPT_SO_GET_INFO(r2, 0x0, 0x60, &(0x7f0000000200)={'filter\x00'}, &(0x7f0000000000)=0x44) write$binfmt_elf64(r1, &(0x7f0000000ec0)=ANY=[], 0x471) sendfile(r1, r1, &(0x7f0000000480), 0xa198) 18:42:32 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r1, 0x400455c8, 0x1) ioctl$VIDIOC_QUERYBUF(0xffffffffffffffff, 0xc0585609, &(0x7f0000000080)={0xb89a, 0x3, 0x4, 0x0, 0x6a049810, {0x0, 0x2710}, {0x5, 0x0, 0x8, 0x83, 0x9, 0xd8, "888ab25e"}, 0x80, 0x4, @fd, 0x5, 0x0, 0xffffffffffffffff}) ioctl$TIOCMIWAIT(r2, 0x545c, 0x0) ioctl$TIOCSETD(r1, 0x5412, &(0x7f0000000040)) ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000100)=0x80000002) r3 = socket(0x200000000000011, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000080)={'sit0\x00', 0x0}) bind$packet(r3, &(0x7f0000000200)={0x11, 0x0, r4, 0x1, 0x0, 0x6, @local}, 0x14) sendmmsg(r3, &(0x7f0000000d00), 0x400004e, 0x0) r5 = open(&(0x7f0000000180)='./bus\x00', 0x151042, 0x0) r6 = syz_genetlink_get_family_id$tipc2(&(0x7f00000000c0)='TIPCv2\x00') sendmsg$TIPC_NL_LINK_SET(r5, &(0x7f0000000480)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000180)={&(0x7f00000004c0)=ANY=[@ANYBLOB="88000000", @ANYRES16=r6, @ANYBLOB="02002cbd7000fcdbdf250900000058000480540007800800030006000000080001000300000008000400ff000000080001000a00000008000200ff0000000800010017000000080003004e00000008000200070000000800040005000000080001001d0000001c000980080002009503000008000100050000000800010001000100be125ae5086a39664fc554d4c680608f6afe6961bd9dbfdb3ad9e0fd646aa22629a0baec3576c7467133caf2062508deb40eeb96de697fbdd581734e68d45a7f7e0fbd4091b4b9dbe2648584cc1e5708ee"], 0x88}, 0x1, 0x0, 0x0, 0x24000000}, 0x20040040) sendmsg$TIPC_NL_UDP_GET_REMOTEIP(r3, &(0x7f0000000440)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000400)={&(0x7f0000000140)={0x2a0, r6, 0x200, 0x70bd27, 0x25dfdbff, {}, [@TIPC_NLA_PUBL={0x14, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_LOWER={0x8}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x5}]}, @TIPC_NLA_SOCK={0x18, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_REF={0x8, 0x2, 0x8}, @TIPC_NLA_SOCK_CON={0xc, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_FLAG={0x8, 0x1, 0x4}]}]}, @TIPC_NLA_NET={0x48, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_ID={0x8, 0x1, 0x82}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x101}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0x4}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x2}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0x9}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x72}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x8}]}, @TIPC_NLA_SOCK={0xb0, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_CON={0x14, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_FLAG={0x8, 0x1, 0x200}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0xfffffffb}]}, @TIPC_NLA_SOCK_CON={0xc, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_FLAG={0x8, 0x1, 0x8001}]}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x84}, @TIPC_NLA_SOCK_CON={0x4}, @TIPC_NLA_SOCK_CON={0x2c, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_FLAG={0x8, 0x1, 0x4}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x6}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x2}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x1}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x401}]}, @TIPC_NLA_SOCK_CON={0x4c, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_NODE={0x8, 0x2, 0x7}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0xfffffff8}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0xc3}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x3}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x2b2d}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x100}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x3}, @TIPC_NLA_CON_FLAG={0x8}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x7}]}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x7}]}, @TIPC_NLA_NODE={0x8, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_UP={0x4}]}, @TIPC_NLA_MEDIA={0x58, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}, @TIPC_NLA_MEDIA_PROP={0x24, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x1}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x7}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x1cd}, @TIPC_NLA_PROP_WIN={0x8}]}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}, @TIPC_NLA_MEDIA_NAME={0x7, 0x1, 'ib\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}]}, @TIPC_NLA_BEARER={0x30, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_PROP={0x24, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x9}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x5}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x1}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x54d3}]}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x400}]}, @TIPC_NLA_BEARER={0xc, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x3}]}, @TIPC_NLA_BEARER={0xcc, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x2}, @TIPC_NLA_BEARER_PROP={0x34, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x2}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0xffffcd0a}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x14}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x11}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0xfffffffc}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x4}]}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz2\x00'}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x9}, @TIPC_NLA_BEARER_DOMAIN={0x8}, @TIPC_NLA_BEARER_NAME={0x12, 0x1, @l2={'ib', 0x3a, 'virt_wifi0\x00'}}, @TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e20, 0x3, @mcast2, 0x80000000}}, {0x14, 0x2, @in={0x2, 0x4e22, @multicast2}}}}, @TIPC_NLA_BEARER_NAME={0xf, 0x1, @l2={'ib', 0x3a, 'ipvlan0\x00'}}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz1\x00'}]}]}, 0x2a0}, 0x1, 0x0, 0x0, 0x24000000}, 0x20000040) ioctl$KDADDIO(r0, 0x400455c8, 0x4) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000040)) 18:42:32 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000000b000/0x18000)=nil, &(0x7f00000008c0)=[@text32={0x20, &(0x7f00000000c0)="b805000000b9510000000f01c10f46a78900000066ba2100b067ee66ba4100edb9800000c00f3266ba400066ed0f30c4c271de9d0000000066b808008ed0660f38806f000f011c2666b8bf008ee0", 0x4e}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)) r3 = inotify_init() r4 = inotify_init() r5 = dup3(r3, r4, 0x0) ioctl$sock_inet_udp_SIOCINQ(r5, 0x541b, &(0x7f0000000040)) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4cb]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 18:42:32 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000040)=0xd) ioctl$KDADDIO(r0, 0x400455c8, 0x0) [ 2646.077593] audit: type=1800 audit(1590777752.916:1132): pid=30275 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="collect_data" cause="failed(directio)" comm="syz-executor.0" name="file0" dev="sda1" ino=15951 res=0 [ 2646.114223] VFS: Can't find a Minix filesystem V1 | V2 | V3 on device loop0. 18:42:33 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000040)=0xd) ioctl$KDADDIO(r0, 0x400455c8, 0x0) [ 2646.160779] audit: type=1804 audit(1590777752.996:1133): pid=30275 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="ToMToU" comm="syz-executor.0" name="/root/syzkaller-testdir477172077/syzkaller.GVGvUQ/729/file0" dev="sda1" ino=15951 res=1 [ 2646.335332] VFS: Can't find a Minix filesystem V1 | V2 | V3 on device loop0. [ 2647.609872] Bluetooth: hci5 command 0x1003 tx timeout [ 2647.615205] Bluetooth: hci5 sending frame failed (-49) [ 2647.621838] Bluetooth: hci3 command 0x1003 tx timeout [ 2647.627193] Bluetooth: hci3 sending frame failed (-49) [ 2648.169842] Bluetooth: hci4 command 0x1003 tx timeout [ 2648.175228] Bluetooth: hci4 sending frame failed (-49) [ 2649.689741] Bluetooth: hci3 command 0x1001 tx timeout [ 2649.689759] Bluetooth: hci5 command 0x1001 tx timeout [ 2649.695264] Bluetooth: hci3 sending frame failed (-49) [ 2649.706129] Bluetooth: hci5 sending frame failed (-49) [ 2650.249697] Bluetooth: hci4 command 0x1001 tx timeout [ 2650.255305] Bluetooth: hci4 sending frame failed (-49) [ 2651.769577] Bluetooth: hci5 command 0x1009 tx timeout [ 2651.774913] Bluetooth: hci3 command 0x1009 tx timeout [ 2652.329503] Bluetooth: hci4 command 0x1009 tx timeout 18:42:42 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x4) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000040)=0x3) 18:42:42 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)=0x1a) ioctl$KDADDIO(r0, 0x400455c8, 0x0) ioctl$KDADDIO(r0, 0x400455c8, 0x0) 18:42:42 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, 0x0) ioctl$KDADDIO(r0, 0x400455c8, 0x0) 18:42:42 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000000b000/0x18000)=nil, &(0x7f00000008c0)=[@text32={0x20, &(0x7f00000000c0)="b805000000b9510000000f01c10f46a78900000066ba2100b067ee66ba4100edb9800000c00f3266ba400066ed0f30c4c271de9d0000000066b808008ed0660f38806f000f011c2666b8bf008ee0", 0x4e}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)) r3 = inotify_init() r4 = inotify_init() r5 = dup3(r3, r4, 0x0) ioctl$sock_inet_udp_SIOCINQ(r5, 0x541b, &(0x7f0000000040)) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4cb]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 18:42:42 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = open(&(0x7f00000000c0)='./file0\x00', 0x40c2, 0x0) write$tun(r1, &(0x7f00000004c0)=ANY=[@ANYBLOB="03060ffa236050d6466a946a543b25e280e3b014082b974fbe6d5ca0ef59f46b48d910599e074a85060a53e5ed5bff5b248e833152c6bca287ed4ded647f156394bc96cd93d601272d241a43e2e1cba29d95762fa37436b31dd745b84d4e7ec9c2f3a6ddcdce75650c2f9249f02fa6c409cf662782f81a2df9ab93f61866aae64ace32d721fa4288b54f7a778af3f61be7f8d1437d7d429eebc12817eabeebc3db79a41af0b8052f676131c50de09bd325745d2bf054e48b8b11eae8629695973d7f8ac9f9c0dee3d088a67e3e52c39534e102567a01479699f0c1dd680660a137e55ade1ccc"], 0xe3) open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x200000000, 0x2, &(0x7f00000001c0)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x2810004, 0x0) r2 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) write$binfmt_elf64(r2, &(0x7f0000000ec0)=ANY=[], 0x471) close(0xffffffffffffffff) r3 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r3, 0x84, 0x1d, &(0x7f0000000040)={0x1, [0x0]}, &(0x7f000095dffc)=0x8) getsockopt$inet_sctp6_SCTP_ASSOCINFO(0xffffffffffffffff, 0x84, 0x1, &(0x7f0000000180)={r4}, &(0x7f0000000200)=0x14) getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r2, 0x84, 0x7c, &(0x7f0000000000)={r4, 0xf6, 0x2}, &(0x7f0000000100)=0x8) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDR_INFO(0xffffffffffffffff, 0x84, 0xf, &(0x7f00000003c0)={r5, @in6={{0xa, 0x4e22, 0x9, @dev={0xfe, 0x80, [], 0x18}, 0x8}}, 0x9, 0xbd, 0x40, 0xf0, 0x21}, &(0x7f0000000180)=0x98) sendfile(r2, r2, &(0x7f0000000480), 0xa198) r6 = socket(0x200000000000011, 0x800, 0x0) ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000080)={'sit0\x00', 0x0}) bind$packet(r6, &(0x7f0000000200)={0x11, 0x0, r7, 0x1, 0x0, 0x6, @local}, 0x14) sendmmsg(r6, &(0x7f0000000d00), 0x400004e, 0x0) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_REM(r6, 0x84, 0x65, &(0x7f0000000240)=[@in={0x2, 0x4e23, @rand_addr=0x64010100}, @in6={0xa, 0x4e20, 0x6, @remote, 0x5}, @in6={0xa, 0x4e21, 0x3ff, @local, 0xffffffff}, @in6={0xa, 0x4e22, 0x101, @initdev={0xfe, 0x88, [], 0x1, 0x0}, 0x81}, @in={0x2, 0x4e21, @private=0xa010101}, @in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x21}}], 0x84) 18:42:42 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, 0x0) ioctl$KDADDIO(r0, 0x400455c8, 0x0) [ 2655.693652] Bluetooth: Unknown HCI packet type 5e [ 2655.698731] Bluetooth: Unknown HCI packet type 43 [ 2655.714608] audit: type=1800 audit(1590777762.556:1134): pid=30321 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="collect_data" cause="failed(directio)" comm="syz-executor.0" name="file0" dev="sda1" ino=15952 res=0 [ 2655.763621] MINIX-fs: mounting unchecked file system, running fsck is recommended 18:42:42 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, 0x0) ioctl$KDADDIO(r0, 0x400455c8, 0x0) 18:42:42 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x88381, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) ioctl$KDADDIO(r0, 0x400455c8, 0x0) r1 = socket(0x200000000000011, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'sit0\x00', 0x0}) ioctl$sock_rose_SIOCRSCLRRT(r1, 0x89e4) bind$packet(r1, &(0x7f0000000200)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @local}, 0x14) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000001c0)='nl80211\x00') sendmsg$NL80211_CMD_DEL_KEY(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f00000002c0)={&(0x7f0000000240)={0x58, r3, 0x20, 0x70bd29, 0x25dfdbfc, {}, [@NL80211_ATTR_KEY_DATA_WEP104={0x11, 0x7, "6332de3d9e58c5bc60a8946b25"}, @NL80211_ATTR_MAC={0xa, 0x6, @link_local}, @NL80211_ATTR_KEY_IDX={0x5, 0x8, 0x2}, @NL80211_ATTR_KEY_DEFAULT={0x4}, @NL80211_ATTR_KEY_DATA_WEP40={0x9, 0x7, "40276b2abc"}, @NL80211_ATTR_KEY_DEFAULT={0x4}, @NL80211_ATTR_KEY_SEQ={0x7, 0xa, "4cc805"}]}, 0x58}, 0x1, 0x0, 0x0, 0x80808}, 0x8002) sendmmsg(r1, &(0x7f0000000d00), 0x400004e, 0x0) getsockopt$EBT_SO_GET_INIT_ENTRIES(r1, 0x0, 0x83, &(0x7f00000000c0)={'nat\x00', 0x0, 0x3, 0x30, [], 0x3, &(0x7f0000000000)=[{}, {}, {}], &(0x7f0000000080)=""/48}, &(0x7f0000000140)=0x78) [ 2655.851796] audit: type=1804 audit(1590777762.576:1135): pid=30321 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="open_writers" comm="syz-executor.0" name="/root/syzkaller-testdir477172077/syzkaller.GVGvUQ/730/file0" dev="sda1" ino=15952 res=1 [ 2655.952304] audit: type=1804 audit(1590777762.796:1136): pid=30343 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="ToMToU" comm="syz-executor.0" name="/root/syzkaller-testdir477172077/syzkaller.GVGvUQ/730/file0" dev="loop0" ino=1 res=1 [ 2655.981470] Bluetooth: hci5: Frame reassembly failed (-84) [ 2656.043843] minix_free_inode: bit 1 already cleared 18:42:43 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000000b000/0x18000)=nil, &(0x7f00000008c0)=[@text32={0x20, &(0x7f00000000c0)="b805000000b9510000000f01c10f46a78900000066ba2100b067ee66ba4100edb9800000c00f3266ba400066ed0f30c4c271de9d0000000066b808008ed0660f38806f000f011c2666b8bf008ee0", 0x4e}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)) r3 = inotify_init() r4 = inotify_init() r5 = dup3(r3, r4, 0x0) ioctl$sock_inet_udp_SIOCINQ(r5, 0x541b, &(0x7f0000000040)) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4cb]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 18:42:43 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)) ioctl$KDADDIO(r0, 0x400455c8, 0x0) 18:42:43 executing program 0: r0 = socket(0x200000000000011, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'sit0\x00', 0x0}) bind$packet(r0, &(0x7f0000000200)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @local}, 0x14) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'sit0\x00', 0x0}) bind$packet(0xffffffffffffffff, &(0x7f0000000200)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @local}, 0x14) sendmmsg(0xffffffffffffffff, &(0x7f0000000d00), 0x400004e, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000340)={&(0x7f0000000300)=@ipv6_getanyicast={0x14, 0x3e, 0x8, 0x70bd26, 0x25dfdbfd, {}, ["", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x40044885}, 0x80004) sendmmsg(r0, &(0x7f0000000d00), 0x400004e, 0x0) ioctl$sock_SIOCSIFVLAN_GET_VLAN_INGRESS_PRIORITY_CMD(r0, 0x8983, &(0x7f0000000100)) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) open(&(0x7f0000000000)='./file0\x00', 0xc00c2, 0x0) r4 = open(&(0x7f0000000180)='./file0\x00', 0x10081, 0x9) setsockopt$inet6_tcp_TCP_REPAIR_WINDOW(r4, 0x6, 0x1d, &(0x7f0000000240)={0x9, 0xb6, 0x7, 0x401, 0x8}, 0x14) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x200000000, 0x2, &(0x7f00000001c0)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r5 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) write$binfmt_elf64(r5, &(0x7f0000000ec0)=ANY=[], 0x471) truncate(&(0x7f0000000280)='./file0\x00', 0x4) sendfile(r5, r5, &(0x7f0000000480), 0xa198) 18:42:43 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) pipe(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000040)='/dev/cuse\x00', 0x2, 0x0) splice(r3, 0x0, r2, 0x0, 0x20000038, 0x0) clock_gettime(0x0, &(0x7f0000000000)={0x0, 0x0}) r6 = socket(0x200000000000011, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000100)={'macvlan1\x00', 0x0}) r8 = socket(0x200000000000011, 0x3, 0x0) r9 = socket(0x200000000000011, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000080)={'sit0\x00', 0x0}) bind$packet(r9, &(0x7f0000000200)={0x11, 0x0, r10, 0x1, 0x0, 0x6, @local}, 0x14) ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000140)={'team0\x00', 0x0}) bind$packet(r8, &(0x7f0000000200)={0x11, 0x0, r11, 0x1, 0x0, 0x6, @local}, 0x14) sendmmsg(r8, &(0x7f0000000d00), 0x400004e, 0x0) bind$packet(r1, &(0x7f0000000200)={0x11, 0x0, r7, 0x1, 0x10, 0x6, @dev={[], 0x29}}, 0x14) sendmmsg(r6, &(0x7f0000000d00), 0x400004e, 0x0) ioctl$VIDIOC_DQBUF(r2, 0xc0585611, &(0x7f0000000080)={0x100, 0xa, 0x4, 0x40000000, 0x6, {r4, r5/1000+10000}, {0x1, 0x1, 0x5, 0x0, 0x8, 0x1, "1625b02c"}, 0xdf, 0x1, @offset=0x9, 0xffff, 0x0, r6}) ioctl$KDADDIO(r12, 0x400455c8, 0x4) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000040)) [ 2656.425600] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 2656.730189] minix_free_inode: bit 1 already cleared [ 2657.769090] Bluetooth: hci3 command 0x1003 tx timeout [ 2657.774450] Bluetooth: hci3 sending frame failed (-49) [ 2658.009098] Bluetooth: hci5 command 0x1003 tx timeout [ 2658.014463] Bluetooth: hci5 sending frame failed (-49) [ 2659.849017] Bluetooth: hci3 command 0x1001 tx timeout [ 2659.854329] Bluetooth: hci3 sending frame failed (-49) [ 2660.088946] Bluetooth: hci5 command 0x1001 tx timeout [ 2660.094275] Bluetooth: hci5 sending frame failed (-49) [ 2661.928805] Bluetooth: hci3 command 0x1009 tx timeout [ 2662.168824] Bluetooth: hci5 command 0x1009 tx timeout 18:42:52 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000040)=0x3) 18:42:52 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)) ioctl$KDADDIO(r0, 0x400455c8, 0x0) 18:42:52 executing program 5: mount$fuseblk(&(0x7f0000000080)='/dev/loop0\x00', 0x0, 0x0, 0x0, 0x0) r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000000b000/0x18000)=nil, &(0x7f00000008c0)=[@text32={0x20, &(0x7f00000000c0)="b805000000b9510000000f01c10f46a78900000066ba2100b067ee66ba4100edb9800000c00f3266ba400066ed0f30c4c271de9d0000000066b808008ed0660f38806f000f011c2666b8bf008ee0", 0x4e}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r0, 0xae60) r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_CREATE_PIT2(r0, 0x4040ae77, &(0x7f0000000000)) r2 = inotify_init() r3 = inotify_init() r4 = dup3(r2, r3, 0x0) ioctl$sock_inet_udp_SIOCINQ(r4, 0x541b, &(0x7f0000000040)) ioctl$KVM_SET_REGS(r1, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4cb]}) ioctl$KVM_RUN(r1, 0xae80, 0x0) ioctl$KVM_RUN(r1, 0xae80, 0x0) 18:42:52 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x4) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r1, 0x400455c8, 0x1) ioctl$TIOCSETD(r1, 0x5412, &(0x7f0000000040)) r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r2, 0x400455c8, 0x1) prctl$PR_GET_FP_MODE(0x2e) ioctl$TIOCSETD(r2, 0x5412, &(0x7f0000000040)) ioctl$TIOCSETD(r2, 0x5412, &(0x7f0000000000)=0x3) 18:42:52 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) open(&(0x7f00000000c0)='./file0\x00', 0x40c2, 0x0) open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x200000000, 0x0, &(0x7f00000001c0), 0x0, 0x0) r1 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) ioctl$IOC_PR_RELEASE(0xffffffffffffffff, 0x401070ca, &(0x7f0000000000)={0x6, 0x5}) socket$l2tp6(0xa, 0x2, 0x73) write$binfmt_elf64(r1, &(0x7f0000000ec0)=ANY=[], 0x471) sendfile(r1, r1, &(0x7f0000000480), 0xa198) [ 2665.908051] audit: type=1800 audit(1590777772.747:1137): pid=30402 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="collect_data" cause="failed(directio)" comm="syz-executor.0" name="file0" dev="sda1" ino=15906 res=0 [ 2665.928213] Bluetooth: Unknown HCI packet type 5e 18:42:52 executing program 5: mount$fuseblk(&(0x7f0000000080)='/dev/loop0\x00', 0x0, 0x0, 0x0, 0x0) r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000000b000/0x18000)=nil, &(0x7f00000008c0)=[@text32={0x20, &(0x7f00000000c0)="b805000000b9510000000f01c10f46a78900000066ba2100b067ee66ba4100edb9800000c00f3266ba400066ed0f30c4c271de9d0000000066b808008ed0660f38806f000f011c2666b8bf008ee0", 0x4e}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r0, 0xae60) r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_CREATE_PIT2(r0, 0x4040ae77, &(0x7f0000000000)) r2 = inotify_init() r3 = inotify_init() r4 = dup3(r2, r3, 0x0) ioctl$sock_inet_udp_SIOCINQ(r4, 0x541b, &(0x7f0000000040)) ioctl$KVM_SET_REGS(r1, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4cb]}) ioctl$KVM_RUN(r1, 0xae80, 0x0) ioctl$KVM_RUN(r1, 0xae80, 0x0) [ 2665.956061] Bluetooth: Unknown HCI packet type 43 [ 2665.967789] VFS: Can't find a Minix filesystem V1 | V2 | V3 on device loop0. [ 2665.973030] Bluetooth: Unknown HCI packet type 5e 18:42:52 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)) ioctl$KDADDIO(r0, 0x400455c8, 0x0) [ 2666.030191] audit: type=1804 audit(1590777772.777:1138): pid=30402 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="open_writers" comm="syz-executor.0" name="/root/syzkaller-testdir477172077/syzkaller.GVGvUQ/732/file0" dev="sda1" ino=15906 res=1 [ 2666.034131] Bluetooth: Unknown HCI packet type 50 [ 2666.104929] VFS: Can't find a Minix filesystem V1 | V2 | V3 on device loop0. [ 2666.124451] Bluetooth: Unknown HCI packet type 5e [ 2666.145013] audit: type=1804 audit(1590777772.927:1139): pid=30420 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="ToMToU" comm="syz-executor.0" name="/root/syzkaller-testdir477172077/syzkaller.GVGvUQ/732/file0" dev="sda1" ino=15906 res=1 [ 2666.160230] Bluetooth: Unknown HCI packet type 40 [ 2666.191625] audit: type=1804 audit(1590777773.037:1140): pid=30402 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="ToMToU" comm="syz-executor.0" name="/root/syzkaller-testdir477172077/syzkaller.GVGvUQ/732/file0" dev="sda1" ino=15906 res=1 [ 2666.219168] Bluetooth: Short BCSP packet [ 2666.250288] Bluetooth: Error in BCSP hdr checksum [ 2666.478601] Bluetooth: Error in BCSP hdr checksum [ 2666.508662] Bluetooth: Error in BCSP hdr checksum 18:42:53 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDMKTONE(r0, 0x4b30, 0x2) ioctl$KDADDIO(r0, 0x400455c8, 0x0) ioctl$KDADDIO(r0, 0x400455c8, 0x0) 18:42:53 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000040)=0x3) 18:42:53 executing program 5: mount$fuseblk(&(0x7f0000000080)='/dev/loop0\x00', 0x0, 0x0, 0x0, 0x0) r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000000b000/0x18000)=nil, &(0x7f00000008c0)=[@text32={0x20, &(0x7f00000000c0)="b805000000b9510000000f01c10f46a78900000066ba2100b067ee66ba4100edb9800000c00f3266ba400066ed0f30c4c271de9d0000000066b808008ed0660f38806f000f011c2666b8bf008ee0", 0x4e}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r0, 0xae60) r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_CREATE_PIT2(r0, 0x4040ae77, &(0x7f0000000000)) r2 = inotify_init() r3 = inotify_init() r4 = dup3(r2, r3, 0x0) ioctl$sock_inet_udp_SIOCINQ(r4, 0x541b, &(0x7f0000000040)) ioctl$KVM_SET_REGS(r1, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4cb]}) ioctl$KVM_RUN(r1, 0xae80, 0x0) ioctl$KVM_RUN(r1, 0xae80, 0x0) 18:42:53 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xd) ioctl$KDADDIO(0xffffffffffffffff, 0x400455c8, 0x0) 18:42:53 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = open(&(0x7f00000000c0)='./file0\x00', 0x40c2, 0x0) open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x200000000, 0x2, &(0x7f00000001c0)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r2 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) write$binfmt_elf64(r2, &(0x7f0000000ec0)=ANY=[], 0x471) getsockopt$IP_SET_OP_VERSION(r1, 0x1, 0x53, &(0x7f0000000000), &(0x7f0000000100)=0x8) sendfile(r2, r2, &(0x7f0000000480), 0xa198) 18:42:53 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) mount$fuseblk(&(0x7f0000000080)='/dev/loop0\x00', 0x0, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000000b000/0x18000)=nil, &(0x7f00000008c0)=[@text32={0x20, &(0x7f00000000c0)="b805000000b9510000000f01c10f46a78900000066ba2100b067ee66ba4100edb9800000c00f3266ba400066ed0f30c4c271de9d0000000066b808008ed0660f38806f000f011c2666b8bf008ee0", 0x4e}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)) r3 = inotify_init() r4 = inotify_init() r5 = dup3(r3, r4, 0x0) ioctl$sock_inet_udp_SIOCINQ(r5, 0x541b, &(0x7f0000000040)) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4cb]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 2666.582545] Bluetooth: hci5: Frame reassembly failed (-84) 18:42:53 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000040)=0x3) [ 2666.623078] audit: type=1800 audit(1590777773.467:1141): pid=30445 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="collect_data" cause="failed(directio)" comm="syz-executor.0" name="file0" dev="sda1" ino=15758 res=0 18:42:53 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xd) ioctl$KDADDIO(0xffffffffffffffff, 0x400455c8, 0x0) [ 2666.653526] audit: type=1804 audit(1590777773.497:1142): pid=30445 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="open_writers" comm="syz-executor.0" name="/root/syzkaller-testdir477172077/syzkaller.GVGvUQ/733/file0" dev="sda1" ino=15758 res=1 [ 2666.682461] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 2666.738835] Bluetooth: Error in BCSP hdr checksum [ 2666.768941] Bluetooth: Error in BCSP hdr checksum [ 2666.785785] audit: type=1804 audit(1590777773.627:1143): pid=30445 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="ToMToU" comm="syz-executor.0" name="/root/syzkaller-testdir477172077/syzkaller.GVGvUQ/733/file0" dev="loop0" ino=1 res=1 [ 2666.869470] minix_free_inode: bit 1 already cleared [ 2666.998575] Bluetooth: Error in BCSP hdr checksum [ 2667.028515] Bluetooth: Error in BCSP hdr checksum [ 2667.258510] Bluetooth: Error in BCSP hdr checksum [ 2667.288644] Bluetooth: Error in BCSP hdr checksum [ 2667.518476] Bluetooth: Error in BCSP hdr checksum [ 2667.548558] Bluetooth: Error in BCSP hdr checksum [ 2667.778439] Bluetooth: Error in BCSP hdr checksum [ 2667.818492] Bluetooth: Error in BCSP hdr checksum [ 2667.928313] Bluetooth: hci3 command 0x1003 tx timeout [ 2667.933665] Bluetooth: hci3 sending frame failed (-49) [ 2668.008325] Bluetooth: hci6 command 0x1003 tx timeout [ 2668.008448] Bluetooth: hci4 command 0x1003 tx timeout [ 2668.009541] Bluetooth: Error in BCSP hdr checksum [ 2668.013758] Bluetooth: Error in BCSP hdr checksum [ 2668.278674] Bluetooth: Error in BCSP hdr checksum [ 2668.279087] Bluetooth: Error in BCSP hdr checksum [ 2668.538425] Bluetooth: Error in BCSP hdr checksum [ 2668.538548] Bluetooth: Error in BCSP hdr checksum [ 2668.648266] Bluetooth: hci5 command 0x1003 tx timeout [ 2668.648358] Bluetooth: hci5 sending frame failed (-49) [ 2668.798494] Bluetooth: Error in BCSP hdr checksum [ 2668.798586] Bluetooth: Error in BCSP hdr checksum [ 2669.058492] Bluetooth: Error in BCSP hdr checksum [ 2669.058512] Bluetooth: Error in BCSP hdr checksum [ 2669.318652] Bluetooth: Error in BCSP hdr checksum [ 2669.318801] Bluetooth: Error in BCSP hdr checksum [ 2669.578558] Bluetooth: Error in BCSP hdr checksum [ 2669.579009] Bluetooth: Error in BCSP hdr checksum [ 2669.838611] Bluetooth: Error in BCSP hdr checksum [ 2669.838613] Bluetooth: Error in BCSP hdr checksum [ 2670.008195] Bluetooth: hci3 command 0x1001 tx timeout [ 2670.013626] Bluetooth: hci3 sending frame failed (-49) [ 2670.088222] Bluetooth: hci4 command 0x1001 tx timeout [ 2670.093735] Bluetooth: hci6 command 0x1001 tx timeout [ 2670.094003] Bluetooth: Error in BCSP hdr checksum [ 2670.104178] Bluetooth: Error in BCSP hdr checksum [ 2670.109783] Bluetooth: Error in BCSP hdr checksum [ 2670.358487] Bluetooth: Error in BCSP hdr checksum [ 2670.358579] Bluetooth: Error in BCSP hdr checksum [ 2670.363418] Bluetooth: Error in BCSP hdr checksum [ 2670.369751] Bluetooth: Error in BCSP hdr checksum [ 2670.618569] Bluetooth: Error in BCSP hdr checksum [ 2670.619096] Bluetooth: Error in BCSP hdr checksum [ 2670.623494] Bluetooth: Error in BCSP hdr checksum [ 2670.632422] Bluetooth: Error in BCSP hdr checksum [ 2670.728162] Bluetooth: hci5 command 0x1001 tx timeout [ 2670.733480] Bluetooth: hci5 sending frame failed (-49) [ 2670.878528] Bluetooth: Error in BCSP hdr checksum [ 2670.879050] Bluetooth: Error in BCSP hdr checksum [ 2670.883450] Bluetooth: Error in BCSP hdr checksum [ 2670.889384] Bluetooth: Error in BCSP hdr checksum [ 2671.138284] Bluetooth: Error in BCSP hdr checksum [ 2671.143197] Bluetooth: Error in BCSP hdr checksum [ 2671.149439] Bluetooth: Error in BCSP hdr checksum [ 2671.154337] Bluetooth: Error in BCSP hdr checksum [ 2671.398347] Bluetooth: Error in BCSP hdr checksum [ 2671.403263] Bluetooth: Error in BCSP hdr checksum [ 2671.409416] Bluetooth: Error in BCSP hdr checksum [ 2671.414308] Bluetooth: Error in BCSP hdr checksum [ 2671.658864] Bluetooth: Error in BCSP hdr checksum [ 2671.663790] Bluetooth: Error in BCSP hdr checksum [ 2671.669728] Bluetooth: Error in BCSP hdr checksum [ 2671.674611] Bluetooth: Error in BCSP hdr checksum [ 2671.918323] Bluetooth: Error in BCSP hdr checksum [ 2671.923235] Bluetooth: Error in BCSP hdr checksum [ 2671.930365] Bluetooth: Error in BCSP hdr checksum [ 2671.935323] Bluetooth: Error in BCSP hdr checksum [ 2672.098184] Bluetooth: hci3 command 0x1009 tx timeout [ 2672.168018] Bluetooth: hci6 command 0x1009 tx timeout [ 2672.168022] Bluetooth: hci4 command 0x1009 tx timeout [ 2672.178759] Bluetooth: Error in BCSP hdr checksum [ 2672.183809] Bluetooth: Error in BCSP hdr checksum [ 2672.189916] Bluetooth: Error in BCSP hdr checksum [ 2672.194812] Bluetooth: Error in BCSP hdr checksum [ 2672.448997] Bluetooth: Error in BCSP hdr checksum [ 2672.449107] Bluetooth: Error in BCSP hdr checksum [ 2672.453907] Bluetooth: Error in BCSP hdr checksum [ 2672.458882] Bluetooth: Error in BCSP hdr checksum [ 2672.708446] Bluetooth: Error in BCSP hdr checksum [ 2672.709129] Bluetooth: Error in BCSP hdr checksum [ 2672.713376] Bluetooth: Error in BCSP hdr checksum [ 2672.723216] Bluetooth: Error in BCSP hdr checksum [ 2672.807941] Bluetooth: hci5 command 0x1009 tx timeout [ 2672.969036] Bluetooth: Error in BCSP hdr checksum [ 2672.969135] Bluetooth: Error in BCSP hdr checksum [ 2672.973966] Bluetooth: Error in BCSP hdr checksum [ 2672.978988] Bluetooth: Error in BCSP hdr checksum [ 2673.228390] Bluetooth: Error in BCSP hdr checksum [ 2673.228958] Bluetooth: Error in BCSP hdr checksum [ 2673.233311] Bluetooth: Error in BCSP hdr checksum [ 2673.239546] Bluetooth: Error in BCSP hdr checksum [ 2673.488353] Bluetooth: Error in BCSP hdr checksum [ 2673.493397] Bluetooth: Error in BCSP hdr checksum [ 2673.499569] Bluetooth: Error in BCSP hdr checksum [ 2673.504470] Bluetooth: Error in BCSP hdr checksum [ 2673.748240] Bluetooth: Error in BCSP hdr checksum [ 2673.753151] Bluetooth: Error in BCSP hdr checksum [ 2673.759239] Bluetooth: Error in BCSP hdr checksum [ 2673.764218] Bluetooth: Error in BCSP hdr checksum [ 2674.008221] Bluetooth: Error in BCSP hdr checksum [ 2674.008224] Bluetooth: Error in BCSP hdr checksum [ 2674.008263] Bluetooth: Error in BCSP hdr checksum [ 2674.013138] Bluetooth: Error in BCSP hdr checksum [ 2674.268364] Bluetooth: Error in BCSP hdr checksum [ 2674.268892] Bluetooth: Error in BCSP hdr checksum [ 2674.273511] Bluetooth: Error in BCSP hdr checksum [ 2674.278701] Bluetooth: Error in BCSP hdr checksum [ 2674.528239] Bluetooth: Error in BCSP hdr checksum [ 2674.532768] Bluetooth: Error in BCSP hdr checksum [ 2674.533158] Bluetooth: Error in BCSP hdr checksum [ 2674.539502] Bluetooth: Error in BCSP hdr checksum [ 2674.788178] Bluetooth: Error in BCSP hdr checksum [ 2674.793095] Bluetooth: Error in BCSP hdr checksum [ 2674.798529] Bluetooth: Error in BCSP hdr checksum [ 2674.803434] Bluetooth: Error in BCSP hdr checksum [ 2675.048198] Bluetooth: Error in BCSP hdr checksum [ 2675.053150] Bluetooth: Error in BCSP hdr checksum [ 2675.058359] Bluetooth: Error in BCSP hdr checksum [ 2675.063247] Bluetooth: Error in BCSP hdr checksum [ 2675.308124] Bluetooth: Error in BCSP hdr checksum [ 2675.308127] Bluetooth: Error in BCSP hdr checksum [ 2675.308165] Bluetooth: Error in BCSP hdr checksum [ 2675.313040] Bluetooth: Error in BCSP hdr checksum [ 2675.568098] Bluetooth: Error in BCSP hdr checksum [ 2675.568198] Bluetooth: Error in BCSP hdr checksum [ 2675.573028] Bluetooth: Error in BCSP hdr checksum [ 2675.582603] Bluetooth: Error in BCSP hdr checksum [ 2675.828051] Bluetooth: Error in BCSP hdr checksum [ 2675.828144] Bluetooth: Error in BCSP hdr checksum [ 2675.832986] Bluetooth: Error in BCSP hdr checksum [ 2675.842379] Bluetooth: Error in BCSP hdr checksum [ 2676.098433] Bluetooth: Error in BCSP hdr checksum [ 2676.103420] Bluetooth: Error in BCSP hdr checksum [ 2676.106125] Bluetooth: Error in BCSP hdr checksum [ 2676.122661] Bluetooth: Error in BCSP hdr checksum 18:43:03 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) mount$fuseblk(&(0x7f0000000080)='/dev/loop0\x00', 0x0, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000000b000/0x18000)=nil, &(0x7f00000008c0)=[@text32={0x20, &(0x7f00000000c0)="b805000000b9510000000f01c10f46a78900000066ba2100b067ee66ba4100edb9800000c00f3266ba400066ed0f30c4c271de9d0000000066b808008ed0660f38806f000f011c2666b8bf008ee0", 0x4e}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)) r3 = inotify_init() r4 = inotify_init() r5 = dup3(r3, r4, 0x0) ioctl$sock_inet_udp_SIOCINQ(r5, 0x541b, &(0x7f0000000040)) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4cb]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 18:43:03 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) ioctl$KDADDIO(r0, 0x400455c8, 0x4) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000040)=0x3) 18:43:03 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xd) ioctl$KDADDIO(0xffffffffffffffff, 0x400455c8, 0x0) 18:43:03 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x4) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000040)) r1 = socket(0x200000000000011, 0x6, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'sit0\x00', 0x0}) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000040)) ioctl$KDSKBLED(0xffffffffffffffff, 0x4b65, 0x1b39e9f3) bind$packet(r1, &(0x7f0000000200)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @local}, 0x14) sendmmsg(r1, &(0x7f0000000d00), 0x400004e, 0x0) pipe(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000040)='/dev/cuse\x00', 0x2, 0x0) splice(r4, 0x0, r3, 0x0, 0x20000038, 0x0) ioctl$SNDRV_CTL_IOCTL_RAWMIDI_INFO(r3, 0xc10c5541, &(0x7f00000000c0)={0x422, 0x400}) pipe(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r6 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000040)='/dev/cuse\x00', 0x2, 0x0) splice(r6, 0x0, r5, 0x0, 0x20000038, 0x0) ioctl$UI_BEGIN_FF_UPLOAD(r5, 0xc06855c8, &(0x7f0000000280)={0xf, 0x2, {0x57, 0xfffa, 0x2, {0x3, 0x6b}, {0x1, 0xf000}, @ramp={0x101, 0x81, {0x1, 0x6, 0x3}}}, {0x53, 0x1, 0x2, {0x0, 0x3000}, {0x1ff, 0x8000}, @ramp={0xfff7, 0x18, {0x2, 0x7, 0x9, 0x4}}}}) accept4$tipc(r1, &(0x7f0000000000)=@id, &(0x7f0000000080)=0x10, 0x80000) ioctl$VIDIOC_S_OUTPUT(0xffffffffffffffff, 0xc004562f, &(0x7f0000000240)=0x1) [ 2676.345971] Bluetooth: Unknown HCI packet type 00 [ 2676.352871] Bluetooth: Unknown HCI packet type 5e [ 2676.363573] Bluetooth: Unknown HCI packet type 43 [ 2676.374503] Bluetooth: Unknown HCI packet type 5e [ 2676.379805] Bluetooth: Unknown HCI packet type 50 [ 2676.395631] Bluetooth: Unknown HCI packet type 5e [ 2676.400603] Bluetooth: Unknown HCI packet type 40 18:43:03 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) ioctl$KDADDIO(r0, 0x400455c8, 0x0) sigaltstack(&(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000000)) 18:43:03 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) open(&(0x7f00000000c0)='./file0\x00', 0x40c2, 0x0) open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x200000000, 0x2, &(0x7f00000001c0)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r1 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) write$binfmt_elf64(r1, &(0x7f0000000ec0)=ANY=[], 0x471) sendfile(r1, r1, &(0x7f0000000480), 0xa198) r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) pipe(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000040)='/dev/cuse\x00', 0x2, 0x0) splice(r4, 0x0, r3, 0x0, 0x20000038, 0x0) r5 = openat$cgroup_ro(r3, &(0x7f0000000340)='memory.swap.current\x00', 0x0, 0x0) ioctl$TIOCSETD(r5, 0x5423, &(0x7f0000000040)=0x11) ioctl$KDADDIO(r2, 0x400455c8, 0x1) ioctl$TIOCSETD(r2, 0x5412, &(0x7f0000000040)) ioctl$GIO_FONT(r2, 0x4b60, &(0x7f0000000280)=""/139) syz_genetlink_get_family_id$devlink(&(0x7f0000000100)='devlink\x00') r6 = syz_genetlink_get_family_id$devlink(&(0x7f0000000380)='devlink\x00') sendmsg$DEVLINK_CMD_PORT_GET(r1, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000200)={&(0x7f00000003c0)={0x3c, r6, 0x422, 0x70bd2c, 0x25dfdbfe, {}, [{{@nsim={{0xe, 0x1, 'netdevsim\x00'}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0xffffffff}}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x41}, 0x20000000) 18:43:03 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) ioctl$KDADDIO(r0, 0x400455c8, 0x4) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000040)=0x3) 18:43:03 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) mount$fuseblk(&(0x7f0000000080)='/dev/loop0\x00', 0x0, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000000b000/0x18000)=nil, &(0x7f00000008c0)=[@text32={0x20, &(0x7f00000000c0)="b805000000b9510000000f01c10f46a78900000066ba2100b067ee66ba4100edb9800000c00f3266ba400066ed0f30c4c271de9d0000000066b808008ed0660f38806f000f011c2666b8bf008ee0", 0x4e}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)) r3 = inotify_init() r4 = inotify_init() r5 = dup3(r3, r4, 0x0) ioctl$sock_inet_udp_SIOCINQ(r5, 0x541b, &(0x7f0000000040)) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4cb]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 18:43:03 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x4) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r1, 0x400455c8, 0x1) ioctl$TIOCSETD(r1, 0x5412, &(0x7f0000000040)) r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r2, 0x400455c8, 0x1) prctl$PR_GET_FP_MODE(0x2e) ioctl$TIOCSETD(r2, 0x5412, &(0x7f0000000040)) ioctl$TIOCSETD(r2, 0x5412, &(0x7f0000000000)=0x3) [ 2676.791973] audit: type=1800 audit(1590777783.638:1144): pid=30511 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="collect_data" cause="failed(directio)" comm="syz-executor.0" name="file0" dev="sda1" ino=15996 res=0 [ 2676.820215] Bluetooth: Unknown HCI packet type 5e [ 2676.825113] Bluetooth: Unknown HCI packet type 43 [ 2676.829512] MINIX-fs: mounting unchecked file system, running fsck is recommended 18:43:03 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) ioctl$KDADDIO(r0, 0x400455c8, 0x4) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000040)=0x3) 18:43:03 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) mount$fuseblk(0x0, 0x0, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000000b000/0x18000)=nil, &(0x7f00000008c0)=[@text32={0x20, &(0x7f00000000c0)="b805000000b9510000000f01c10f46a78900000066ba2100b067ee66ba4100edb9800000c00f3266ba400066ed0f30c4c271de9d0000000066b808008ed0660f38806f000f011c2666b8bf008ee0", 0x4e}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)) r3 = inotify_init() r4 = inotify_init() r5 = dup3(r3, r4, 0x0) ioctl$sock_inet_udp_SIOCINQ(r5, 0x541b, &(0x7f0000000040)) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4cb]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 2676.835286] Bluetooth: hci6: Frame reassembly failed (-84) 18:43:03 executing program 4: ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(0xffffffffffffffff, 0x400455c8, 0x4) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000040)=0x3) [ 2676.887269] Bluetooth: Unknown HCI packet type 5e [ 2676.895625] audit: type=1804 audit(1590777783.668:1145): pid=30511 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="open_writers" comm="syz-executor.0" name="/root/syzkaller-testdir477172077/syzkaller.GVGvUQ/734/file0" dev="sda1" ino=15996 res=1 [ 2676.910973] Bluetooth: Unknown HCI packet type 50 [ 2676.976381] Bluetooth: Unknown HCI packet type 5e [ 2677.002250] audit: type=1804 audit(1590777783.838:1146): pid=30511 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="ToMToU" comm="syz-executor.0" name="/root/syzkaller-testdir477172077/syzkaller.GVGvUQ/734/file0" dev="loop0" ino=1 res=1 [ 2677.004561] Bluetooth: Unknown HCI packet type 40 [ 2677.097400] Bluetooth: Short BCSP packet [ 2677.124785] minix_free_inode: bit 1 already cleared [ 2677.130526] Bluetooth: Error in BCSP hdr checksum [ 2677.347773] Bluetooth: Error in BCSP hdr checksum [ 2677.387779] Bluetooth: Error in BCSP hdr checksum [ 2677.607966] Bluetooth: Error in BCSP hdr checksum [ 2677.647770] Bluetooth: Error in BCSP hdr checksum [ 2677.867737] Bluetooth: Error in BCSP hdr checksum [ 2677.907854] Bluetooth: Error in BCSP hdr checksum [ 2678.127660] Bluetooth: Error in BCSP hdr checksum [ 2678.177898] Bluetooth: Error in BCSP hdr checksum [ 2678.387695] Bluetooth: Error in BCSP hdr checksum [ 2678.407497] Bluetooth: hci3 command 0x1003 tx timeout [ 2678.412863] Bluetooth: hci3 sending frame failed (-49) [ 2678.438206] Bluetooth: Error in BCSP hdr checksum [ 2678.647847] Bluetooth: Error in BCSP hdr checksum [ 2678.698360] Bluetooth: Error in BCSP hdr checksum [ 2678.887465] Bluetooth: hci7 command 0x1003 tx timeout [ 2678.887486] Bluetooth: hci6 command 0x1003 tx timeout [ 2678.892732] Bluetooth: hci4 command 0x1003 tx timeout [ 2678.903695] Bluetooth: hci6 sending frame failed (-49) [ 2678.905672] Bluetooth: hci4 sending frame failed (-49) [ 2678.909201] Bluetooth: hci5 command 0x1003 tx timeout [ 2678.919906] Bluetooth: Error in BCSP hdr checksum [ 2678.919937] Bluetooth: Error in BCSP hdr checksum [ 2678.929996] Bluetooth: Error in BCSP hdr checksum [ 2679.177644] Bluetooth: Error in BCSP hdr checksum [ 2679.177946] Bluetooth: Error in BCSP hdr checksum [ 2679.437854] Bluetooth: Error in BCSP hdr checksum [ 2679.437857] Bluetooth: Error in BCSP hdr checksum [ 2679.697699] Bluetooth: Error in BCSP hdr checksum [ 2679.698212] Bluetooth: Error in BCSP hdr checksum [ 2679.957830] Bluetooth: Error in BCSP hdr checksum [ 2679.957921] Bluetooth: Error in BCSP hdr checksum [ 2680.217665] Bluetooth: Error in BCSP hdr checksum [ 2680.217743] Bluetooth: Error in BCSP hdr checksum [ 2680.477786] Bluetooth: Error in BCSP hdr checksum [ 2680.477921] Bluetooth: Error in BCSP hdr checksum [ 2680.487625] Bluetooth: hci3 command 0x1001 tx timeout [ 2680.492901] Bluetooth: hci3 sending frame failed (-49) [ 2680.747595] Bluetooth: Error in BCSP hdr checksum [ 2680.747686] Bluetooth: Error in BCSP hdr checksum [ 2680.967394] Bluetooth: hci6 command 0x1001 tx timeout [ 2680.967397] Bluetooth: hci5 command 0x1001 tx timeout [ 2680.967424] Bluetooth: hci4 command 0x1001 tx timeout [ 2680.972635] Bluetooth: hci7 command 0x1001 tx timeout [ 2680.978029] Bluetooth: hci6 sending frame failed (-49) [ 2680.987808] Bluetooth: Error in BCSP hdr checksum [ 2680.991339] Bluetooth: hci4 sending frame failed (-49) [ 2681.004361] Bluetooth: Error in BCSP hdr checksum [ 2681.237576] Bluetooth: Error in BCSP hdr checksum [ 2681.242661] Bluetooth: Error in BCSP hdr checksum [ 2681.257629] Bluetooth: Error in BCSP hdr checksum [ 2681.262675] Bluetooth: Error in BCSP hdr checksum [ 2681.497536] Bluetooth: Error in BCSP hdr checksum [ 2681.502619] Bluetooth: Error in BCSP hdr checksum [ 2681.517676] Bluetooth: Error in BCSP hdr checksum [ 2681.522752] Bluetooth: Error in BCSP hdr checksum [ 2681.767593] Bluetooth: Error in BCSP hdr checksum [ 2681.772595] Bluetooth: Error in BCSP hdr checksum [ 2681.778891] Bluetooth: Error in BCSP hdr checksum [ 2681.783787] Bluetooth: Error in BCSP hdr checksum [ 2682.027455] Bluetooth: Error in BCSP hdr checksum [ 2682.032374] Bluetooth: Error in BCSP hdr checksum [ 2682.047505] Bluetooth: Error in BCSP hdr checksum [ 2682.052419] Bluetooth: Error in BCSP hdr checksum [ 2682.287618] Bluetooth: Error in BCSP hdr checksum [ 2682.292535] Bluetooth: Error in BCSP hdr checksum [ 2682.307716] Bluetooth: Error in BCSP hdr checksum [ 2682.312630] Bluetooth: Error in BCSP hdr checksum [ 2682.547457] Bluetooth: Error in BCSP hdr checksum [ 2682.552373] Bluetooth: Error in BCSP hdr checksum [ 2682.567298] Bluetooth: hci3 command 0x1009 tx timeout [ 2682.572814] Bluetooth: Error in BCSP hdr checksum [ 2682.578511] Bluetooth: Error in BCSP hdr checksum [ 2682.807537] Bluetooth: Error in BCSP hdr checksum [ 2682.812484] Bluetooth: Error in BCSP hdr checksum [ 2682.827427] Bluetooth: Error in BCSP hdr checksum [ 2682.832337] Bluetooth: Error in BCSP hdr checksum [ 2683.047248] Bluetooth: hci4 command 0x1009 tx timeout [ 2683.047252] Bluetooth: hci7 command 0x1009 tx timeout [ 2683.057767] Bluetooth: hci6 command 0x1009 tx timeout [ 2683.063045] Bluetooth: hci5 command 0x1009 tx timeout [ 2683.077577] Bluetooth: Error in BCSP hdr checksum [ 2683.082493] Bluetooth: Error in BCSP hdr checksum [ 2683.087654] Bluetooth: Error in BCSP hdr checksum [ 2683.092581] Bluetooth: Error in BCSP hdr checksum [ 2683.347547] Bluetooth: Error in BCSP hdr checksum [ 2683.352742] Bluetooth: Error in BCSP hdr checksum [ 2683.358884] Bluetooth: Error in BCSP hdr checksum [ 2683.363882] Bluetooth: Error in BCSP hdr checksum [ 2683.607661] Bluetooth: Error in BCSP hdr checksum [ 2683.608339] Bluetooth: Error in BCSP hdr checksum [ 2683.612595] Bluetooth: Error in BCSP hdr checksum [ 2683.622844] Bluetooth: Error in BCSP hdr checksum [ 2683.867437] Bluetooth: Error in BCSP hdr checksum [ 2683.872479] Bluetooth: Error in BCSP hdr checksum [ 2683.877856] Bluetooth: Error in BCSP hdr checksum [ 2683.882779] Bluetooth: Error in BCSP hdr checksum [ 2684.127346] Bluetooth: Error in BCSP hdr checksum [ 2684.132375] Bluetooth: Error in BCSP hdr checksum [ 2684.137423] Bluetooth: Error in BCSP hdr checksum [ 2684.142346] Bluetooth: Error in BCSP hdr checksum [ 2684.387353] Bluetooth: Error in BCSP hdr checksum [ 2684.392270] Bluetooth: Error in BCSP hdr checksum [ 2684.408364] Bluetooth: Error in BCSP hdr checksum [ 2684.413399] Bluetooth: Error in BCSP hdr checksum [ 2684.647317] Bluetooth: Error in BCSP hdr checksum [ 2684.652236] Bluetooth: Error in BCSP hdr checksum [ 2684.668310] Bluetooth: Error in BCSP hdr checksum [ 2684.673214] Bluetooth: Error in BCSP hdr checksum [ 2684.907240] Bluetooth: Error in BCSP hdr checksum [ 2684.912267] Bluetooth: Error in BCSP hdr checksum [ 2684.927213] Bluetooth: Error in BCSP hdr checksum [ 2684.932140] Bluetooth: Error in BCSP hdr checksum [ 2685.167201] Bluetooth: Error in BCSP hdr checksum [ 2685.172126] Bluetooth: Error in BCSP hdr checksum [ 2685.187331] Bluetooth: Error in BCSP hdr checksum [ 2685.192239] Bluetooth: Error in BCSP hdr checksum [ 2685.427270] Bluetooth: Error in BCSP hdr checksum [ 2685.432344] Bluetooth: Error in BCSP hdr checksum [ 2685.448056] Bluetooth: Error in BCSP hdr checksum [ 2685.452997] Bluetooth: Error in BCSP hdr checksum [ 2685.687239] Bluetooth: Error in BCSP hdr checksum [ 2685.692267] Bluetooth: Error in BCSP hdr checksum [ 2685.707290] Bluetooth: Error in BCSP hdr checksum [ 2685.712217] Bluetooth: Error in BCSP hdr checksum [ 2685.947307] Bluetooth: Error in BCSP hdr checksum [ 2685.952217] Bluetooth: Error in BCSP hdr checksum [ 2685.977426] Bluetooth: Error in BCSP hdr checksum [ 2685.982460] Bluetooth: Error in BCSP hdr checksum [ 2686.207301] Bluetooth: Error in BCSP hdr checksum [ 2686.212218] Bluetooth: Error in BCSP hdr checksum [ 2686.237251] Bluetooth: Error in BCSP hdr checksum [ 2686.242250] Bluetooth: Error in BCSP hdr checksum [ 2686.467309] Bluetooth: Error in BCSP hdr checksum [ 2686.472226] Bluetooth: Error in BCSP hdr checksum [ 2686.497271] Bluetooth: Error in BCSP hdr checksum [ 2686.502190] Bluetooth: Error in BCSP hdr checksum [ 2686.727187] Bluetooth: Error in BCSP hdr checksum [ 2686.732104] Bluetooth: Error in BCSP hdr checksum [ 2686.758174] Bluetooth: Error in BCSP hdr checksum [ 2686.763178] Bluetooth: Error in BCSP hdr checksum 18:43:13 executing program 4: ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(0xffffffffffffffff, 0x400455c8, 0x4) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000040)=0x3) 18:43:13 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) open(&(0x7f00000000c0)='./file0\x00', 0x40c2, 0x0) open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x200000000, 0x2, &(0x7f00000001c0)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r1 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) r2 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cachefiles\x00', 0x210200, 0x0) getpeername$netrom(r2, &(0x7f0000000200)={{0x3, @default}, [@netrom, @netrom, @netrom, @netrom, @netrom, @null, @remote, @null]}, &(0x7f0000000100)=0x48) write$binfmt_elf64(r1, &(0x7f0000000ec0)=ANY=[], 0x471) sendfile(r1, r1, &(0x7f0000000480), 0xa198) 18:43:13 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) mount$fuseblk(0x0, 0x0, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000000b000/0x18000)=nil, &(0x7f00000008c0)=[@text32={0x20, &(0x7f00000000c0)="b805000000b9510000000f01c10f46a78900000066ba2100b067ee66ba4100edb9800000c00f3266ba400066ed0f30c4c271de9d0000000066b808008ed0660f38806f000f011c2666b8bf008ee0", 0x4e}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)) r3 = inotify_init() r4 = inotify_init() r5 = dup3(r3, r4, 0x0) ioctl$sock_inet_udp_SIOCINQ(r5, 0x541b, &(0x7f0000000040)) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4cb]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 18:43:13 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) ioctl$KDADDIO(r0, 0x400455c8, 0x0) r1 = syz_open_dev$tty1(0xc, 0x4, 0x2) ioctl$TIOCGPTPEER(r1, 0x5441, 0x7) [ 2686.992803] Bluetooth: Error in BCSP hdr checksum [ 2687.007684] Bluetooth: Error in BCSP hdr checksum [ 2687.032356] Bluetooth: Error in BCSP hdr checksum [ 2687.046173] Bluetooth: Error in BCSP hdr checksum 18:43:13 executing program 4: ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(0xffffffffffffffff, 0x400455c8, 0x4) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000040)=0x3) [ 2687.080683] audit: type=1800 audit(1590777793.929:1147): pid=30566 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="collect_data" cause="failed(directio)" comm="syz-executor.0" name="file0" dev="sda1" ino=15999 res=0 [ 2687.121104] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 2687.133492] Bluetooth: hci3: Frame reassembly failed (-84) 18:43:14 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) mount$fuseblk(0x0, 0x0, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000000b000/0x18000)=nil, &(0x7f00000008c0)=[@text32={0x20, &(0x7f00000000c0)="b805000000b9510000000f01c10f46a78900000066ba2100b067ee66ba4100edb9800000c00f3266ba400066ed0f30c4c271de9d0000000066b808008ed0660f38806f000f011c2666b8bf008ee0", 0x4e}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)) r3 = inotify_init() r4 = inotify_init() r5 = dup3(r3, r4, 0x0) ioctl$sock_inet_udp_SIOCINQ(r5, 0x541b, &(0x7f0000000040)) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4cb]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 18:43:14 executing program 2: r0 = socket(0x200000000000011, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'sit0\x00', 0x0}) bind$packet(r0, &(0x7f0000000200)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @local}, 0x14) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'sit0\x00', 0x0}) bind$packet(0xffffffffffffffff, &(0x7f0000000200)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @local}, 0x14) sendmmsg(0xffffffffffffffff, &(0x7f0000000d00), 0x400004e, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000340)={&(0x7f0000000300)=@ipv6_getanyicast={0x14, 0x3e, 0x8, 0x70bd26, 0x25dfdbfd, {}, ["", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x40044885}, 0x80004) sendmmsg(r0, &(0x7f0000000d00), 0x400004e, 0x0) ioctl$sock_SIOCSIFVLAN_GET_VLAN_INGRESS_PRIORITY_CMD(r0, 0x8983, &(0x7f0000000100)) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) open(&(0x7f0000000000)='./file0\x00', 0xc00c2, 0x0) r4 = open(&(0x7f0000000180)='./file0\x00', 0x10081, 0x9) setsockopt$inet6_tcp_TCP_REPAIR_WINDOW(r4, 0x6, 0x1d, &(0x7f0000000240)={0x9, 0xb6, 0x7, 0x401, 0x8}, 0x14) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x200000000, 0x2, &(0x7f00000001c0)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r5 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) write$binfmt_elf64(r5, &(0x7f0000000ec0)=ANY=[], 0x471) truncate(&(0x7f0000000280)='./file0\x00', 0x4) sendfile(r5, r5, &(0x7f0000000480), 0xa198) [ 2687.179479] audit: type=1804 audit(1590777793.949:1148): pid=30566 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="open_writers" comm="syz-executor.0" name="/root/syzkaller-testdir477172077/syzkaller.GVGvUQ/735/file0" dev="sda1" ino=15999 res=1 18:43:14 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x4) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000040)=0x3) 18:43:14 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x4) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000040)=0x3) [ 2687.330403] audit: type=1804 audit(1590777794.179:1149): pid=30566 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="ToMToU" comm="syz-executor.0" name="/root/syzkaller-testdir477172077/syzkaller.GVGvUQ/735/file0" dev="loop0" ino=1 res=1 18:43:14 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = open(&(0x7f00000000c0)='./file0\x00', 0x40c2, 0x0) open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x200000000, 0x2, &(0x7f00000001c0)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r2 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) r3 = socket(0x200000000000011, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000080)={'sit0\x00', 0x0}) r5 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ptmx\x00', 0x0, 0x0) ioctl$KDGKBENT(r1, 0x4b46, &(0x7f00000003c0)={0x9, 0xff, 0x1}) ioctl$TIOCSETD(r5, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r5, 0x400455c8, 0x1) ioctl$TIOCSETD(r5, 0x5412, &(0x7f0000000040)) ioctl$VT_SETMODE(r5, 0x5602, &(0x7f0000000000)={0x9, 0x81, 0x1, 0xae8, 0x3}) bind$packet(r3, &(0x7f0000000200)={0x11, 0x0, r4, 0x1, 0x0, 0x6, @local}, 0x14) sendmmsg(r3, &(0x7f0000000d00), 0x400004e, 0x0) write$binfmt_elf64(r2, &(0x7f0000000240)=ANY=[@ANYRESHEX=r2, @ANYRESOCT=0x0, @ANYBLOB="ad560b0df06489fef2df1a9f6489c7c069956c8d3228098c9e21a4256f999c0c7de1e69f01a6b3fea69c082dc4d15bceb35504b612ad10d63922783d11c8552e294db7af", @ANYBLOB="bf608511933b67a462fc302f5cbe2d799783fb64ad36b51339fd8b27565bff81b234974d28687b39f9a64e452e59d6fadc5a012efa1b6839b3b19a6e668c3d0b354ec98c5a9466bd5f9c329bc01bbfe054f82c7844162a6b152c386cd0888a71d60ae2add2e1ecce7032e2d4c6a430f88bcf7463fbbf31cd90a28e42db5e3aaf760d153fe2996b6700d3a93d9f4077a30b682f99165e2ce0cab87f76d881a25f74b1d67c37874e6123ef68b066d03c52be15e4e637fd076d72bcf4bc33b0462e", @ANYRES16=r3, @ANYRES16=0x0], 0x471) sendfile(r2, r2, &(0x7f0000000480), 0xa198) fsetxattr$trusted_overlay_upper(0xffffffffffffffff, &(0x7f00000004c0)='trusted.overlay.upper\x00', &(0x7f0000000500)={0x0, 0xfb, 0x3a, 0x6, 0x1, "333c6ef05457f3cca9b7b3772991de3b", "20e400b89fc66eed766bb891766d7629162a745cb0e23d64b9873683da6af7bd0e7dca68ca"}, 0x3a, 0x1) lsetxattr(&(0x7f0000000100)='./file0\x00', &(0x7f0000000180)=@random={'trusted.', 'securityvmnet1-wlan0{\x00'}, &(0x7f0000000380)='lolo\x00', 0x5, 0x6) [ 2687.389571] MINIX-fs: mounting unchecked file system, running fsck is recommended 18:43:14 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x4) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000040)=0x3) 18:43:14 executing program 3: r0 = socket(0x200000000000011, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'sit0\x00', 0x0}) bind$packet(r0, &(0x7f0000000200)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @local}, 0x14) sendmmsg(r0, &(0x7f0000000d00), 0x0, 0x40000) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$devlink(&(0x7f0000000140)='devlink\x00') sendmsg$DEVLINK_CMD_GET(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f00000001c0)=ANY=[@ANYBLOB="143145a418c321a641edfdec17001000", @ANYRES16=r3, @ANYBLOB="dd07000000000000000005000000"], 0x14}}, 0x0) pipe(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000040)='/dev/cuse\x00', 0x2, 0x0) splice(r5, 0x0, r4, 0x0, 0x20000038, 0x0) sendmsg$DEVLINK_CMD_RELOAD(r0, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x60, r3, 0x400, 0x70bd2d, 0x25dfdbff, {}, [{@nsim={{0xe, 0x1, 'netdevsim\x00'}, {0xf, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_NETNS_FD={0x8, 0x8a, r4}}, {@pci={{0x8, 0x1, 'pci\x00'}, {0x11, 0x2, '0000:00:10.0\x00'}}, @DEVLINK_ATTR_NETNS_ID={0x8, 0x8c, 0x1}}]}, 0x60}, 0x1, 0x0, 0x0, 0x20040000}, 0x0) r6 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r6, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r6, 0x400455c8, 0x4) r7 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000240)='/proc/sys/net/ipv4/vs/lblcr_expiration\x00', 0x2, 0x0) r8 = open(&(0x7f0000000180)='./bus\x00', 0x151042, 0x0) r9 = syz_genetlink_get_family_id$tipc2(&(0x7f00000000c0)='TIPCv2\x00') sendmsg$TIPC_NL_LINK_SET(r8, &(0x7f0000000480)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000180)={&(0x7f00000004c0)=ANY=[@ANYBLOB="88000000", @ANYRES16=r9, @ANYBLOB="02002cbd7000fcdbdf250900000058000480540007800800030006000000080001000300000008000400ff000000080001000a00000008000200ff0000000800010017000000080003004e00000008000200070000000800040005000000080001001d0000001c000980080002009503000008000100050000000800010001000100be125ae5086a39664fc554d4c680608f6afe6961bd9dbfdb3ad9e0fd646aa22629a0baec3576c7467133caf2062508deb40eeb96de697fbdd581734e68d45a7f7e0fbd4091b4b9dbe2648584cc1e5708ee"], 0x88}, 0x1, 0x0, 0x0, 0x24000000}, 0x20040040) sendmsg$TIPC_NL_MON_SET(r7, &(0x7f0000000300)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f00000002c0)={&(0x7f00000005c0)={0x170, r9, 0x100, 0x70bd26, 0x25dfdbfc, {}, [@TIPC_NLA_NET={0x44, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_ADDR={0x8, 0x2, 0xc6}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0x1}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x14f}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0xfffffffe}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x6}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0x859d}]}, @TIPC_NLA_MEDIA={0x20, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_PROP={0x1c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x500}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x5}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x9}]}]}, @TIPC_NLA_MEDIA={0x44, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_PROP={0x14, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0xffffffff}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x1ff}]}, @TIPC_NLA_MEDIA_PROP={0x24, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x1000}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x4}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0xfffffffb}]}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}]}, @TIPC_NLA_BEARER={0x24, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz1\x00'}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz2\x00'}]}, @TIPC_NLA_BEARER={0x58, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_PROP={0xc, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x9}]}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @l2={'ib', 0x3a, 'vlan0\x00'}}, @TIPC_NLA_BEARER_DOMAIN={0x8}, @TIPC_NLA_BEARER_PROP={0x24, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x45}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x1}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x4}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0xfff}]}, @TIPC_NLA_BEARER_PROP={0xc, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8}]}]}, @TIPC_NLA_PUBL={0x34, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x401}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x40}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x9}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x9}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x2}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x10001}]}, @TIPC_NLA_NET={0x4}]}, 0x170}, 0x1, 0x0, 0x0, 0x24000840}, 0x20040840) ioctl$TIOCSETD(r6, 0x5412, &(0x7f0000000040)) 18:43:14 executing program 5: openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) mount$fuseblk(&(0x7f0000000080)='/dev/loop0\x00', 0x0, 0x0, 0x0, 0x0) r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000000b000/0x18000)=nil, &(0x7f00000008c0)=[@text32={0x20, &(0x7f00000000c0)="b805000000b9510000000f01c10f46a78900000066ba2100b067ee66ba4100edb9800000c00f3266ba400066ed0f30c4c271de9d0000000066b808008ed0660f38806f000f011c2666b8bf008ee0", 0x4e}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r0, 0xae60) r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_CREATE_PIT2(r0, 0x4040ae77, &(0x7f0000000000)) r2 = inotify_init() r3 = inotify_init() r4 = dup3(r2, r3, 0x0) ioctl$sock_inet_udp_SIOCINQ(r4, 0x541b, &(0x7f0000000040)) ioctl$KVM_SET_REGS(r1, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4cb]}) ioctl$KVM_RUN(r1, 0xae80, 0x0) ioctl$KVM_RUN(r1, 0xae80, 0x0) [ 2687.468974] minix_free_inode: bit 1 already cleared 18:43:14 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x4) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000040)=0x3) [ 2687.575869] Bluetooth: Unknown HCI packet type 5e [ 2687.581086] Bluetooth: Unknown HCI packet type 00 [ 2687.586197] Bluetooth: Unknown HCI packet type 43 [ 2687.590398] audit: type=1800 audit(1590777794.439:1150): pid=30617 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="collect_data" cause="failed(directio)" comm="syz-executor.0" name="file0" dev="sda1" ino=16007 res=0 [ 2687.617917] Bluetooth: Unknown HCI packet type 5e [ 2687.624106] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 2687.641890] Bluetooth: Unknown HCI packet type 50 18:43:14 executing program 5: openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) mount$fuseblk(&(0x7f0000000080)='/dev/loop0\x00', 0x0, 0x0, 0x0, 0x0) r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000000b000/0x18000)=nil, &(0x7f00000008c0)=[@text32={0x20, &(0x7f00000000c0)="b805000000b9510000000f01c10f46a78900000066ba2100b067ee66ba4100edb9800000c00f3266ba400066ed0f30c4c271de9d0000000066b808008ed0660f38806f000f011c2666b8bf008ee0", 0x4e}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r0, 0xae60) r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_CREATE_PIT2(r0, 0x4040ae77, &(0x7f0000000000)) r2 = inotify_init() r3 = inotify_init() r4 = dup3(r2, r3, 0x0) ioctl$sock_inet_udp_SIOCINQ(r4, 0x541b, &(0x7f0000000040)) ioctl$KVM_SET_REGS(r1, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4cb]}) ioctl$KVM_RUN(r1, 0xae80, 0x0) ioctl$KVM_RUN(r1, 0xae80, 0x0) [ 2687.667232] Bluetooth: Unknown HCI packet type 5e [ 2687.694617] Bluetooth: Unknown HCI packet type 40 [ 2687.699738] audit: type=1804 audit(1590777794.459:1151): pid=30617 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="open_writers" comm="syz-executor.0" name="/root/syzkaller-testdir477172077/syzkaller.GVGvUQ/736/file0" dev="sda1" ino=16007 res=1 [ 2687.827548] minix_free_inode: bit 1 already cleared [ 2689.216658] Bluetooth: hci3 command 0x1003 tx timeout [ 2689.222004] Bluetooth: hci3 sending frame failed (-49) [ 2689.606625] Bluetooth: hci4 command 0x1003 tx timeout [ 2689.613046] Bluetooth: hci4 sending frame failed (-49) [ 2689.766705] Bluetooth: hci5 command 0x1003 tx timeout [ 2689.772048] Bluetooth: hci5 sending frame failed (-49) [ 2691.286600] Bluetooth: hci3 command 0x1001 tx timeout [ 2691.291956] Bluetooth: hci3 sending frame failed (-49) [ 2691.686582] Bluetooth: hci4 command 0x1001 tx timeout [ 2691.691924] Bluetooth: hci4 sending frame failed (-49) [ 2691.846631] Bluetooth: hci5 command 0x1001 tx timeout [ 2691.851980] Bluetooth: hci5 sending frame failed (-49) [ 2693.366489] Bluetooth: hci3 command 0x1009 tx timeout [ 2693.766368] Bluetooth: hci4 command 0x1009 tx timeout [ 2693.926424] Bluetooth: hci5 command 0x1009 tx timeout 18:43:24 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x4) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000040)=0x3) 18:43:24 executing program 5: openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) mount$fuseblk(&(0x7f0000000080)='/dev/loop0\x00', 0x0, 0x0, 0x0, 0x0) r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000000b000/0x18000)=nil, &(0x7f00000008c0)=[@text32={0x20, &(0x7f00000000c0)="b805000000b9510000000f01c10f46a78900000066ba2100b067ee66ba4100edb9800000c00f3266ba400066ed0f30c4c271de9d0000000066b808008ed0660f38806f000f011c2666b8bf008ee0", 0x4e}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r0, 0xae60) r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_CREATE_PIT2(r0, 0x4040ae77, &(0x7f0000000000)) r2 = inotify_init() r3 = inotify_init() r4 = dup3(r2, r3, 0x0) ioctl$sock_inet_udp_SIOCINQ(r4, 0x541b, &(0x7f0000000040)) ioctl$KVM_SET_REGS(r1, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4cb]}) ioctl$KVM_RUN(r1, 0xae80, 0x0) ioctl$KVM_RUN(r1, 0xae80, 0x0) 18:43:24 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xd) ioctl$KDADDIO(r0, 0x400455c8, 0x0) r1 = openat$full(0xffffffffffffff9c, &(0x7f0000000080)='/dev/full\x00', 0x3b1b02, 0x0) ioctl$TIOCVHANGUP(r1, 0x5437, 0x0) pipe(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000040)='/dev/cuse\x00', 0x2, 0x0) splice(r3, 0x0, r2, 0x0, 0x20000038, 0x0) 18:43:24 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) r1 = socket(0x200000000000011, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'sit0\x00', 0x0}) bind$packet(r1, &(0x7f0000000200)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @local}, 0x14) r3 = socket(0x200000000000011, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000080)={'sit0\x00', 0x0}) bind$packet(r3, &(0x7f0000000200)={0x11, 0x0, r4, 0x1, 0x0, 0x6, @local}, 0x14) sendmmsg(r3, &(0x7f0000000d00), 0x400004e, 0x0) sendmsg$IPSET_CMD_RENAME(r3, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x24, 0x5, 0x6, 0x301, 0x0, 0x0, {0x5, 0x0, 0x13}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x24}, 0x1, 0x0, 0x0, 0xc000}, 0x80) sendmmsg(r1, &(0x7f0000000d00), 0x400004e, 0x0) close(0xffffffffffffffff) r5 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r5, 0x84, 0x1d, &(0x7f0000000040)={0x1, [0x0]}, &(0x7f000095dffc)=0x8) getsockopt$inet_sctp6_SCTP_ASSOCINFO(0xffffffffffffffff, 0x84, 0x1, &(0x7f0000000180)={r6}, &(0x7f0000000200)=0x14) setsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r3, 0x84, 0x6, &(0x7f00000002c0)={r6, @in={{0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x13}}}}, 0x84) r7 = syz_genetlink_get_family_id$batadv(&(0x7f0000000080)='batadv\x00') sendmsg$BATADV_CMD_GET_BLA_CLAIM(r1, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x2c, r7, 0x200, 0x70bd2d, 0x25dfdbff, {}, [@BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5, 0x2e, 0x1}, @BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5}, @BATADV_ATTR_THROUGHPUT_OVERRIDE={0x8, 0x3b, 0x7}]}, 0x2c}, 0x1, 0x0, 0x0, 0x2000081}, 0x20000004) ioctl$KDADDIO(r0, 0x400455c8, 0x0) 18:43:24 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) mount$fuseblk(&(0x7f0000000080)='/dev/loop0\x00', 0x0, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000000b000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)) r3 = inotify_init() r4 = inotify_init() r5 = dup3(r3, r4, 0x0) ioctl$sock_inet_udp_SIOCINQ(r5, 0x541b, &(0x7f0000000040)) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4cb]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 18:43:24 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x4) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000040)=0x3) [ 2697.350523] Bluetooth: hci3: Frame reassembly failed (-84) 18:43:24 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = open(&(0x7f00000000c0)='./file0\x00', 0x40c2, 0x0) open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x200000000, 0x2, &(0x7f00000001c0)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r2 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x148) write$binfmt_elf64(r2, &(0x7f0000000ec0)=ANY=[], 0x471) r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000040)=0xf) ioctl$KVM_SET_CPUID2(r1, 0x4008ae90, &(0x7f0000000100)={0x1, 0x0, [{0x40000000, 0xfa48, 0x6, 0x0, 0x80000000, 0x4, 0xff}]}) ioctl$KDADDIO(r3, 0x400455c8, 0x1) ioctl$TIOCSETD(r3, 0x5412, &(0x7f0000000040)) ioctl$KDGETKEYCODE(r3, 0x4b4c, &(0x7f0000000000)={0x7, 0x2}) sendfile(r2, r2, &(0x7f0000000480), 0xa198) 18:43:24 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, 0x0) ioctl$KDADDIO(r0, 0x400455c8, 0x4) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000040)=0x3) 18:43:24 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x4) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000000)) time(&(0x7f0000000080)) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000040)) 18:43:24 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) mount$fuseblk(&(0x7f0000000080)='/dev/loop0\x00', 0x0, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000000b000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)) r3 = inotify_init() r4 = inotify_init() r5 = dup3(r3, r4, 0x0) ioctl$sock_inet_udp_SIOCINQ(r5, 0x541b, &(0x7f0000000040)) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4cb]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 2697.907101] minix_free_inode: bit 1 already cleared 18:43:24 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, 0x0) ioctl$KDADDIO(r0, 0x400455c8, 0x4) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000040)=0x3) [ 2697.927300] audit: type=1800 audit(1590777804.780:1152): pid=30682 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="collect_data" cause="failed(directio)" comm="syz-executor.2" name="file0" dev="sda1" ino=15988 res=0 [ 2697.980967] Bluetooth: Unknown HCI packet type 00 [ 2697.982592] Bluetooth: Unknown HCI packet type 5e [ 2698.001727] MINIX-fs: mounting unchecked file system, running fsck is recommended 18:43:24 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = open(&(0x7f00000000c0)='./file0\x00', 0x40c2, 0x0) open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x200000000, 0x2, &(0x7f00000001c0)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r2 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) write$binfmt_elf64(r2, &(0x7f0000000ec0)=ANY=[], 0x471) sendfile(r2, r2, &(0x7f0000000480), 0xa198) pipe(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000040)='/dev/cuse\x00', 0x2, 0x0) splice(r4, 0x0, r3, 0x0, 0x20000038, 0x0) ioctl$BINDER_THREAD_EXIT(r3, 0x40046208, 0x0) sendmsg$IPCTNL_MSG_TIMEOUT_NEW(r1, &(0x7f0000000280)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1101000}, 0xc, &(0x7f0000000100)={&(0x7f00000002c0)=ANY=[@ANYBLOB="84000000000801010000000000000000020000024c00048008000340000080000800024000000001080006400000000208000840000000070800044000000006080004400000000608000540ff0000c008000740000000040800044000000fff06000240000600000900010073797a3000000000050003002f0000000600024089170000"], 0x84}, 0x1, 0x0, 0x0, 0x840}, 0x4000) r5 = semget$private(0x0, 0x7, 0x0) semctl$SETALL(r5, 0x0, 0x11, &(0x7f0000000000)) semctl$IPC_RMID(r5, 0x0, 0x0) [ 2698.013317] audit: type=1804 audit(1590777804.780:1153): pid=30682 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="open_writers" comm="syz-executor.2" name="/root/syzkaller-testdir665895836/syzkaller.AwSzlS/570/file0" dev="sda1" ino=15988 res=1 [ 2698.024889] Bluetooth: Unknown HCI packet type 43 18:43:24 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) mount$fuseblk(&(0x7f0000000080)='/dev/loop0\x00', 0x0, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000000b000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)) r3 = inotify_init() r4 = inotify_init() r5 = dup3(r3, r4, 0x0) ioctl$sock_inet_udp_SIOCINQ(r5, 0x541b, &(0x7f0000000040)) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4cb]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 18:43:25 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, 0x0) ioctl$KDADDIO(r0, 0x400455c8, 0x4) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000040)=0x3) [ 2698.083311] audit: type=1800 audit(1590777804.930:1154): pid=30702 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="collect_data" cause="failed(directio)" comm="syz-executor.0" name="file0" dev="sda1" ino=15994 res=0 [ 2698.111884] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 2698.172197] Bluetooth: Unknown HCI packet type 5e [ 2698.216536] Bluetooth: Unknown HCI packet type 50 18:43:25 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)) ioctl$KDADDIO(r0, 0x400455c8, 0x4) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000040)=0x3) [ 2698.242423] audit: type=1804 audit(1590777804.930:1155): pid=30702 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="open_writers" comm="syz-executor.0" name="/root/syzkaller-testdir477172077/syzkaller.GVGvUQ/737/file0" dev="sda1" ino=15994 res=1 [ 2698.286193] Bluetooth: Unknown HCI packet type 5e [ 2698.291087] Bluetooth: Unknown HCI packet type 40 [ 2698.331910] audit: type=1804 audit(1590777805.130:1156): pid=30702 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="ToMToU" comm="syz-executor.0" name="/root/syzkaller-testdir477172077/syzkaller.GVGvUQ/737/file0" dev="loop0" ino=1 res=1 [ 2698.377039] minix_free_inode: bit 1 already cleared [ 2699.365882] Bluetooth: hci3 command 0x1003 tx timeout [ 2699.371238] Bluetooth: hci3 sending frame failed (-49) [ 2700.005832] Bluetooth: hci4 command 0x1003 tx timeout [ 2700.011180] Bluetooth: hci4 sending frame failed (-49) [ 2700.165918] Bluetooth: hci5 command 0x1003 tx timeout [ 2700.171261] Bluetooth: hci5 sending frame failed (-49) [ 2701.445850] Bluetooth: hci3 command 0x1001 tx timeout [ 2701.451308] Bluetooth: hci3 sending frame failed (-49) [ 2702.085793] Bluetooth: hci4 command 0x1001 tx timeout [ 2702.091191] Bluetooth: hci4 sending frame failed (-49) [ 2702.245808] Bluetooth: hci5 command 0x1001 tx timeout [ 2702.251140] Bluetooth: hci5 sending frame failed (-49) [ 2703.535618] Bluetooth: hci3 command 0x1009 tx timeout [ 2704.165604] Bluetooth: hci4 command 0x1009 tx timeout [ 2704.325583] Bluetooth: hci5 command 0x1009 tx timeout 18:43:34 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) open(&(0x7f00000000c0)='./file0\x00', 0x40c2, 0x0) open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x200000000, 0x2, &(0x7f00000001c0)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r1 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) write$binfmt_elf64(r1, &(0x7f0000000ec0)=ANY=[], 0x471) ioctl$SNDRV_TIMER_IOCTL_PAUSE(0xffffffffffffffff, 0x54a3) sendfile(r1, r1, &(0x7f0000000480), 0xa198) 18:43:34 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) mount$fuseblk(&(0x7f0000000080)='/dev/loop0\x00', 0x0, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000000b000/0x18000)=nil, &(0x7f00000008c0)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)) r3 = inotify_init() r4 = inotify_init() r5 = dup3(r3, r4, 0x0) ioctl$sock_inet_udp_SIOCINQ(r5, 0x541b, &(0x7f0000000040)) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4cb]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 18:43:34 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)) ioctl$KDADDIO(r0, 0x400455c8, 0x4) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000040)=0x3) [ 2707.562848] audit: type=1800 audit(1590777814.410:1157): pid=30739 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="collect_data" cause="failed(directio)" comm="syz-executor.0" name="file0" dev="sda1" ino=16022 res=0 [ 2707.591827] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 2707.616507] audit: type=1804 audit(1590777814.410:1158): pid=30739 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="open_writers" comm="syz-executor.0" name="/root/syzkaller-testdir477172077/syzkaller.GVGvUQ/738/file0" dev="sda1" ino=16022 res=1 [ 2707.749337] audit: type=1804 audit(1590777814.600:1159): pid=30739 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="ToMToU" comm="syz-executor.0" name="/root/syzkaller-testdir477172077/syzkaller.GVGvUQ/738/file0" dev="loop0" ino=1 res=1 [ 2707.816472] minix_free_inode: bit 1 already cleared 18:43:35 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = open(&(0x7f00000000c0)='./file0\x00', 0x40c2, 0x0) open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x200000000, 0x2, &(0x7f00000001c0)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r2 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x148) write$binfmt_elf64(r2, &(0x7f0000000ec0)=ANY=[], 0x471) r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000040)=0xf) ioctl$KVM_SET_CPUID2(r1, 0x4008ae90, &(0x7f0000000100)={0x1, 0x0, [{0x40000000, 0xfa48, 0x6, 0x0, 0x80000000, 0x4, 0xff}]}) ioctl$KDADDIO(r3, 0x400455c8, 0x1) ioctl$TIOCSETD(r3, 0x5412, &(0x7f0000000040)) ioctl$KDGETKEYCODE(r3, 0x4b4c, &(0x7f0000000000)={0x7, 0x2}) sendfile(r2, r2, &(0x7f0000000480), 0xa198) 18:43:35 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) r2 = openat$null(0xffffffffffffff9c, &(0x7f0000000340)='/dev/null\x00', 0x240, 0x0) r3 = syz_genetlink_get_family_id$nbd(&(0x7f00000003c0)='nbd\x00') sendmsg$NBD_CMD_CONNECT(r2, &(0x7f00000004c0)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000480)={&(0x7f0000000400)={0x50, r3, 0x1, 0x70bd28, 0x25dfdbfb, {}, [@NBD_ATTR_BLOCK_SIZE_BYTES={0xc, 0x3, 0x4}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0x8e1}, @NBD_ATTR_SIZE_BYTES={0xc}, @NBD_ATTR_BLOCK_SIZE_BYTES={0xc, 0x3, 0x3}, @NBD_ATTR_BLOCK_SIZE_BYTES={0xc, 0x3, 0x8000}]}, 0x50}, 0x1, 0x0, 0x0, 0x91}, 0x4000040) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r1, 0x400455c8, 0x1) ioctl$TIOCSETD(r1, 0x5412, &(0x7f0000000040)) r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r4, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r4, 0x400455c8, 0x1) ioctl$TIOCSETD(r4, 0x5412, &(0x7f0000000040)) ioctl$KDADDIO(0xffffffffffffffff, 0x400455c8, 0xad9) r5 = socket(0x200000000000011, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000080)={'sit0\x00', 0x0}) bind$packet(r5, &(0x7f0000000200)={0x11, 0x0, r6, 0x1, 0x0, 0x6, @local}, 0x14) sendmmsg(r5, &(0x7f0000000d00), 0x400004e, 0x0) ioctl$PPPOEIOCDFWD(r5, 0xb101, 0x0) 18:43:35 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)) ioctl$KDADDIO(r0, 0x400455c8, 0x4) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000040)=0x3) 18:43:35 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) mount$fuseblk(&(0x7f0000000080)='/dev/loop0\x00', 0x0, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000000b000/0x18000)=nil, &(0x7f00000008c0)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)) r3 = inotify_init() r4 = inotify_init() r5 = dup3(r3, r4, 0x0) ioctl$sock_inet_udp_SIOCINQ(r5, 0x541b, &(0x7f0000000040)) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4cb]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 18:43:35 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) r1 = socket(0x200000000000011, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'sit0\x00', 0x0}) bind$packet(r1, &(0x7f0000000200)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @local}, 0x14) sendmmsg(r1, &(0x7f0000000d00), 0x400004e, 0x0) ioctl$sock_x25_SIOCADDRT(r1, 0x890b, &(0x7f0000000080)={@remote={[], 0x3}, 0x0, 'wg1\x00'}) ioctl$KDADDIO(r0, 0x400455c8, 0x4) r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r3, 0x400455c8, 0x1) ioctl$TIOCSETD(r3, 0x5412, &(0x7f0000000040)) ioctl$TIOCSETD(r3, 0x5412, &(0x7f0000000040)=0xd) creat(&(0x7f0000000000)='./file0\x00', 0x0) 18:43:35 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) open(&(0x7f00000000c0)='./file0\x00', 0x40c2, 0x0) r1 = socket(0x200000000000011, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'sit0\x00', 0x0}) bind$packet(r1, &(0x7f0000000200)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @local}, 0x14) sendmmsg(r1, &(0x7f0000000d00), 0x400004e, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200)='nl80211\x00') sendmsg$NL80211_CMD_GET_SCAN(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)={0x1c, r4, 0xab9535e9a6578fc1, 0x0, 0x0, {0x5}, [@NL80211_ATTR_IFINDEX={0x8}]}, 0x1c}}, 0x0) sendmsg$NL80211_CMD_GET_STATION(r1, &(0x7f0000000200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)=ANY=[@ANYBLOB="16200000", @ANYRES16=r4, @ANYBLOB="02002cbd7000dddbdf2511000000060012010101000006001401ffff00000600bd0009000000"], 0x2c}, 0x1, 0x0, 0x0, 0xd0}, 0x40) open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x200000000, 0x2, &(0x7f00000001c0)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r5 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) bind(0xffffffffffffffff, &(0x7f0000000080)=@generic={0x11, "000001000000004f080044d44eeba71a4976e252922cb18f6e2e2dba000000012e0b3832005404b0e8301a4ce875f2e3ff5fb39c030000000000000000000000080101013c58110308d9123127ecce66080000000e5bf5ff1b0816f3f6db1c00010000000000326d3a09ffc2c654000000000400"}, 0x80) getsockname$packet(0xffffffffffffffff, &(0x7f0000000140)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f00000001c0)=0x14) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8914, &(0x7f0000000000)={'ipvlan0\x00', r6}) bind$packet(0xffffffffffffffff, &(0x7f0000000380)={0x11, 0x8, r6, 0x1, 0x6, 0x6, @random="eed04d5f7464"}, 0x14) write$binfmt_elf64(r5, &(0x7f0000000ec0)=ANY=[], 0x471) sendfile(r5, r5, &(0x7f0000000480), 0xa198) [ 2708.792377] minix_free_inode: bit 1 already cleared [ 2708.801240] audit: type=1800 audit(1590777815.651:1160): pid=30774 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="collect_data" cause="failed(directio)" comm="syz-executor.0" name="file0" dev="sda1" ino=16043 res=0 18:43:35 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(0xffffffffffffffff, 0x400455c8, 0x4) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000040)=0x3) [ 2708.850463] Bluetooth: hci3: Frame reassembly failed (-84) [ 2708.866732] Bluetooth: Unknown HCI packet type 5e [ 2708.871633] Bluetooth: Unknown HCI packet type 43 [ 2708.917801] Bluetooth: Unknown HCI packet type 5e 18:43:35 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) mount$fuseblk(&(0x7f0000000080)='/dev/loop0\x00', 0x0, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000000b000/0x18000)=nil, &(0x7f00000008c0)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)) r3 = inotify_init() r4 = inotify_init() r5 = dup3(r3, r4, 0x0) ioctl$sock_inet_udp_SIOCINQ(r5, 0x541b, &(0x7f0000000040)) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4cb]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 2708.942672] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 2708.948683] Bluetooth: Unknown HCI packet type 50 [ 2708.960045] Bluetooth: Unknown HCI packet type 5e [ 2708.964327] audit: type=1804 audit(1590777815.751:1161): pid=30788 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="open_writers" comm="syz-executor.0" name="/root/syzkaller-testdir477172077/syzkaller.GVGvUQ/739/file0" dev="sda1" ino=16043 res=1 18:43:35 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(0xffffffffffffffff, 0x400455c8, 0x4) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000040)=0x3) [ 2708.973627] Bluetooth: Unknown HCI packet type 40 18:43:36 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(0xffffffffffffffff, 0x400455c8, 0x4) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000040)=0x3) [ 2709.124366] audit: type=1804 audit(1590777815.881:1162): pid=30801 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="ToMToU" comm="syz-executor.0" name="/root/syzkaller-testdir477172077/syzkaller.GVGvUQ/739/file0" dev="sda1" ino=16043 res=1 [ 2709.152162] MINIX-fs: mounting unchecked file system, running fsck is recommended 18:43:36 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) mount$fuseblk(&(0x7f0000000080)='/dev/loop0\x00', 0x0, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000000b000/0x18000)=nil, &(0x7f00000008c0)=[@text32={0x20, &(0x7f00000000c0)="b805000000b9510000000f01c10f46a78900000066ba2100b067ee66ba4100edb9800000c00f3266ba400066ed0f30c4c271de9d0000000066b808008ed0660f38806f000f011c2666b8bf008ee0", 0x4e}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)) r3 = inotify_init() r4 = inotify_init() r5 = dup3(r3, r4, 0x0) ioctl$sock_inet_udp_SIOCINQ(r5, 0x541b, &(0x7f0000000040)) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4cb]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 2709.175525] Bluetooth: Short BCSP packet [ 2709.186793] Bluetooth: Short BCSP packet [ 2709.192036] Bluetooth: Error in BCSP hdr checksum 18:43:36 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) mount$fuseblk(&(0x7f0000000080)='/dev/loop0\x00', 0x0, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000000b000/0x18000)=nil, &(0x7f00000008c0)=[@text32={0x20, &(0x7f00000000c0)="b805000000b9510000000f01c10f46a78900000066ba2100b067ee66ba4100edb9800000c00f3266ba400066ed0f30c4c271de9d0000000066b808008ed0660f38806f000f011c2666b8bf008ee0", 0x4e}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)) r3 = inotify_init() r4 = inotify_init() r5 = dup3(r3, r4, 0x0) ioctl$sock_inet_udp_SIOCINQ(r5, 0x541b, &(0x7f0000000040)) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4cb]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 2709.244093] audit: type=1800 audit(1590777815.931:1163): pid=30808 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="collect_data" cause="failed(directio)" comm="syz-executor.2" name="file0" dev="sda1" ino=16046 res=0 [ 2709.327053] audit: type=1804 audit(1590777815.941:1164): pid=30808 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="open_writers" comm="syz-executor.2" name="/root/syzkaller-testdir665895836/syzkaller.AwSzlS/571/file0" dev="sda1" ino=16046 res=1 [ 2709.383482] audit: type=1804 audit(1590777816.211:1165): pid=30774 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="ToMToU" comm="syz-executor.0" name="/root/syzkaller-testdir477172077/syzkaller.GVGvUQ/739/file0" dev="loop0" ino=1 res=1 [ 2709.435393] Bluetooth: Error in BCSP hdr checksum [ 2709.447051] Bluetooth: Error in BCSP hdr checksum [ 2709.448429] Bluetooth: Error in BCSP hdr checksum [ 2709.615617] minix_free_inode: bit 1 already cleared [ 2709.696360] Bluetooth: Error in BCSP hdr checksum [ 2709.706049] Bluetooth: Error in BCSP hdr checksum [ 2709.706984] Bluetooth: Error in BCSP hdr checksum [ 2709.955406] Bluetooth: Error in BCSP hdr checksum [ 2709.965500] Bluetooth: Error in BCSP hdr checksum [ 2709.965818] Bluetooth: Error in BCSP hdr checksum [ 2710.225359] Bluetooth: Error in BCSP hdr checksum [ 2710.225373] Bluetooth: Error in BCSP hdr checksum [ 2710.230656] Bluetooth: Error in BCSP hdr checksum [ 2710.485453] Bluetooth: Error in BCSP hdr checksum [ 2710.486021] Bluetooth: Error in BCSP hdr checksum [ 2710.490532] Bluetooth: Error in BCSP hdr checksum [ 2710.745362] Bluetooth: Error in BCSP hdr checksum [ 2710.745883] Bluetooth: Error in BCSP hdr checksum [ 2710.750344] Bluetooth: Error in BCSP hdr checksum [ 2710.885205] Bluetooth: hci4 command 0x1003 tx timeout [ 2710.890633] Bluetooth: hci3 command 0x1003 tx timeout [ 2710.890658] Bluetooth: hci4 sending frame failed (-49) [ 2710.902090] Bluetooth: hci3 sending frame failed (-49) [ 2710.965014] Bluetooth: hci6 command 0x1003 tx timeout [ 2710.965018] Bluetooth: hci7 command 0x1003 tx timeout [ 2710.965052] Bluetooth: hci5 command 0x1003 tx timeout [ 2710.970821] Bluetooth: Error in BCSP hdr checksum [ 2710.975591] Bluetooth: Error in BCSP hdr checksum [ 2710.982563] Bluetooth: Error in BCSP hdr checksum [ 2711.225451] Bluetooth: Error in BCSP hdr checksum [ 2711.226130] Bluetooth: Error in BCSP hdr checksum [ 2711.236235] Bluetooth: Error in BCSP hdr checksum [ 2711.286602] Bluetooth: hci8 command 0x1003 tx timeout [ 2711.291964] Bluetooth: hci8 sending frame failed (-49) [ 2711.485370] Bluetooth: Error in BCSP hdr checksum [ 2711.485372] Bluetooth: Error in BCSP hdr checksum [ 2711.495577] Bluetooth: Error in BCSP hdr checksum [ 2711.755306] Bluetooth: Error in BCSP hdr checksum [ 2711.755354] Bluetooth: Error in BCSP hdr checksum [ 2711.760301] Bluetooth: Error in BCSP hdr checksum [ 2712.015268] Bluetooth: Error in BCSP hdr checksum [ 2712.015289] Bluetooth: Error in BCSP hdr checksum [ 2712.025225] Bluetooth: Error in BCSP hdr checksum [ 2712.275287] Bluetooth: Error in BCSP hdr checksum [ 2712.275289] Bluetooth: Error in BCSP hdr checksum [ 2712.275522] Bluetooth: Error in BCSP hdr checksum [ 2712.280389] Bluetooth: Error in BCSP hdr checksum [ 2712.535335] Bluetooth: Error in BCSP hdr checksum [ 2712.545656] Bluetooth: Error in BCSP hdr checksum [ 2712.545828] Bluetooth: Error in BCSP hdr checksum [ 2712.795154] Bluetooth: Error in BCSP hdr checksum [ 2712.800154] Bluetooth: Error in BCSP hdr checksum [ 2712.815413] Bluetooth: Error in BCSP hdr checksum [ 2712.815415] Bluetooth: Error in BCSP hdr checksum [ 2712.965017] Bluetooth: hci3 command 0x1001 tx timeout [ 2712.970276] Bluetooth: hci4 command 0x1001 tx timeout [ 2712.970357] Bluetooth: hci3 sending frame failed (-49) [ 2712.977613] Bluetooth: hci4 sending frame failed (-49) [ 2713.044880] Bluetooth: hci5 command 0x1001 tx timeout [ 2713.044915] Bluetooth: hci6 command 0x1001 tx timeout [ 2713.050591] Bluetooth: Error in BCSP hdr checksum [ 2713.060763] Bluetooth: hci7 command 0x1001 tx timeout [ 2713.065429] Bluetooth: Error in BCSP hdr checksum [ 2713.071019] Bluetooth: Error in BCSP hdr checksum [ 2713.305196] Bluetooth: Error in BCSP hdr checksum [ 2713.310307] Bluetooth: Error in BCSP hdr checksum [ 2713.315662] Bluetooth: Error in BCSP hdr checksum [ 2713.320555] Bluetooth: Error in BCSP hdr checksum [ 2713.325822] Bluetooth: Error in BCSP hdr checksum [ 2713.330709] Bluetooth: Error in BCSP hdr checksum [ 2713.364941] Bluetooth: hci8 command 0x1001 tx timeout [ 2713.370355] Bluetooth: hci8 sending frame failed (-49) [ 2713.565299] Bluetooth: Error in BCSP hdr checksum [ 2713.570217] Bluetooth: Error in BCSP hdr checksum [ 2713.575116] Bluetooth: Error in BCSP hdr checksum [ 2713.575159] Bluetooth: Error in BCSP hdr checksum [ 2713.585414] Bluetooth: Error in BCSP hdr checksum [ 2713.590294] Bluetooth: Error in BCSP hdr checksum [ 2713.835541] Bluetooth: Error in BCSP hdr checksum [ 2713.835603] Bluetooth: Error in BCSP hdr checksum [ 2713.845949] Bluetooth: Error in BCSP hdr checksum [ 2713.850939] Bluetooth: Error in BCSP hdr checksum [ 2713.856349] Bluetooth: Error in BCSP hdr checksum [ 2713.861362] Bluetooth: Error in BCSP hdr checksum [ 2714.095296] Bluetooth: Error in BCSP hdr checksum [ 2714.095298] Bluetooth: Error in BCSP hdr checksum [ 2714.095334] Bluetooth: Error in BCSP hdr checksum [ 2714.100252] Bluetooth: Error in BCSP hdr checksum [ 2714.115214] Bluetooth: Error in BCSP hdr checksum [ 2714.120098] Bluetooth: Error in BCSP hdr checksum [ 2714.355818] Bluetooth: Error in BCSP hdr checksum [ 2714.360870] Bluetooth: Error in BCSP hdr checksum [ 2714.360917] Bluetooth: Error in BCSP hdr checksum [ 2714.371658] Bluetooth: Error in BCSP hdr checksum [ 2714.375403] Bluetooth: Error in BCSP hdr checksum [ 2714.381416] Bluetooth: Error in BCSP hdr checksum [ 2714.615290] Bluetooth: Error in BCSP hdr checksum [ 2714.620346] Bluetooth: Error in BCSP hdr checksum [ 2714.626526] Bluetooth: Error in BCSP hdr checksum [ 2714.626989] Bluetooth: Error in BCSP hdr checksum [ 2714.636876] Bluetooth: Error in BCSP hdr checksum [ 2714.641945] Bluetooth: Error in BCSP hdr checksum [ 2714.875044] Bluetooth: Error in BCSP hdr checksum [ 2714.875398] Bluetooth: Error in BCSP hdr checksum [ 2714.880138] Bluetooth: Error in BCSP hdr checksum [ 2714.891830] Bluetooth: Error in BCSP hdr checksum [ 2714.897132] Bluetooth: Error in BCSP hdr checksum [ 2714.902062] Bluetooth: Error in BCSP hdr checksum [ 2715.044904] Bluetooth: hci3 command 0x1009 tx timeout [ 2715.044908] Bluetooth: hci4 command 0x1009 tx timeout [ 2715.124766] Bluetooth: hci7 command 0x1009 tx timeout [ 2715.130130] Bluetooth: hci6 command 0x1009 tx timeout [ 2715.136282] Bluetooth: hci5 command 0x1009 tx timeout [ 2715.141934] Bluetooth: Error in BCSP hdr checksum [ 2715.146024] Bluetooth: Error in BCSP hdr checksum [ 2715.151581] Bluetooth: Error in BCSP hdr checksum [ 2715.151808] Bluetooth: Error in BCSP hdr checksum [ 2715.161781] Bluetooth: Error in BCSP hdr checksum [ 2715.166960] Bluetooth: Error in BCSP hdr checksum [ 2715.394974] Bluetooth: Error in BCSP hdr checksum [ 2715.395147] Bluetooth: Error in BCSP hdr checksum [ 2715.400010] Bluetooth: Error in BCSP hdr checksum [ 2715.404943] Bluetooth: Error in BCSP hdr checksum [ 2715.415465] Bluetooth: Error in BCSP hdr checksum [ 2715.420525] Bluetooth: Error in BCSP hdr checksum [ 2715.444761] Bluetooth: hci8 command 0x1009 tx timeout [ 2715.655700] Bluetooth: Error in BCSP hdr checksum [ 2715.655941] Bluetooth: Error in BCSP hdr checksum [ 2715.660798] Bluetooth: Error in BCSP hdr checksum [ 2715.672368] Bluetooth: Error in BCSP hdr checksum [ 2715.677675] Bluetooth: Error in BCSP hdr checksum [ 2715.682574] Bluetooth: Error in BCSP hdr checksum [ 2715.915310] Bluetooth: Error in BCSP hdr checksum [ 2715.915468] Bluetooth: Error in BCSP hdr checksum [ 2715.920270] Bluetooth: Error in BCSP hdr checksum [ 2715.926669] Bluetooth: Error in BCSP hdr checksum [ 2715.945124] Bluetooth: Error in BCSP hdr checksum [ 2715.950141] Bluetooth: Error in BCSP hdr checksum [ 2716.175799] Bluetooth: Error in BCSP hdr checksum [ 2716.175847] Bluetooth: Error in BCSP hdr checksum [ 2716.185281] Bluetooth: Error in BCSP hdr checksum [ 2716.187146] Bluetooth: Error in BCSP hdr checksum [ 2716.214949] Bluetooth: Error in BCSP hdr checksum [ 2716.220006] Bluetooth: Error in BCSP hdr checksum [ 2716.435368] Bluetooth: Error in BCSP hdr checksum [ 2716.435486] Bluetooth: Error in BCSP hdr checksum [ 2716.440305] Bluetooth: Error in BCSP hdr checksum [ 2716.446684] Bluetooth: Error in BCSP hdr checksum [ 2716.485077] Bluetooth: Error in BCSP hdr checksum [ 2716.490048] Bluetooth: Error in BCSP hdr checksum [ 2716.695619] Bluetooth: Error in BCSP hdr checksum [ 2716.695862] Bluetooth: Error in BCSP hdr checksum [ 2716.706676] Bluetooth: Error in BCSP hdr checksum [ 2716.709644] Bluetooth: Error in BCSP hdr checksum [ 2716.745043] Bluetooth: Error in BCSP hdr checksum [ 2716.750029] Bluetooth: Error in BCSP hdr checksum [ 2716.955161] Bluetooth: Error in BCSP hdr checksum [ 2716.955313] Bluetooth: Error in BCSP hdr checksum [ 2716.960088] Bluetooth: Error in BCSP hdr checksum [ 2716.966383] Bluetooth: Error in BCSP hdr checksum [ 2717.005038] Bluetooth: Error in BCSP hdr checksum [ 2717.009975] Bluetooth: Error in BCSP hdr checksum [ 2717.215554] Bluetooth: Error in BCSP hdr checksum [ 2717.215981] Bluetooth: Error in BCSP hdr checksum [ 2717.226666] Bluetooth: Error in BCSP hdr checksum [ 2717.229851] Bluetooth: Error in BCSP hdr checksum [ 2717.274853] Bluetooth: Error in BCSP hdr checksum [ 2717.279782] Bluetooth: Error in BCSP hdr checksum [ 2717.474868] Bluetooth: Error in BCSP hdr checksum [ 2717.474977] Bluetooth: Error in BCSP hdr checksum [ 2717.479818] Bluetooth: Error in BCSP hdr checksum [ 2717.486422] Bluetooth: Error in BCSP hdr checksum [ 2717.534950] Bluetooth: Error in BCSP hdr checksum [ 2717.540003] Bluetooth: Error in BCSP hdr checksum [ 2717.734871] Bluetooth: Error in BCSP hdr checksum [ 2717.734993] Bluetooth: Error in BCSP hdr checksum [ 2717.739840] Bluetooth: Error in BCSP hdr checksum [ 2717.750100] Bluetooth: Error in BCSP hdr checksum [ 2717.794846] Bluetooth: Error in BCSP hdr checksum [ 2717.799822] Bluetooth: Error in BCSP hdr checksum [ 2717.995108] Bluetooth: Error in BCSP hdr checksum [ 2717.995339] Bluetooth: Error in BCSP hdr checksum [ 2718.000059] Bluetooth: Error in BCSP hdr checksum [ 2718.005268] Bluetooth: Error in BCSP hdr checksum [ 2718.054807] Bluetooth: Error in BCSP hdr checksum [ 2718.059803] Bluetooth: Error in BCSP hdr checksum [ 2718.254819] Bluetooth: Error in BCSP hdr checksum [ 2718.254976] Bluetooth: Error in BCSP hdr checksum [ 2718.259811] Bluetooth: Error in BCSP hdr checksum [ 2718.266117] Bluetooth: Error in BCSP hdr checksum [ 2718.314950] Bluetooth: Error in BCSP hdr checksum [ 2718.319963] Bluetooth: Error in BCSP hdr checksum [ 2718.514828] Bluetooth: Error in BCSP hdr checksum [ 2718.514830] Bluetooth: Error in BCSP hdr checksum [ 2718.514867] Bluetooth: Error in BCSP hdr checksum [ 2718.519773] Bluetooth: Error in BCSP hdr checksum [ 2718.574702] Bluetooth: Error in BCSP hdr checksum [ 2718.579917] Bluetooth: Error in BCSP hdr checksum [ 2718.585130] Bluetooth: Error in BCSP hdr checksum [ 2718.775137] Bluetooth: Error in BCSP hdr checksum [ 2718.779892] Bluetooth: Error in BCSP hdr checksum [ 2718.780057] Bluetooth: Error in BCSP hdr checksum [ 2718.786154] Bluetooth: Error in BCSP hdr checksum [ 2718.834834] Bluetooth: Error in BCSP hdr checksum [ 2718.839927] Bluetooth: Error in BCSP hdr checksum [ 2719.036802] Bluetooth: Error in BCSP hdr checksum [ 2719.041979] Bluetooth: Error in BCSP hdr checksum 18:43:46 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = open(&(0x7f00000000c0)='./file0\x00', 0x40c2, 0x0) open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x200000000, 0x2, &(0x7f00000001c0)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r2 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x148) write$binfmt_elf64(r2, &(0x7f0000000ec0)=ANY=[], 0x471) r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000040)=0xf) ioctl$KVM_SET_CPUID2(r1, 0x4008ae90, &(0x7f0000000100)={0x1, 0x0, [{0x40000000, 0xfa48, 0x6, 0x0, 0x80000000, 0x4, 0xff}]}) ioctl$KDADDIO(r3, 0x400455c8, 0x1) ioctl$TIOCSETD(r3, 0x5412, &(0x7f0000000040)) ioctl$KDGETKEYCODE(r3, 0x4b4c, &(0x7f0000000000)={0x7, 0x2}) sendfile(r2, r2, &(0x7f0000000480), 0xa198) 18:43:46 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000040)=0x3) 18:43:46 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) mount$fuseblk(&(0x7f0000000080)='/dev/loop0\x00', 0x0, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000000b000/0x18000)=nil, &(0x7f00000008c0)=[@text32={0x20, &(0x7f00000000c0)="b805000000b9510000000f01c10f46a78900000066ba2100b067ee66ba4100edb9800000c00f3266ba400066ed0f30c4c271de9d0000000066b808008ed0660f38806f000f011c2666b8bf008ee0", 0x4e}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)) r3 = inotify_init() r4 = inotify_init() r5 = dup3(r3, r4, 0x0) ioctl$sock_inet_udp_SIOCINQ(r5, 0x541b, &(0x7f0000000040)) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4cb]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 18:43:46 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = openat$null(0xffffffffffffff9c, &(0x7f0000000100)='/dev/null\x00', 0x40000, 0x0) pipe(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000040)='/dev/cuse\x00', 0x2, 0x0) splice(r3, 0x0, r2, 0x0, 0x20000038, 0x0) execveat(r2, &(0x7f0000000240)='./file0\x00', &(0x7f0000000400)=[&(0x7f00000002c0)='/dev/null\x00', &(0x7f0000000300)='minix\x00', &(0x7f0000000340)='minix\x00', &(0x7f0000000380)='+\x00', &(0x7f00000003c0)='minix\x00'], &(0x7f0000000980)=[&(0x7f0000000440)='/dev/null\x00', &(0x7f00000004c0)='minix\x00', &(0x7f0000000500)='posix_acl_accessGPL]vmnet0bdevvmnet1@}ppp1%+{}!\x00', &(0x7f0000000540)='cgroup+\x00', &(0x7f0000000580)='eth0securitykeyring\x00', &(0x7f00000005c0)='/dev/null\x00', &(0x7f0000000600)='eth0eth0/%)\xfcposix_acl_access\x00'], 0x400) r4 = creat(&(0x7f0000000280)='./file0\x00', 0x48) close(r4) r5 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r5, 0x84, 0x1d, &(0x7f0000000040)={0x1, [0x0]}, &(0x7f000095dffc)=0x8) getsockopt$inet_sctp6_SCTP_ASSOCINFO(r4, 0x84, 0x1, &(0x7f0000000180)={r6}, &(0x7f0000000200)=0x14) setsockopt$inet_sctp_SCTP_RESET_ASSOC(r1, 0x84, 0x78, &(0x7f0000000180)=r6, 0x4) r7 = open(&(0x7f00000000c0)='./file0\x00', 0x40c2, 0x0) open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x200000000, 0xaaaaaaaaaaaac17, &(0x7f00000001c0)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) fchmodat(r7, &(0x7f0000000000)='./file0\x00', 0x194) r8 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) write$binfmt_elf64(r8, &(0x7f0000000ec0)=ANY=[], 0x471) sendfile(r8, r8, &(0x7f0000000480), 0xa198) 18:43:46 executing program 3: syz_open_dev$midi(&(0x7f0000000000)='/dev/midi#\x00', 0x3, 0x840) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) syz_open_dev$amidi(&(0x7f0000000080)='/dev/amidi#\x00', 0x3, 0x200000) ioctl$KDADDIO(r0, 0x400455c8, 0x4) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000040)) 18:43:46 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x44600, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r1, 0x400455c8, 0x1) ioctl$TIOCSETD(r1, 0x5412, &(0x7f0000000040)) ioctl$KDADDIO(r1, 0x400455c8, 0x0) r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r2, 0x400455c8, 0x1) ioctl$TIOCSETD(r2, 0x5412, &(0x7f0000000080)=0xfffffffe) syz_open_dev$ttys(0xc, 0x2, 0x1) syz_open_pts(r2, 0x100) ioctl$ASHMEM_SET_PROT_MASK(0xffffffffffffffff, 0x40087705, &(0x7f0000000000)={0x3, 0x6}) [ 2719.656566] minix_free_inode: bit 1 already cleared [ 2719.675023] Bluetooth: hci3: Frame reassembly failed (-84) [ 2719.686388] Bluetooth: Unknown HCI packet type 00 [ 2719.687309] Bluetooth: Unknown HCI packet type 5e [ 2719.767024] Bluetooth: Unknown HCI packet type 43 [ 2719.796360] audit: type=1800 audit(1590777826.651:1166): pid=30894 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="collect_data" cause="failed(directio)" comm="syz-executor.2" name="file0" dev="sda1" ino=16060 res=0 [ 2719.803123] Bluetooth: Unknown HCI packet type 5e 18:43:46 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) mount$fuseblk(&(0x7f0000000080)='/dev/loop0\x00', 0x0, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000000b000/0x18000)=nil, &(0x7f00000008c0)=[@text32={0x20, &(0x7f00000000c0)="b805000000b9510000000f01c10f46a78900000066ba2100b067ee66ba4100edb9800000c00f3266ba400066ed0f30c4c271de9d0000000066b808008ed0660f38806f000f011c2666b8bf008ee0", 0x4e}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)) r3 = inotify_init() r4 = inotify_init() r5 = dup3(r3, r4, 0x0) ioctl$sock_inet_udp_SIOCINQ(r5, 0x541b, &(0x7f0000000040)) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4cb]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 2719.837754] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 2719.918127] audit: type=1804 audit(1590777826.671:1167): pid=30898 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="ToMToU" comm="syz-executor.0" name="/root/syzkaller-testdir477172077/syzkaller.GVGvUQ/740/file0" dev="sda1" ino=16057 res=1 [ 2719.936175] Bluetooth: Unknown HCI packet type 50 [ 2720.031210] Bluetooth: Unknown HCI packet type 5e [ 2720.036904] Bluetooth: Error in BCSP hdr checksum [ 2720.055356] audit: type=1804 audit(1590777826.671:1168): pid=30894 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="open_writers" comm="syz-executor.2" name="/root/syzkaller-testdir665895836/syzkaller.AwSzlS/572/file0" dev="sda1" ino=16060 res=1 [ 2720.068650] Bluetooth: Unknown HCI packet type 40 18:43:46 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) mount$fuseblk(&(0x7f0000000080)='/dev/loop0\x00', 0x0, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000000b000/0x18000)=nil, &(0x7f00000008c0)=[@text32={0x20, &(0x7f00000000c0)="b805000000b9510000000f01c10f46a78900000066ba2100b067ee66ba4100edb9800000c00f3266ba400066ed0f30c4c271de9d0000000066b808008ed0660f38806f000f011c2666b8bf008ee0", 0x4e}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)) r3 = inotify_init() r4 = inotify_init() r5 = dup3(r3, r4, 0x0) ioctl$sock_inet_udp_SIOCINQ(r5, 0x541b, &(0x7f0000000040)) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4cb]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 18:43:47 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) mount$fuseblk(&(0x7f0000000080)='/dev/loop0\x00', 0x0, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000000b000/0x18000)=nil, &(0x7f00000008c0)=[@text32={0x20, &(0x7f00000000c0)="b805000000b9510000000f01c10f46a78900000066ba2100b067ee66ba4100edb9800000c00f3266ba400066ed0f30c4c271de9d0000000066b808008ed0660f38806f000f011c2666b8bf008ee0", 0x4e}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)) r3 = inotify_init() r4 = inotify_init() r5 = dup3(r3, r4, 0x0) ioctl$sock_inet_udp_SIOCINQ(r5, 0x541b, &(0x7f0000000040)) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4cb]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 18:43:47 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) mount$fuseblk(&(0x7f0000000080)='/dev/loop0\x00', 0x0, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000000b000/0x18000)=nil, &(0x7f00000008c0)=[@text32={0x20, &(0x7f00000000c0)="b805000000b9510000000f01c10f46a78900000066ba2100b067ee66ba4100edb9800000c00f3266ba400066ed0f30c4c271de9d0000000066b808008ed0660f38806f000f011c2666b8bf008ee0", 0x4e}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)) r3 = inotify_init() r4 = inotify_init() r5 = dup3(r3, r4, 0x0) ioctl$sock_inet_udp_SIOCINQ(r5, 0x541b, &(0x7f0000000040)) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4cb]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 2720.295185] Bluetooth: Error in BCSP hdr checksum 18:43:47 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) mount$fuseblk(&(0x7f0000000080)='/dev/loop0\x00', 0x0, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000000b000/0x18000)=nil, &(0x7f00000008c0)=[@text32={0x20, &(0x7f00000000c0)="b805000000b9510000000f01c10f46a78900000066ba2100b067ee66ba4100edb9800000c00f3266ba400066ed0f30c4c271de9d0000000066b808008ed0660f38806f000f011c2666b8bf008ee0", 0x4e}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)) r3 = inotify_init() r4 = inotify_init() r5 = dup3(r3, r4, 0x0) ioctl$sock_inet_udp_SIOCINQ(r5, 0x541b, &(0x7f0000000040)) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4cb]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 2720.551919] audit: type=1804 audit(1590777827.401:1169): pid=30943 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="ToMToU" comm="syz-executor.0" name="/root/syzkaller-testdir477172077/syzkaller.GVGvUQ/740/file0" dev="sda1" ino=16057 res=1 [ 2720.589804] Bluetooth: Error in BCSP hdr checksum 18:43:47 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) mount$fuseblk(&(0x7f0000000080)='/dev/loop0\x00', 0x0, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000000b000/0x18000)=nil, &(0x7f00000008c0)=[@text32={0x20, &(0x7f00000000c0)="b805000000b9510000000f01c10f46a78900000066ba2100b067ee66ba4100edb9800000c00f3266ba400066ed0f30c4c271de9d0000000066b808008ed0660f38806f000f011c2666b8bf008ee0", 0x4e}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)) r3 = inotify_init() r4 = inotify_init() r5 = dup3(r3, r4, 0x0) ioctl$sock_inet_udp_SIOCINQ(r5, 0x541b, &(0x7f0000000040)) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4cb]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 2720.844458] Bluetooth: Error in BCSP hdr checksum [ 2721.104612] Bluetooth: Error in BCSP hdr checksum [ 2721.376109] Bluetooth: Error in BCSP hdr checksum [ 2721.634397] Bluetooth: Error in BCSP hdr checksum [ 2721.684260] Bluetooth: hci3 command 0x1003 tx timeout [ 2721.689717] Bluetooth: hci3 sending frame failed (-49) [ 2721.764210] Bluetooth: hci4 command 0x1003 tx timeout [ 2721.769703] Bluetooth: hci4 sending frame failed (-49) [ 2721.775427] Bluetooth: hci5 command 0x1003 tx timeout [ 2721.780734] Bluetooth: hci5 sending frame failed (-49) [ 2721.844267] Bluetooth: hci6 command 0x1003 tx timeout [ 2721.849963] Bluetooth: Error in BCSP hdr checksum [ 2722.004291] Bluetooth: hci7 command 0x1003 tx timeout [ 2722.009692] Bluetooth: hci7 sending frame failed (-49) [ 2722.104457] Bluetooth: Error in BCSP hdr checksum [ 2722.364647] Bluetooth: Error in BCSP hdr checksum [ 2722.624412] Bluetooth: Error in BCSP hdr checksum [ 2722.884890] Bluetooth: Error in BCSP hdr checksum [ 2723.144272] Bluetooth: Error in BCSP hdr checksum [ 2723.149365] Bluetooth: Error in BCSP hdr checksum [ 2723.404405] Bluetooth: Error in BCSP hdr checksum [ 2723.664451] Bluetooth: Error in BCSP hdr checksum [ 2723.764139] Bluetooth: hci3 command 0x1001 tx timeout [ 2723.769489] Bluetooth: hci3 sending frame failed (-49) [ 2723.844202] Bluetooth: hci5 command 0x1001 tx timeout [ 2723.844218] Bluetooth: hci4 command 0x1001 tx timeout [ 2723.849522] Bluetooth: hci5 sending frame failed (-49) [ 2723.859600] Bluetooth: hci4 sending frame failed (-49) [ 2723.924134] Bluetooth: hci6 command 0x1001 tx timeout [ 2723.929714] Bluetooth: Error in BCSP hdr checksum [ 2723.934796] Bluetooth: Error in BCSP hdr checksum [ 2724.094171] Bluetooth: hci7 command 0x1001 tx timeout [ 2724.100038] Bluetooth: hci7 sending frame failed (-49) [ 2724.184452] Bluetooth: Error in BCSP hdr checksum [ 2724.189516] Bluetooth: Error in BCSP hdr checksum [ 2724.444276] Bluetooth: Error in BCSP hdr checksum [ 2724.449264] Bluetooth: Error in BCSP hdr checksum [ 2724.704498] Bluetooth: Error in BCSP hdr checksum [ 2724.709495] Bluetooth: Error in BCSP hdr checksum [ 2724.964294] Bluetooth: Error in BCSP hdr checksum [ 2724.969407] Bluetooth: Error in BCSP hdr checksum [ 2725.224381] Bluetooth: Error in BCSP hdr checksum [ 2725.229301] Bluetooth: Error in BCSP hdr checksum [ 2725.494177] Bluetooth: Error in BCSP hdr checksum [ 2725.499881] Bluetooth: Error in BCSP hdr checksum [ 2725.754249] Bluetooth: Error in BCSP hdr checksum [ 2725.759258] Bluetooth: Error in BCSP hdr checksum [ 2725.844029] Bluetooth: hci3 command 0x1009 tx timeout [ 2725.923970] Bluetooth: hci5 command 0x1009 tx timeout [ 2725.934153] Bluetooth: hci4 command 0x1009 tx timeout [ 2726.013955] Bluetooth: hci6 command 0x1009 tx timeout [ 2726.019569] Bluetooth: Error in BCSP hdr checksum [ 2726.024885] Bluetooth: Error in BCSP hdr checksum [ 2726.029772] Bluetooth: Error in BCSP hdr checksum [ 2726.174082] Bluetooth: hci7 command 0x1009 tx timeout [ 2726.285027] Bluetooth: Error in BCSP hdr checksum [ 2726.290027] Bluetooth: Error in BCSP hdr checksum [ 2726.544410] Bluetooth: Error in BCSP hdr checksum [ 2726.549482] Bluetooth: Error in BCSP hdr checksum [ 2726.804171] Bluetooth: Error in BCSP hdr checksum [ 2726.809106] Bluetooth: Error in BCSP hdr checksum [ 2727.064065] Bluetooth: Error in BCSP hdr checksum [ 2727.069007] Bluetooth: Error in BCSP hdr checksum [ 2727.324192] Bluetooth: Error in BCSP hdr checksum [ 2727.329109] Bluetooth: Error in BCSP hdr checksum [ 2727.584018] Bluetooth: Error in BCSP hdr checksum [ 2727.589233] Bluetooth: Error in BCSP hdr checksum [ 2727.844325] Bluetooth: Error in BCSP hdr checksum [ 2727.849517] Bluetooth: Error in BCSP hdr checksum [ 2728.104245] Bluetooth: Error in BCSP hdr checksum [ 2728.109316] Bluetooth: Error in BCSP hdr checksum [ 2728.363993] Bluetooth: Error in BCSP hdr checksum [ 2728.369122] Bluetooth: Error in BCSP hdr checksum [ 2728.624087] Bluetooth: Error in BCSP hdr checksum [ 2728.629167] Bluetooth: Error in BCSP hdr checksum [ 2728.884141] Bluetooth: Error in BCSP hdr checksum [ 2728.889080] Bluetooth: Error in BCSP hdr checksum [ 2729.144001] Bluetooth: Error in BCSP hdr checksum [ 2729.149052] Bluetooth: Error in BCSP hdr checksum [ 2729.403871] Bluetooth: Error in BCSP hdr checksum [ 2729.408997] Bluetooth: Error in BCSP hdr checksum [ 2729.663958] Bluetooth: Error in BCSP hdr checksum [ 2729.668901] Bluetooth: Error in BCSP hdr checksum 18:43:57 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) mount$fuseblk(&(0x7f0000000080)='/dev/loop0\x00', 0x0, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000000b000/0x18000)=nil, &(0x7f00000008c0)=[@text32={0x20, &(0x7f00000000c0)="b805000000b9510000000f01c10f46a78900000066ba2100b067ee66ba4100edb9800000c00f3266ba400066ed0f30c4c271de9d0000000066b808008ed0660f38806f000f011c2666b8bf008ee0", 0x4e}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)) r3 = inotify_init() r4 = inotify_init() r5 = dup3(r3, r4, 0x0) ioctl$sock_inet_udp_SIOCINQ(r5, 0x541b, &(0x7f0000000040)) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4cb]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 18:43:57 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) open(&(0x7f00000000c0)='./file0\x00', 0x40c2, 0x0) open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r1, 0x400455c8, 0x1) ioctl$TIOCSETD(r1, 0x5412, &(0x7f0000000040)) ioctl$TIOCEXCL(r1, 0x540c) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x200000000, 0x2, &(0x7f00000001c0)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r2 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) write$binfmt_elf64(r2, &(0x7f0000000ec0)=ANY=[], 0x471) sendfile(r2, r2, &(0x7f0000000480), 0xa198) 18:43:57 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000040)=0x3) 18:43:57 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(0xffffffffffffffff, 0x4008240b, &(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x7fff, 0x0, 0x0, 0x0, 0x10001}) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000340)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200), 0x400086) write$cgroup_int(r2, &(0x7f0000000280)=0x8, 0x12) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='memory.events\x00', 0x2da8020000100008, 0x500001c) r3 = perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x203, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x20000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_REFRESH(r3, 0x2402, 0xe43) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) close(r2) ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x40305839, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x4) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000040)) 18:43:57 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = open(&(0x7f00000000c0)='./file0\x00', 0x40c2, 0x0) open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x200000000, 0x2, &(0x7f00000001c0)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r2 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x148) write$binfmt_elf64(r2, &(0x7f0000000ec0)=ANY=[], 0x471) r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000040)=0xf) ioctl$KVM_SET_CPUID2(r1, 0x4008ae90, &(0x7f0000000100)={0x1, 0x0, [{0x40000000, 0xfa48, 0x6, 0x0, 0x80000000, 0x4, 0xff}]}) ioctl$KDADDIO(r3, 0x400455c8, 0x1) ioctl$TIOCSETD(r3, 0x5412, &(0x7f0000000040)) sendfile(r2, r2, &(0x7f0000000480), 0xa198) 18:43:57 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) ioctl$KDADDIO(r0, 0x400455c8, 0x0) [ 2730.543932] audit: type=1800 audit(1590777837.402:1170): pid=30985 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="collect_data" cause="failed(directio)" comm="syz-executor.0" name="file0" dev="sda1" ino=16145 res=0 [ 2730.545205] minix_free_inode: bit 1 already cleared [ 2730.577780] Bluetooth: hci3: Frame reassembly failed (-84) 18:43:57 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000040)=0x3) 18:43:57 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) mount$fuseblk(&(0x7f0000000080)='/dev/loop0\x00', 0x0, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000000b000/0x18000)=nil, &(0x7f00000008c0)=[@text32={0x20, &(0x7f00000000c0)="b805000000b9510000000f01c10f46a78900000066ba2100b067ee66ba4100edb9800000c00f3266ba400066ed0f30c4c271de9d0000000066b808008ed0660f38806f000f011c2666b8bf008ee0", 0x4e}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)) r3 = inotify_init() r4 = inotify_init() r5 = dup3(r3, r4, 0x0) ioctl$sock_inet_udp_SIOCINQ(r5, 0x541b, &(0x7f0000000040)) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4cb]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 2730.645483] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 2730.666275] audit: type=1804 audit(1590777837.422:1171): pid=30985 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="open_writers" comm="syz-executor.0" name="/root/syzkaller-testdir477172077/syzkaller.GVGvUQ/741/file0" dev="sda1" ino=16145 res=1 [ 2730.754325] Bluetooth: hci5: Frame reassembly failed (-84) [ 2730.830479] Bluetooth: Unknown HCI packet type 5e [ 2730.836189] Bluetooth: Unknown HCI packet type 43 [ 2730.841251] Bluetooth: Unknown HCI packet type 00 [ 2730.846349] audit: type=1800 audit(1590777837.692:1172): pid=31021 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="collect_data" cause="failed(directio)" comm="syz-executor.2" name="file0" dev="sda1" ino=16209 res=0 [ 2730.855998] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 2730.881285] Bluetooth: Unknown HCI packet type 5e [ 2730.892545] Bluetooth: Unknown HCI packet type 50 [ 2730.899190] Bluetooth: Unknown HCI packet type 5e [ 2730.906229] audit: type=1804 audit(1590777837.702:1173): pid=31021 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="open_writers" comm="syz-executor.2" name="/root/syzkaller-testdir665895836/syzkaller.AwSzlS/573/file0" dev="sda1" ino=16209 res=1 [ 2730.938930] Bluetooth: Unknown HCI packet type 40 18:43:57 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) mount$fuseblk(&(0x7f0000000080)='/dev/loop0\x00', 0x0, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000000b000/0x18000)=nil, &(0x7f00000008c0)=[@text32={0x20, &(0x7f00000000c0)="b805000000b9510000000f01c10f46a78900000066ba2100b067ee66ba4100edb9800000c00f3266ba400066ed0f30c4c271de9d0000000066b808008ed0660f38806f000f011c2666b8bf008ee0", 0x4e}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)) r3 = inotify_init() r4 = inotify_init() r5 = dup3(r3, r4, 0x0) ioctl$sock_inet_udp_SIOCINQ(r5, 0x541b, &(0x7f0000000040)) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4cb]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 2730.967128] audit: type=1804 audit(1590777837.812:1174): pid=31028 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="ToMToU" comm="syz-executor.2" name="/root/syzkaller-testdir665895836/syzkaller.AwSzlS/573/file0" dev="sda1" ino=16209 res=1 [ 2731.121874] audit: type=1804 audit(1590777837.852:1175): pid=31006 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="open_writers" comm="syz-executor.3" name="/root/syzkaller-testdir287874862/syzkaller.Q6hU4U/425/memory.events" dev="sda1" ino=16161 res=1 18:43:58 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) mount$fuseblk(&(0x7f0000000080)='/dev/loop0\x00', 0x0, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000000b000/0x18000)=nil, &(0x7f00000008c0)=[@text32={0x20, &(0x7f00000000c0)="b805000000b9510000000f01c10f46a78900000066ba2100b067ee66ba4100edb9800000c00f3266ba400066ed0f30c4c271de9d0000000066b808008ed0660f38806f000f011c2666b8bf008ee0", 0x4e}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_CREATE_PIT2(0xffffffffffffffff, 0x4040ae77, &(0x7f0000000000)) r3 = inotify_init() r4 = inotify_init() r5 = dup3(r3, r4, 0x0) ioctl$sock_inet_udp_SIOCINQ(r5, 0x541b, &(0x7f0000000040)) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4cb]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 2731.174271] audit: type=1804 audit(1590777837.862:1176): pid=31012 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="ToMToU" comm="syz-executor.3" name="/root/syzkaller-testdir287874862/syzkaller.Q6hU4U/425/memory.events" dev="sda1" ino=16161 res=1 18:43:58 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) mount$fuseblk(&(0x7f0000000080)='/dev/loop0\x00', 0x0, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000000b000/0x18000)=nil, &(0x7f00000008c0)=[@text32={0x20, &(0x7f00000000c0)="b805000000b9510000000f01c10f46a78900000066ba2100b067ee66ba4100edb9800000c00f3266ba400066ed0f30c4c271de9d0000000066b808008ed0660f38806f000f011c2666b8bf008ee0", 0x4e}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_CREATE_PIT2(0xffffffffffffffff, 0x4040ae77, &(0x7f0000000000)) r3 = inotify_init() r4 = inotify_init() r5 = dup3(r3, r4, 0x0) ioctl$sock_inet_udp_SIOCINQ(r5, 0x541b, &(0x7f0000000040)) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4cb]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 18:43:58 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) mount$fuseblk(&(0x7f0000000080)='/dev/loop0\x00', 0x0, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000000b000/0x18000)=nil, &(0x7f00000008c0)=[@text32={0x20, &(0x7f00000000c0)="b805000000b9510000000f01c10f46a78900000066ba2100b067ee66ba4100edb9800000c00f3266ba400066ed0f30c4c271de9d0000000066b808008ed0660f38806f000f011c2666b8bf008ee0", 0x4e}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_CREATE_PIT2(0xffffffffffffffff, 0x4040ae77, &(0x7f0000000000)) r3 = inotify_init() r4 = inotify_init() r5 = dup3(r3, r4, 0x0) ioctl$sock_inet_udp_SIOCINQ(r5, 0x541b, &(0x7f0000000040)) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4cb]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 18:43:58 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) mount$fuseblk(&(0x7f0000000080)='/dev/loop0\x00', 0x0, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000000b000/0x18000)=nil, &(0x7f00000008c0)=[@text32={0x20, &(0x7f00000000c0)="b805000000b9510000000f01c10f46a78900000066ba2100b067ee66ba4100edb9800000c00f3266ba400066ed0f30c4c271de9d0000000066b808008ed0660f38806f000f011c2666b8bf008ee0", 0x4e}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, 0x0) r3 = inotify_init() r4 = inotify_init() r5 = dup3(r3, r4, 0x0) ioctl$sock_inet_udp_SIOCINQ(r5, 0x541b, &(0x7f0000000040)) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4cb]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 2732.653472] Bluetooth: hci4 command 0x1003 tx timeout [ 2732.658832] Bluetooth: hci3 command 0x1003 tx timeout [ 2732.658871] Bluetooth: hci4 sending frame failed (-49) [ 2732.666830] Bluetooth: hci3 sending frame failed (-49) [ 2732.803391] Bluetooth: hci5 command 0x1003 tx timeout [ 2732.808810] Bluetooth: hci5 sending frame failed (-49) [ 2732.883408] Bluetooth: hci6 command 0x1003 tx timeout [ 2732.888856] Bluetooth: hci6 sending frame failed (-49) [ 2733.123433] Bluetooth: hci7 command 0x1003 tx timeout [ 2733.128835] Bluetooth: hci7 sending frame failed (-49) [ 2734.723367] Bluetooth: hci4 command 0x1001 tx timeout [ 2734.730414] Bluetooth: hci4 sending frame failed (-49) [ 2734.735833] Bluetooth: hci3 command 0x1001 tx timeout [ 2734.741104] Bluetooth: hci3 sending frame failed (-49) [ 2734.883308] Bluetooth: hci5 command 0x1001 tx timeout [ 2734.888654] Bluetooth: hci5 sending frame failed (-49) [ 2734.963341] Bluetooth: hci6 command 0x1001 tx timeout [ 2734.968746] Bluetooth: hci6 sending frame failed (-49) [ 2735.203277] Bluetooth: hci7 command 0x1001 tx timeout [ 2735.208737] Bluetooth: hci7 sending frame failed (-49) [ 2736.803270] Bluetooth: hci3 command 0x1009 tx timeout [ 2736.813454] Bluetooth: hci4 command 0x1009 tx timeout [ 2736.963194] Bluetooth: hci5 command 0x1009 tx timeout [ 2737.043150] Bluetooth: hci6 command 0x1009 tx timeout [ 2737.283190] Bluetooth: hci7 command 0x1009 tx timeout 18:44:07 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) mount$fuseblk(&(0x7f0000000080)='/dev/loop0\x00', 0x0, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000000b000/0x18000)=nil, &(0x7f00000008c0)=[@text32={0x20, &(0x7f00000000c0)="b805000000b9510000000f01c10f46a78900000066ba2100b067ee66ba4100edb9800000c00f3266ba400066ed0f30c4c271de9d0000000066b808008ed0660f38806f000f011c2666b8bf008ee0", 0x4e}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, 0x0) r3 = inotify_init() r4 = inotify_init() r5 = dup3(r3, r4, 0x0) ioctl$sock_inet_udp_SIOCINQ(r5, 0x541b, &(0x7f0000000040)) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4cb]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 18:44:07 executing program 1: ioctl$VHOST_VSOCK_SET_GUEST_CID(0xffffffffffffffff, 0x4008af60, &(0x7f0000000000)={@my=0x1}) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x12000, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) ioctl$KDADDIO(r0, 0x400455c8, 0x0) [ 2740.794016] minix_free_inode: bit 1 already cleared 18:44:08 executing program 3: timerfd_create(0x2, 0x80000) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x4) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000040)) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r1, 0x400455c8, 0x1) ioctl$TIOCSETD(r1, 0x5412, &(0x7f0000000040)) ioctl$GIO_UNISCRNMAP(r1, 0x4b69, &(0x7f0000000080)=""/119) 18:44:08 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) open(&(0x7f00000000c0)='./file0\x00', 0x40c2, 0x0) open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x10) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x200000000, 0x2, &(0x7f00000001c0)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r1 = open(&(0x7f0000000040)='./file0\x00', 0x14d182, 0x2) write$binfmt_elf64(r1, &(0x7f0000000ec0)=ANY=[], 0x471) r2 = socket(0x200000000000011, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000080)={'sit0\x00', 0x0}) bind$packet(r2, &(0x7f0000000200)={0x11, 0x0, r3, 0x1, 0x0, 0x6, @local}, 0x14) sendmmsg(r2, &(0x7f0000000d00), 0x400004e, 0x0) r4 = socket(0x200000000000011, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000080)={'sit0\x00', 0x0}) bind$packet(r4, &(0x7f0000000200)={0x11, 0x0, r5, 0x1, 0x0, 0x6, @local}, 0x14) sendmmsg(r4, &(0x7f0000000d00), 0x400004e, 0x0) r6 = socket(0x200000000000011, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000080)={'sit0\x00'}) bind$packet(r6, &(0x7f0000000100)={0x11, 0x1b, 0x0, 0x1, 0x0, 0x6, @local}, 0x14) sendmmsg(r6, &(0x7f0000000d00), 0x400004e, 0x0) sendfile(r1, r6, &(0x7f0000000480), 0xa198) 18:44:08 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) mount$fuseblk(&(0x7f0000000080)='/dev/loop0\x00', 0x0, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000000b000/0x18000)=nil, &(0x7f00000008c0)=[@text32={0x20, &(0x7f00000000c0)="b805000000b9510000000f01c10f46a78900000066ba2100b067ee66ba4100edb9800000c00f3266ba400066ed0f30c4c271de9d0000000066b808008ed0660f38806f000f011c2666b8bf008ee0", 0x4e}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, 0x0) r3 = inotify_init() r4 = inotify_init() r5 = dup3(r3, r4, 0x0) ioctl$sock_inet_udp_SIOCINQ(r5, 0x541b, &(0x7f0000000040)) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4cb]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 18:44:08 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x4) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000040)=0x3) 18:44:08 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = open(&(0x7f00000000c0)='./file0\x00', 0x40c2, 0x0) open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x200000000, 0x2, &(0x7f00000001c0)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r2 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x148) write$binfmt_elf64(r2, &(0x7f0000000ec0)=ANY=[], 0x471) r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000040)=0xf) ioctl$KVM_SET_CPUID2(r1, 0x4008ae90, &(0x7f0000000100)={0x1, 0x0, [{0x40000000, 0xfa48, 0x6, 0x0, 0x80000000, 0x4, 0xff}]}) ioctl$KDADDIO(r3, 0x400455c8, 0x1) ioctl$TIOCSETD(r3, 0x5412, &(0x7f0000000040)) sendfile(r2, r2, &(0x7f0000000480), 0xa198) 18:44:08 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) statx(0xffffffffffffffff, &(0x7f0000000340)='./file0\x00', 0x6000, 0x4, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r2 = openat$autofs(0xffffffffffffff9c, 0x0, 0x0, 0x0) r3 = socket(0x100000000011, 0x0, 0x0) r4 = geteuid() setsockopt$inet_IP_IPSEC_POLICY(r3, 0x0, 0x10, &(0x7f0000000240)={{{@in6=@loopback, @in6=@local, 0x4e22, 0x8000, 0x4e22, 0x0, 0x2, 0x60, 0xa0, 0x3c, 0x0, r4}, {0x5, 0x100000001, 0xffff, 0x5, 0x8, 0x6, 0x0, 0x2}, {0x10001, 0x0, 0x1, 0x3}, 0x0, 0x6e6bb8, 0x1, 0x1, 0x2, 0x2}, {{@in6=@dev, 0x0, 0x32}, 0x2, @in6=@private0, 0x3505, 0x3, 0x3, 0x9b, 0xb650, 0x40, 0x400}}, 0xe4) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) r7 = socket$netlink(0x10, 0x3, 0x0) getsockopt$sock_cred(r7, 0x1, 0x11, &(0x7f0000000000)={0x0, 0x0, 0x0}, &(0x7f0000cab000)=0xc) mount$9p_fd(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000000)='9p\x00', 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r5}, 0x2c, {'wfdno', 0x3d, r6}, 0x2c, {[{@loose='loose'}, {@dfltgid={'dfltgid', 0x3d, r8}}]}}) sendmmsg$unix(0xffffffffffffffff, &(0x7f0000001bc0)=[{&(0x7f0000000040)=@abs={0x1, 0x0, 0x4e21}, 0x6e, &(0x7f00000000c0)=[{&(0x7f00000002c0)="6f5768e45f84a4040741ba96ff09ff8ad3def08acebc3f3525b9417337f0751d9729ca9dc1cd6786136cfc72f89f25790987008cb0ed6d2c9f0c20c28b67c78a979da0a86695d44f703a6b7159feefd4ee0fdd77201290e6c10ce435757052be03b82665f1e08e68e5465d15ad5f242a473a4d23c9adfcc4f6277607ae9b6881470db4d394b3e5f2fdab45732f83d0ac11ceb407a9fe5c4d6d3f286b00d9a0bbb7add7bd6ed768b65f9e3951ccf85ed9d70f589d69857d11bb54e96d86f5ff39a91ccf74b58332f04847e6d95cb96b2ee9d5dad9a85e0a3f9f23fd4115d512e829da9055af63baf33ccba1023cfd6a91d8a03b83b49bbccab5d5a024bb9572076d3a041cf8f5cb0dd2a22cc79106ec5237d3a6a23395bc0581d3fac7552b0c6cce5c3e89cf1cb95672c96ee994fdaad309f54b60f5e3073ac7e85f9bf524f5b9cd935d8b49aaf19814db9e2b8e2b134de72f1ec969c6fd32e96628c8457f3b2028ce486a4a13147e0a1d1e4a3f2745c55103a12aa593bef497b4f8b28d0dd05a73f05949fa9fb6cd2f704d4ddd76fbdfbd216cf3a82d3eb13d73b1d3168692228188ffe21e6286e6fa178bfc5f4717918f253e5f1f5d4b4d884f66f8341170a19cc92dd8fe938d2649c203f6fb02839d89002441405e044f3439fec8435935b213e6ecf50c14e3a9d5d5b229d29ab142dcc94e64b316e69fb944bda214a50d5b61fcc5eb71fdbefdd5ef72d71afb1ebab59fc61b37f293986b9240d8beef5746d90f75f7fb4a871473d6d57cec25a576d4512ca8594d0387341b82e41e64a8c967268aa7fb17beb03dec634679133cf36cf11e4706b1cee950c6c2614f4a4883a550137d4d0dca0574a3fc28d245090eff18591627894839384c90563ab544ddee1ba062f80c19d2619427f151b387dae1747d0a3667cc55da4f33d8b5a401927c5dcad2887c7caeeba9e50ad1065a80315eff1ff5af4848f3de4d016cb1051a4ab68a303fadc63093e5651458583cb8dce9edf686fb57844ec0c9b2926383cbab3dd3b8f5255002fb79ac2e4b14064781c7ee95f3686250e8fd41b302725669f0b487bd3b1ccc463ef2968a9a737ee46aba9a2f70ef0f7a51bf5cf8cd1934c8d785137b9f69e3dbdf516c9c92291d401cb3e91e56058927387017eb52fe0ecf5064a6dc0c13413f52d51ebee288f68169a3aa3f42b7e17486dd111edcec1aaa2e710d163dd2bea08b7c8d53673b9d7f574bf247130a134bd96e6a5153deb1d86a3da12833e0e0bb03a7352553e5884dd33a7b96460046e1bac0301c16466d546d3fffc6b42700e130787ac104c9f1e9c19b26349985af651414712a890d26824f7ac949330a2e526511288c28b277571eece02fc4fea25ee58c97f32228b3afa93632e7953cc887f59b0da6298d4240ec17317be633d68e76ac4dc3b4dd3687cf80aa0df77a4f5c6874f9a1fa1a04e58e2f13a61b87695596a4ebca9b0b151aae979398c2fe15593c55b558fb50b7bdc8fbc753d9a4b91714dd1aaff6c7db312708a9f53239af5efceb9aea850341ea999fc859f3f3b3fa8410783363efe4577e2f8e1b3d01b4b763f8b52b1afaa7d049f48d4408d06a2932cb554b42be82778ecc43ed919b1e8622aeeb5676f954862997e6fb76376814d7858b5389fcaeef735ee177ad04b184cd1e07a930523ad9458c870578821151a7f2dac90c4c4c9739d5187442638b2309113c4370931b269ba891f0d37c43669ff66762416c906672be4fd93cddd104f20c7de8a6a90294232740694f6291a3d62874c34a2a1fbf9db7eab9f863e2c2375bb71fc90f5e67e5cfa09fbd40c2423bb575665300344f9b19605354e1b8fc3bfcb84323d7c4f1049b8e1a931a836419050848bb7e1b62fb9bb3bc792aa7b491c00c66c4fc0f5cf8169e9d5d958a975b3e9e9c5ddc6c329e205d0375c039f2ec1a9a13a6e2d44e12185eff0a4c7c0676c0f182444ec27e555c702caeebab497b9e68e77460ff9e2b78eb99f31bc257f739993d5585c8a5ead074f20fb776baeaf5436edc807d17931d9d242f8e793762df3de3954afc694a53a2c4d836229ccd34464105aacba3e32c1d2c7e56af649274639022226c86633dd1c5d1b337470dd41bbb48c9b963a0ee5495d982bf8bc52229942f14fe70d422edf4914f43c21c51e9798c3c13e15ac4ec833fa7c9f7d6a986412cf092ade2af18d3a9eb92285463419d19cb58523b7c492452f73f9d88d2efda6bd6876d27378224575ca1780027ac31d5febf087a2c179af050b81d61de83c044fa83dedda2239618adf2f20b55e099b661c2fb61b2c7788adf15d096d7e4351fbbfc82e6a6b021fd20a5b85c2c18edd3fb0b8a791db04ad06703bf27954e5eaf509227a7d56d1dd3a27abf4292241f41976f6144b22a67e5c2b2faca6228a75dc1d8fc472139da25e446dc30170a57dd3c1b455dd897ab95426055682380890088215a702719afc79dddd2137dcad98976a8951e493847fc39c80ecc9928a5b7f6b92dc2816601998b078daacccb5ae66aed43fc5c286677a2a0eab5f61bf6c6d9d34db773382fe7cacbd20813edf6d548162d55739fec4fed52321ebcc68309a931ca118a56850223fc32aa06bb96846d6baa9467a0d286e8ff78a074eaf65cf5bd5dc065e510fdd212f07918fd4dd0a26269ad7d42e1d6dbef2da881bb349aebb05e14c1051c5a42db50cc4f1b080de3ac001d75c0443b8084bebe6474d46cef5e06262dda2974771c947f33fb125bbead8a3d4573cbb35d3ad6fde12e81fcaec90e82a1b6a0281eb49e146576cf893110ea14a6204327a1ebbc9d229a4fa5a0ba70a2ce044697408bdbf4d00bf5ea00274dd25bc00cca89f4d50cacbb205f511b9266933c48ff72f4b20410070526350e4c4b5fa5959012c2696ce7af61a4e2d338969e21009d993f6e1ffc3721a0927cb779d49fb685972f5d466ba30f1841cf796b263870a0873460063a770e4dc30dd2b9651f3008c1afc154d49aebaa82de40cd825c3121caab1bca8aed773370d71722ade925b8c6cae999ff592a3d624f4419c651eccd69034491e91ed4fff23eecdb5ee6571499e06423bc2a86df9451d437a09917a1ddf884e56b964ad32bf8d9333ec7ca792d957d7303f43f0ddf9d8b2d61db8b78a550462bde7be5e3bea92ac0491a417f3def4b76f99a958b86b3f790c4c71e63cc5a47e8b50f6e4bb12b348e5218d5ad9affb271422fba457c27ce22407994af4448366730ccfdb8ceb3604590fb210ab16cbf152db865c6fe31556e843acb79d6eff380773e8d9ec02831102e4ab642fdefa7929f8538a9c2ecedde93836654636942db11452d85c1d7eec3a46e34aa689601f92ee02f0506f1cf542067b9bb0f4e598e202e815598c6da9cf6e9d3d4c2b46112e580b45007bd8e8b5adcd0f08399d2fd86f62e725390a5b7b8b3a1d91f9b2200586d287e31bd4f7631e3e87b10cb8b6bde53aef44a3fe63bd8722000a15699f9d061f2409189b93e184ec59d8c1d0e957050c4e26f484b096f43b26668d2f8c7e71216d0941dbeecc66674835b8ebb9a9102a8783887d16c5109039ee88b19ac5d8a7b5da9b75161687c8d4cc92f7fe66c558a78f3076514950b2cf2e91a461896b1c9ab81dd3502fb302340bf5081248bfd4296d6e845fb8fc7616d65938c151bc6e42d5930caff1574e2f6ced8e3789d947038d10fbf489fa04df0483875ef9632a47ea1533d81ffec6ea79e1b9b110134066513533d2ff9b5f7cb7d78bb413d82d36428d15d79bdf6866d1331d45e49062146ccbe37622a1162681fe0df3ea1960f7042cdfbccef2953280e7fa15d7767baec8c0377b59562ebaa2ad2205f06cafd31d28b0d69980a94eaacbd2023e747956217a9ab66273d068b6775b60eef9b8d2731b461115a5c101b69ac64e2e5bc12080e80f81cd31e7a0e64bfb177c518e13dca0cbf710568aae1976d718443a85da75682ea902932f6bbe246a283daac6369167e34c7f02083d2422f4624937b958855ac9d7f1c3daf602f0ac77bbe2188c84acd790ac3ad2b2dc8ac7c4224891195588dbe1d18ea227cf6804926a857daec60a03200c2334f92397f9fa5bc94ea73320199cd7d21f620135d31c8ca66fa059668c2c169c52fcebb71f9327fca20938c59e28bc37439835cbbc373e482b0e433b99dcae69165c5d161bbf184ce1bd04730919f3b24d3bbbf0f79d03da76cc1dd5b57971c4e1dfaf98360408e871f96f7ac2703526bdf569f0dcf05a49b979c20a6340642f82d8a243a723d051e0ee1b7d66b1ac4fc3630b68cadbc4f0d3a43c65ef72a00bc998adaef2b90cb740c2c7cb04898e325694b37306642e635e8ee300fc103deeecf82d8f0dc13d39f8fd2b26187a40aa287eca53bf62d37a94b2aa5149964e691c10aeeeba5597d669ac0501b3aca14c74c14b9e159d9cc9fe7bb4daaef2799a637ebab7666b67b32d0cef4c6b4c70bef2538ad7f97365785406b50680495fda061b6719581bdc60cfdd1eddc645189ca329461478614f964f87ac45759f700a66b075c3f34600854ba81f3f3023c6b3481aefd47515223294dbd2484b2918ca9cb72d75a217b05440c7f151a8a514d141a9b73b5c49ec262eb47675426e5f9d8d8f288736b190cc5e1645b57095e17a5604d6a047914d3158e50aeb3a35b44182444b058e9252309f9c6473e138d8ceb66c35dfa4f315ac8a5dfb78919e0a27710150857544d897b98ff98db76e841e57937f78fffccae61c7c0861473e2001bbdf098091ddce94ab25aaa9e316c82609f25caa0636a715ea364cd108c3f33bea8e3812a669c8129473e3e383a18598f6119324ef94163de9ce64c288da4e88fc16868f3a42ab1ed0d9517eee820d2ad0191c0381040de4ed5489f67e728ffb5f8fb41dd89aa9e0bf95007837572e223226288a665dcb8e3411b2126f3c470bac6ba2d9ded0de60d9d7fbfbd512fb283cadfcf0822ebe10049a3e8d7dcf3177de3d50c6ce74468e3f678a14ae0ea59335b35ae4be7509bbca9141ef822eff07d6a32af26f5fde2efe6d6814053de8017d4e354292927cc90cad7229fd630dba9e66047bd3bdeb9795f9d8cdf8d6b4b81ceaf23d75cf8e92117b9a5cce1b9e16f6f9e716acd04ebbc437e97f22f38de374b747c46c56de9248d79b8a2c831291ceb7a15f6302edf7e8a201415a870659c0ae014e76c4cd26a18774dff3b18062912390a0e61cde1f2b14e47d4cd98476f7b66a35e21dcd4fc17b3aab153ceb293b8f07c65928ea7780f2563d931fbf04bc9b1dc9bb7554a86c747fbf6aa0e18190eced8ef5de10f88b135e1d6eefeb496f3733ac4d345932678eee7c3524fd014393b7551c5e8f8dfd137804d2965be4a12441d9281e1a9615dbbd0fb41e190c53ab874e2acf0a4563e9d0720348e23722b677a007918272fad0a5a34d1df874b8aab3e75a42e6bd90fe0f2adf12344f64559150c5bfe40a5c1c7f1b2c58643247456228ff069beca857311ae2bf95e42bddaa2ea7ea1197a0df1323a4e7350037bfbcd666be976e3ebd5b7cb2f551c8fdf487564288af7855d42aa2df64be775b112376835f6c76b69b153c4e87dfe7f610ac909db0f2fa8b33863bbb7ceb305601470c13a0a268657c251db1dd52f51b88290dfd003ed4bdcdc36f01964ba982e4adc4237397f91c4057f350f049e7933411dd230c0c0ab6ffe5e6e7bd68e75fe5b67deee8432a1bc90dccfe425fcd1a5f9748591a437cd27719e6876", 0x1000}], 0x1, 0x0, 0x0, 0x10}, {&(0x7f0000000100)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f00000001c0)=[{&(0x7f0000000180)="c35edabe64d3e5715fc3fbe5a549ea2d5805670d6025c4af6cc8ac648362522b5ab36061862eb5", 0x27}], 0x1, &(0x7f0000001540)=[@rights={{0x2c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, r2]}}, @rights={{0x24, 0x1, 0x1, [r2, r2, r2, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x1c, 0x1, 0x1, [r2, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}], 0xf0, 0x40008}, {&(0x7f0000001600)=@abs={0x1, 0x0, 0x4e22}, 0x6e, &(0x7f0000001ac0)=[{&(0x7f0000001680)="76f0eb8ba89e82ec72eeb275e327cdd7b38a8ae6eb5a1f8b4580afab14b01554a61b132381775421d11b94", 0x2b}, {&(0x7f00000016c0)="1b60ef7c4eaf91ee859dc673499c12698b0280af4905c2a1cbdc5bd8564f3b3a7a2cf9d351ec3c02185e5a6a855203f24ab8e4beef17bd46dd56dff05089152ff302de40135f69db7fe4a4aaba64cde135b9b0fde14608258ac4bc6076c7813d05b6e70593d90270e885c6ed992c13adeeccdc3bb74df2e1c09640f1f3e104eae25b5d2dcda15897149cd678dc74abc17470d744e1de87c180605e4cbc1d91ee254c8d04bce12992c619a49510b1a492b86545748943a74748d9c32f79408957dfd70036431de43d1a1fd6ed5239aa87cb015f83dbe204354a18dde175ad", 0xde}, {&(0x7f00000017c0)="c4fe9f834f655af8dfe5898f29f701d2ef0310dc2389800adc25bd1cb2dbb0afd2be016a290f028149403d29f80989148c16b4d9da31469936cbcff444f15de7f52a887b47bce14640e3fecbf51f3be9cfda384add44d84f0ddf8d79facd4674f08614b075fc44ea0fd361c895ab57be8dca3c36b9c0e6ac63890fef0b77e806fa61284244d8fe5ff48166e7cd9658476801026f581902a04b7d2056cd2ed2d76244", 0xa2}, {&(0x7f0000001880)="01", 0x1}, {&(0x7f0000001980)="365eb6389e10c66bacb717d0e5d2ea869d8d22f6c2ff0bbef495420f6a33bedf1f185a011edcb5d471b771e3c54b4a464215cfc2f58184f027dabb9b10079112415e36d22719ba93633369e9eb568c5d6bca7c9f60c7b0be2b668446af8c2dcd2f846742d8b927e0c7ad8e7c48032b114a", 0x71}], 0x5, &(0x7f0000001b80)=[@rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, r2, r2, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {0x0, r4, r8}}}], 0x48, 0x4c000}], 0x3, 0x4004090) fsetxattr$system_posix_acl(0xffffffffffffffff, &(0x7f0000000200)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {0x1, 0x1}, [{0x2, 0x7}, {}], {0x4, 0x5}, [{0x8, 0x4}, {0x8, 0x1, r1}, {0x8, 0x0, r8}], {0x10, 0x1}, {0x20, 0x2}}, 0x4c, 0x0) pipe(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r10 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000040)='/dev/cuse\x00', 0x2, 0x0) splice(r10, 0x0, r9, 0x0, 0x20000038, 0x0) write$midi(r9, &(0x7f0000000080)="f3427dde458dbe2f684fbd6010cb782e5a85e9d717e11c4e34d41ef340fd2f79f126fd211a4676ae4cab111918d33cddc513cc567e23ba14fc32e1efb1d099d4a4804d88889e595edab0be8a03ee8db1896c5322b6340d22f814f590a5320ea310fac74ace7db64c0463a85a5d7a27b7f32bbe2116f9826bd2a05e759283d95126c1372201f3b5d1ddd6d4779bec9ec271c8594ce9644fe0a9bbde29de80e9c428474d14977d5dfbc2d79c0d074138c81a0eceb53cb1bd9f67febd925c7fdff1a7ad8444caa7", 0xc6) rt_sigprocmask(0x0, &(0x7f0000000000), &(0x7f00000001c0), 0x8) ioctl$KDADDIO(r0, 0x400455c8, 0x0) [ 2741.443547] minix_free_inode: bit 1 already cleared [ 2741.461390] audit: type=1800 audit(1590777848.313:1177): pid=31104 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="collect_data" cause="failed(directio)" comm="syz-executor.0" name="file0" dev="sda1" ino=15938 res=0 [ 2741.463707] Bluetooth: Unknown HCI packet type 00 [ 2741.486434] Bluetooth: Unknown HCI packet type 5e [ 2741.501468] Bluetooth: Unknown HCI packet type 43 [ 2741.508457] Bluetooth: Unknown HCI packet type 5e [ 2741.514907] audit: type=1804 audit(1590777848.343:1178): pid=31104 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="open_writers" comm="syz-executor.0" name="/root/syzkaller-testdir477172077/syzkaller.GVGvUQ/742/file0" dev="sda1" ino=15938 res=1 [ 2741.538930] MINIX-fs: mounting unchecked file system, running fsck is recommended 18:44:08 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x4) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000040)=0x3) 18:44:08 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) mount$fuseblk(&(0x7f0000000080)='/dev/loop0\x00', 0x0, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000000b000/0x18000)=nil, &(0x7f00000008c0)=[@text32={0x20, &(0x7f00000000c0)="b805000000b9510000000f01c10f46a78900000066ba2100b067ee66ba4100edb9800000c00f3266ba400066ed0f30c4c271de9d0000000066b808008ed0660f38806f000f011c2666b8bf008ee0", 0x4e}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)) inotify_init() r3 = inotify_init() r4 = dup3(0xffffffffffffffff, r3, 0x0) ioctl$sock_inet_udp_SIOCINQ(r4, 0x541b, &(0x7f0000000040)) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4cb]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 2741.572832] Bluetooth: Unknown HCI packet type 50 [ 2741.607189] Bluetooth: Unknown HCI packet type 5e [ 2741.621696] Bluetooth: Unknown HCI packet type 40 18:44:08 executing program 1: r0 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x440, 0x0) write$input_event(r0, &(0x7f0000000080)={{}, 0x5, 0x9, 0x5c9}, 0x18) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x2000, 0x0) ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r2, 0x400455c8, 0x1) ioctl$TIOCSETD(r2, 0x5412, &(0x7f0000000040)) ioctl$TCXONC(r2, 0x540a, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r1, 0x400455c8, 0x0) ioctl$KDADDIO(r1, 0x400455c8, 0xfffffffffffffffd) [ 2741.659889] Bluetooth: Unknown HCI packet type 5e [ 2741.665669] Bluetooth: Unknown HCI packet type 43 [ 2741.677762] Bluetooth: Unknown HCI packet type 5e [ 2741.684753] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 2741.695219] audit: type=1800 audit(1590777848.473:1179): pid=31125 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="collect_data" cause="failed(directio)" comm="syz-executor.2" name="file0" dev="sda1" ino=15844 res=0 [ 2741.724914] Bluetooth: Unknown HCI packet type 50 [ 2741.758999] Bluetooth: Unknown HCI packet type 5e [ 2741.787243] Bluetooth: hci7: Frame reassembly failed (-84) [ 2741.793215] Bluetooth: Unknown HCI packet type 40 18:44:08 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) mount$fuseblk(&(0x7f0000000080)='/dev/loop0\x00', 0x0, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000000b000/0x18000)=nil, &(0x7f00000008c0)=[@text32={0x20, &(0x7f00000000c0)="b805000000b9510000000f01c10f46a78900000066ba2100b067ee66ba4100edb9800000c00f3266ba400066ed0f30c4c271de9d0000000066b808008ed0660f38806f000f011c2666b8bf008ee0", 0x4e}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)) inotify_init() r3 = inotify_init() r4 = dup3(0xffffffffffffffff, r3, 0x0) ioctl$sock_inet_udp_SIOCINQ(r4, 0x541b, &(0x7f0000000040)) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4cb]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 2741.830705] audit: type=1804 audit(1590777848.473:1180): pid=31125 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="open_writers" comm="syz-executor.2" name="/root/syzkaller-testdir665895836/syzkaller.AwSzlS/574/file0" dev="sda1" ino=15844 res=1 18:44:08 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) mount$fuseblk(&(0x7f0000000080)='/dev/loop0\x00', 0x0, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000000b000/0x18000)=nil, &(0x7f00000008c0)=[@text32={0x20, &(0x7f00000000c0)="b805000000b9510000000f01c10f46a78900000066ba2100b067ee66ba4100edb9800000c00f3266ba400066ed0f30c4c271de9d0000000066b808008ed0660f38806f000f011c2666b8bf008ee0", 0x4e}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)) inotify_init() r3 = inotify_init() r4 = dup3(0xffffffffffffffff, r3, 0x0) ioctl$sock_inet_udp_SIOCINQ(r4, 0x541b, &(0x7f0000000040)) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4cb]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 18:44:08 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) mount$fuseblk(&(0x7f0000000080)='/dev/loop0\x00', 0x0, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000000b000/0x18000)=nil, &(0x7f00000008c0)=[@text32={0x20, &(0x7f00000000c0)="b805000000b9510000000f01c10f46a78900000066ba2100b067ee66ba4100edb9800000c00f3266ba400066ed0f30c4c271de9d0000000066b808008ed0660f38806f000f011c2666b8bf008ee0", 0x4e}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)) r3 = inotify_init() inotify_init() r4 = dup3(r3, 0xffffffffffffffff, 0x0) ioctl$sock_inet_udp_SIOCINQ(r4, 0x541b, &(0x7f0000000040)) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4cb]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 2742.264547] minix_free_inode: bit 1 already cleared [ 2743.522646] Bluetooth: hci3 command 0x1003 tx timeout [ 2743.527977] Bluetooth: hci3 sending frame failed (-49) [ 2743.682612] Bluetooth: hci4 command 0x1003 tx timeout [ 2743.688002] Bluetooth: hci4 sending frame failed (-49) [ 2743.842652] Bluetooth: hci6 command 0x1003 tx timeout [ 2743.842690] Bluetooth: hci7 command 0x1003 tx timeout [ 2743.848097] Bluetooth: hci5 command 0x1003 tx timeout [ 2743.858882] Bluetooth: hci7 sending frame failed (-49) [ 2743.864697] Bluetooth: hci5 sending frame failed (-49) [ 2745.602586] Bluetooth: hci3 command 0x1001 tx timeout [ 2745.607921] Bluetooth: hci3 sending frame failed (-49) [ 2745.762607] Bluetooth: hci4 command 0x1001 tx timeout [ 2745.768120] Bluetooth: hci4 sending frame failed (-49) [ 2745.922651] Bluetooth: hci5 command 0x1001 tx timeout [ 2745.928006] Bluetooth: hci7 command 0x1001 tx timeout [ 2745.928037] Bluetooth: hci5 sending frame failed (-49) [ 2745.933573] Bluetooth: hci7 sending frame failed (-49) [ 2745.944385] Bluetooth: hci6 command 0x1001 tx timeout [ 2747.682314] Bluetooth: hci3 command 0x1009 tx timeout [ 2747.842410] Bluetooth: hci4 command 0x1009 tx timeout [ 2748.002335] Bluetooth: hci6 command 0x1009 tx timeout [ 2748.002374] Bluetooth: hci7 command 0x1009 tx timeout [ 2748.007855] Bluetooth: hci5 command 0x1009 tx timeout 18:44:18 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) mount$fuseblk(&(0x7f0000000080)='/dev/loop0\x00', 0x0, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000000b000/0x18000)=nil, &(0x7f00000008c0)=[@text32={0x20, &(0x7f00000000c0)="b805000000b9510000000f01c10f46a78900000066ba2100b067ee66ba4100edb9800000c00f3266ba400066ed0f30c4c271de9d0000000066b808008ed0660f38806f000f011c2666b8bf008ee0", 0x4e}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)) r3 = inotify_init() inotify_init() r4 = dup3(r3, 0xffffffffffffffff, 0x0) ioctl$sock_inet_udp_SIOCINQ(r4, 0x541b, &(0x7f0000000040)) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4cb]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 18:44:18 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) open(&(0x7f00000000c0)='./file0\x00', 0x40c2, 0x0) open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x200000000, 0x2, &(0x7f00000001c0)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r1 = open(&(0x7f0000000040)='./file0\x00', 0x34b243, 0x3d) write$binfmt_elf64(r1, &(0x7f0000000ec0)=ANY=[], 0x471) r2 = socket(0x200000000000011, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000080)={'sit0\x00', 0x0}) bind$packet(r2, &(0x7f0000000200)={0x11, 0x0, r3, 0x1, 0x0, 0x6, @local}, 0x14) sendmmsg(r2, &(0x7f0000000d00), 0x400004e, 0x0) sendto$ax25(r2, &(0x7f0000000000)="2e11418b71da581d83feaebc5852e931dbf88760900c89357e6e53082ab132299b6b2c2d", 0x24, 0x80, &(0x7f0000000200)={{0x3, @bcast, 0x6}, [@default, @default, @null, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @null, @bcast, @bcast, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}]}, 0x48) sendfile(r1, r1, &(0x7f0000000480), 0xa198) 18:44:18 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000000)=0x4000000) ioctl$KDADDIO(r0, 0x400455c8, 0x4) r1 = socket(0x200000000000011, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'sit0\x00', 0x0}) bind$packet(r1, &(0x7f0000000200)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @local}, 0x14) sendmmsg(r1, &(0x7f0000000d00), 0x400004e, 0x0) r3 = socket(0x200000000000011, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000080)={'sit0\x00', 0x0}) bind$packet(r3, &(0x7f0000000200)={0x11, 0x0, r4, 0x1, 0x0, 0x6, @local}, 0x14) sendmmsg(r3, &(0x7f0000000d00), 0x400004e, 0x0) dup3(r1, r3, 0x0) ioctl$TIOCNOTTY(r1, 0x5422) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000040)) [ 2751.699056] audit: type=1800 audit(1590777858.554:1181): pid=31200 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="collect_data" cause="failed(directio)" comm="syz-executor.0" name="file0" dev="sda1" ino=15846 res=0 [ 2751.752756] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 2751.754039] audit: type=1804 audit(1590777858.574:1182): pid=31200 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="open_writers" comm="syz-executor.0" name="/root/syzkaller-testdir477172077/syzkaller.GVGvUQ/743/file0" dev="sda1" ino=15846 res=1 18:44:18 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) mount$fuseblk(&(0x7f0000000080)='/dev/loop0\x00', 0x0, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000000b000/0x18000)=nil, &(0x7f00000008c0)=[@text32={0x20, &(0x7f00000000c0)="b805000000b9510000000f01c10f46a78900000066ba2100b067ee66ba4100edb9800000c00f3266ba400066ed0f30c4c271de9d0000000066b808008ed0660f38806f000f011c2666b8bf008ee0", 0x4e}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)) r3 = inotify_init() inotify_init() r4 = dup3(r3, 0xffffffffffffffff, 0x0) ioctl$sock_inet_udp_SIOCINQ(r4, 0x541b, &(0x7f0000000040)) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4cb]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 18:44:18 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) mount$fuseblk(&(0x7f0000000080)='/dev/loop0\x00', 0x0, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000000b000/0x18000)=nil, &(0x7f00000008c0)=[@text32={0x20, &(0x7f00000000c0)="b805000000b9510000000f01c10f46a78900000066ba2100b067ee66ba4100edb9800000c00f3266ba400066ed0f30c4c271de9d0000000066b808008ed0660f38806f000f011c2666b8bf008ee0", 0x4e}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)) r3 = inotify_init() r4 = inotify_init() dup3(r3, r4, 0x0) ioctl$sock_inet_udp_SIOCINQ(0xffffffffffffffff, 0x541b, &(0x7f0000000040)) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4cb]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 2752.082768] minix_free_inode: bit 1 already cleared 18:44:19 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = open(&(0x7f00000000c0)='./file0\x00', 0x40c2, 0x0) open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x200000000, 0x2, &(0x7f00000001c0)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r2 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x148) write$binfmt_elf64(r2, &(0x7f0000000ec0)=ANY=[], 0x471) r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000040)=0xf) ioctl$KVM_SET_CPUID2(r1, 0x4008ae90, &(0x7f0000000100)={0x1, 0x0, [{0x40000000, 0xfa48, 0x6, 0x0, 0x80000000, 0x4, 0xff}]}) ioctl$KDADDIO(r3, 0x400455c8, 0x1) sendfile(r2, r2, &(0x7f0000000480), 0xa198) 18:44:19 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) mount$fuseblk(&(0x7f0000000080)='/dev/loop0\x00', 0x0, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000000b000/0x18000)=nil, &(0x7f00000008c0)=[@text32={0x20, &(0x7f00000000c0)="b805000000b9510000000f01c10f46a78900000066ba2100b067ee66ba4100edb9800000c00f3266ba400066ed0f30c4c271de9d0000000066b808008ed0660f38806f000f011c2666b8bf008ee0", 0x4e}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)) r3 = inotify_init() r4 = inotify_init() dup3(r3, r4, 0x0) ioctl$sock_inet_udp_SIOCINQ(0xffffffffffffffff, 0x541b, &(0x7f0000000040)) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4cb]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 18:44:19 executing program 3: r0 = socket(0x200000000000011, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'veth0_to_bridge\x00', 0x0}) bind$packet(r0, &(0x7f0000000200)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @local}, 0x14) r2 = socket$vsock_dgram(0x28, 0x2, 0x0) ioctl$FITRIM(r2, 0xc0185879, &(0x7f00000000c0)={0x1, 0x1, 0x7f}) sendmmsg(r0, &(0x7f0000000d00), 0x400004e, 0x0) bind$phonet(r0, &(0x7f0000000000)={0x23, 0x8, 0x43, 0x1f}, 0x10) r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) getsockopt$inet_sctp6_SCTP_DISABLE_FRAGMENTS(r0, 0x84, 0x8, &(0x7f0000000140), &(0x7f00000001c0)=0x4) pipe(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) prctl$PR_SET_UNALIGN(0x6, 0x0) r5 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000040)='/dev/cuse\x00', 0x2, 0x0) splice(r5, 0x0, r4, 0x0, 0x20000038, 0x0) ioctl$VIDIOC_S_CTRL(r4, 0xc008561c, &(0x7f0000000100)={0x1}) ioctl$SIOCAX25NOUID(r0, 0x89e3, &(0x7f0000000240)) ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r3, 0x400455c8, 0x4) ioctl$TIOCSETD(r3, 0x5412, &(0x7f0000000040)) 18:44:19 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) open(&(0x7f00000000c0)='./file0\x00', 0x40c2, 0x0) r1 = socket(0x200000000000011, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'sit0\x00', 0x0}) bind$packet(r1, &(0x7f0000000200)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @local}, 0x14) sendmmsg(r1, &(0x7f0000000d00), 0x400004e, 0x0) setsockopt$inet6_udp_encap(r1, 0x11, 0x64, &(0x7f0000000100)=0x3, 0x4) open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x200000000, 0x2, &(0x7f00000001c0)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000ec0)=ANY=[], 0x471) sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000480), 0xa198) r3 = socket(0x200000000000011, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000080)={'sit0\x00', 0x0}) bind$packet(r3, &(0x7f0000000200)={0x11, 0x0, r4, 0x1, 0x0, 0x6, @local}, 0x14) sendmmsg(r3, &(0x7f0000000d00), 0x400004e, 0x0) ioctl$SIOCX25GDTEFACILITIES(r3, 0x89ea, &(0x7f0000000000)) 18:44:19 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x4) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000040)=0x3) [ 2752.333080] minix_free_inode: bit 1 already cleared 18:44:19 executing program 1: pipe(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000040)='/dev/cuse\x00', 0x2, 0x0) splice(r1, 0x0, r0, 0x0, 0x20000038, 0x0) ioctl$VHOST_SET_VRING_ENDIAN(r0, 0x4008af13, &(0x7f0000000000)={0x1, 0x7}) r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000040)=0xf) pipe(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000040)='/dev/cuse\x00', 0x2, 0x0) splice(r5, 0x0, r4, 0x0, 0x20000038, 0x0) ioctl$DRM_IOCTL_MODE_ADDFB(r4, 0xc01c64ae, &(0x7f0000000080)={0x4, 0x8001, 0x5, 0x7, 0x200, 0x80000001, 0x7}) ioctl$KDADDIO(r3, 0x400455c8, 0x1) ioctl$TIOCSETD(r3, 0x5412, &(0x7f0000000040)) ioctl$TIOCSETD(r3, 0x5423, &(0x7f00000000c0)=0x6) ioctl$KDADDIO(r2, 0x400455c8, 0x0) ioctl$KDADDIO(r2, 0x400455c8, 0x0) [ 2752.370417] Bluetooth: Unknown HCI packet type 5e [ 2752.376840] Bluetooth: Unknown HCI packet type 43 [ 2752.383117] Bluetooth: Unknown HCI packet type 00 [ 2752.408799] Bluetooth: Unknown HCI packet type 5e 18:44:19 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) mount$fuseblk(&(0x7f0000000080)='/dev/loop0\x00', 0x0, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000000b000/0x18000)=nil, &(0x7f00000008c0)=[@text32={0x20, &(0x7f00000000c0)="b805000000b9510000000f01c10f46a78900000066ba2100b067ee66ba4100edb9800000c00f3266ba400066ed0f30c4c271de9d0000000066b808008ed0660f38806f000f011c2666b8bf008ee0", 0x4e}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)) r3 = inotify_init() r4 = inotify_init() dup3(r3, r4, 0x0) ioctl$sock_inet_udp_SIOCINQ(0xffffffffffffffff, 0x541b, &(0x7f0000000040)) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4cb]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 2752.425019] audit: type=1800 audit(1590777859.284:1183): pid=31265 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="collect_data" cause="failed(directio)" comm="syz-executor.0" name="file0" dev="sda1" ino=16071 res=0 [ 2752.426903] Bluetooth: Unknown HCI packet type 50 [ 2752.505954] audit: type=1800 audit(1590777859.334:1184): pid=31268 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="collect_data" cause="failed(directio)" comm="syz-executor.2" name="file0" dev="sda1" ino=15828 res=0 [ 2752.526473] Bluetooth: Unknown HCI packet type 5e [ 2752.535421] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 2752.555289] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 2752.576124] Bluetooth: Unknown HCI packet type 40 [ 2752.623530] audit: type=1804 audit(1590777859.334:1185): pid=31268 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="open_writers" comm="syz-executor.2" name="/root/syzkaller-testdir665895836/syzkaller.AwSzlS/575/file0" dev="sda1" ino=15828 res=1 18:44:19 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) mount$fuseblk(&(0x7f0000000080)='/dev/loop0\x00', 0x0, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000000b000/0x18000)=nil, &(0x7f00000008c0)=[@text32={0x20, &(0x7f00000000c0)="b805000000b9510000000f01c10f46a78900000066ba2100b067ee66ba4100edb9800000c00f3266ba400066ed0f30c4c271de9d0000000066b808008ed0660f38806f000f011c2666b8bf008ee0", 0x4e}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)) r3 = inotify_init() r4 = inotify_init() r5 = dup3(r3, r4, 0x0) ioctl$sock_inet_udp_SIOCINQ(r5, 0x541b, 0x0) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4cb]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 2752.694422] audit: type=1804 audit(1590777859.384:1186): pid=31276 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="open_writers" comm="syz-executor.0" name="/root/syzkaller-testdir477172077/syzkaller.GVGvUQ/744/file0" dev="sda1" ino=16071 res=1 18:44:19 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) mount$fuseblk(&(0x7f0000000080)='/dev/loop0\x00', 0x0, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000000b000/0x18000)=nil, &(0x7f00000008c0)=[@text32={0x20, &(0x7f00000000c0)="b805000000b9510000000f01c10f46a78900000066ba2100b067ee66ba4100edb9800000c00f3266ba400066ed0f30c4c271de9d0000000066b808008ed0660f38806f000f011c2666b8bf008ee0", 0x4e}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)) r3 = inotify_init() r4 = inotify_init() r5 = dup3(r3, r4, 0x0) ioctl$sock_inet_udp_SIOCINQ(r5, 0x541b, 0x0) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4cb]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 18:44:19 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) mlock(&(0x7f0000ffe000/0x2000)=nil, 0x2000) open(&(0x7f00000000c0)='./file0\x00', 0x40c2, 0x0) open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) getpid() syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x200000000, 0x2, &(0x7f00000001c0)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) accept4(r0, 0x0, &(0x7f0000000100), 0x0) write$FUSE_NOTIFY_INVAL_INODE(0xffffffffffffffff, &(0x7f0000000000)={0x28, 0x2, 0x0, {0x1, 0x7fff, 0x3ff}}, 0x28) write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000ec0)=ANY=[], 0x471) sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000480), 0xa198) 18:44:19 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) mount$fuseblk(&(0x7f0000000080)='/dev/loop0\x00', 0x0, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000000b000/0x18000)=nil, &(0x7f00000008c0)=[@text32={0x20, &(0x7f00000000c0)="b805000000b9510000000f01c10f46a78900000066ba2100b067ee66ba4100edb9800000c00f3266ba400066ed0f30c4c271de9d0000000066b808008ed0660f38806f000f011c2666b8bf008ee0", 0x4e}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)) r3 = inotify_init() r4 = inotify_init() r5 = dup3(r3, r4, 0x0) ioctl$sock_inet_udp_SIOCINQ(r5, 0x541b, 0x0) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4cb]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 2753.072594] minix_free_inode: bit 1 already cleared 18:44:20 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) mount$fuseblk(&(0x7f0000000080)='/dev/loop0\x00', 0x0, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000000b000/0x18000)=nil, &(0x7f00000008c0)=[@text32={0x20, &(0x7f00000000c0)="b805000000b9510000000f01c10f46a78900000066ba2100b067ee66ba4100edb9800000c00f3266ba400066ed0f30c4c271de9d0000000066b808008ed0660f38806f000f011c2666b8bf008ee0", 0x4e}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)) r3 = inotify_init() r4 = inotify_init() r5 = dup3(r3, r4, 0x0) ioctl$sock_inet_udp_SIOCINQ(r5, 0x541b, &(0x7f0000000040)) ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4cb]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 2753.164292] audit: type=1800 audit(1590777860.024:1187): pid=31321 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="collect_data" cause="failed(directio)" comm="syz-executor.0" name="file0" dev="sda1" ino=16079 res=0 [ 2753.201149] audit: type=1804 audit(1590777860.044:1188): pid=31321 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="open_writers" comm="syz-executor.0" name="/root/syzkaller-testdir477172077/syzkaller.GVGvUQ/745/file0" dev="sda1" ino=16079 res=1 [ 2753.228018] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 2753.343593] minix_free_inode: bit 1 already cleared [ 2754.401848] Bluetooth: hci3 command 0x1003 tx timeout [ 2754.408152] Bluetooth: hci3 sending frame failed (-49) [ 2754.561937] Bluetooth: hci4 command 0x1003 tx timeout [ 2754.567216] Bluetooth: hci5 command 0x1003 tx timeout [ 2754.567277] Bluetooth: hci4 sending frame failed (-49) [ 2754.574368] Bluetooth: hci5 sending frame failed (-49) [ 2754.641810] Bluetooth: hci6 command 0x1003 tx timeout [ 2754.647251] Bluetooth: hci6 sending frame failed (-49) [ 2755.281746] Bluetooth: hci7 command 0x1003 tx timeout [ 2755.287940] Bluetooth: hci7 sending frame failed (-49) [ 2756.481739] Bluetooth: hci3 command 0x1001 tx timeout [ 2756.487077] Bluetooth: hci3 sending frame failed (-49) [ 2756.641778] Bluetooth: hci4 command 0x1001 tx timeout [ 2756.647125] Bluetooth: hci4 sending frame failed (-49) [ 2756.653020] Bluetooth: hci5 command 0x1001 tx timeout [ 2756.658313] Bluetooth: hci5 sending frame failed (-49) [ 2756.721673] Bluetooth: hci6 command 0x1001 tx timeout [ 2756.727236] Bluetooth: hci6 sending frame failed (-49) [ 2757.372264] Bluetooth: hci7 command 0x1001 tx timeout [ 2757.377629] Bluetooth: hci7 sending frame failed (-49) [ 2758.561635] Bluetooth: hci3 command 0x1009 tx timeout [ 2758.731666] Bluetooth: hci5 command 0x1009 tx timeout [ 2758.736951] Bluetooth: hci4 command 0x1009 tx timeout [ 2758.801469] Bluetooth: hci6 command 0x1009 tx timeout [ 2759.441530] Bluetooth: hci7 command 0x1009 tx timeout 18:44:30 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) mount$fuseblk(&(0x7f0000000080)='/dev/loop0\x00', 0x0, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000000b000/0x18000)=nil, &(0x7f00000008c0)=[@text32={0x20, &(0x7f00000000c0)="b805000000b9510000000f01c10f46a78900000066ba2100b067ee66ba4100edb9800000c00f3266ba400066ed0f30c4c271de9d0000000066b808008ed0660f38806f000f011c2666b8bf008ee0", 0x4e}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)) r3 = inotify_init() r4 = inotify_init() r5 = dup3(r3, r4, 0x0) ioctl$sock_inet_udp_SIOCINQ(r5, 0x541b, &(0x7f0000000040)) ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4cb]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 18:44:30 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = syz_open_dev$audion(&(0x7f0000000000)='/dev/audio#\x00', 0x0, 0x4c000) ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_PORT(r1, 0xc0a85352, &(0x7f0000000200)={{0x80, 0x7f}, 'port1\x00', 0x21, 0x0, 0x200, 0x5, 0x6, 0x3ff, 0x8000, 0x0, 0x1, 0x7}) open(&(0x7f00000000c0)='./file0\x00', 0x40c2, 0x0) open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x200000000, 0x2, &(0x7f00000001c0)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r2 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) write$binfmt_elf64(r2, &(0x7f0000000ec0)=ANY=[], 0x471) sendfile(r2, r2, &(0x7f0000000480), 0xa198) 18:44:30 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = open(&(0x7f00000000c0)='./file0\x00', 0x40c2, 0x0) open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x200000000, 0x2, &(0x7f00000001c0)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r2 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x148) write$binfmt_elf64(r2, &(0x7f0000000ec0)=ANY=[], 0x471) r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000040)=0xf) ioctl$KVM_SET_CPUID2(r1, 0x4008ae90, &(0x7f0000000100)={0x1, 0x0, [{0x40000000, 0xfa48, 0x6, 0x0, 0x80000000, 0x4, 0xff}]}) sendfile(r2, r2, &(0x7f0000000480), 0xa198) 18:44:30 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) r1 = socket(0x200000000000011, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'sit0\x00', 0x0}) bind$packet(r1, &(0x7f0000000200)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @local}, 0x14) sendmmsg(r1, &(0x7f0000000d00), 0x400004e, 0x0) r3 = accept$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2}, &(0x7f0000000080)=0x1c) getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r3, 0x6, 0x23, &(0x7f00000000c0)={&(0x7f0000fff000/0x1000)=nil, 0x1000}, &(0x7f0000000100)=0x10) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x4) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000040)) 18:44:30 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x4) ioctl$TIOCSETD(r0, 0x5412, 0x0) [ 2763.212422] minix_free_inode: bit 1 already cleared [ 2763.287156] Bluetooth: Unknown HCI packet type 5e [ 2763.293549] Bluetooth: Unknown HCI packet type 43 [ 2763.297064] Bluetooth: Unknown HCI packet type 00 [ 2763.299662] Bluetooth: Unknown HCI packet type 5e [ 2763.318568] Bluetooth: Unknown HCI packet type 43 [ 2763.324835] Bluetooth: Unknown HCI packet type 5e [ 2763.326730] Bluetooth: Unknown HCI packet type 5e [ 2763.329841] audit: type=1800 audit(1590777870.185:1189): pid=31375 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="collect_data" cause="failed(directio)" comm="syz-executor.2" name="file0" dev="sda1" ino=15828 res=0 [ 2763.349441] Bluetooth: Unknown HCI packet type 50 [ 2763.366697] Bluetooth: Unknown HCI packet type 50 [ 2763.377080] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 2763.387135] Bluetooth: Unknown HCI packet type 5e [ 2763.393614] Bluetooth: Unknown HCI packet type 40 [ 2763.399348] audit: type=1804 audit(1590777870.195:1190): pid=31375 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="open_writers" comm="syz-executor.2" name="/root/syzkaller-testdir665895836/syzkaller.AwSzlS/576/file0" dev="sda1" ino=15828 res=1 [ 2763.418925] Bluetooth: Unknown HCI packet type 5e [ 2763.447894] Bluetooth: Unknown HCI packet type 40 [ 2763.542099] minix_free_inode: bit 1 already cleared 18:44:30 executing program 1: openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) sendto$inet(0xffffffffffffffff, &(0x7f00003cef9f), 0x0, 0x0, 0x0, 0x0) getsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(0xffffffffffffffff, 0x84, 0x1f, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f0000000040)={0x80005}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000180)=[@text16={0x10, &(0x7f0000000000)="ea0010e800440f20c066350e000000440f22c00f21720f21c1c3f40f3803760f650f01c26a06ea00005600", 0x2b}], 0x1, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) r4 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000040)='/dev/cuse\x00', 0x2, 0x0) splice(r4, 0x0, 0xffffffffffffffff, 0x0, 0x20000038, 0x0) ioctl$VIDIOC_S_EXT_CTRLS(0xffffffffffffffff, 0xc0205648, &(0x7f0000000140)={0x9d0000, 0x7, 0xfbe, r1, 0x0, &(0x7f0000000100)={0x990a90, 0x6, [], @value64=0x7}}) ioctl$PPPIOCGMRU(r5, 0x80047453, &(0x7f00000001c0)) ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000000)=0xf) ioctl$KDADDIO(r3, 0x400455c8, 0x0) ioctl$KDADDIO(r3, 0x400455c8, 0x0) 18:44:30 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) open(&(0x7f00000000c0)='./file0\x00', 0x40c2, 0x0) open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x200000000, 0x2, &(0x7f00000001c0)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x40000, 0x0) r1 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) write$binfmt_elf64(r1, &(0x7f0000000ec0)=ANY=[], 0x471) sendfile(r1, r1, &(0x7f0000000480), 0xa198) syz_mount_image$msdos(&(0x7f0000000000)='msdos\x00', &(0x7f0000000100)='./file0/../file0\x00', 0xfd, 0x2, &(0x7f0000000200)=[{&(0x7f0000000980)="adfa06cf84641a75b50c1a63673c9ef2dab3b2a09e79b9fb01560c924e0d3d358e9c77bd54110bf0a26f26b35168a700b8475e46c8c97ba7e9f8edd0e3c1bc23b390838a09a0afa2a88c78a99adb0d6df037c79cf94fdcaaee0a8cac7f89759283e062ffd5a5fbbe047d5fa6775d6dbf26d243a2cb96516661e79db3e28382e113c245b3bebb293b98b1a81a328ee3756b4e5413cf47af70439aaea19d7a78222de4cce0d188bc70601668064ba6430f2f5d80b571d6b83c66dd36d0015e947ca7ff03468593974ffc9e9973d8e2709330220f159e947c18eef368d86ac8b6fb0ea32ff47d4053e499dcb117bed5cc3249020d4913bce06ffe2fa1faf3269b73c58a3912162577d51c4971524a0ca0f592382e46ae66799edd33d6a337864baf6ac0cf4045b0e75aa571372e7a0bf96d97d5fdb078e1856ec8150001650766d64cedc78b0e0497ef7c8d6c6b4a4d6d04f62edc3c183206520238483268537313d5b9618bac640a8b15ff56e180515cacded0caffe37d177da587d65552499dd40006ade024995698278c7d79af360abaa2f5b787d9ca5cb46cd2c1fa1066c0d69ea4590e12a3366758e9a8abc309a3420d6537d5492ff75a49f168ab20b4a7cff2e8ddcc3b4c8a19f2218ea5cdfd4aae2c70e8f763de9e9e7f94554561a11f6c9772eb7c8f39197c215d93a018865f25fd6533ea18c83d681bacc89d123b0b4836a1cb84fa88655a15c4358eea7805cebabd5df2e642180b63394b50e0f4f179aac41c2cd2d00e2091ed8fd9fe64071410d915a6549343c0181d934cb947fa6d83e8c0c384f56d027a3f22a026c323ffd912edc97a0eb92252cfef89f3b5411bfefdfe60a032a7bc5f1d9bb06f07464dc7875aff04665f0be12192a4eebd86eb49558e1e11ee6eb9eccb3b27bdf94a561c5f4c76a99f404091145d603a6b5abd4a2580c027896c0540e47c5cd61dd4b00e6641535eee4d2471e5962834389c27236f640c7b44edfcd7a898df088e73cea2358ba8638cb3eb0190d4702950df5e717224a7b38d1a374f27af87d344168abbeb86bbc43fa95c16cffe301b90a88d0aca460573d5399e7f83b21443564b3ba5b7563c5bb2c5cb374c9436ec7ff4adcebd04e3867d9115a9fdac24335188229bbad9bac04fe8fd13f9c6f9a2b46016b83fce92e7a778dc9dc9355222857a446f9131d37f65656c311b3915c6c236e889122403eff1e4d66bc321399593aad4532c44acc71ad185ef35c1d236bbb6b00e96c79fafecc0057d194f0cafe82b1dc046050700975d36cfeccca02e23d09643e3ea5a7a418ebdcefd80a7aea86f51ec266298f32edc6f3d8917e4b04a30a96a6ff2eeb768796324c7c6177991e47af8ed6f478a92c29284aefdea29a56273d44f16af42ba25db777f0983a6340a825328f9fd710f4186091122bfee941bb52f15fa985efaa60246bf7bc23abed3b5f2419f8f346a2f8290e72ed3c8eb253d2482849289e5cbb8ecc5f26134372e211eb7b468c2251b10a9ff420ec552bd1f94873769f4dacb095aa79ade8002da5e7bec2ae75b241093896666478e2ecdb0e53a152c5be5bf7a3066aa248ecb91f1a6e7050a4508fd480fb714022e870c55987058177dd63a62737f0fbf373ecfc789243d1c32f2acd92210660954aa55af0580098afd6d99d775f18cf3645222a9a830ad65693463e08cbd87745defc36d4eeb8703cb9aea3b8dd83a86ebf697f730c46ef65416745b84b76cb4d5ff7c2ecf860b8035f84cae5ebfd5bbe473fc7fd220c5c04e82fab6f0d4df44ee01f154a8d4e92187de14826b866ef8dcc2442a1b70685887ac1f17e8dde7b0fad6e6f625564e1bd42266072b29c737613bb9c873af2ae71e3cd0cd49c0361bb114959f94425e67f6dc5c6b3759861653dcdd790b1b42fba89e36e2d959d8b56f288fe429c2f29ebc94c38f173c7aaa9dd96973673c7670df21b0f7c6c49d97a482795faeabca8b88d61da745bbdc4753b6a9a80f722a196665d34e5c3a79b1739855880758b724c4abcf49a25763888ecfeec440375489ef62d9cbf3af0753b69b3aacbbcc349d574d0acfa4aef71c0707c3169a92984e1d9d20da714eab7141a2a6a68ef8631ee3151cf174d3c31b9d001d3c74d48e0b17932f1b9b2a6004dfb50a4063bd7b3f01dd40c8b3707c8eec5e52dd7b0a6cdc4f634e510c826b1e420d6baf990e5e1fc0010f44dfaff56141df50dee3949ed8ad96b5ebb52914f1dcc4af8d188a5f6ca14418484c5344dd4fbc96e9c78d40cf773863667c591875aa6e910c8e05b3a1f64ea17da1541b137442de8126c8512708eb175477460f4296c3178ef5ebceff56abd99dbdb826d2ced2a4971663138db0a4e7c7a687c9a19a11d63e2f47db1ef3326f2df5f619f9b34df7d074313f1249d43e59af099ff1b75c7fd3ff5664b06eaedc0a329dd3961f478ce093c0d779a554961987b8b125a4145d5c86f2aa152558ff935a800de3b011692fcacb1596108fee3e02dadc18c6f2b023bd7e5f8b79b06aa40d281ec456025eb2711022e47465becd863ae4d97dafcba1c9020e38763a9edb2a46085614da049c730805b236355c94fb4b64ca60bd0e2064ef14d3d1fa4513aa8ae4f865d94382aedd4baeef9cfa081d2c9732de41103ebdb0afc7ae8bbaceeceb52f537ef99ad7df65d3a4e1665895b890516ea5a3803d874e426496ff2427d3f7d717e4f8c8b3d20d3ec3c2678225ef3d4d8e6647138da75cb0a690d101f202d9e1c7d778ae159724283bd2a144887cdac88224332209367cffba70d6456952ab43dca21cfe70f76c743d11fa5a3cfcf34781898a73a8b5e4c6050c2fcdbd4630004dc4ebc6dceb10c107af8a65ccdd332807b0599708881f0d942e0d9919665636be7b5b7f15b11084eed537b5e54157bd45f91ae1a7fa5ae7a327e35627c7d57ece141c6663461512cd697140f29d6b84af9ba819395d726e8c85226d067bf6701cb7efa82f5f3fb2c670015e03e0a8fc3ae6f19a63f291d4c8b3065ae789aba8390301f8c492a8cff2afcddc75057099503a39e32bbdb151e3c5e5a453850ea46f63a381b97764d91bdff5aa76b91315a352edda4169d8d7531556fc476a2d024947c4d38c61b454242cd738d7939a2488b0f8418e60d1439d25ea7b59da2e121ca00c558e9e48ed8e7bf61db9ca56d4a01e2afc5d3de761deeabbd625cf6a1034abd30be9e9febfd04388aa2629e049a15b28decb4aad0ff43ea259c53e6cce6ce73d60ea2c7943aad8139899a36561ac86789b647bfc277fdca5eaefc28ab9a1cec7142db571f53cfc897bc1b2da3fc003e9d4c58de767684d52a6e9036b9685b62ea4b5faa6e3777b69128ab44d72df37ba1b801547e74dcd1a423095ccfe6c60c228ab7620e91b24afdebe95d7337325cd1e88e5763033ac9d7080e59ae1e6f0840123bc08e4c5398f256909c1a4b04045b9d0bac4a1e8c02120432508a963379b08c82614b7c112b5d8cf00dd5ae65a5bb0be976e2f3cefc9b5f78cb2fd93824bd010e4448624f38e7033fa2b9cb7c03049dcdcd0bd847da01df1b1916eb9a8d6eede5a6cbb24466ce1b5630ce8767bbf50b3369a9550a1457aacf00ba8212a094e65ff62e8d295732ad6aff6fef290194697571c33c4712d7ceb34f73213b984e992c0e029396a36d2d7d31a0c433c327fda027b76f16cba36c1f1c32804bbdab6cfe64eff16e2b32f842c2b7356df5d272cd4f83b0185047288d0eafbee2aa6cfcca09a26cc85830f83984312f777427a13065dc4010e7ad796941495578f8c20549e083399a4ed901dec6a4a7d8f09bd5ea62a8569e7a695915f79de5c9ff87509106d8b11ea2e3500fc21438064d20efb59faed7ac76d9d626aa9065df8432053576750defabc4ebb78260327dd75779dc246384c0a97d205329e9af06b51f9c141a5fc8d7a1826d704c734c197831848a721bfc08b32b44bd26546304b5f3bc2678abeb227da1d0e47149469296b87bf3732f00ebd10dd04f4b2139f0ee5a7d4e034aaafba9ee7374209a7403ea5d2277a22cf03f5306ca231f34ea816382c59c8c25bca8a06d060a24b74733d8aa5f16ce6432db94c785df0fa886a94404743a6189313151d9e25ee32977266c61b3bb8c80a03726072c20e41f4d1be9b603f84fb9ab09a7a4c9a60d3d4a9416451be3bf57080fc5bd6a37982e0009c33cfa80589a200c30a2149eed2491606bb888a40f7bb583c3c5ecaddea9da4528d7d751c3316022aa62c2339ae2c3c2b16dc15c987aafd7c7b4d24565a0d03abde9923a6b70b71cb2000dbd6d74eeb361532a495e39ebcbe9a6b5bdfae3a7c6ca04b3e5d5ee2d27653f1b5192d5ba09c0c0dd32096b79e8bddc1a9c134b816b5098c6c03cd57f38d3d44c7308169d3cf48c274b59db9185fd88098d8b0c340271d742c8425570560d6f5cfaf1a79ba5776fb52f45e12fd0ff4b3c07c5a7c9e7c7bf0956445c8e890d4131854efed2873dad79e6fd9dd14409208d32d105641074058ec2be201743a554845dc0a9521142e6572bb0bfcf76ac14c3e5d88e88083f824380d3b0c53341be002ceece9cf5dc35094a0409b271545830234dac073ccd688291477c430eb4bbff70de0d214f6dca083d2e044248cf23cb037def5bbc85b6b6a1e0d115feb1c89398e90d78c1d693d3f4e3c10f31860c16045b533eee3bb1e4302110578dae3ab578d233eaf4e6b9ba5393ad9ba3003b65c6e2f8b43e3bc5f653a8175b25aca9949cfd46c858c2c974eb23c09629b5f327765db81c525b91a042aa22b333076af85600d726ad34f562b4e43e5d2382512c824f55ab519933952dda3104ac72d02fae510c3a60a042b37c8644475f97dd917da687eec1e1bafc7d30a8987a327c94adcc46084f6d967c31efae5f6b496f77a491ab2bb6930882e3506c6770e3b31fe89c20c161b39f9812e4058b5afbc69d0fd57577e1f9506f6bd4353a034b36b7144cc5d2749d81240f12e8b36a15e0dce4902c290a0670c357f6d90deaec98cad941c8847101a09a76f8e9e0dabc1b002bc7e9163bfdd0132c8e03ce3fd49baa0329ecb4aaa6c356f4abd7931a539be89421ac7812ccbe0b7e85f4cf4505c36f00a9a5ba65acfc228ecd57ee23d97eeff93ccd8186425403e05bdadc4929c3b195ea4b6c7da685daff7b96ed9ddabd28f33aa79ef0b1e8db37a31165c3629da2bf57095f6b1176669f995419c1898c6d43f9d3778af86702ef52057d1b34e3519a9343c4e34d09055659c22d95023c0a1fba01497a27af5fbe875f056ddaa569694b2d50a3254937c8c57f3c67bb20bbe58f66088920bdf6dc6e728e999c2c4beb0da8fcb48f73366d09a5794424d8698919b1d547792c44e230292b58bf9a3e9d8de23e6bf05d9b7316c64fbafeb07ea367cad1c4f445216d26be1c2298bc48effa64dff371071a17354175239804bef8b03129811229559e70efe647d6520cc6a242fbe5ddd4fb3982c73d9f69d1c7edef05613f1c629e0360e2569fec6c17d907b58e571a1649e6a26a0c63563fc80ce9293aa72f8ab6fc0fd3249cd79035fa26249c84aa6b3c6fe53eb566fec86484b80c489a3107c90eb6f57ac66b1d296a89c22c39546d5226afe82f320f5c59ae53af962075ed4cb0780cf63500fb920af7e0ae7d70896344fce58387be0728b9bff77ee9d6bb7712fac92baf38eace0cf1cac7a8ccd33a7d21b6d225772eaaf173fc69de6f8bf06715a21facc0b88635d0220142def55d", 0x1000, 0x9}, {&(0x7f0000000180)="3ed048b999d2737341ebdf7e36336d1d981bc4292b84638c570573b21918e835cc1e647245d943e173ee4d7044c05a4f190bbe82a5c6", 0x36, 0x1}], 0x1, &(0x7f0000000240)={[{@nodots='nodots'}, {@fat=@dos1xfloppy='dos1xfloppy'}, {@dots='dots'}, {@nodots='nodots'}, {@fat=@errors_remount='errors=remount-ro'}, {@dots='dots'}, {@fat=@nfs_nostale_ro='nfs=nostale_ro'}, {@fat=@debug='debug'}, {@fat=@discard='discard'}, {@nodots='nodots'}], [{@subj_user={'subj_user', 0x3d, 'minix\x00'}}, {@smackfsroot={'smackfsroot', 0x3d, 'minix\x00'}}, {@permit_directio='permit_directio'}, {@dont_hash='dont_hash'}]}) 18:44:30 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) mount$fuseblk(&(0x7f0000000080)='/dev/loop0\x00', 0x0, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000000b000/0x18000)=nil, &(0x7f00000008c0)=[@text32={0x20, &(0x7f00000000c0)="b805000000b9510000000f01c10f46a78900000066ba2100b067ee66ba4100edb9800000c00f3266ba400066ed0f30c4c271de9d0000000066b808008ed0660f38806f000f011c2666b8bf008ee0", 0x4e}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)) r3 = inotify_init() r4 = inotify_init() r5 = dup3(r3, r4, 0x0) ioctl$sock_inet_udp_SIOCINQ(r5, 0x541b, &(0x7f0000000040)) ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4cb]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 18:44:30 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) open(&(0x7f00000000c0)='./file0\x00', 0x40c2, 0x0) open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x200000000, 0x2, &(0x7f00000001c0)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r1 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x148) write$binfmt_elf64(r1, &(0x7f0000000ec0)=ANY=[], 0x471) r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000040)=0xf) sendfile(r1, r1, &(0x7f0000000480), 0xa198) [ 2763.816428] audit: type=1800 audit(1590777870.675:1191): pid=31397 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="collect_data" cause="failed(directio)" comm="syz-executor.0" name="file0" dev="sda1" ino=15940 res=0 [ 2763.825815] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 2763.875080] audit: type=1800 audit(1590777870.675:1192): pid=31396 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="collect_data" cause="failed(directio)" comm="syz-executor.2" name="file0" dev="sda1" ino=15985 res=0 [ 2763.896231] audit: type=1804 audit(1590777870.675:1193): pid=31396 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="open_writers" comm="syz-executor.2" name="/root/syzkaller-testdir665895836/syzkaller.AwSzlS/577/file0" dev="sda1" ino=15985 res=1 18:44:30 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) mount$fuseblk(&(0x7f0000000080)='/dev/loop0\x00', 0x0, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000000b000/0x18000)=nil, &(0x7f00000008c0)=[@text32={0x20, &(0x7f00000000c0)="b805000000b9510000000f01c10f46a78900000066ba2100b067ee66ba4100edb9800000c00f3266ba400066ed0f30c4c271de9d0000000066b808008ed0660f38806f000f011c2666b8bf008ee0", 0x4e}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)) r3 = inotify_init() r4 = inotify_init() r5 = dup3(r3, r4, 0x0) ioctl$sock_inet_udp_SIOCINQ(r5, 0x541b, &(0x7f0000000040)) ioctl$KVM_SET_REGS(r2, 0x4090ae82, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 18:44:30 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) open(&(0x7f00000000c0)='./file0\x00', 0x40c2, 0x0) open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x200000000, 0x2, &(0x7f00000001c0)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r1 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x148) write$binfmt_elf64(r1, &(0x7f0000000ec0)=ANY=[], 0x471) openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) sendfile(r1, r1, &(0x7f0000000480), 0xa198) 18:44:30 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) mount$fuseblk(&(0x7f0000000080)='/dev/loop0\x00', 0x0, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000000b000/0x18000)=nil, &(0x7f00000008c0)=[@text32={0x20, &(0x7f00000000c0)="b805000000b9510000000f01c10f46a78900000066ba2100b067ee66ba4100edb9800000c00f3266ba400066ed0f30c4c271de9d0000000066b808008ed0660f38806f000f011c2666b8bf008ee0", 0x4e}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)) r3 = inotify_init() r4 = inotify_init() r5 = dup3(r3, r4, 0x0) ioctl$sock_inet_udp_SIOCINQ(r5, 0x541b, &(0x7f0000000040)) ioctl$KVM_SET_REGS(r2, 0x4090ae82, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 2764.095037] minix_free_inode: bit 1 already cleared [ 2764.125028] audit: type=1804 audit(1590777870.695:1194): pid=31397 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="open_writers" comm="syz-executor.0" name="/root/syzkaller-testdir477172077/syzkaller.GVGvUQ/747/file0" dev="sda1" ino=15940 res=1 [ 2764.184929] audit: type=1804 audit(1590777870.805:1195): pid=31415 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="ToMToU" comm="syz-executor.0" name="/root/syzkaller-testdir477172077/syzkaller.GVGvUQ/747/file0" dev="sda1" ino=15940 res=1 18:44:31 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) open(&(0x7f00000000c0)='./file0\x00', 0x40c2, 0x0) open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x200000000, 0x2, &(0x7f00000001c0)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r1 = socket(0x200000000000011, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'sit0\x00', 0x0}) bind$packet(r1, &(0x7f0000000200)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @local}, 0x14) sendmmsg(r1, &(0x7f0000000d00), 0x400004e, 0x0) getsockopt$inet_sctp_SCTP_RECVRCVINFO(r1, 0x84, 0x20, &(0x7f0000000000), &(0x7f0000000100)=0x4) r3 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) write$binfmt_elf64(r3, &(0x7f0000000ec0)=ANY=[], 0x471) sendfile(r3, r3, &(0x7f0000000480), 0xa198) [ 2764.268203] MINIX-fs: mounting unchecked file system, running fsck is recommended 18:44:31 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) mount$fuseblk(&(0x7f0000000080)='/dev/loop0\x00', 0x0, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000000b000/0x18000)=nil, &(0x7f00000008c0)=[@text32={0x20, &(0x7f00000000c0)="b805000000b9510000000f01c10f46a78900000066ba2100b067ee66ba4100edb9800000c00f3266ba400066ed0f30c4c271de9d0000000066b808008ed0660f38806f000f011c2666b8bf008ee0", 0x4e}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)) r3 = inotify_init() r4 = inotify_init() r5 = dup3(r3, r4, 0x0) ioctl$sock_inet_udp_SIOCINQ(r5, 0x541b, &(0x7f0000000040)) ioctl$KVM_SET_REGS(r2, 0x4090ae82, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 2764.321244] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 2764.324650] audit: type=1804 audit(1590777871.075:1196): pid=31415 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="ToMToU" comm="syz-executor.0" name="/root/syzkaller-testdir477172077/syzkaller.GVGvUQ/747/file0" dev="sda1" ino=15940 res=1 18:44:31 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) open(&(0x7f00000000c0)='./file0\x00', 0x40c2, 0x0) open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x200000000, 0x2, &(0x7f00000001c0)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r1 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x148) write$binfmt_elf64(r1, &(0x7f0000000ec0)=ANY=[], 0x471) openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) sendfile(r1, r1, &(0x7f0000000480), 0xa198) [ 2764.480663] audit: type=1800 audit(1590777871.085:1197): pid=31437 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="collect_data" cause="failed(directio)" comm="syz-executor.2" name="file0" dev="sda1" ino=15943 res=0 [ 2764.503613] minix_free_inode: bit 1 already cleared [ 2764.536106] audit: type=1804 audit(1590777871.095:1198): pid=31437 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="open_writers" comm="syz-executor.2" name="/root/syzkaller-testdir665895836/syzkaller.AwSzlS/578/file0" dev="sda1" ino=15943 res=1 [ 2764.609392] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 2764.692218] minix_free_inode: bit 1 already cleared [ 2764.772706] minix_free_inode: bit 1 already cleared [ 2765.360982] Bluetooth: hci4 command 0x1003 tx timeout [ 2765.366325] Bluetooth: hci4 sending frame failed (-49) [ 2765.372487] Bluetooth: hci3 command 0x1003 tx timeout [ 2765.377770] Bluetooth: hci3 sending frame failed (-49) [ 2766.240894] Bluetooth: hci5 command 0x1003 tx timeout [ 2766.246355] Bluetooth: hci5 sending frame failed (-49) [ 2767.440847] Bluetooth: hci3 command 0x1001 tx timeout [ 2767.446175] Bluetooth: hci3 sending frame failed (-49) [ 2767.451758] Bluetooth: hci4 command 0x1001 tx timeout [ 2767.457046] Bluetooth: hci4 sending frame failed (-49) [ 2768.320859] Bluetooth: hci5 command 0x1001 tx timeout [ 2768.326185] Bluetooth: hci5 sending frame failed (-49) [ 2769.520860] Bluetooth: hci3 command 0x1009 tx timeout [ 2769.520864] Bluetooth: hci4 command 0x1009 tx timeout [ 2770.400765] Bluetooth: hci5 command 0x1009 tx timeout 18:44:40 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = open(&(0x7f00000000c0)='./file0\x00', 0x40c2, 0x0) r2 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x200000002, 0xaaaaaaaaaaaa9ec, &(0x7f00000001c0)=[{&(0x7f00000004c0)="600084e002000a00900cda40ffe1341797139d308ed533fc4c4332b7f643f260fae8b1e57c0797be205044e09b3ca661018641703414b316c34a6a0f764a16247de3c53c6fa9b4cd7b72c18850d7422643782ba43dcf3ffa50092ad22aaf3a610eb4d3e713b110e2b5b12186b936a1753b0c77ad559237688d389f2e58368700a8222a7e18cf1dd3deaf44d55c66f13e3ce7953d66e2ebabe4602ee7d62824f7a2698acd0375f2ce1bbbd2bccceb00b27e78cf581d1b24faaca35cc32f8be9f19b81cbc8f267b99455733aacc3d2701109c84ca481589678820a92a093f9", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797abf402d02fa3968441c77717a24ca41efb160c", 0x309, 0x34f9}], 0x20, 0x0) r3 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) write$binfmt_elf64(r3, &(0x7f0000000ec0)=ANY=[], 0x471) ioctl$DRM_IOCTL_WAIT_VBLANK(r1, 0xc018643a, &(0x7f0000000000)={0x8000000, 0xf63, 0x3e}) sendfile(r3, r3, &(0x7f0000000480), 0xa198) sendmmsg(0xffffffffffffffff, &(0x7f0000000d00), 0x400004e, 0x0) setsockopt$inet_sctp6_SCTP_RECVNXTINFO(0xffffffffffffffff, 0x84, 0x21, &(0x7f00000003c0)=0xc9, 0x4) fsetxattr$trusted_overlay_opaque(r2, &(0x7f0000000100)='trusted.overlay.opaque\x00', &(0x7f0000000180)='y\x00', 0x2, 0x3) r4 = openat$ocfs2_control(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ocfs2_control\x00', 0x2000, 0x0) r5 = creat(&(0x7f0000000400)='./file0\x00', 0x58) close(r5) r6 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r6, 0x84, 0x1d, &(0x7f0000000040)={0x1, [0x0]}, &(0x7f000095dffc)=0x8) getsockopt$inet_sctp6_SCTP_ASSOCINFO(r5, 0x84, 0x1, &(0x7f0000000180)={r7}, &(0x7f0000000200)=0x14) getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(0xffffffffffffffff, 0x84, 0x6d, &(0x7f0000000240)=ANY=[@ANYRES32=r7, @ANYBLOB="7d000000d79f1579baa64e167bc1512e62917e2c8f04770b15229f773e262535675a27d8223042e1d7b3ff10ab6091c001852f7085232649cb813f5e61e5dfd76e51d4c21f07b8bc20dd51caf99fc38eb6ffc6a69efbc41465db3bf0f9f1e8a05b816d04e1243339f1cbcd65aff30b4cf199c9fe2bccb681d5420625d21a298f88"], &(0x7f0000000300)=0x85) getsockopt$inet_sctp6_SCTP_RESET_STREAMS(r4, 0x84, 0x77, &(0x7f0000000340)={r8, 0x7, 0x3, [0x5, 0x81, 0x5844]}, &(0x7f0000000380)=0xe) 18:44:40 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) mount$fuseblk(&(0x7f0000000080)='/dev/loop0\x00', 0x0, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000000b000/0x18000)=nil, &(0x7f00000008c0)=[@text32={0x20, &(0x7f00000000c0)="b805000000b9510000000f01c10f46a78900000066ba2100b067ee66ba4100edb9800000c00f3266ba400066ed0f30c4c271de9d0000000066b808008ed0660f38806f000f011c2666b8bf008ee0", 0x4e}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)) r3 = inotify_init() r4 = inotify_init() r5 = dup3(r3, r4, 0x0) ioctl$sock_inet_udp_SIOCINQ(r5, 0x541b, &(0x7f0000000040)) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000380)) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 2773.481514] kauditd_printk_skb: 5 callbacks suppressed [ 2773.481523] audit: type=1800 audit(1590777880.345:1204): pid=31494 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="collect_data" cause="failed(directio)" comm="syz-executor.0" name="file0" dev="sda1" ino=15818 res=0 [ 2773.535744] audit: type=1804 audit(1590777880.345:1205): pid=31494 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="open_writers" comm="syz-executor.0" name="/root/syzkaller-testdir477172077/syzkaller.GVGvUQ/749/file0" dev="sda1" ino=15818 res=1 [ 2773.608432] audit: type=1804 audit(1590777880.465:1206): pid=31504 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="ToMToU" comm="syz-executor.0" name="/root/syzkaller-testdir477172077/syzkaller.GVGvUQ/749/file0" dev="sda1" ino=15818 res=1 [ 2773.691440] audit: type=1804 audit(1590777880.555:1207): pid=31507 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="ToMToU" comm="syz-executor.0" name="/root/syzkaller-testdir477172077/syzkaller.GVGvUQ/749/file0" dev="sda1" ino=15818 res=1 [ 2774.374221] audit: type=1804 audit(1590777881.235:1208): pid=31504 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="ToMToU" comm="syz-executor.0" name="/root/syzkaller-testdir477172077/syzkaller.GVGvUQ/749/file0" dev="sda1" ino=15818 res=1 [ 2774.412119] audit: type=1804 audit(1590777881.265:1209): pid=31504 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="ToMToU" comm="syz-executor.0" name="/root/syzkaller-testdir477172077/syzkaller.GVGvUQ/749/file0" dev="sda1" ino=15818 res=1 18:44:41 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) pipe(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000040)='/dev/cuse\x00', 0x2, 0x0) splice(r2, 0x0, r1, 0x0, 0x20000038, 0x0) r3 = syz_open_dev$vcsa(&(0x7f0000000000)='/dev/vcsa#\x00', 0xbe0, 0x60001) ioctl$EVIOCGEFFECTS(r3, 0x80044584, &(0x7f00000001c0)=""/209) ioctl$KDADDIO(r0, 0x400455c8, 0x0) 18:44:41 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) open(&(0x7f00000000c0)='./file0\x00', 0x40c2, 0x0) open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x200000000, 0x2, &(0x7f00000001c0)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r1 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x148) write$binfmt_elf64(r1, &(0x7f0000000ec0)=ANY=[], 0x471) sendfile(r1, r1, &(0x7f0000000480), 0xa198) 18:44:41 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x4) ioctl$TIOCSETD(r0, 0x5412, 0x0) 18:44:41 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x4) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000040)) pipe(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000040)='/dev/cuse\x00', 0x2, 0x0) ioctl$TIOCEXCL(0xffffffffffffffff, 0x540c) splice(r2, 0x0, r1, 0x0, 0x20000038, 0x0) ioctl$SNDRV_TIMER_IOCTL_PVERSION(r1, 0x80045400, &(0x7f0000000000)) r3 = openat$autofs(0xffffffffffffff9c, 0x0, 0x0, 0x0) getsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x16, &(0x7f00000012c0)=""/120, &(0x7f0000000200)=0x78) r4 = socket(0x100000000011, 0x0, 0x0) r5 = geteuid() setsockopt$inet_IP_IPSEC_POLICY(r4, 0x0, 0x10, &(0x7f0000000240)={{{@in6=@loopback, @in6=@local, 0x4e22, 0x8000, 0x4e22, 0x0, 0x2, 0x60, 0xa0, 0x3c, 0x0, r5}, {0x5, 0x100000001, 0xffff, 0x5, 0x8, 0x6, 0x0, 0x2}, {0x1, 0x0, 0x1, 0x3}, 0x0, 0x6e6bb8, 0x1, 0x1, 0x2, 0x2}, {{@in6=@dev, 0x0, 0x32}, 0x2, @in6=@private0, 0x3505, 0x3, 0x3, 0x9b, 0xb650, 0x40, 0x400}}, 0xe8) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) r8 = socket$netlink(0x10, 0x3, 0x0) getsockopt$sock_cred(r8, 0x1, 0x11, &(0x7f0000000000)={0x0, 0x0, 0x0}, &(0x7f0000cab000)=0xc) mount$9p_fd(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000000)='9p\x00', 0x0, &(0x7f0000001480)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r6, @ANYBLOB=',wfdno=', @ANYRESHEX=r7, @ANYBLOB=',loose,dfltgid=', @ANYRESHEX=r10, @ANYBLOB="fccc852704babf1e01000080000000007a71630a14a69b355006b5f7cd2621703d7307cffc068fd3d84704ea0ef0f3cec3e7075ad85aa974ef0841133e6b1d00640bf76ff844413cbe3525a1c065d29fc754cf56eac4c7b5fb0f26c8f5e67ea3c69556a063f97132b0c22254cac7f8047c519491697fa440cc7c02107124270d9cd5345ea87958163610cb69ead0b68b26c9af6b26c9ff73ddcafd93ca0a98773a6c9f2752ca1a00c843f25e73d9"]) sendmmsg$unix(0xffffffffffffffff, &(0x7f0000001bc0)=[{&(0x7f0000000040)=@abs={0x1, 0x0, 0x4e21}, 0x6e, &(0x7f00000000c0)=[{&(0x7f00000002c0)="6f5768e45f84a4040741ba96ff09ff8ad3def08acebc3f3525b9417337f0751d9729ca9dc1cd6786136cfc72f89f25790987008cb0ed6d2c9f0c20c28b67c78a979da0a86695d44f703a6b7159feefd4ee0fdd77201290e6c10ce435757052be03b82665f1e08e68e5465d15ad5f242a473a4d23c9adfcc4f6277607ae9b6881470db4d394b3e5f2fdab45732f83d0ac11ceb407a9fe5c4d6d3f286b00d9a0bbb7add7bd6ed768b65f9e3951ccf85ed9d70f589d69857d11bb54e96d86f5ff39a91ccf74b58332f04847e6d95cb96b2ee9d5dad9a85e0a3f9f23fd4115d512e829da9055af63baf33ccba1023cfd6a91d8a03b83b49bbccab5d5a024bb9572076d3a041cf8f5cb0dd2a22cc79106ec5237d3a6a23395bc0581d3fac7552b0c6cce5c3e89cf1cb95672c96ee994fdaad309f54b60f5e3073ac7e85f9bf524f5b9cd935d8b49aaf19814db9e2b8e2b134de72f1ec969c6fd32e96628c8457f3b2028ce486a4a13147e0a1d1e4a3f2745c55103a12aa593bef497b4f8b28d0dd05a73f05949fa9fb6cd2f704d4ddd76fbdfbd216cf3a82d3eb13d73b1d3168692228188ffe21e6286e6fa178bfc5f4717918f253e5f1f5d4b4d884f66f8341170a19cc92dd8fe938d2649c203f6fb02839d89002441405e044f3439fec8435935b213e6ecf50c14e3a9d5d5b229d29ab142dcc94e64b316e69fb944bda214a50d5b61fcc5eb71fdbefdd5ef72d71afb1ebab59fc61b37f293986b9240d8beef5746d90f75f7fb4a871473d6d57cec25a576d4512ca8594d0387341b82e41e64a8c967268aa7fb17beb03dec634679133cf36cf11e4706b1cee950c6c2614f4a4883a550137d4d0dca0574a3fc28d245090eff18591627894839384c90563ab544ddee1ba062f80c19d2619427f151b387dae1747d0a3667cc55da4f33d8b5a401927c5dcad2887c7caeeba9e50ad1065a80315eff1ff5af4848f3de4d016cb1051a4ab68a303fadc63093e5651458583cb8dce9edf686fb57844ec0c9b2926383cbab3dd3b8f5255002fb79ac2e4b14064781c7ee95f3686250e8fd41b302725669f0b487bd3b1ccc463ef2968a9a737ee46aba9a2f70ef0f7a51bf5cf8cd1934c8d785137b9f69e3dbdf516c9c92291d401cb3e91e56058927387017eb52fe0ecf5064a6dc0c13413f52d51ebee288f68169a3aa3f42b7e17486dd111edcec1aaa2e710d163dd2bea08b7c8d53673b9d7f574bf247130a134bd96e6a5153deb1d86a3da12833e0e0bb03a7352553e5884dd33a7b96460046e1bac0301c16466d546d3fffc6b42700e130787ac104c9f1e9c19b26349985af651414712a890d26824f7ac949330a2e526511288c28b277571eece02fc4fea25ee58c97f32228b3afa93632e7953cc887f59b0da6298d4240ec17317be633d68e76ac4dc3b4dd3687cf80aa0df77a4f5c6874f9a1fa1a04e58e2f13a61b87695596a4ebca9b0b151aae979398c2fe15593c55b558fb50b7bdc8fbc753d9a4b91714dd1aaff6c7db312708a9f53239af5efceb9aea850341ea999fc859f3f3b3fa8410783363efe4577e2f8e1b3d01b4b763f8b52b1afaa7d049f48d4408d06a2932cb554b42be82778ecc43ed919b1e8622aeeb5676f954862997e6fb76376814d7858b5389fcaeef735ee177ad04b184cd1e07a930523ad9458c870578821151a7f2dac90c4c4c9739d5187442638b2309113c4370931b269ba891f0d37c43669ff66762416c906672be4fd93cddd104f20c7de8a6a90294232740694f6291a3d62874c34a2a1fbf9db7eab9f863e2c2375bb71fc90f5e67e5cfa09fbd40c2423bb575665300344f9b19605354e1b8fc3bfcb84323d7c4f1049b8e1a931a836419050848bb7e1b62fb9bb3bc792aa7b491c00c66c4fc0f5cf8169e9d5d958a975b3e9e9c5ddc6c329e205d0375c039f2ec1a9a13a6e2d44e12185eff0a4c7c0676c0f182444ec27e555c702caeebab497b9e68e77460ff9e2b78eb99f31bc257f739993d5585c8a5ead074f20fb776baeaf5436edc807d17931d9d242f8e793762df3de3954afc694a53a2c4d836229ccd34464105aacba3e32c1d2c7e56af649274639022226c86633dd1c5d1b337470dd41bbb48c9b963a0ee5495d982bf8bc52229942f14fe70d422edf4914f43c21c51e9798c3c13e15ac4ec833fa7c9f7d6a986412cf092ade2af18d3a9eb92285463419d19cb58523b7c492452f73f9d88d2efda6bd6876d27378224575ca1780027ac31d5febf087a2c179af050b81d61de83c044fa83dedda2239618adf2f20b55e099b661c2fb61b2c7788adf15d096d7e4351fbbfc82e6a6b021fd20a5b85c2c18edd3fb0b8a791db04ad06703bf27954e5eaf509227a7d56d1dd3a27abf4292241f41976f6144b22a67e5c2b2faca6228a75dc1d8fc472139da25e446dc30170a57dd3c1b455dd897ab95426055682380890088215a702719afc79dddd2137dcad98976a8951e493847fc39c80ecc9928a5b7f6b92dc2816601998b078daacccb5ae66aed43fc5c286677a2a0eab5f61bf6c6d9d34db773382fe7cacbd20813edf6d548162d55739fec4fed52321ebcc68309a931ca118a56850223fc32aa06bb96846d6baa9467a0d286e8ff78a074eaf65cf5bd5dc065e510fdd212f07918fd4dd0a26269ad7d42e1d6dbef2da881bb349aebb05e14c1051c5a42db50cc4f1b080de3ac001d75c0443b8084bebe6474d46cef5e06262dda2974771c947f33fb125bbead8a3d4573cbb35d3ad6fde12e81fcaec90e82a1b6a0281eb49e146576cf893110ea14a6204327a1ebbc9d229a4fa5a0ba70a2ce044697408bdbf4d00bf5ea00274dd25bc00cca89f4d50cacbb205f511b9266933c48ff72f4b20410070526350e4c4b5fa5959012c2696ce7af61a4e2d338969e21009d993f6e1ffc3721a0927cb779d49fb685972f5d466ba30f1841cf796b263870a0873460063a770e4dc30dd2b9651f3008c1afc154d49aebaa82de40cd825c3121caab1bca8aed773370d71722ade925b8c6cae999ff592a3d624f4419c651eccd69034491e91ed4fff23eecdb5ee6571499e06423bc2a86df9451d437a09917a1ddf884e56b964ad32bf8d9333ec7ca792d957d7303f43f0ddf9d8b2d61db8b78a550462bde7be5e3bea92ac0491a417f3def4b76f99a958b86b3f790c4c71e63cc5a47e8b50f6e4bb12b348e5218d5ad9affb271422fba457c27ce22407994af4448366730ccfdb8ceb3604590fb210ab16cbf152db865c6fe31556e843acb79d6eff380773e8d9ec02831102e4ab642fdefa7929f8538a9c2ecedde93836654636942db11452d85c1d7eec3a46e34aa689601f92ee02f0506f1cf542067b9bb0f4e598e202e815598c6da9cf6e9d3d4c2b46112e580b45007bd8e8b5adcd0f08399d2fd86f62e725390a5b7b8b3a1d91f9b2200586d287e31bd4f7631e3e87b10cb8b6bde53aef44a3fe63bd8722000a15699f9d061f2409189b93e184ec59d8c1d0e957050c4e26f484b096f43b26668d2f8c7e71216d0941dbeecc66674835b8ebb9a9102a8783887d16c5109039ee88b19ac5d8a7b5da9b75161687c8d4cc92f7fe66c558a78f3076514950b2cf2e91a461896b1c9ab81dd3502fb302340bf5081248bfd4296d6e845fb8fc7616d65938c151bc6e42d5930caff1574e2f6ced8e3789d947038d10fbf489fa04df0483875ef9632a47ea1533d81ffec6ea79e1b9b110134066513533d2ff9b5f7cb7d78bb413d82d36428d15d79bdf6866d1331d45e49062146ccbe37622a1162681fe0df3ea1960f7042cdfbccef2953280e7fa15d7767baec8c0377b59562ebaa2ad2205f06cafd31d28b0d69980a94eaacbd2023e747956217a9ab66273d068b6775b60eef9b8d2731b461115a5c101b69ac64e2e5bc12080e80f81cd31e7a0e64bfb177c518e13dca0cbf710568aae1976d718443a85da75682ea902932f6bbe246a283daac6369167e34c7f02083d2422f4624937b958855ac9d7f1c3daf602f0ac77bbe2188c84acd790ac3ad2b2dc8ac7c4224891195588dbe1d18ea227cf6804926a857daec60a03200c2334f92397f9fa5bc94ea73320199cd7d21f620135d31c8ca66fa059668c2c169c52fcebb71f9327fca20938c59e28bc37439835cbbc373e482b0e433b99dcae69165c5d161bbf184ce1bd04730919f3b24d3bbbf0f79d03da76cc1dd5b57971c4e1dfaf98360408e871f96f7ac2703526bdf569f0dcf05a49b979c20a6340642f82d8a243a723d051e0ee1b7d66b1ac4fc3630b68cadbc4f0d3a43c65ef72a00bc998adaef2b90cb740c2c7cb04898e325694b37306642e635e8ee300fc103deeecf82d8f0dc13d39f8fd2b26187a40aa287eca53bf62d37a94b2aa5149964e691c10aeeeba5597d669ac0501b3aca14c74c14b9e159d9cc9fe7bb4daaef2799a637ebab7666b67b32d0cef4c6b4c70bef2538ad7f97365785406b50680495fda061b6719581bdc60cfdd1eddc645189ca329461478614f964f87ac45759f700a66b075c3f34600854ba81f3f3023c6b3481aefd47515223294dbd2484b2918ca9cb72d75a217b05440c7f151a8a514d141a9b73b5c49ec262eb47675426e5f9d8d8f288736b190cc5e1645b57095e17a5604d6a047914d3158e50aeb3a35b44182444b058e9252309f9c6473e138d8ceb66c35dfa4f315ac8a5dfb78919e0a27710150857544d897b98ff98db76e841e57937f78fffccae61c7c0861473e2001bbdf098091ddce94ab25aaa9e316c82609f25caa0636a715ea364cd108c3f33bea8e3812a669c8129473e3e383a18598f6119324ef94163de9ce64c288da4e88fc16868f3a42ab1ed0d9517eee820d2ad0191c0381040de4ed5489f67e728ffb5f8fb41dd89aa9e0bf95007837572e223226288a665dcb8e3411b2126f3c470bac6ba2d9ded0de60d9d7fbfbd512fb283cadfcf0822ebe10049a3e8d7dcf3177de3d50c6ce74468e3f678a14ae0ea59335b35ae4be7509bbca9141ef822eff07d6a32af26f5fde2efe6d6814053de8017d4e354292927cc90cad7229fd630dba9e66047bd3bdeb9795f9d8cdf8d6b4b81ceaf23d75cf8e92117b9a5cce1b9e16f6f9e716acd04ebbc437e97f22f38de374b747c46c56de9248d79b8a2c831291ceb7a15f6302edf7e8a201415a870659c0ae014e76c4cd26a18774dff3b18062912390a0e61cde1f2b14e47d4cd98476f7b66a35e21dcd4fc17b3aab153ceb293b8f07c65928ea7780f2563d931fbf04bc9b1dc9bb7554a86c747fbf6aa0e18190eced8ef5de10f88b135e1d6eefeb496f3733ac4d345932678eee7c3524fd014393b7551c5e8f8dfd137804d2965be4a12441d9281e1a9615dbbd0fb41e190c53ab874e2acf0a4563e9d0720348e23722b677a007918272fad0a5a34d1df874b8aab3e75a42e6bd90fe0f2adf12344f64559150c5bfe40a5c1c7f1b2c58643247456228ff069beca857311ae2bf95e42bddaa2ea7ea1197a0df1323a4e7350037bfbcd666be976e3ebd5b7cb2f551c8fdf487564288af7855d42aa2df64be775b112376835f6c76b69b153c4e87dfe7f610ac909db0f2fa8b33863bbb7ceb305601470c13a0a268657c251db1dd52f51b88290dfd003ed4bdcdc36f01964ba982e4adc4237397f91c4057f350f049e7933411dd230c0c0ab6ffe5e6e7bd68e75fe5b67deee8432a1bc90dccfe425fcd1a5f9748591a437cd27719e6876", 0x1000}], 0x1, 0x0, 0x0, 0x11}, {&(0x7f0000000100)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f00000001c0)=[{&(0x7f0000000180)="c35edabe64d3e5715fc3fbe5a549ea2d5805670d6025c4af6cc8ac648362522b5ab36061862eb5", 0x27}], 0x1, &(0x7f0000001c80)=ANY=[@ANYBLOB="2c000000000000000100000001000000", @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES16=r9, @ANYRES32=r3, @ANYBLOB="0000000024000000000000000100000001000000", @ANYRES32=r3, @ANYRES32=r3, @ANYRES32=r3, @ANYRES32, @ANYRES32, @ANYBLOB="000000001c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32, @ANYRES32=0x0, @ANYBLOB="0000000018000000000000000100000001000000", @ANYRES32, @ANYRES32, @ANYBLOB="1c000000000000000100000001000000", @ANYRES32=r3, @ANYRES32, @ANYRES32, @ANYBLOB="000000001c00000000e0ff00010000000200000094b83ae99ad5ec05f596281f95816bf17a4e2e356f3650e3ba42d9bdd4dca639d44e9bba0fe38d2223d4c16efb8ea62852870f4c1d031d266118dfb9819480826323330c5f8ceadb6224349d697b39f72cd6bae20add54a48eaa8251f69dd61a0c1fe748ac52a563477a2b49a7eb4eae82fb4ada01940a2bf39808281b4cb00e01fea278df9f4528b5d47c14ad543aad9a7498ac9d26f890c0817f", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000001c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00'], 0xf0, 0x40008}, {&(0x7f0000001600)=@abs={0x1, 0x0, 0x4e22}, 0x6e, &(0x7f0000001ac0)=[{&(0x7f0000001680)="76f0eb8ba89e82ec72eeb275e327cdd7b38a8ae6eb5a1f8b4580afab14b01554a61b132381775421d11b94", 0x2b}, {&(0x7f00000016c0)="1b60ef7c4eaf91ee859dc673499c12698b0280af4905c2a1cbdc5bd8564f3b3a7a2cf9d351ec3c02185e5a6a855203f24ab8e4beef17bd46dd56dff05089152ff302de40135f69db7fe4a4aaba64cde135b9b0fde14608258ac4bc6076c7813d05b6e70593d90270e885c6ed992c13adeeccdc3bb74df2e1c09640f1f3e104eae25b5d2dcda15897149cd678dc74abc17470d744e1de87c180605e4cbc1d91ee254c8d04bce12992c619a49510b1a492b86545748943a74748d9c32f79408957dfd70036431de43d1a1fd6ed5239aa87cb015f83dbe204354a18dde175ad", 0xde}, {&(0x7f00000017c0)="c4fe9f834f655af8dfe5898f29f701d2ef0310dc2389800adc25bd1cb2dbb0afd2be016a290f028149403d29f80989148c16b4d9da31469936cbcff444f15de7f52a887b47bce14640e3fecbf51f3be9cfda384add44d84f0ddf8d79facd4674f08614b075fc44ea0fd361c895ab57be8dca3c36b9c0e6ac63890fef0b77e806fa61284244d8fe5ff48166e7cd9658476801026f581902a04b7d2056cd2ed2d76244", 0xa2}, {&(0x7f0000001880)="01", 0x1}, {&(0x7f0000001340)="365eb6389e10c46bacb717d0e5d2ea869d8d22f6c2ff0bbef495420f6a33bedf1f185a011edcb5d471b771e3c54b4a494215cfc2f58184f027dabb9b10079112415e36d22719ba93633369e9eb568c5d6bca7c9f60c7b0be2b668446af8c2dcd2f846742d8b927e0c7ad8e7c48032b114a36588436d76c18d4405bdd854ffd5308115a1b817524ac53a4132949b216e98cd531f21d8462b9a8d35f4f3016cdbb69d9afadd6fa02125534b4de1d415c6f52f4ad16e5670a8c03f55b038ea0c1057cc633398799f9a8029d4d7baf3768be83f50147dc718bbc41716d863bf8307db29ba1d46776109bdd60ec9f49460155172569f8c774888b1861f6387c6e6d558d8fe186e0cb4f5785a94420129401fecdf4e3df6d87e2cd8b83ae7732531f594d7c3c1c9abcd1d4a279985e1612e04f", 0x130}], 0x5, &(0x7f0000001b80)=[@cred={{0x1c}}, @cred={{0x1c, 0x1, 0x2, {0x0, r5, r10}}}], 0x40, 0x4c000}], 0x3, 0x4004090) write$FUSE_ATTR(r1, &(0x7f0000000080)={0x99, 0x0, 0x3, {0x6, 0x40000, 0x0, {0x4, 0x800020ac, 0x3, 0x7f, 0x6, 0x3ff, 0x10000000, 0x9, 0x1, 0x0, 0x40, 0xee00, r10, 0x3, 0x61c}}}, 0x78) 18:44:41 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) mount$fuseblk(&(0x7f0000000080)='/dev/loop0\x00', 0x0, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000000b000/0x18000)=nil, &(0x7f00000008c0)=[@text32={0x20, &(0x7f00000000c0)="b805000000b9510000000f01c10f46a78900000066ba2100b067ee66ba4100edb9800000c00f3266ba400066ed0f30c4c271de9d0000000066b808008ed0660f38806f000f011c2666b8bf008ee0", 0x4e}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)) r3 = inotify_init() r4 = inotify_init() r5 = dup3(r3, r4, 0x0) ioctl$sock_inet_udp_SIOCINQ(r5, 0x541b, &(0x7f0000000040)) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000380)) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 18:44:41 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) open(&(0x7f00000000c0)='./file0\x00', 0x40c2, 0x0) ioctl$FITHAW(r0, 0xc0045878) open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x200000000, 0x2, &(0x7f00000001c0)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r1 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) write$binfmt_elf64(r1, &(0x7f0000000ec0)=ANY=[], 0x471) sendfile(r1, r1, &(0x7f0000000480), 0xa198) [ 2774.704770] audit: type=1800 audit(1590777881.565:1210): pid=31522 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="collect_data" cause="failed(directio)" comm="syz-executor.0" name="file0" dev="sda1" ino=16103 res=0 [ 2774.727707] Bluetooth: Unknown HCI packet type 5e [ 2774.740953] Bluetooth: Unknown HCI packet type 43 [ 2774.747335] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 2774.749645] Bluetooth: Unknown HCI packet type 00 [ 2774.762958] Bluetooth: Unknown HCI packet type 5e [ 2774.768068] Bluetooth: Unknown HCI packet type 43 [ 2774.769388] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 2774.780264] Bluetooth: Unknown HCI packet type 5e [ 2774.797137] Bluetooth: hci5: Frame reassembly failed (-84) [ 2774.797329] Bluetooth: Unknown HCI packet type 5e [ 2774.803586] Bluetooth: hci5: Frame reassembly failed (-84) [ 2774.814441] Bluetooth: Unknown HCI packet type 50 [ 2774.829644] Bluetooth: Unknown HCI packet type 50 [ 2774.838203] Bluetooth: Unknown HCI packet type 5e [ 2774.853788] audit: type=1804 audit(1590777881.585:1211): pid=31522 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="open_writers" comm="syz-executor.0" name="/root/syzkaller-testdir477172077/syzkaller.GVGvUQ/750/file0" dev="sda1" ino=16103 res=1 [ 2774.878651] Bluetooth: Unknown HCI packet type 5e [ 2774.889544] Bluetooth: Unknown HCI packet type 40 [ 2774.921701] Bluetooth: Unknown HCI packet type 40 18:44:41 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) mount$fuseblk(&(0x7f0000000080)='/dev/loop0\x00', 0x0, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000000b000/0x18000)=nil, &(0x7f00000008c0)=[@text32={0x20, &(0x7f00000000c0)="b805000000b9510000000f01c10f46a78900000066ba2100b067ee66ba4100edb9800000c00f3266ba400066ed0f30c4c271de9d0000000066b808008ed0660f38806f000f011c2666b8bf008ee0", 0x4e}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)) r3 = inotify_init() r4 = inotify_init() r5 = dup3(r3, r4, 0x0) ioctl$sock_inet_udp_SIOCINQ(r5, 0x541b, &(0x7f0000000040)) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000380)) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 2775.021503] audit: type=1800 audit(1590777881.585:1212): pid=31525 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="collect_data" cause="failed(directio)" comm="syz-executor.2" name="file0" dev="sda1" ino=16104 res=0 18:44:42 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) open(&(0x7f00000000c0)='./file0\x00', 0x40c2, 0x0) open$dir(&(0x7f0000000080)='./file1\x00', 0x0, 0x11e) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x200000000, 0x2, &(0x7f00000001c0)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r1 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) write$binfmt_elf64(r1, &(0x7f0000000ec0)=ANY=[], 0x471) sendfile(r1, r1, &(0x7f0000000480), 0xa198) r2 = socket(0x200000000000011, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000080)={'sit0\x00', 0x0}) bind$packet(r2, &(0x7f0000000200)={0x11, 0x0, r3, 0x1, 0x0, 0x6, @local}, 0x14) r4 = socket$inet6(0xa, 0x80002, 0x0) r5 = socket(0x11, 0x800000003, 0x0) bind(r5, &(0x7f0000000080)=@nfc={0x27, 0xfffffffe, 0x1, 0x2}, 0x80) getsockname$packet(r5, &(0x7f0000000140)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f00000001c0)=0x14) ioctl$sock_SIOCGIFINDEX(r4, 0x8914, &(0x7f0000000000)={'ipvlan0\x00', r6}) r7 = gettid() sendmsg$nl_route(r2, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x59205b80}, 0xc, &(0x7f0000000180)={&(0x7f00000002c0)=@bridge_dellink={0xb4, 0x11, 0x400, 0x70bd25, 0x25dfdbfc, {0x7, 0x0, 0x0, r6, 0x81, 0x80}, [@IFLA_CARRIER_CHANGES={0x8, 0x23, 0x4}, @IFLA_TARGET_NETNSID={0x8, 0x2e, 0x1}, @IFLA_WEIGHT={0x8, 0xf, 0xf3b}, @IFLA_NET_NS_PID={0x8, 0x13, r7}, @IFLA_PROP_LIST={0x18, 0x34, 0x0, 0x1, [{0x14, 0x35, 'erspan0\x00'}]}, @IFLA_PROP_LIST={0x54, 0x34, 0x0, 0x1, [{0x14, 0x35, 'virt_wifi0\x00'}, {0x14, 0x35, 'tunl0\x00'}, {0x14, 0x35, 'veth1\x00'}, {0x14, 0x35, 'veth0_virt_wifi\x00'}]}, @IFLA_LINK_NETNSID={0x8, 0x25, 0x3}]}, 0xb4}, 0x1, 0x0, 0x0, 0x18}, 0x0) sendmmsg(r2, &(0x7f0000000d00), 0x400004e, 0x0) mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x2000000, 0x2010, r2, 0xed76000) 18:44:42 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) open(&(0x7f00000000c0)='./file0\x00', 0x40c2, 0x0) open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x200000000, 0x2, &(0x7f00000001c0)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r1 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x148) write$binfmt_elf64(r1, &(0x7f0000000ec0)=ANY=[], 0x471) sendfile(r1, r1, &(0x7f0000000480), 0xa198) [ 2775.089055] audit: type=1804 audit(1590777881.595:1213): pid=31525 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="open_writers" comm="syz-executor.2" name="/root/syzkaller-testdir665895836/syzkaller.AwSzlS/580/file0" dev="sda1" ino=16104 res=1 18:44:42 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) mount$fuseblk(&(0x7f0000000080)='/dev/loop0\x00', 0x0, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000000b000/0x18000)=nil, &(0x7f00000008c0)=[@text32={0x20, &(0x7f00000000c0)="b805000000b9510000000f01c10f46a78900000066ba2100b067ee66ba4100edb9800000c00f3266ba400066ed0f30c4c271de9d0000000066b808008ed0660f38806f000f011c2666b8bf008ee0", 0x4e}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)) r3 = inotify_init() r4 = inotify_init() r5 = dup3(r3, r4, 0x0) ioctl$sock_inet_udp_SIOCINQ(r5, 0x541b, &(0x7f0000000040)) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4cb]}) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 2775.141434] minix_free_inode: bit 1 already cleared [ 2775.146692] minix_free_inode: bit 1 already cleared [ 2775.246433] MINIX-fs: mounting unchecked file system, running fsck is recommended 18:44:42 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) mount$fuseblk(&(0x7f0000000080)='/dev/loop0\x00', 0x0, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000000b000/0x18000)=nil, &(0x7f00000008c0)=[@text32={0x20, &(0x7f00000000c0)="b805000000b9510000000f01c10f46a78900000066ba2100b067ee66ba4100edb9800000c00f3266ba400066ed0f30c4c271de9d0000000066b808008ed0660f38806f000f011c2666b8bf008ee0", 0x4e}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)) r3 = inotify_init() r4 = inotify_init() r5 = dup3(r3, r4, 0x0) ioctl$sock_inet_udp_SIOCINQ(r5, 0x541b, &(0x7f0000000040)) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4cb]}) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 2775.322258] MINIX-fs: mounting unchecked file system, running fsck is recommended 18:44:42 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) mount$fuseblk(&(0x7f0000000080)='/dev/loop0\x00', 0x0, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000000b000/0x18000)=nil, &(0x7f00000008c0)=[@text32={0x20, &(0x7f00000000c0)="b805000000b9510000000f01c10f46a78900000066ba2100b067ee66ba4100edb9800000c00f3266ba400066ed0f30c4c271de9d0000000066b808008ed0660f38806f000f011c2666b8bf008ee0", 0x4e}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)) r3 = inotify_init() r4 = inotify_init() r5 = dup3(r3, r4, 0x0) ioctl$sock_inet_udp_SIOCINQ(r5, 0x541b, &(0x7f0000000040)) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4cb]}) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 2775.541601] minix_free_inode: bit 1 already cleared [ 2775.790713] minix_free_inode: bit 1 already cleared [ 2776.800136] Bluetooth: hci4 command 0x1003 tx timeout [ 2776.805463] Bluetooth: hci4 sending frame failed (-49) [ 2776.811126] Bluetooth: hci5 command 0x1003 tx timeout [ 2776.816486] Bluetooth: hci3 command 0x1003 tx timeout [ 2776.816546] Bluetooth: hci5 sending frame failed (-49) [ 2776.827281] Bluetooth: hci3 sending frame failed (-49) [ 2778.880128] Bluetooth: hci3 command 0x1001 tx timeout [ 2778.880132] Bluetooth: hci4 command 0x1001 tx timeout [ 2778.880905] Bluetooth: hci4 sending frame failed (-49) [ 2778.885416] Bluetooth: hci5 command 0x1001 tx timeout [ 2778.890671] Bluetooth: hci3 sending frame failed (-49) [ 2778.903358] Bluetooth: hci5 sending frame failed (-49) [ 2780.960007] Bluetooth: hci3 command 0x1009 tx timeout [ 2780.960047] Bluetooth: hci5 command 0x1009 tx timeout [ 2780.965305] Bluetooth: hci4 command 0x1009 tx timeout 18:44:51 executing program 1: r0 = socket$unix(0x1, 0x5, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = dup2(r1, r0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000180)='/dev/fb0\x00', 0x0, 0x0) getsockopt$inet6_IPV6_XFRM_POLICY(r2, 0x29, 0x23, &(0x7f0000001740)={{{@in=@remote, @in6=@remote, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6}, 0x0, @in6=@initdev}}, &(0x7f0000001840)=0xe8) bind$can_raw(r2, &(0x7f0000001880)={0x1d, r4}, 0x10) ioctl$FBIOPUT_VSCREENINFO(r3, 0x4601, &(0x7f0000000000)={0x10, 0x0, 0x80, 0x0, 0x0, 0x0, 0x4, 0x0, {}, {0x0, 0xffeffffe}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}) r5 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r5, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r5, 0x400455c8, 0x0) ioctl$KDADDIO(r5, 0x400455c8, 0x0) 18:44:51 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) open(&(0x7f00000000c0)='./file0\x00', 0x40c2, 0x0) open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x200000000, 0x2, &(0x7f00000001c0)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) unshare(0x8000400) syz_extract_tcp_res(0x0, 0x0, 0x0) r1 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) write$binfmt_elf64(r1, &(0x7f0000000ec0)=ANY=[], 0x471) sendfile(r1, r1, &(0x7f0000000480), 0xa198) 18:44:51 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x4) ioctl$TIOCSETD(r0, 0x5412, 0x0) 18:44:51 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) mount$fuseblk(&(0x7f0000000080)='/dev/loop0\x00', 0x0, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000000b000/0x18000)=nil, &(0x7f00000008c0)=[@text32={0x20, &(0x7f00000000c0)="b805000000b9510000000f01c10f46a78900000066ba2100b067ee66ba4100edb9800000c00f3266ba400066ed0f30c4c271de9d0000000066b808008ed0660f38806f000f011c2666b8bf008ee0", 0x4e}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)) r3 = inotify_init() r4 = inotify_init() r5 = dup3(r3, r4, 0x0) ioctl$sock_inet_udp_SIOCINQ(r5, 0x541b, &(0x7f0000000040)) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4cb]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) 18:44:51 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) open(&(0x7f00000000c0)='./file0\x00', 0x40c2, 0x0) open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x200000000, 0x2, &(0x7f00000001c0)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r1 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x148) write$binfmt_elf64(r1, &(0x7f0000000ec0)=ANY=[], 0x471) sendfile(r1, r1, &(0x7f0000000480), 0xa198) 18:44:51 executing program 3: r0 = socket(0x200000000000011, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'sit0\x00', 0x0}) bind$packet(r0, &(0x7f0000000200)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @local}, 0x14) sendmmsg(r0, &(0x7f0000000d00), 0x400004e, 0x0) getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r0, 0x6, 0x23, &(0x7f0000000000)={&(0x7f0000ff9000/0x4000)=nil, 0x4000}, &(0x7f0000000080)=0x10) r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r2, 0x400455c8, 0x4) clock_gettime(0x0, &(0x7f00000000c0)={0x0, 0x0}) pipe(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r6 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000040)='/dev/cuse\x00', 0x2, 0x0) splice(r6, 0x0, r5, 0x0, 0x20000038, 0x0) ioctl$VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000100)={0x7e0, 0x4, 0x4, 0x8, 0xfffffffc, {r3, r4/1000+10000}, {0x5, 0x0, 0x6, 0x8e, 0xe8, 0x40, "7c11d70b"}, 0x4, 0x4, @fd=r5, 0x1f, 0x0, r2}) r8 = creat(&(0x7f0000000280)='./file0\x00', 0x0) close(r8) r9 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r9, 0x84, 0x1d, &(0x7f00000002c0)=ANY=[@ANYBLOB="656f665c7f56707e6a3cdb010000003f294057a03b2d6e636327c0b7c956e9c58a177bda40b49a73b635d534b2f019f69c9e9f95ec5f9035de3a9b4b99ae5549232a1d4e4f18c4c50441bddbfaef000000000000000000", @ANYRES32=0x0], &(0x7f000095dffc)=0x8) getsockopt$inet_sctp6_SCTP_ASSOCINFO(r8, 0x84, 0x1, &(0x7f0000000180)={r10}, &(0x7f0000000200)=0x14) setsockopt$inet_sctp_SCTP_RECONFIG_SUPPORTED(r7, 0x84, 0x75, &(0x7f0000000180)={r10, 0x16}, 0x8) ioctl$TIOCSETD(r2, 0x5412, &(0x7f0000000040)) [ 2784.966734] kauditd_printk_skb: 6 callbacks suppressed [ 2784.966743] audit: type=1800 audit(1590777891.816:1220): pid=31619 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="collect_data" cause="failed(directio)" comm="syz-executor.0" name="file0" dev="sda1" ino=15906 res=0 18:44:51 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) mount$fuseblk(&(0x7f0000000080)='/dev/loop0\x00', 0x0, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000000b000/0x18000)=nil, &(0x7f00000008c0)=[@text32={0x20, &(0x7f00000000c0)="b805000000b9510000000f01c10f46a78900000066ba2100b067ee66ba4100edb9800000c00f3266ba400066ed0f30c4c271de9d0000000066b808008ed0660f38806f000f011c2666b8bf008ee0", 0x4e}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)) r3 = inotify_init() r4 = inotify_init() r5 = dup3(r3, r4, 0x0) ioctl$sock_inet_udp_SIOCINQ(r5, 0x541b, &(0x7f0000000040)) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4cb]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) 18:44:52 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) open(&(0x7f00000000c0)='./file0\x00', 0x40c2, 0x0) open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x200000000, 0x2, &(0x7f00000001c0)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r1 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x148) openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) sendfile(r1, r1, &(0x7f0000000480), 0xa198) 18:44:52 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) mount$fuseblk(&(0x7f0000000080)='/dev/loop0\x00', 0x0, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000000b000/0x18000)=nil, &(0x7f00000008c0)=[@text32={0x20, &(0x7f00000000c0)="b805000000b9510000000f01c10f46a78900000066ba2100b067ee66ba4100edb9800000c00f3266ba400066ed0f30c4c271de9d0000000066b808008ed0660f38806f000f011c2666b8bf008ee0", 0x4e}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)) r3 = inotify_init() r4 = inotify_init() r5 = dup3(r3, r4, 0x0) ioctl$sock_inet_udp_SIOCINQ(r5, 0x541b, &(0x7f0000000040)) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4cb]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) 18:44:52 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) open(&(0x7f00000000c0)='./file0\x00', 0x40c2, 0x0) open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x200000000, 0x2, &(0x7f00000001c0)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r1 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) r2 = socket(0x200000000000011, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000080)={'sit0\x00', 0x0}) bind$packet(r2, &(0x7f0000000200)={0x11, 0x0, r3, 0x1, 0x0, 0x6, @local}, 0x14) sendmmsg(r2, &(0x7f0000000d00), 0x400004e, 0x0) pipe(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000040)='/dev/cuse\x00', 0x2, 0x0) splice(r5, 0x0, r4, 0x0, 0x20000038, 0x0) r6 = openat$cgroup_procs(r4, &(0x7f0000000000)='cgroup.procs\x00', 0x2, 0x0) ioctl$FICLONE(r2, 0x40049409, r6) write$binfmt_elf64(r1, &(0x7f0000000ec0)=ANY=[], 0x471) sendfile(r1, r1, &(0x7f0000000480), 0xa198) [ 2784.996228] Bluetooth: Unknown HCI packet type 5e [ 2784.996236] Bluetooth: Unknown HCI packet type 43 18:44:52 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) open(&(0x7f00000000c0)='./file0\x00', 0x40c2, 0x0) open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x200000000, 0x2, &(0x7f00000001c0)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r1 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x148) openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) sendfile(r1, r1, &(0x7f0000000480), 0xa198) [ 2784.996240] Bluetooth: Unknown HCI packet type 5e 18:44:52 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) open(&(0x7f00000000c0)='./file0\x00', 0x40c2, 0x0) open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x200000000, 0x2, &(0x7f00000001c0)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r1 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x148) write$binfmt_elf64(r1, &(0x7f0000000ec0)=ANY=[], 0x471) sendfile(r1, r1, &(0x7f0000000480), 0xa198) [ 2784.996244] Bluetooth: Unknown HCI packet type 50 [ 2784.996248] Bluetooth: Unknown HCI packet type 5e [ 2784.996252] Bluetooth: Unknown HCI packet type 40 [ 2785.021063] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 2785.039384] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 2785.071488] Bluetooth: hci4: Frame reassembly failed (-84) [ 2785.111757] audit: type=1804 audit(1590777891.846:1221): pid=31619 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="open_writers" comm="syz-executor.0" name="/root/syzkaller-testdir477172077/syzkaller.GVGvUQ/752/file0" dev="sda1" ino=15906 res=1 [ 2785.112701] audit: type=1800 audit(1590777891.866:1222): pid=31621 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="collect_data" cause="failed(directio)" comm="syz-executor.2" name="file0" dev="sda1" ino=16089 res=0 [ 2785.113287] audit: type=1804 audit(1590777891.876:1223): pid=31621 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="open_writers" comm="syz-executor.2" name="/root/syzkaller-testdir665895836/syzkaller.AwSzlS/582/file0" dev="sda1" ino=16089 res=1 [ 2785.169644] Bluetooth: Unknown HCI packet type 5e [ 2785.169652] Bluetooth: Unknown HCI packet type 43 [ 2785.169656] Bluetooth: Unknown HCI packet type 5e [ 2785.169661] Bluetooth: Unknown HCI packet type 50 [ 2785.169666] Bluetooth: Unknown HCI packet type 5e [ 2785.169670] Bluetooth: Unknown HCI packet type 40 [ 2785.176730] Bluetooth: Unknown HCI packet type 00 [ 2785.234252] audit: type=1804 audit(1590777892.086:1224): pid=31619 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="open_writers" comm="syz-executor.0" name="/root/syzkaller-testdir477172077/syzkaller.GVGvUQ/752/file0" dev="loop0" ino=1 res=1 [ 2785.250780] audit: type=1804 audit(1590777892.106:1225): pid=31647 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="ToMToU" comm="syz-executor.0" name="/root/syzkaller-testdir477172077/syzkaller.GVGvUQ/752/file0" dev="loop0" ino=1 res=1 [ 2785.271262] minix_free_inode: bit 1 already cleared [ 2785.360840] minix_free_inode: bit 1 already cleared [ 2785.376915] audit: type=1800 audit(1590777892.226:1226): pid=31657 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="collect_data" cause="failed(directio)" comm="syz-executor.2" name="file0" dev="sda1" ino=15852 res=0 [ 2785.378496] audit: type=1804 audit(1590777892.226:1227): pid=31657 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="open_writers" comm="syz-executor.2" name="/root/syzkaller-testdir665895836/syzkaller.AwSzlS/583/file0" dev="sda1" ino=15852 res=1 [ 2785.386236] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 2785.425728] audit: type=1800 audit(1590777892.276:1228): pid=31661 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="collect_data" cause="failed(directio)" comm="syz-executor.0" name="file0" dev="sda1" ino=16089 res=0 [ 2785.436444] audit: type=1804 audit(1590777892.286:1229): pid=31661 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="open_writers" comm="syz-executor.0" name="/root/syzkaller-testdir477172077/syzkaller.GVGvUQ/753/file0" dev="sda1" ino=16089 res=1 [ 2785.500922] minix_free_inode: bit 1 already cleared [ 2785.509669] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 2785.678145] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 2785.779884] minix_free_inode: bit 1 already cleared [ 2786.011890] minix_free_inode: bit 1 already cleared [ 2787.039398] Bluetooth: hci3 command 0x1003 tx timeout [ 2787.044808] Bluetooth: hci3 sending frame failed (-49) [ 2787.119348] Bluetooth: hci4 command 0x1003 tx timeout [ 2787.124677] Bluetooth: hci4 sending frame failed (-49) [ 2787.209499] Bluetooth: hci5 command 0x1003 tx timeout [ 2787.214836] Bluetooth: hci5 sending frame failed (-49) [ 2789.119414] Bluetooth: hci3 command 0x1001 tx timeout [ 2789.124893] Bluetooth: hci3 sending frame failed (-49) [ 2789.199316] Bluetooth: hci4 command 0x1001 tx timeout [ 2789.204641] Bluetooth: hci4 sending frame failed (-49) [ 2789.279335] Bluetooth: hci5 command 0x1001 tx timeout [ 2789.284687] Bluetooth: hci5 sending frame failed (-49) [ 2791.199201] Bluetooth: hci3 command 0x1009 tx timeout [ 2791.279166] Bluetooth: hci4 command 0x1009 tx timeout [ 2791.359219] Bluetooth: hci5 command 0x1009 tx timeout 18:45:02 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) ioctl$KDADDIO(r0, 0x400455c8, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x2) r1 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer\x00', 0x220000, 0x0) sendmsg$IPCTNL_MSG_CT_GET_STATS(r1, &(0x7f0000000140)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x14, 0x5, 0x1, 0x5, 0x0, 0x0, {0xc, 0x0, 0x1}, ["", "", "", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x4000010}, 0x8001) 18:45:02 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) open(&(0x7f00000000c0)='./file0\x00', 0x40c2, 0x0) open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x200000000, 0x2, &(0x7f00000001c0)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x40000, 0x0) r1 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) write$binfmt_elf64(r1, &(0x7f0000000ec0)=ANY=[], 0x471) sendfile(r1, r1, &(0x7f0000000480), 0xa198) syz_mount_image$msdos(&(0x7f0000000000)='msdos\x00', &(0x7f0000000100)='./file0/../file0\x00', 0xfd, 0x2, &(0x7f0000000200)=[{&(0x7f0000000980)="adfa06cf84641a75b50c1a63673c9ef2dab3b2a09e79b9fb01560c924e0d3d358e9c77bd54110bf0a26f26b35168a700b8475e46c8c97ba7e9f8edd0e3c1bc23b390838a09a0afa2a88c78a99adb0d6df037c79cf94fdcaaee0a8cac7f89759283e062ffd5a5fbbe047d5fa6775d6dbf26d243a2cb96516661e79db3e28382e113c245b3bebb293b98b1a81a328ee3756b4e5413cf47af70439aaea19d7a78222de4cce0d188bc70601668064ba6430f2f5d80b571d6b83c66dd36d0015e947ca7ff03468593974ffc9e9973d8e2709330220f159e947c18eef368d86ac8b6fb0ea32ff47d4053e499dcb117bed5cc3249020d4913bce06ffe2fa1faf3269b73c58a3912162577d51c4971524a0ca0f592382e46ae66799edd33d6a337864baf6ac0cf4045b0e75aa571372e7a0bf96d97d5fdb078e1856ec8150001650766d64cedc78b0e0497ef7c8d6c6b4a4d6d04f62edc3c183206520238483268537313d5b9618bac640a8b15ff56e180515cacded0caffe37d177da587d65552499dd40006ade024995698278c7d79af360abaa2f5b787d9ca5cb46cd2c1fa1066c0d69ea4590e12a3366758e9a8abc309a3420d6537d5492ff75a49f168ab20b4a7cff2e8ddcc3b4c8a19f2218ea5cdfd4aae2c70e8f763de9e9e7f94554561a11f6c9772eb7c8f39197c215d93a018865f25fd6533ea18c83d681bacc89d123b0b4836a1cb84fa88655a15c4358eea7805cebabd5df2e642180b63394b50e0f4f179aac41c2cd2d00e2091ed8fd9fe64071410d915a6549343c0181d934cb947fa6d83e8c0c384f56d027a3f22a026c323ffd912edc97a0eb92252cfef89f3b5411bfefdfe60a032a7bc5f1d9bb06f07464dc7875aff04665f0be12192a4eebd86eb49558e1e11ee6eb9eccb3b27bdf94a561c5f4c76a99f404091145d603a6b5abd4a2580c027896c0540e47c5cd61dd4b00e6641535eee4d2471e5962834389c27236f640c7b44edfcd7a898df088e73cea2358ba8638cb3eb0190d4702950df5e717224a7b38d1a374f27af87d344168abbeb86bbc43fa95c16cffe301b90a88d0aca460573d5399e7f83b21443564b3ba5b7563c5bb2c5cb374c9436ec7ff4adcebd04e3867d9115a9fdac24335188229bbad9bac04fe8fd13f9c6f9a2b46016b83fce92e7a778dc9dc9355222857a446f9131d37f65656c311b3915c6c236e889122403eff1e4d66bc321399593aad4532c44acc71ad185ef35c1d236bbb6b00e96c79fafecc0057d194f0cafe82b1dc046050700975d36cfeccca02e23d09643e3ea5a7a418ebdcefd80a7aea86f51ec266298f32edc6f3d8917e4b04a30a96a6ff2eeb768796324c7c6177991e47af8ed6f478a92c29284aefdea29a56273d44f16af42ba25db777f0983a6340a825328f9fd710f4186091122bfee941bb52f15fa985efaa60246bf7bc23abed3b5f2419f8f346a2f8290e72ed3c8eb253d2482849289e5cbb8ecc5f26134372e211eb7b468c2251b10a9ff420ec552bd1f94873769f4dacb095aa79ade8002da5e7bec2ae75b241093896666478e2ecdb0e53a152c5be5bf7a3066aa248ecb91f1a6e7050a4508fd480fb714022e870c55987058177dd63a62737f0fbf373ecfc789243d1c32f2acd92210660954aa55af0580098afd6d99d775f18cf3645222a9a830ad65693463e08cbd87745defc36d4eeb8703cb9aea3b8dd83a86ebf697f730c46ef65416745b84b76cb4d5ff7c2ecf860b8035f84cae5ebfd5bbe473fc7fd220c5c04e82fab6f0d4df44ee01f154a8d4e92187de14826b866ef8dcc2442a1b70685887ac1f17e8dde7b0fad6e6f625564e1bd42266072b29c737613bb9c873af2ae71e3cd0cd49c0361bb114959f94425e67f6dc5c6b3759861653dcdd790b1b42fba89e36e2d959d8b56f288fe429c2f29ebc94c38f173c7aaa9dd96973673c7670df21b0f7c6c49d97a482795faeabca8b88d61da745bbdc4753b6a9a80f722a196665d34e5c3a79b1739855880758b724c4abcf49a25763888ecfeec440375489ef62d9cbf3af0753b69b3aacbbcc349d574d0acfa4aef71c0707c3169a92984e1d9d20da714eab7141a2a6a68ef8631ee3151cf174d3c31b9d001d3c74d48e0b17932f1b9b2a6004dfb50a4063bd7b3f01dd40c8b3707c8eec5e52dd7b0a6cdc4f634e510c826b1e420d6baf990e5e1fc0010f44dfaff56141df50dee3949ed8ad96b5ebb52914f1dcc4af8d188a5f6ca14418484c5344dd4fbc96e9c78d40cf773863667c591875aa6e910c8e05b3a1f64ea17da1541b137442de8126c8512708eb175477460f4296c3178ef5ebceff56abd99dbdb826d2ced2a4971663138db0a4e7c7a687c9a19a11d63e2f47db1ef3326f2df5f619f9b34df7d074313f1249d43e59af099ff1b75c7fd3ff5664b06eaedc0a329dd3961f478ce093c0d779a554961987b8b125a4145d5c86f2aa152558ff935a800de3b011692fcacb1596108fee3e02dadc18c6f2b023bd7e5f8b79b06aa40d281ec456025eb2711022e47465becd863ae4d97dafcba1c9020e38763a9edb2a46085614da049c730805b236355c94fb4b64ca60bd0e2064ef14d3d1fa4513aa8ae4f865d94382aedd4baeef9cfa081d2c9732de41103ebdb0afc7ae8bbaceeceb52f537ef99ad7df65d3a4e1665895b890516ea5a3803d874e426496ff2427d3f7d717e4f8c8b3d20d3ec3c2678225ef3d4d8e6647138da75cb0a690d101f202d9e1c7d778ae159724283bd2a144887cdac88224332209367cffba70d6456952ab43dca21cfe70f76c743d11fa5a3cfcf34781898a73a8b5e4c6050c2fcdbd4630004dc4ebc6dceb10c107af8a65ccdd332807b0599708881f0d942e0d9919665636be7b5b7f15b11084eed537b5e54157bd45f91ae1a7fa5ae7a327e35627c7d57ece141c6663461512cd697140f29d6b84af9ba819395d726e8c85226d067bf6701cb7efa82f5f3fb2c670015e03e0a8fc3ae6f19a63f291d4c8b3065ae789aba8390301f8c492a8cff2afcddc75057099503a39e32bbdb151e3c5e5a453850ea46f63a381b97764d91bdff5aa76b91315a352edda4169d8d7531556fc476a2d024947c4d38c61b454242cd738d7939a2488b0f8418e60d1439d25ea7b59da2e121ca00c558e9e48ed8e7bf61db9ca56d4a01e2afc5d3de761deeabbd625cf6a1034abd30be9e9febfd04388aa2629e049a15b28decb4aad0ff43ea259c53e6cce6ce73d60ea2c7943aad8139899a36561ac86789b647bfc277fdca5eaefc28ab9a1cec7142db571f53cfc897bc1b2da3fc003e9d4c58de767684d52a6e9036b9685b62ea4b5faa6e3777b69128ab44d72df37ba1b801547e74dcd1a423095ccfe6c60c228ab7620e91b24afdebe95d7337325cd1e88e5763033ac9d7080e59ae1e6f0840123bc08e4c5398f256909c1a4b04045b9d0bac4a1e8c02120432508a963379b08c82614b7c112b5d8cf00dd5ae65a5bb0be976e2f3cefc9b5f78cb2fd93824bd010e4448624f38e7033fa2b9cb7c03049dcdcd0bd847da01df1b1916eb9a8d6eede5a6cbb24466ce1b5630ce8767bbf50b3369a9550a1457aacf00ba8212a094e65ff62e8d295732ad6aff6fef290194697571c33c4712d7ceb34f73213b984e992c0e029396a36d2d7d31a0c433c327fda027b76f16cba36c1f1c32804bbdab6cfe64eff16e2b32f842c2b7356df5d272cd4f83b0185047288d0eafbee2aa6cfcca09a26cc85830f83984312f777427a13065dc4010e7ad796941495578f8c20549e083399a4ed901dec6a4a7d8f09bd5ea62a8569e7a695915f79de5c9ff87509106d8b11ea2e3500fc21438064d20efb59faed7ac76d9d626aa9065df8432053576750defabc4ebb78260327dd75779dc246384c0a97d205329e9af06b51f9c141a5fc8d7a1826d704c734c197831848a721bfc08b32b44bd26546304b5f3bc2678abeb227da1d0e47149469296b87bf3732f00ebd10dd04f4b2139f0ee5a7d4e034aaafba9ee7374209a7403ea5d2277a22cf03f5306ca231f34ea816382c59c8c25bca8a06d060a24b74733d8aa5f16ce6432db94c785df0fa886a94404743a6189313151d9e25ee32977266c61b3bb8c80a03726072c20e41f4d1be9b603f84fb9ab09a7a4c9a60d3d4a9416451be3bf57080fc5bd6a37982e0009c33cfa80589a200c30a2149eed2491606bb888a40f7bb583c3c5ecaddea9da4528d7d751c3316022aa62c2339ae2c3c2b16dc15c987aafd7c7b4d24565a0d03abde9923a6b70b71cb2000dbd6d74eeb361532a495e39ebcbe9a6b5bdfae3a7c6ca04b3e5d5ee2d27653f1b5192d5ba09c0c0dd32096b79e8bddc1a9c134b816b5098c6c03cd57f38d3d44c7308169d3cf48c274b59db9185fd88098d8b0c340271d742c8425570560d6f5cfaf1a79ba5776fb52f45e12fd0ff4b3c07c5a7c9e7c7bf0956445c8e890d4131854efed2873dad79e6fd9dd14409208d32d105641074058ec2be201743a554845dc0a9521142e6572bb0bfcf76ac14c3e5d88e88083f824380d3b0c53341be002ceece9cf5dc35094a0409b271545830234dac073ccd688291477c430eb4bbff70de0d214f6dca083d2e044248cf23cb037def5bbc85b6b6a1e0d115feb1c89398e90d78c1d693d3f4e3c10f31860c16045b533eee3bb1e4302110578dae3ab578d233eaf4e6b9ba5393ad9ba3003b65c6e2f8b43e3bc5f653a8175b25aca9949cfd46c858c2c974eb23c09629b5f327765db81c525b91a042aa22b333076af85600d726ad34f562b4e43e5d2382512c824f55ab519933952dda3104ac72d02fae510c3a60a042b37c8644475f97dd917da687eec1e1bafc7d30a8987a327c94adcc46084f6d967c31efae5f6b496f77a491ab2bb6930882e3506c6770e3b31fe89c20c161b39f9812e4058b5afbc69d0fd57577e1f9506f6bd4353a034b36b7144cc5d2749d81240f12e8b36a15e0dce4902c290a0670c357f6d90deaec98cad941c8847101a09a76f8e9e0dabc1b002bc7e9163bfdd0132c8e03ce3fd49baa0329ecb4aaa6c356f4abd7931a539be89421ac7812ccbe0b7e85f4cf4505c36f00a9a5ba65acfc228ecd57ee23d97eeff93ccd8186425403e05bdadc4929c3b195ea4b6c7da685daff7b96ed9ddabd28f33aa79ef0b1e8db37a31165c3629da2bf57095f6b1176669f995419c1898c6d43f9d3778af86702ef52057d1b34e3519a9343c4e34d09055659c22d95023c0a1fba01497a27af5fbe875f056ddaa569694b2d50a3254937c8c57f3c67bb20bbe58f66088920bdf6dc6e728e999c2c4beb0da8fcb48f73366d09a5794424d8698919b1d547792c44e230292b58bf9a3e9d8de23e6bf05d9b7316c64fbafeb07ea367cad1c4f445216d26be1c2298bc48effa64dff371071a17354175239804bef8b03129811229559e70efe647d6520cc6a242fbe5ddd4fb3982c73d9f69d1c7edef05613f1c629e0360e2569fec6c17d907b58e571a1649e6a26a0c63563fc80ce9293aa72f8ab6fc0fd3249cd79035fa26249c84aa6b3c6fe53eb566fec86484b80c489a3107c90eb6f57ac66b1d296a89c22c39546d5226afe82f320f5c59ae53af962075ed4cb0780cf63500fb920af7e0ae7d70896344fce58387be0728b9bff77ee9d6bb7712fac92baf38eace0cf1cac7a8ccd33a7d21b6d225772eaaf173fc69de6f8bf06715a21facc0b88635d0220142def55d", 0x1000, 0x9}, {&(0x7f0000000180)="3ed048b999d2737341ebdf7e36336d1d981bc4292b84638c570573b21918e835cc1e647245d943e173ee4d7044c05a4f190bbe82a5c6", 0x36, 0x1}], 0x1, &(0x7f0000000240)={[{@nodots='nodots'}, {@fat=@dos1xfloppy='dos1xfloppy'}, {@dots='dots'}, {@nodots='nodots'}, {@fat=@errors_remount='errors=remount-ro'}, {@dots='dots'}, {@fat=@nfs_nostale_ro='nfs=nostale_ro'}, {@fat=@debug='debug'}, {@fat=@discard='discard'}, {@nodots='nodots'}], [{@subj_user={'subj_user', 0x3d, 'minix\x00'}}, {@smackfsroot={'smackfsroot', 0x3d, 'minix\x00'}}, {@permit_directio='permit_directio'}, {@dont_hash='dont_hash'}]}) 18:45:02 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) open(&(0x7f00000000c0)='./file0\x00', 0x40c2, 0x0) open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x200000000, 0x2, &(0x7f00000001c0)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r1 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x148) openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) sendfile(r1, r1, &(0x7f0000000480), 0xa198) 18:45:02 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) open(&(0x7f00000000c0)='./file0\x00', 0x40c2, 0x0) pipe(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000040)='/dev/cuse\x00', 0x2, 0x0) splice(r2, 0x0, r1, 0x0, 0x20000038, 0x0) ioctl$EVIOCSABS3F(r1, 0x401845ff, &(0x7f0000000000)={0x8, 0x3, 0x1, 0x2, 0x7, 0xff}) open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x200000000, 0x2, &(0x7f00000001c0)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r3 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) write$binfmt_elf64(r3, &(0x7f0000000ec0)=ANY=[], 0x471) sendfile(r3, r3, &(0x7f0000000480), 0xa198) 18:45:02 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x4) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000040)) [ 2795.202450] kauditd_printk_skb: 6 callbacks suppressed [ 2795.202460] audit: type=1800 audit(1590777902.057:1236): pid=31710 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="collect_data" cause="failed(directio)" comm="syz-executor.2" name="file0" dev="sda1" ino=16085 res=0 [ 2795.246271] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 2795.248101] audit: type=1800 audit(1590777902.057:1238): pid=31711 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="collect_data" cause="failed(directio)" comm="syz-executor.0" name="file0" dev="sda1" ino=16102 res=0 [ 2795.286805] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 2795.298497] Bluetooth: Unknown HCI packet type 5e [ 2795.299280] Bluetooth: Unknown HCI packet type 00 [ 2795.309497] Bluetooth: Unknown HCI packet type 43 [ 2795.339502] Bluetooth: Unknown HCI packet type 5e [ 2795.368309] Bluetooth: Unknown HCI packet type 50 [ 2795.393098] Bluetooth: Unknown HCI packet type 5e [ 2795.413907] audit: type=1804 audit(1590777902.057:1237): pid=31710 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="open_writers" comm="syz-executor.2" name="/root/syzkaller-testdir665895836/syzkaller.AwSzlS/585/file0" dev="sda1" ino=16085 res=1 [ 2795.440197] minix_free_inode: bit 1 already cleared [ 2795.450015] Bluetooth: Unknown HCI packet type 40 [ 2795.473981] audit: type=1804 audit(1590777902.057:1239): pid=31711 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="open_writers" comm="syz-executor.0" name="/root/syzkaller-testdir477172077/syzkaller.GVGvUQ/754/file0" dev="sda1" ino=16102 res=1 [ 2795.510405] audit: type=1800 audit(1590777902.097:1240): pid=31715 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="collect_data" cause="failed(directio)" comm="syz-executor.5" name="file0" dev="sda1" ino=16121 res=0 [ 2795.538315] audit: type=1804 audit(1590777902.097:1241): pid=31715 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="open_writers" comm="syz-executor.5" name="/root/syzkaller-testdir278777931/syzkaller.g4ahYV/614/file0" dev="sda1" ino=16121 res=1 [ 2795.564954] audit: type=1804 audit(1590777902.137:1242): pid=31715 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="ToMToU" comm="syz-executor.5" name="/root/syzkaller-testdir278777931/syzkaller.g4ahYV/614/file0" dev="sda1" ino=16121 res=1 [ 2795.590928] minix_free_inode: bit 1 already cleared [ 2795.597133] audit: type=1804 audit(1590777902.167:1243): pid=31723 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="ToMToU" comm="syz-executor.2" name="/root/syzkaller-testdir665895836/syzkaller.AwSzlS/585/file0" dev="sda1" ino=16085 res=1 [ 2795.630784] audit: type=1804 audit(1590777902.367:1244): pid=31711 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="ToMToU" comm="syz-executor.0" name="/root/syzkaller-testdir477172077/syzkaller.GVGvUQ/754/file0" dev="loop0" ino=1 res=1 18:45:02 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x20000, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x4) r1 = socket(0x200000000000011, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'sit0\x00', 0x0}) r3 = socket(0x200000000000011, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000080)={'sit0\x00'}) bind$packet(r3, &(0x7f0000000200)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @local}, 0x14) sendmmsg(r1, &(0x7f0000000d00), 0x400004e, 0x0) sendmsg$IPCTNL_MSG_EXP_DELETE(r1, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x64, 0x2, 0x2, 0x401, 0x0, 0x0, {0x4, 0x0, 0x4}, [@CTA_EXPECT_TIMEOUT={0x8, 0x4, 0x1, 0x0, 0xdb4}, @CTA_EXPECT_ID={0x8, 0x5, 0x1, 0x0, 0x406}, @CTA_EXPECT_CLASS={0x8, 0x9, 0x1, 0x0, 0xffffffff}, @CTA_EXPECT_TUPLE={0x10, 0x2, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x3a}}]}, @CTA_EXPECT_TUPLE={0x20, 0x2, 0x0, 0x1, [@CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x3}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x3}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x84}}]}, @CTA_EXPECT_TIMEOUT={0x8, 0x4, 0x1, 0x0, 0x4c1}]}, 0x64}, 0x1, 0x0, 0x0, 0x20004014}, 0x5) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff}) r5 = socket$inet_udplite(0x2, 0x2, 0x88) r6 = fcntl$dupfd(r4, 0x0, r5) ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200) r7 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100)='/dev/net/tun\x00', 0x0, 0x0) r8 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r8, 0x400454ca, &(0x7f0000000000)={'\x00', 0x43732e5398416f1a}) ioctl$TUNSETQUEUE(r8, 0x400454d9, &(0x7f00000000c0)={'\x00', 0x400}) dup2(r7, r8) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000040)) 18:45:02 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) open(&(0x7f00000000c0)='./file0\x00', 0x40c2, 0x0) open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x200000000, 0x2, &(0x7f00000001c0)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000ec0)=ANY=[], 0x471) openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000480), 0xa198) 18:45:02 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) mount$fuseblk(&(0x7f0000000080)='/dev/loop0\x00', 0x0, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000000b000/0x18000)=nil, &(0x7f00000008c0)=[@text32={0x20, &(0x7f00000000c0)="b805000000b9510000000f01c10f46a78900000066ba2100b067ee66ba4100edb9800000c00f3266ba400066ed0f30c4c271de9d0000000066b808008ed0660f38806f000f011c2666b8bf008ee0", 0x4e}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)) r3 = inotify_init() r4 = inotify_init() r5 = dup3(r3, r4, 0x0) ioctl$sock_inet_udp_SIOCINQ(r5, 0x541b, 0x0) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4cb]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 18:45:02 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = open(&(0x7f00000000c0)='./file0\x00', 0x40c2, 0x0) getsockopt$bt_BT_CHANNEL_POLICY(r1, 0x112, 0xa, &(0x7f0000000000)=0x5, &(0x7f0000000100)=0x4) open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x200000000, 0x2, &(0x7f00000001c0)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000180)='/dev/full\x00', 0x200, 0x0) setsockopt$inet_sctp_SCTP_DISABLE_FRAGMENTS(r2, 0x84, 0x8, &(0x7f0000000200)=0x5, 0x4) r3 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) write$binfmt_elf64(r3, &(0x7f0000000ec0)=ANY=[], 0x471) sendfile(r3, r3, &(0x7f0000000480), 0xa198) [ 2795.806792] audit: type=1800 audit(1590777902.657:1245): pid=31744 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="collect_data" cause="failed(directio)" comm="syz-executor.2" name="file0" dev="sda1" ino=16096 res=0 [ 2795.814085] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 2795.853750] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 2795.883434] Bluetooth: Unknown HCI packet type 5e [ 2795.893855] Bluetooth: Unknown HCI packet type 43 [ 2795.954732] Bluetooth: Unknown HCI packet type 5e [ 2795.976663] Bluetooth: Unknown HCI packet type 50 18:45:02 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) mount$fuseblk(&(0x7f0000000080)='/dev/loop0\x00', 0x0, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000000b000/0x18000)=nil, &(0x7f00000008c0)=[@text32={0x20, &(0x7f00000000c0)="b805000000b9510000000f01c10f46a78900000066ba2100b067ee66ba4100edb9800000c00f3266ba400066ed0f30c4c271de9d0000000066b808008ed0660f38806f000f011c2666b8bf008ee0", 0x4e}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)) r3 = inotify_init() r4 = inotify_init() dup3(r3, r4, 0x0) ioctl$sock_inet_udp_SIOCINQ(0xffffffffffffffff, 0x541b, &(0x7f0000000040)) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4cb]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 18:45:02 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) open(&(0x7f00000000c0)='./file0\x00', 0x40c2, 0x0) open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x200000000, 0x2, &(0x7f00000001c0)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000ec0)=ANY=[], 0x471) openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000480), 0xa198) 18:45:02 executing program 0: r0 = socket(0x200000000000011, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'sit0\x00', 0x0}) bind$packet(r0, &(0x7f0000000200)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @local}, 0x14) sendmmsg(r0, &(0x7f0000000d00), 0x400004e, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000000)={'batadv0\x00'}) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) open(&(0x7f00000000c0)='./file0\x00', 0x40c2, 0x0) open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x200000000, 0x2, &(0x7f00000001c0)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r3 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) write$binfmt_elf64(r3, &(0x7f0000000ec0)=ANY=[], 0x471) sendfile(r3, r3, &(0x7f0000000480), 0xa198) [ 2796.011370] Bluetooth: Unknown HCI packet type 5e [ 2796.019102] Bluetooth: Unknown HCI packet type 00 [ 2796.038035] Bluetooth: Unknown HCI packet type 40 [ 2796.090292] minix_free_inode: bit 1 already cleared [ 2796.100929] minix_free_inode: bit 1 already cleared [ 2796.208805] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 2796.285903] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 2796.309434] minix_free_inode: bit 1 already cleared [ 2796.579694] minix_free_inode: bit 1 already cleared [ 2797.358638] Bluetooth: hci4 command 0x1003 tx timeout [ 2797.358642] Bluetooth: hci3 command 0x1003 tx timeout [ 2797.358718] Bluetooth: hci3 sending frame failed (-49) [ 2797.373192] Bluetooth: hci4 sending frame failed (-49) [ 2797.918597] Bluetooth: hci5 command 0x1003 tx timeout [ 2797.924125] Bluetooth: hci5 sending frame failed (-49) [ 2799.438516] Bluetooth: hci3 command 0x1001 tx timeout [ 2799.438520] Bluetooth: hci4 command 0x1001 tx timeout [ 2799.438619] Bluetooth: hci4 sending frame failed (-49) [ 2799.443807] Bluetooth: hci3 sending frame failed (-49) [ 2799.998544] Bluetooth: hci5 command 0x1001 tx timeout [ 2800.004019] Bluetooth: hci5 sending frame failed (-49) [ 2801.518359] Bluetooth: hci4 command 0x1009 tx timeout [ 2801.518419] Bluetooth: hci3 command 0x1009 tx timeout [ 2802.078421] Bluetooth: hci5 command 0x1009 tx timeout 18:45:12 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) pipe(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000040)='/dev/cuse\x00', 0x2, 0x0) splice(r2, 0x0, r1, 0x0, 0x20000038, 0x0) ioctl$VIDIOC_G_DV_TIMINGS(r1, 0xc0845658, &(0x7f0000000080)={0x0, @bt={0x725a483b, 0x2ca, 0x0, 0x1, 0x2, 0xd91, 0x2, 0x1, 0x9, 0x1f, 0x8001, 0x4, 0x7, 0x5, 0x8, 0x18, {0xcfb}, 0x40, 0x4}}) ioctl$KDADDIO(r0, 0x400455c8, 0x0) 18:45:12 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) mount$fuseblk(&(0x7f0000000080)='/dev/loop0\x00', 0x0, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000000b000/0x18000)=nil, &(0x7f00000008c0)=[@text32={0x20, &(0x7f00000000c0)="b805000000b9510000000f01c10f46a78900000066ba2100b067ee66ba4100edb9800000c00f3266ba400066ed0f30c4c271de9d0000000066b808008ed0660f38806f000f011c2666b8bf008ee0", 0x4e}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)) r3 = inotify_init() r4 = inotify_init() dup3(r3, r4, 0x0) ioctl$sock_inet_udp_SIOCINQ(0xffffffffffffffff, 0x541b, &(0x7f0000000040)) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4cb]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 18:45:12 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) open(&(0x7f00000000c0)='./file0\x00', 0x40c2, 0x0) open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x200000000, 0x2, &(0x7f00000001c0)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000ec0)=ANY=[], 0x471) openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000480), 0xa198) 18:45:12 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x200000000, 0x2, &(0x7f00000001c0)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r1 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) r2 = socket(0x200000000000011, 0x3, 0x80) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000080)={'sit0\x00', 0x0}) bind$packet(r2, &(0x7f0000000200)={0x11, 0x0, r3, 0x1, 0x0, 0x6, @local}, 0x14) sendmmsg(r2, &(0x7f0000000d00), 0x400004e, 0x0) r4 = dup3(r2, 0xffffffffffffffff, 0x80000) r5 = openat$nvme_fabrics(0xffffffffffffff9c, &(0x7f0000000040)='/dev/nvme-fabrics\x00', 0x0, 0x0) flistxattr(0xffffffffffffffff, &(0x7f0000000340)=""/48, 0x30) write$RDMA_USER_CM_CMD_LISTEN(r5, &(0x7f00000000c0)={0x7, 0x8}, 0x10) syz_open_dev$amidi(&(0x7f0000000300)='/dev/amidi#\x00', 0x7ff, 0x151c82) r6 = syz_genetlink_get_family_id$net_dm(&(0x7f0000000240)='NET_DM\x00') sendmsg$NET_DM_CMD_STOP(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x14, r6, 0x400, 0x70bd2a, 0x25dfdbfb, {}, ["", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x81}, 0x10) sendmsg$NET_DM_CMD_START(r4, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)={0x14, r6, 0x300, 0x70bd27, 0x25dfdbfb, {}, ["", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x80}, 0x800) write$binfmt_elf64(r1, &(0x7f0000000ec0)=ANY=[], 0x471) sendfile(r1, r1, &(0x7f0000000480), 0xa198) 18:45:12 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x4) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000040)) [ 2805.426560] kauditd_printk_skb: 9 callbacks suppressed [ 2805.426570] audit: type=1800 audit(1590777912.278:1255): pid=31812 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="collect_data" cause="failed(directio)" comm="syz-executor.0" name="file0" dev="sda1" ino=15970 res=0 [ 2805.466427] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 2805.482159] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 2805.549613] Bluetooth: Unknown HCI packet type 00 [ 2805.562675] Bluetooth: Unknown HCI packet type 5e [ 2805.567755] Bluetooth: Unknown HCI packet type 43 [ 2805.569146] audit: type=1800 audit(1590777912.298:1256): pid=31814 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="collect_data" cause="failed(directio)" comm="syz-executor.2" name="file0" dev="sda1" ino=15987 res=0 [ 2805.608287] Bluetooth: Unknown HCI packet type 5e [ 2805.633592] Bluetooth: Unknown HCI packet type 50 [ 2805.652146] minix_free_inode: bit 1 already cleared [ 2805.655350] Bluetooth: Unknown HCI packet type 5e [ 2805.677663] Bluetooth: Unknown HCI packet type 40 [ 2805.694839] audit: type=1804 audit(1590777912.318:1257): pid=31814 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="open_writers" comm="syz-executor.2" name="/root/syzkaller-testdir665895836/syzkaller.AwSzlS/588/file0" dev="sda1" ino=15987 res=1 [ 2805.749412] audit: type=1804 audit(1590777912.318:1258): pid=31812 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="open_writers" comm="syz-executor.0" name="/root/syzkaller-testdir477172077/syzkaller.GVGvUQ/757/file0" dev="sda1" ino=15970 res=1 [ 2805.879211] minix_free_inode: bit 1 already cleared 18:45:12 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) open(&(0x7f00000000c0)='./file0\x00', 0x40c2, 0x0) open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) r1 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x148) write$binfmt_elf64(r1, &(0x7f0000000ec0)=ANY=[], 0x471) openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) sendfile(r1, r1, &(0x7f0000000480), 0xa198) 18:45:12 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x40480, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) ioctl$KDADDIO(r0, 0x400455c8, 0x0) 18:45:12 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(0xffffffffffffffff, 0x4008240b, &(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x7fff, 0x0, 0x0, 0x0, 0x10001}) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000340)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200), 0x400086) write$cgroup_int(r2, &(0x7f0000000280)=0x8, 0x12) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='memory.events\x00', 0x2da8020000100008, 0x500001c) r3 = perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x203, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x20000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_REFRESH(r3, 0x2402, 0xe43) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) close(r2) ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x40305839, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x4) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000040)) 18:45:12 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x4) r1 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x300, 0x0) ioctl$TIOCEXCL(r1, 0x540c) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000040)=0x3) r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r2, 0x400455c8, 0x1) ioctl$TIOCSETD(r2, 0x5412, &(0x7f0000000040)) ioctl$PIO_SCRNMAP(r2, 0x4b41, &(0x7f0000000080)="40f473bcf92140406192e7a9853d91b95c2a486d09fcc140805860d14ccf92fce699ca48d797d5fd7c4214f3db84e120b80415cf7989d4f3be8f8e702842deb5053ad46524225007f909c468033fea4821517b4e25cf09e33fced2af1dc88b188e4992667d4989a7ae2f74e246dc52438d1c80f1f18345d7a43948619a6358ca39f7e23974a5537fc1c85d5543701917d0e5202b84d1c476cf7e25876cc6e55bcb7f00e7c447a4d4a61cbe3f86c2e09f8aeb6f8dff4429b50e14ef281662ccb2e032e73c8308e30562ebab6d") 18:45:12 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) open(&(0x7f00000000c0)='./file0\x00', 0x40c2, 0x0) syz_open_dev$sndmidi(&(0x7f0000000000)='/dev/snd/midiC#D#\x00', 0x1cb7, 0x78000) open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x200000000, 0x2, &(0x7f00000001c0)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r1 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) r2 = socket(0x200000000000011, 0x3, 0x0) syz_mount_image$f2fs(&(0x7f0000000180)='f2fs\x00', &(0x7f0000000240)='./file0\x00', 0x6, 0xa, &(0x7f0000001d40)=[{&(0x7f0000000280)="1b0fd3a4cae0cb6a88431243c8d4ce01e265d2a58c75c4d57b6691fac3cc4feab64deb4d589844eb47c876a2966030418b58bb92426fac12eebecabd08f264795b780a1cbd5ff6ec7e6f54b08e613fa4f79791dd5c70a75c531f0074bae04a32f51aa06c1bd076440e0f628bcaddec4f2367999af3fd68a3cd487cb67fd2536054352a3c16df186e7370921eb665c5eb17a0f76ae4c9bdf0d0ce431b0c0cdbc11acaaf40a864cbf16ec1377fc83bb1bc02502bd678b691dc06957dde21", 0xbd, 0x8001}, {&(0x7f0000000340), 0x0, 0x9}, {&(0x7f0000000380)="fc9d133753c25450603b33359bad3910bb3eed4d98ad15d5f71a96a1da3df0e0e27b151993eca3ac535e97fb63ae4dffdb2b9c01186635bf4ab9b31f69735aaa74d8982ddec5b896f66ec06c1cb554f17d059efe1e2452886a2beeedcc8ceff4abdd5546944250acbfc6ee0856d38c1b487f3b54ecff2b842f20e265dce97bae484faf9e8d689f8da4b99cae2b107ddca35f3b8000de7c86dbedf93c861bc8de75690646b813f26e15fa", 0xaa}, {&(0x7f00000004c0)="174ac0d73a20ba8c7a214d780751b3fae31b17438d58a02be76ef93bc743f47b92b2f612518cea93a6cccc55f49920e5ee89c4d69faae4b33a66c339814c31c34bfb045395741257492bdf951460b97b8b989f6c44cc4f2a978afd49504f756b886f5e96ac12ebd296e5d470ccde7521615f0c735a3dd429c7d86f6b31d736186a7cebf66eeba68399", 0x89}, {&(0x7f0000000980)="0ed45cd1d1cc586821a802e34136b2da7e1810909a0cbee4376ef707894953628ae7e614386fce32ce0c89c300216ef602539edc6a1f47a43b01dca661828495f8012b3a6f1fb8bd0e3ae433a821066abe7231327f580e42dfc16fd851aaa542a052a66af24ab0685fcd80df952d5f205431056c8bb201410bf8d4f51337caa3a37c697d90679f69df1835104318743e9421604bb7961766de4eec56a43320894987efadfc92effaeccccaaf796b17e3a36543ba7a5af7497625c44c291d136e639eed88717afa16735c4b93320cdbe0cecaa85bab67990afb906806b53a569f0f550091dca9c366b4188cd8ea50e37c2abcb402a2a01a359aa6eafa13e8d46dcd17cde7a13860a0a4f6b89d3f239b4f8152a8483f21408e19abb6ace0df4ae92d416c60f0d63ff37fe5a707c3c836a1fb38fcbc0c53056f0c0cfd69a67b37888aeff64b30c8b64308e94fdb828c1f86ad5f37ea8528d3d82782958fa781ba3349832ac829ee187b5f951561565749a460c4a52ed41e399e35ebbd748a7283a5b59682b12b52a10a97de84ef3d92721f8fa2a8eeacb04a0445c893e45993c713ccfcc0edef7132c692efcbc8fa036ea08928047689ea8b2c800795a824e3725e9cb757b1d0759d787bd4d9cbd54168d3469dbea715ec9b488f7badff8d1527f2245b23498693d69346c3d45c8147ed4db261e1eb2482768fbca9b1adbed9daa752c96698b5dc07dd6e1bf21bbd5ee4d9c0628be03eea634036b8567118cabb3abcc61ef873d6ab3dd869fb2b18684ea87fda53583387bb14644cc31d29242742145575d1e5d32c75da3de3348111f8227ff8da9ccecad62f1c835c8e0aa9f92e5a093109b7de91f4802a65d7c55a5b384c5914c5d4e7d250e9569c9faaaabad38b47d8de9ea25008aabeafbd96f96986f95373edd172f6dc0c7485e572c2276b20bbdd170e656e583f2afb3c055ffe8585fe2f4046feb4128701c71d739f460ff32f92f6c13a53ebfa00e62ad68404c68fa223e363d2b7a9704fc9ec02a0e50c50af1a4e0fb4557b60c58cf1170254bb1484a6dbdf9df9b4e132197890a2d037d4a20ede7d147d625c87582b18d6bc7e0c9684e1f2ad267d0333681c39d1cd4777adeafd5a3901d79c814c887df4aa89056421ca600de1a7ce416fb0656f085efe806b3001f6ed702cf024ae6e0ca051fec8581771ff09c61bc437f61c567ec53a4de07cd52f6b7b25d4209bb1a6f97a800252702af76daaa037d745b610438879b9ba059b14da5135915e6067e04bb50b8803e531a4125c14a7275639cd82f375ef9ea3b588b5ffc65b4f07719248d5cb57a66340e13d96dad4b9a3bdc0934709b0c6582e5e7a14a79d621e74bc43a7d3985e6714fbd888d7b775719d5a2ab95c12544e3504dc4f88f43f067f75bf74aff89dc7ff59b99a44f3a9e584de1521b8d572964c12648ba3adfa147cff425a5fd91998c80940fe6af2307d0f8b345935644755579025a151dcfe3d5da2a413e53655ffeaf68191524a81da9ea5e6cee528aea75d36a0286aa29ef1f853bcbabfe06c8fb27886a919de9ee38748b3f31b65610ef478dd78e20ee0f555002f3f27c62d1f67396fa1337b4539666de1b5409ffbc547d63545139b62efae04b8c262cd11ee8c57283f9ef9af87848f23600a8159e8b85e19ec9af7dba86731f001ec508c6d6d8cb7d28222ea59b16bc0a2defd615d42d1d6bec040ab7ffd18f8dfa11d759b3f00ae646a433d0dc82e8fcfeeac76fc0a6503824686750b6a06e0230dd0ff25c12ce1e8c30ddab1c9a7e1e0308d0fac2c6db2f8c5402faf4483649b1fe815b8950124ec8d6bcb6db3c20e368af2cfdad21bf53bff501d07011351c4fb5947ab270e3a96f01ac901dd42aff5c3ff8565b33f72e156de3c98dcf360fb538c038d4557eb825a841b2e93c98a915dcebfe9a330dae231710ab7b944c7c0899f4753bb1af6e0ab4a2a1ac62348a7ed11c4885869100c237f04c32d10f6e61a61695bd3287d0386824cc85fb663b743cefd13e479c75530c2a81d9425e122296299cbe8c12535b1d2eef8fee6f62a4ecdcd629dd807dda7a3be9b00aae540a5316d8b54af7b76f59786628f40a172985b2311af1a52e4f6c9a3a5ee13e49b57f292a8a11cc2172a6ddcaed8ecfa5613ac73b5ae762ba74412154c44117cac38d6f04f8d6a048ccd7fe4ed6fd8ca6e4be64044170f15cb8af08a402af769e2cee959e4d6aaa4ccf274c2ba612ccdaed74fa77daf035ec28a2f2148769db75eed61c784be6cdab6d500c3c177f11519d0c623509faae38e305598972ed623e96a766787f3e42e45d561ef1942ee9dfd24d1f49fe4e1bb47bdaa8888bc6b362ddd4311ae7fd9fa6257a459a36814dfdc0ec809c7927350e7a62574451b1c712397af5db08b6b23e034cea630664818fc878a718e44c53a074391c844f82e251ef17cec349b0d7a3b58eddc2409e16026dfa1f7b56289f48e125787346748030440aa49af68d859f0dea55128341174ee1db1da4a07ba095d0f051544e0c9eee7a79f1ae1416649aeca2e6cc6b704b45ba9993333206428c4cd79fee10568b76b8cc1828044c574800fc7fd526eb9c6578f45e6644ad92dea53677f2dc14150db7ed67568a990ec21d065e1ebf0577de7ebfc0df3f270659ff705b00844dc8c3501e67eb851c39670fafbc34b593c0caedc3a5039a3e81f2d95f268f02d94b299566c7c1cad1e77ac6286ab66cb6b60fa2d62a8c5edf1bb5041933d3696c90f336812554e1e7df6ab6bc154070ea5adcef2569901e1664d55523f855f742d08a29ccfde2ca83aa6e5526eab8f6741d51330b504449dab1a9dbb5cb00a35ffc77a8849fccadedf8d7b115f20e7ebcaff47d23ebd2e29302e89b386c3e54d15339d51b67cc30c2cefba2ffefe142ad6f33db47401b8ba4943f05188ca6c709d455a8c172587e29bdb1d5c53db8e22a7db50c7afd2329a97aa6a49b36deb6653551e4a21ee87810cf157573016581abc976388f28c23dfd5383034e5b125fd6d04b5bedc4c9b5ef7fd331edbf220e00f4bd81b422a95c8678f2061843bed43c21fda97351f26e448b411a257acc91dfb4389e9fde92c1f0ce102db84cf220383ca4e5bf4e76732c7a891510555b527ace2e0f98b62f5f8010c2601035882dd328f184459de8ce510ab22b64158c84d122a2d74916ec20d64816490daf668fa9d6eb3564163831e980e72411500181e15dcd64291108f3d2fc734a085a43b035dee97f62fef49994d11635859b6292d6612bb27c244c0894634324bf742f64350f5e4b9a1a89dc534849bdd2eacd34ed1c325fb83cd8711d72aed75e48842d726ab1cfa105f3b0af487880f9adba2fddb4172cf256cf5418a69015d6d74f62108a43f03a2d3cd8a2883025ea1ab6929b2c8ae4ef10f6dff86bbcaac1dbcf888987ad79a9dc26f5b3ce79ee85ed7aaa70a1aae207d9a69001132087921846e0b6dd6c1605e6693bc0c2db167bd6fbf79806bb64a68e7dad797669f96010e9991b4e1e4c77844b4b98f720621c44fb2bfe9e06b5295928274043e41141f32865c00ab8199f0ad1ce18511e4ea3c41c2d45b979b15fe075075dae94f067f4b97e22d4844e898e02e0d33da32f6f48cb2e1b02ce0ee9031d1afe7a264a2ddb92b573609ae8b05efedfb2f2c86a1f786a9381863259abee54648dfd13ff88e38e2d3154b4c6ef84eab669f533b4d95cb740dd76d7d5bb83f886c397e3b0ed27f29b8307893294be87822314499ff5b829fcd154559b3055a8d16cd19d58a280e1c066f0c55c67379f209daa3181e88acdf9f64e941876dcf5d0605a63151554a3efdfd2864d00f041b75f1698a398f7a9e2aa3d15fb4ec824668f53c629619e26d2c7e362992970345d1d5ca857a8921efa8dd8cfc26f20d0c1b48b0d38b5cb29375dec478a171bc76ca2916e098c1e850829f8a947e821dcc28c287ec69ba5e44459ea9f38ffd6539181e6b3a555b347343c40e42d04a8ed930195adb364f776ae571c87039cd1c16e15b0a58a6fba6073d82637e3ffac8fd527d93bc6198608147a6cbb967fd4204de56521354f8a756f7afec8ede7e888cda2dd3f3c0f1d1ced1fb6e64ad4b01d9d57d9dd694c5fcad90caec9f566e0c71be566390914152c5efc2fafffa5ca220c19b68f70337fb5cedca9408d993fa8bc933c819fca6cb83054a81e352e6a8da528e8eb6cb2df748193f70f8893c0546a5dff2c6f7ae859ca7cfe2d40187ba0c6eebf79a0341820c1ff52d841aa20403cc8d9f77a23781aa8823b5279ae961694903e699326207599d8f8de5f63bdabd88fd328f021d30f4bd5861eaf3e516d9d95673eea9d879d8c5b054f45b77d73dd17fbd023c63f4c52724a9d5ba14fe4769a3207ba086013654c5dc1b06cb4f911b1f9c1f77d9820207e903fc6eec16a98263617ef8a25a34dcdf42e1b86e4db7dec7a658929f8f898440f3d426bead95c0b560c9e84da4b37ffddb5df4de1cb0c077e140b44ef054e39a7977a5465c07a1eadd058818ea8ade53e894bde0a2eb0093da61853b19ce7238160201273e612a1c6e16afc81bd85a73c8dc9c926e1514d0c99c894b56af7891d2994371b42777ea78f2227a4d52b1ec2896da5c15d1d988c082c3115e887b2b4bf3f893940dde70a5beff4e17210f71653c946a46686ef03438ef7da00456c6f45df4fa5750aef1876b1e7cbc5a978fb815d7762b7ece15b80a078c45a656fbd9e78b5fbda9129c04388b5d539da3b421cfc7c8211a901976acd852197615193e7e8cc3421abb310034e0602904a2917e827f8bb93f6c0950ca3857e79fd386d2d2df1ea765d64a02fcb3c612d34e9382c31fb498deaf1a90971860b88924486e152a11f4fd0bcbd0883c5a552ed64618b8716d43ae8434a73f9de8993231aa0c4f91ffe4814152a62f5a2c92107d5ec6f58089b3198ffd102e078197ecd4c9d875279d6b4492b2a75e6285f8e77a6531290850e3737edb7a0933743f3d15acec22f27c7cd66c427fc4b9be6d4b5310342487f31f5e41a789a264cad21d6b9055b8233d4599f7fca6ff65e7c5b943c6be7d9af941fd30a1b87f19a418632a7a63b99d92829a6ac6b0bc4c8a99659c8380f38a90628936b213a7700c08dbc058dbbcb929316a1d77b2a90edfacb706a2fe34ba6780ca18edc002521055e75d037c716795659296e0f8faa3b22fac50287a2d49b75b79e4944c3e60a88c3af7f7683cd81dfc0181d095311d1a960c4f016375e07aa3101da7ea4861be5d5d17da4387a58816c612e6b3a0e2f71d7611748bc5bddfb7c349e8aa39cfeab517507133edb42e1e73ceefc7f97cac3416eab026cd54434d2cbb74f25cac53d9dc81f3dcd66f6458845e5be003211eff1d90fd41a90395677c6a47a40400d28ddf846a12354cc555497aafbd386b80a32c91346cf14a91525a69c099304bbc963e4b166002ef4f21b8e7a894daf967f7ca5052103d16b2645c222a4873cdaa131590e77779871e9e41f9dc7013f5882d174c26946f260091a05a51afa126afe4027efa00f32f11b82fbc9f59df7f0e6bed76151954e7931334a84fea0087e95986a82910068d07606e15e9cdd79cb3452fee18c73005f9388d1bf77c6e833790ab268d7ff03823955e411ddccba98bc3ffee955cc3135fc883cf62b1ebf7c997f1fce3466be365458e0d4be45dffe1bd04aad33552a24c0cce8d5f86e0593436585e58c550df494159f78cfd2eb60281b0239aac4e", 0x1000}, {&(0x7f0000001980)="bb5030c89d4dd2a9e717a9cf1076fe3192e30b3e4b5f93be00dfe4478adec5b9026c78f569aa948eb6d6e50c111ffcb544a411a37c3f6853d3c29f9462b2c74f39a40c773c7503ba9389d09fa1ee01323af66625c40cfe6ca77ddfe8837ed5ddc7a599a7a2deb7ac6c99889d01511588eb6928c93c789bed700fe9d1741f728498729668dacfb7e66a2d7dfa580b368a204ef50a281d9a96f091962028903de3a48e0687cad5805a36635504cda08b4e2fee974e25c23958b9edad4c02202fdcfe7220036b07c45879f15f63c85d549e2776e71a761190223ede2a22598944058c1cb5fb12100d709f4e8d", 0xeb}, {&(0x7f0000001a80)="cda6ca82595f01e2d45eed145f998a672151d75b7825c36ca57d75093161a453620ab261aa6092794a45e9e7a9347d713913c1dd73add30f845a71ee1956281c36fed7dce39259ff6dcc4f8f2025048053aecdab5720fb7565d4e64e56350ab8e67899220ff31843a6eed4bf1a7bd037f958c4c1f0f78ea5bcea5581f436cd14932849ffc7034937319cd21f29b53e2a3f68ea0e29f691654f18d97b63c2e87817e5694ac750a843cbd8e19d35dfdd81a2a5b934318b72903b86c611bcdb2c1c3afc", 0xc2, 0x2}, {&(0x7f0000000580)="c73b32326c914f18f14a11e8aa4da5e2a03e48ece9351dbfef576cad99af4dc9e43ef7ad1e102a7d9e9782acf413ef3025f74bbb0acec2431507a82c69851a9213db8b9b6713d8b206c960e19a7ddead7ee9b0144e2fe72a34b0a0de488874589d460cfb2e45ebbf4570f7f0b8ac76", 0x6f, 0x443}, {&(0x7f0000001b80)="60ceab010c5aefdd8ea74778afee6c15471936da1e572e24ced14044c0b1ce9761e088102696f3518f377f1ed2578a9060b0cbdf048f42d781b8ca58c630cbb859a3a637826d6a76ecc2f9eaa078a822df1fe4d4146933e7e17631cd317e93923bacaebe59442d9e517e88daff5e7cd278f21b66f19744fd13d7045ba4ea7f0e4c3614190ef166194e6bab647d0ad3e668197474bff8c9f8b3a45bfca909ea066259fab91e6c186638b0de54c305d4a55985eaa8f2ba8453048dedb8472ec4138e2818cd1ca32d14ca865143d5a3439d4b6bfd303726a6e043c922", 0xdb, 0xb89f}, {&(0x7f0000001c80)="0e8a7c5cd017b936ab83ada2ff4111e5c9f6c4bcf415a5567be1844f21121135bbddd6435ce76617c0347aae5c49259dfeeacdcf2da03a7d953798a17837bdf3b51c382d6acaabe102a6f2da064b7dcc13685bc199247234623df20b105d584ed42bbe2bed47caff438c95cc51794706c7dc6405182206d77680fec2b23ed381358377019c354d852c603d93cda933bf1814eda8b39392e6d715f488e5", 0x9d, 0x4}], 0x3858020, &(0x7f0000001e40)={[{@usrquota={'usrquota', 0x3d, '/dev/snd/midiC#D#\x00'}}], [{@smackfsdef={'smackfsdef', 0x3d, '-!#\xe2'}}, {@subj_role={'subj_role', 0x3d, 'vboxnet0em0procvboxnet1GPLvmnet0wlan1'}}, {@context={'context', 0x3d, 'staff_u'}}, {@appraise_type='appraise_type=imasig'}, {@smackfstransmute={'smackfstransmute'}}, {@obj_role={'obj_role', 0x3d, 'sit0\x00'}}]}) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000080)={'sit0\x00', 0x0}) bind$packet(r2, &(0x7f0000000200)={0x11, 0x0, r3, 0x1, 0x0, 0x6, @local}, 0x14) sendmmsg(r2, &(0x7f0000000d00), 0x400004e, 0x0) setsockopt$bt_l2cap_L2CAP_LM(r2, 0x6, 0x3, &(0x7f0000000100)=0x24, 0x4) write$binfmt_elf64(r1, &(0x7f0000000ec0)=ANY=[], 0x471) setns(r1, 0x4000000) sendfile(r1, r1, &(0x7f0000000480), 0xa198) 18:45:13 executing program 0: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) open(&(0x7f00000000c0)='./file0\x00', 0x40c2, 0x0) open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x200000000, 0x2, &(0x7f00000001c0)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r1 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) write$binfmt_elf64(r1, &(0x7f0000000ec0)=ANY=[], 0x471) sendfile(r1, r1, &(0x7f0000000480), 0xa198) write$P9_RMKDIR(r1, &(0x7f0000000000)={0x14, 0x49, 0x1, {0x2, 0x1, 0x7}}, 0x14) pwritev(r1, &(0x7f0000000180)=[{&(0x7f0000000200)="c3bcd42f98fcd2aa7ef5fa8edba35b40ce5ed336e45684ab7dc81073edbe9a349dd09502a50354b7465ce61c1c8d41c5a3f3402610a84b6dc785ea1d7737c5c067eac2ed7007d2878619055e569ce77674b0102a41c87d942d43f12132133dc9043027dfd9761148a98b18ba7aad82c34aa9d04d0dd66f6b75732549ad63300b87c72a31baa63df69511b4b9f81fb45cdac27dc472775fd1eade8933f608dcfe97e99dae9ea0866e72e0bd25ab2ab6166280c6ebe576fcb0bc080b091f7f88da042e69132ecf95db2a22320435833c7cfe60d82f5726397ad523cdec477833dbd74f", 0xe2}], 0x1, 0x3) [ 2806.147828] audit: type=1800 audit(1590777912.998:1259): pid=31852 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="collect_data" cause="failed(directio)" comm="syz-executor.2" name="file0" dev="sda1" ino=16065 res=0 [ 2806.176624] audit: type=1800 audit(1590777913.028:1260): pid=31851 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="collect_data" cause="failed(directio)" comm="syz-executor.0" name="file0" dev="sda1" ino=16110 res=0 [ 2806.227098] Bluetooth: hci4: Frame reassembly failed (-84) [ 2806.234632] Bluetooth: Unknown HCI packet type 5e [ 2806.272785] audit: type=1804 audit(1590777913.028:1261): pid=31852 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="open_writers" comm="syz-executor.2" name="/root/syzkaller-testdir665895836/syzkaller.AwSzlS/589/file0" dev="sda1" ino=16065 res=1 [ 2806.317139] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 2806.348700] audit: type=1804 audit(1590777913.028:1262): pid=31852 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="ToMToU" comm="syz-executor.2" name="/root/syzkaller-testdir665895836/syzkaller.AwSzlS/589/file0" dev="sda1" ino=16065 res=1 18:45:13 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) open(&(0x7f00000000c0)='./file0\x00', 0x40c2, 0x0) open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) r1 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x148) write$binfmt_elf64(r1, &(0x7f0000000ec0)=ANY=[], 0x471) openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) sendfile(r1, r1, &(0x7f0000000480), 0xa198) [ 2806.446358] audit: type=1800 audit(1590777913.118:1263): pid=31866 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="collect_data" cause="failed(directio)" comm="syz-executor.0" name="file0" dev="sda1" ino=16066 res=0 [ 2806.504249] Bluetooth: Unknown HCI packet type 5e [ 2806.510031] Bluetooth: Error in BCSP hdr checksum [ 2806.515387] Bluetooth: Unknown HCI packet type 43 [ 2806.517548] Bluetooth: Unknown HCI packet type 00 [ 2806.550983] audit: type=1804 audit(1590777913.128:1264): pid=31866 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="open_writers" comm="syz-executor.0" name="/root/syzkaller-testdir477172077/syzkaller.GVGvUQ/759/file0" dev="sda1" ino=16066 res=1 [ 2806.561786] Bluetooth: Unknown HCI packet type 5e 18:45:13 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) open(&(0x7f00000000c0)='./file0\x00', 0x40c2, 0x0) open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) r1 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x148) write$binfmt_elf64(r1, &(0x7f0000000ec0)=ANY=[], 0x471) openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) sendfile(r1, r1, &(0x7f0000000480), 0xa198) [ 2806.633573] Bluetooth: Unknown HCI packet type 50 [ 2806.644190] Bluetooth: Unknown HCI packet type 5e [ 2806.659387] minix_free_inode: bit 1 already cleared [ 2806.664257] Bluetooth: Unknown HCI packet type 40 18:45:13 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = open(&(0x7f00000000c0)='./file0\x00', 0x40c2, 0x0) open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x200000000, 0x2, &(0x7f00000001c0)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r2 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) ioctl$sock_SIOCGPGRP(0xffffffffffffffff, 0x8904, &(0x7f0000000180)=0x0) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000440)={0x0, 0x0}, &(0x7f0000000540)=0xc) r5 = openat$autofs(0xffffffffffffff9c, 0x0, 0x0, 0x0) r6 = socket(0x100000000011, 0x0, 0x0) r7 = geteuid() setsockopt$inet_IP_IPSEC_POLICY(r6, 0x0, 0x10, &(0x7f0000000240)={{{@in6=@loopback, @in6=@local, 0x4e22, 0x8000, 0x4e22, 0x0, 0x2, 0x60, 0xa0, 0x3c, 0x0, r7}, {0x5, 0x100000001, 0xffff, 0x5, 0x8, 0x6, 0x0, 0x2}, {0x10001, 0x0, 0x1, 0x3}, 0x0, 0x6e6bb8, 0x1, 0x1, 0x2, 0x2}, {{@in6=@dev, 0x0, 0x32}, 0x2, @in6=@private0, 0x3505, 0x3, 0x3, 0x9b, 0xb650, 0x40, 0x400}}, 0xe4) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) r10 = socket$netlink(0x10, 0x3, 0x0) getsockopt$sock_cred(r10, 0x1, 0x11, &(0x7f0000000000)={0x0, 0x0, 0x0}, &(0x7f0000cab000)=0xc) mount$9p_fd(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000000)='9p\x00', 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r8}, 0x2c, {'wfdno', 0x3d, r9}, 0x2c, {[{@loose='loose'}, {@dfltgid={'dfltgid', 0x3d, r11}}]}}) sendmmsg$unix(0xffffffffffffffff, &(0x7f0000001bc0)=[{&(0x7f0000000040)=@abs={0x1, 0x0, 0x4e21}, 0x6e, &(0x7f00000000c0)=[{&(0x7f00000002c0)="6f5768e45f84a4040741ba96ff09ff8ad3def08acebc3f3525b9417337f0751d9729ca9dc1cd6786136cfc72f89f25790987008cb0ed6d2c9f0c20c28b67c78a979da0a86695d44f703a6b7159feefd4ee0fdd77201290e6c10ce435757052be03b82665f1e08e68e5465d15ad5f242a473a4d23c9adfcc4f6277607ae9b6881470db4d394b3e5f2fdab45732f83d0ac11ceb407a9fe5c4d6d3f286b00d9a0bbb7add7bd6ed768b65f9e3951ccf85ed9d70f589d69857d11bb54e96d86f5ff39a91ccf74b58332f04847e6d95cb96b2ee9d5dad9a85e0a3f9f23fd4115d512e829da9055af63baf33ccba1023cfd6a91d8a03b83b49bbccab5d5a024bb9572076d3a041cf8f5cb0dd2a22cc79106ec5237d3a6a23395bc0581d3fac7552b0c6cce5c3e89cf1cb95672c96ee994fdaad309f54b60f5e3073ac7e85f9bf524f5b9cd935d8b49aaf19814db9e2b8e2b134de72f1ec969c6fd32e96628c8457f3b2028ce486a4a13147e0a1d1e4a3f2745c55103a12aa593bef497b4f8b28d0dd05a73f05949fa9fb6cd2f704d4ddd76fbdfbd216cf3a82d3eb13d73b1d3168692228188ffe21e6286e6fa178bfc5f4717918f253e5f1f5d4b4d884f66f8341170a19cc92dd8fe938d2649c203f6fb02839d89002441405e044f3439fec8435935b213e6ecf50c14e3a9d5d5b229d29ab142dcc94e64b316e69fb944bda214a50d5b61fcc5eb71fdbefdd5ef72d71afb1ebab59fc61b37f293986b9240d8beef5746d90f75f7fb4a871473d6d57cec25a576d4512ca8594d0387341b82e41e64a8c967268aa7fb17beb03dec634679133cf36cf11e4706b1cee950c6c2614f4a4883a550137d4d0dca0574a3fc28d245090eff18591627894839384c90563ab544ddee1ba062f80c19d2619427f151b387dae1747d0a3667cc55da4f33d8b5a401927c5dcad2887c7caeeba9e50ad1065a80315eff1ff5af4848f3de4d016cb1051a4ab68a303fadc63093e5651458583cb8dce9edf686fb57844ec0c9b2926383cbab3dd3b8f5255002fb79ac2e4b14064781c7ee95f3686250e8fd41b302725669f0b487bd3b1ccc463ef2968a9a737ee46aba9a2f70ef0f7a51bf5cf8cd1934c8d785137b9f69e3dbdf516c9c92291d401cb3e91e56058927387017eb52fe0ecf5064a6dc0c13413f52d51ebee288f68169a3aa3f42b7e17486dd111edcec1aaa2e710d163dd2bea08b7c8d53673b9d7f574bf247130a134bd96e6a5153deb1d86a3da12833e0e0bb03a7352553e5884dd33a7b96460046e1bac0301c16466d546d3fffc6b42700e130787ac104c9f1e9c19b26349985af651414712a890d26824f7ac949330a2e526511288c28b277571eece02fc4fea25ee58c97f32228b3afa93632e7953cc887f59b0da6298d4240ec17317be633d68e76ac4dc3b4dd3687cf80aa0df77a4f5c6874f9a1fa1a04e58e2f13a61b87695596a4ebca9b0b151aae979398c2fe15593c55b558fb50b7bdc8fbc753d9a4b91714dd1aaff6c7db312708a9f53239af5efceb9aea850341ea999fc859f3f3b3fa8410783363efe4577e2f8e1b3d01b4b763f8b52b1afaa7d049f48d4408d06a2932cb554b42be82778ecc43ed919b1e8622aeeb5676f954862997e6fb76376814d7858b5389fcaeef735ee177ad04b184cd1e07a930523ad9458c870578821151a7f2dac90c4c4c9739d5187442638b2309113c4370931b269ba891f0d37c43669ff66762416c906672be4fd93cddd104f20c7de8a6a90294232740694f6291a3d62874c34a2a1fbf9db7eab9f863e2c2375bb71fc90f5e67e5cfa09fbd40c2423bb575665300344f9b19605354e1b8fc3bfcb84323d7c4f1049b8e1a931a836419050848bb7e1b62fb9bb3bc792aa7b491c00c66c4fc0f5cf8169e9d5d958a975b3e9e9c5ddc6c329e205d0375c039f2ec1a9a13a6e2d44e12185eff0a4c7c0676c0f182444ec27e555c702caeebab497b9e68e77460ff9e2b78eb99f31bc257f739993d5585c8a5ead074f20fb776baeaf5436edc807d17931d9d242f8e793762df3de3954afc694a53a2c4d836229ccd34464105aacba3e32c1d2c7e56af649274639022226c86633dd1c5d1b337470dd41bbb48c9b963a0ee5495d982bf8bc52229942f14fe70d422edf4914f43c21c51e9798c3c13e15ac4ec833fa7c9f7d6a986412cf092ade2af18d3a9eb92285463419d19cb58523b7c492452f73f9d88d2efda6bd6876d27378224575ca1780027ac31d5febf087a2c179af050b81d61de83c044fa83dedda2239618adf2f20b55e099b661c2fb61b2c7788adf15d096d7e4351fbbfc82e6a6b021fd20a5b85c2c18edd3fb0b8a791db04ad06703bf27954e5eaf509227a7d56d1dd3a27abf4292241f41976f6144b22a67e5c2b2faca6228a75dc1d8fc472139da25e446dc30170a57dd3c1b455dd897ab95426055682380890088215a702719afc79dddd2137dcad98976a8951e493847fc39c80ecc9928a5b7f6b92dc2816601998b078daacccb5ae66aed43fc5c286677a2a0eab5f61bf6c6d9d34db773382fe7cacbd20813edf6d548162d55739fec4fed52321ebcc68309a931ca118a56850223fc32aa06bb96846d6baa9467a0d286e8ff78a074eaf65cf5bd5dc065e510fdd212f07918fd4dd0a26269ad7d42e1d6dbef2da881bb349aebb05e14c1051c5a42db50cc4f1b080de3ac001d75c0443b8084bebe6474d46cef5e06262dda2974771c947f33fb125bbead8a3d4573cbb35d3ad6fde12e81fcaec90e82a1b6a0281eb49e146576cf893110ea14a6204327a1ebbc9d229a4fa5a0ba70a2ce044697408bdbf4d00bf5ea00274dd25bc00cca89f4d50cacbb205f511b9266933c48ff72f4b20410070526350e4c4b5fa5959012c2696ce7af61a4e2d338969e21009d993f6e1ffc3721a0927cb779d49fb685972f5d466ba30f1841cf796b263870a0873460063a770e4dc30dd2b9651f3008c1afc154d49aebaa82de40cd825c3121caab1bca8aed773370d71722ade925b8c6cae999ff592a3d624f4419c651eccd69034491e91ed4fff23eecdb5ee6571499e06423bc2a86df9451d437a09917a1ddf884e56b964ad32bf8d9333ec7ca792d957d7303f43f0ddf9d8b2d61db8b78a550462bde7be5e3bea92ac0491a417f3def4b76f99a958b86b3f790c4c71e63cc5a47e8b50f6e4bb12b348e5218d5ad9affb271422fba457c27ce22407994af4448366730ccfdb8ceb3604590fb210ab16cbf152db865c6fe31556e843acb79d6eff380773e8d9ec02831102e4ab642fdefa7929f8538a9c2ecedde93836654636942db11452d85c1d7eec3a46e34aa689601f92ee02f0506f1cf542067b9bb0f4e598e202e815598c6da9cf6e9d3d4c2b46112e580b45007bd8e8b5adcd0f08399d2fd86f62e725390a5b7b8b3a1d91f9b2200586d287e31bd4f7631e3e87b10cb8b6bde53aef44a3fe63bd8722000a15699f9d061f2409189b93e184ec59d8c1d0e957050c4e26f484b096f43b26668d2f8c7e71216d0941dbeecc66674835b8ebb9a9102a8783887d16c5109039ee88b19ac5d8a7b5da9b75161687c8d4cc92f7fe66c558a78f3076514950b2cf2e91a461896b1c9ab81dd3502fb302340bf5081248bfd4296d6e845fb8fc7616d65938c151bc6e42d5930caff1574e2f6ced8e3789d947038d10fbf489fa04df0483875ef9632a47ea1533d81ffec6ea79e1b9b110134066513533d2ff9b5f7cb7d78bb413d82d36428d15d79bdf6866d1331d45e49062146ccbe37622a1162681fe0df3ea1960f7042cdfbccef2953280e7fa15d7767baec8c0377b59562ebaa2ad2205f06cafd31d28b0d69980a94eaacbd2023e747956217a9ab66273d068b6775b60eef9b8d2731b461115a5c101b69ac64e2e5bc12080e80f81cd31e7a0e64bfb177c518e13dca0cbf710568aae1976d718443a85da75682ea902932f6bbe246a283daac6369167e34c7f02083d2422f4624937b958855ac9d7f1c3daf602f0ac77bbe2188c84acd790ac3ad2b2dc8ac7c4224891195588dbe1d18ea227cf6804926a857daec60a03200c2334f92397f9fa5bc94ea73320199cd7d21f620135d31c8ca66fa059668c2c169c52fcebb71f9327fca20938c59e28bc37439835cbbc373e482b0e433b99dcae69165c5d161bbf184ce1bd04730919f3b24d3bbbf0f79d03da76cc1dd5b57971c4e1dfaf98360408e871f96f7ac2703526bdf569f0dcf05a49b979c20a6340642f82d8a243a723d051e0ee1b7d66b1ac4fc3630b68cadbc4f0d3a43c65ef72a00bc998adaef2b90cb740c2c7cb04898e325694b37306642e635e8ee300fc103deeecf82d8f0dc13d39f8fd2b26187a40aa287eca53bf62d37a94b2aa5149964e691c10aeeeba5597d669ac0501b3aca14c74c14b9e159d9cc9fe7bb4daaef2799a637ebab7666b67b32d0cef4c6b4c70bef2538ad7f97365785406b50680495fda061b6719581bdc60cfdd1eddc645189ca329461478614f964f87ac45759f700a66b075c3f34600854ba81f3f3023c6b3481aefd47515223294dbd2484b2918ca9cb72d75a217b05440c7f151a8a514d141a9b73b5c49ec262eb47675426e5f9d8d8f288736b190cc5e1645b57095e17a5604d6a047914d3158e50aeb3a35b44182444b058e9252309f9c6473e138d8ceb66c35dfa4f315ac8a5dfb78919e0a27710150857544d897b98ff98db76e841e57937f78fffccae61c7c0861473e2001bbdf098091ddce94ab25aaa9e316c82609f25caa0636a715ea364cd108c3f33bea8e3812a669c8129473e3e383a18598f6119324ef94163de9ce64c288da4e88fc16868f3a42ab1ed0d9517eee820d2ad0191c0381040de4ed5489f67e728ffb5f8fb41dd89aa9e0bf95007837572e223226288a665dcb8e3411b2126f3c470bac6ba2d9ded0de60d9d7fbfbd512fb283cadfcf0822ebe10049a3e8d7dcf3177de3d50c6ce74468e3f678a14ae0ea59335b35ae4be7509bbca9141ef822eff07d6a32af26f5fde2efe6d6814053de8017d4e354292927cc90cad7229fd630dba9e66047bd3bdeb9795f9d8cdf8d6b4b81ceaf23d75cf8e92117b9a5cce1b9e16f6f9e716acd04ebbc437e97f22f38de374b747c46c56de9248d79b8a2c831291ceb7a15f6302edf7e8a201415a870659c0ae014e76c4cd26a18774dff3b18062912390a0e61cde1f2b14e47d4cd98476f7b66a35e21dcd4fc17b3aab153ceb293b8f07c65928ea7780f2563d931fbf04bc9b1dc9bb7554a86c747fbf6aa0e18190eced8ef5de10f88b135e1d6eefeb496f3733ac4d345932678eee7c3524fd014393b7551c5e8f8dfd137804d2965be4a12441d9281e1a9615dbbd0fb41e190c53ab874e2acf0a4563e9d0720348e23722b677a007918272fad0a5a34d1df874b8aab3e75a42e6bd90fe0f2adf12344f64559150c5bfe40a5c1c7f1b2c58643247456228ff069beca857311ae2bf95e42bddaa2ea7ea1197a0df1323a4e7350037bfbcd666be976e3ebd5b7cb2f551c8fdf487564288af7855d42aa2df64be775b112376835f6c76b69b153c4e87dfe7f610ac909db0f2fa8b33863bbb7ceb305601470c13a0a268657c251db1dd52f51b88290dfd003ed4bdcdc36f01964ba982e4adc4237397f91c4057f350f049e7933411dd230c0c0ab6ffe5e6e7bd68e75fe5b67deee8432a1bc90dccfe425fcd1a5f9748591a437cd27719e6876", 0x1000}], 0x1, 0x0, 0x0, 0x10}, {&(0x7f0000000100)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f00000001c0)=[{&(0x7f0000000180)="c35edabe64d3e5715fc3fbe5a549ea2d5805670d6025c4af6cc8ac648362522b5ab36061862eb5", 0x27}], 0x1, &(0x7f0000001540)=[@rights={{0x2c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, r5]}}, @rights={{0x24, 0x1, 0x1, [r5, r5, r5, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x1c, 0x1, 0x1, [r5, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}], 0xf0, 0x40008}, {&(0x7f0000001600)=@abs={0x1, 0x0, 0x4e22}, 0x6e, &(0x7f0000001ac0)=[{&(0x7f0000001680)="76f0eb8ba89e82ec72eeb275e327cdd7b38a8ae6eb5a1f8b4580afab14b01554a61b132381775421d11b94", 0x2b}, {&(0x7f00000016c0)="1b60ef7c4eaf91ee859dc673499c12698b0280af4905c2a1cbdc5bd8564f3b3a7a2cf9d351ec3c02185e5a6a855203f24ab8e4beef17bd46dd56dff05089152ff302de40135f69db7fe4a4aaba64cde135b9b0fde14608258ac4bc6076c7813d05b6e70593d90270e885c6ed992c13adeeccdc3bb74df2e1c09640f1f3e104eae25b5d2dcda15897149cd678dc74abc17470d744e1de87c180605e4cbc1d91ee254c8d04bce12992c619a49510b1a492b86545748943a74748d9c32f79408957dfd70036431de43d1a1fd6ed5239aa87cb015f83dbe204354a18dde175ad", 0xde}, {&(0x7f00000017c0)="c4fe9f834f655af8dfe5898f29f701d2ef0310dc2389800adc25bd1cb2dbb0afd2be016a290f028149403d29f80989148c16b4d9da31469936cbcff444f15de7f52a887b47bce14640e3fecbf51f3be9cfda384add44d84f0ddf8d79facd4674f08614b075fc44ea0fd361c895ab57be8dca3c36b9c0e6ac63890fef0b77e806fa61284244d8fe5ff48166e7cd9658476801026f581902a04b7d2056cd2ed2d76244", 0xa2}, {&(0x7f0000001880)="01", 0x1}, {&(0x7f0000001980)="365eb6389e10c66bacb717d0e5d2ea869d8d22f6c2ff0bbef495420f6a33bedf1f185a011edcb5d471b771e3c54b4a464215cfc2f58184f027dabb9b10079112415e36d22719ba93633369e9eb568c5d6bca7c9f60c7b0be2b668446af8c2dcd2f846742d8b927e0c7ad8e7c48032b114a", 0x71}], 0x5, &(0x7f0000001b80)=[@rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, r5, r5, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {0x0, r7, r11}}}], 0x48, 0x4c000}], 0x3, 0x4004090) sendmmsg$unix(r2, &(0x7f0000000600)=[{&(0x7f0000000200)=@file={0x1, './file0\x00'}, 0x6e, &(0x7f0000000000)=[{&(0x7f0000000280)="11347489cc2e16696c94348b13fe2256f5d4f28f0c6e3f2e91e50cbbc35652b789f4fbd121b125b14cb845a5ab855f136c5ac44a1edd31be82f13de9c20e68471121bf538f6b", 0x46}, {&(0x7f0000000300)="3aba4c5a6942d61ec03897192e32bfcf501949eaec6839f0bbb7d706a6ce96b6331a67a231d5ef07d7b25d625078ad7ef710441ab8404f6d7e69e961fb7f23fe0859fc5ea2ec163f325fb14a77d490cb28aff7fec85ce2ff998d59800dba024a63efbc51db38f9bd42db3349b67de00899c82ffac0b707a281ef4bddc812707789e4f6470fa05d6df0ecfc79200902a6640c", 0x92}, {&(0x7f00000003c0)="44f0085db902237dac9bf835336db0d09b5d80bbf6f6ecab6ada4d8e67dfe913ec78ff7a58d270c75741a499aff660491f92f5a00e3f90baa1f16eacb6299e7630668bf7174e4335018e593b8f3983a0fc6999eeabacab981b5cf3c6a5c90443ff9b0983c536eaea2aad5833c8539c09df8ad6d1f729ad04c258c3a26c35", 0x7e}, {&(0x7f00000004c0)="0593f3efd094ecd9b1b4cadff5ec462c3797c4f29b2d8a524c5ec6a707263c6672c09dd95760b608be0965132cd25c7ee443aea47991ad6846a8e825d03324635300021fcfb81cff5ba9d186", 0x4c}], 0x4, &(0x7f0000000580)=[@cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c, 0x1, 0x2, {r3, r4, r11}}}], 0x60, 0x80}], 0x1, 0x80040) write$binfmt_elf64(r2, &(0x7f0000000ec0)=ANY=[], 0x471) sendfile(r2, r2, &(0x7f0000000480), 0xa198) [ 2806.768165] Bluetooth: Error in BCSP hdr checksum [ 2806.768357] MINIX-fs: mounting unchecked file system, running fsck is recommended 18:45:13 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = open(&(0x7f00000000c0)='./file0\x00', 0x40c2, 0x0) open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x200000000, 0x2, &(0x7f00000001c0)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r1, 0x4068aea3, &(0x7f0000000200)={0x7b, 0x0, [0x3f, 0x9, 0x3f, 0x3a0a]}) r2 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) write$binfmt_elf64(r2, &(0x7f0000000ec0)=ANY=[], 0x471) r3 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snd/seq\x00', 0x2) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f0000000100)={0x0, 0x0, 0x0, 'queue1\x00'}) getsockopt$inet_sctp_SCTP_GET_PEER_ADDRS(0xffffffffffffffff, 0x84, 0x6c, &(0x7f0000000340)={0x0, 0x1c, "c5dd1f3c2dae74a3b2e813363408ace08c20df279f662d5a3a3a9afd"}, 0x0) sendmsg$BATADV_CMD_GET_HARDIF(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="75e78a0800000000000000015d85bebbdfc7ce347bb4"], 0x4c}}, 0x0) write$sndseq(r3, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @raw8={"a357b6b140cbb6215dd33459"}}], 0xfffffee4) sendfile(r2, r2, &(0x7f0000000480), 0xa198) 18:45:13 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) open(&(0x7f00000000c0)='./file0\x00', 0x40c2, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x200000000, 0x2, &(0x7f00000001c0)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r1 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x148) write$binfmt_elf64(r1, &(0x7f0000000ec0)=ANY=[], 0x471) openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) sendfile(r1, r1, &(0x7f0000000480), 0xa198) [ 2806.919122] minix_free_inode: bit 1 already cleared [ 2806.977709] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 2807.038244] Bluetooth: Error in BCSP hdr checksum [ 2807.046400] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 2807.189326] minix_free_inode: bit 1 already cleared [ 2807.194468] minix_free_inode: bit 1 already cleared [ 2807.311672] Bluetooth: Error in BCSP hdr checksum [ 2807.568059] Bluetooth: Error in BCSP hdr checksum [ 2807.598233] Bluetooth: hci3 command 0x1003 tx timeout [ 2807.603566] Bluetooth: hci3 sending frame failed (-49) [ 2807.828055] Bluetooth: Error in BCSP hdr checksum [ 2808.088200] Bluetooth: Error in BCSP hdr checksum [ 2808.237902] Bluetooth: hci5 command 0x1003 tx timeout [ 2808.243295] Bluetooth: hci4 command 0x1003 tx timeout [ 2808.243379] Bluetooth: hci5 sending frame failed (-49) [ 2808.250183] Bluetooth: hci4 sending frame failed (-49) [ 2808.317827] Bluetooth: hci6 command 0x1003 tx timeout [ 2808.323363] Bluetooth: Error in BCSP hdr checksum [ 2808.557889] Bluetooth: hci7 command 0x1003 tx timeout [ 2808.563320] Bluetooth: hci7 sending frame failed (-49) [ 2808.578066] Bluetooth: Error in BCSP hdr checksum [ 2808.838068] Bluetooth: Error in BCSP hdr checksum [ 2809.097940] Bluetooth: Error in BCSP hdr checksum [ 2809.103189] Bluetooth: Error in BCSP hdr checksum [ 2809.358010] Bluetooth: Error in BCSP hdr checksum [ 2809.618237] Bluetooth: Error in BCSP hdr checksum [ 2809.677883] Bluetooth: hci3 command 0x1001 tx timeout [ 2809.683266] Bluetooth: hci3 sending frame failed (-49) [ 2809.878051] Bluetooth: Error in BCSP hdr checksum [ 2810.138042] Bluetooth: Error in BCSP hdr checksum [ 2810.317765] Bluetooth: hci4 command 0x1001 tx timeout [ 2810.317785] Bluetooth: hci5 command 0x1001 tx timeout [ 2810.323082] Bluetooth: hci4 sending frame failed (-49) [ 2810.333788] Bluetooth: hci5 sending frame failed (-49) [ 2810.397755] Bluetooth: hci6 command 0x1001 tx timeout [ 2810.403224] Bluetooth: Error in BCSP hdr checksum [ 2810.409161] Bluetooth: Error in BCSP hdr checksum [ 2810.414063] Bluetooth: Error in BCSP hdr checksum [ 2810.637812] Bluetooth: hci7 command 0x1001 tx timeout [ 2810.643299] Bluetooth: hci7 sending frame failed (-49) [ 2810.658003] Bluetooth: Error in BCSP hdr checksum [ 2810.663484] Bluetooth: Error in BCSP hdr checksum [ 2810.917978] Bluetooth: Error in BCSP hdr checksum [ 2810.923166] Bluetooth: Error in BCSP hdr checksum [ 2811.177892] Bluetooth: Error in BCSP hdr checksum [ 2811.182810] Bluetooth: Error in BCSP hdr checksum [ 2811.438122] Bluetooth: Error in BCSP hdr checksum [ 2811.443132] Bluetooth: Error in BCSP hdr checksum [ 2811.697929] Bluetooth: Error in BCSP hdr checksum [ 2811.702971] Bluetooth: Error in BCSP hdr checksum [ 2811.767937] Bluetooth: hci3 command 0x1009 tx timeout [ 2811.957887] Bluetooth: Error in BCSP hdr checksum [ 2811.962912] Bluetooth: Error in BCSP hdr checksum [ 2812.217828] Bluetooth: Error in BCSP hdr checksum [ 2812.222934] Bluetooth: Error in BCSP hdr checksum [ 2812.397678] Bluetooth: hci5 command 0x1009 tx timeout [ 2812.402953] Bluetooth: hci4 command 0x1009 tx timeout [ 2812.477643] Bluetooth: hci6 command 0x1009 tx timeout [ 2812.479428] Bluetooth: Error in BCSP hdr checksum [ 2812.487850] Bluetooth: Error in BCSP hdr checksum [ 2812.717628] Bluetooth: hci7 command 0x1009 tx timeout [ 2812.738019] Bluetooth: Error in BCSP hdr checksum [ 2812.742971] Bluetooth: Error in BCSP hdr checksum [ 2812.997960] Bluetooth: Error in BCSP hdr checksum [ 2813.002886] Bluetooth: Error in BCSP hdr checksum [ 2813.257893] Bluetooth: Error in BCSP hdr checksum [ 2813.262815] Bluetooth: Error in BCSP hdr checksum [ 2813.517856] Bluetooth: Error in BCSP hdr checksum [ 2813.522771] Bluetooth: Error in BCSP hdr checksum [ 2813.777842] Bluetooth: Error in BCSP hdr checksum [ 2813.782781] Bluetooth: Error in BCSP hdr checksum [ 2814.037846] Bluetooth: Error in BCSP hdr checksum [ 2814.042849] Bluetooth: Error in BCSP hdr checksum [ 2814.297796] Bluetooth: Error in BCSP hdr checksum [ 2814.302722] Bluetooth: Error in BCSP hdr checksum [ 2814.557642] Bluetooth: Error in BCSP hdr checksum [ 2814.562559] Bluetooth: Error in BCSP hdr checksum [ 2814.817891] Bluetooth: Error in BCSP hdr checksum [ 2814.822915] Bluetooth: Error in BCSP hdr checksum [ 2815.077594] Bluetooth: Error in BCSP hdr checksum [ 2815.082511] Bluetooth: Error in BCSP hdr checksum [ 2815.337904] Bluetooth: Error in BCSP hdr checksum [ 2815.342917] Bluetooth: Error in BCSP hdr checksum 18:45:22 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x4) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000040)) 18:45:22 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x200000000, 0x2, &(0x7f00000001c0)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r1 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x148) write$binfmt_elf64(r1, &(0x7f0000000ec0)=ANY=[], 0x471) openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) sendfile(r1, r1, &(0x7f0000000480), 0xa198) [ 2815.597799] Bluetooth: Error in BCSP hdr checksum [ 2815.618574] Bluetooth: Error in BCSP hdr checksum [ 2815.647996] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 2815.661278] minix_free_inode: bit 1 already cleared [ 2815.670070] Bluetooth: Unknown HCI packet type 00 [ 2815.670191] Bluetooth: Unknown HCI packet type 5e [ 2815.857481] Bluetooth: Error in BCSP hdr checksum [ 2815.862544] Bluetooth: Error in BCSP hdr checksum [ 2816.117566] Bluetooth: Error in BCSP hdr checksum [ 2816.122526] Bluetooth: Error in BCSP hdr checksum 18:45:23 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r1, 0x400455c8, 0x1) ioctl$TIOCSETD(r1, 0x5412, &(0x7f0000000040)) r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r2, 0x400455c8, 0x1) ioctl$TIOCSETD(r2, 0x5412, &(0x7f0000000040)) ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000040)=0xe) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000000)='/dev/full\x00', 0x40982, 0x0) ioctl$TCSETA(r3, 0x5406, &(0x7f0000000080)={0x9, 0x80, 0x6, 0x1, 0x0, "baf92dd05a702109"}) ioctl$KDADDIO(r0, 0x400455c8, 0x0) ioctl$KDADDIO(r0, 0x400455c8, 0x0) [ 2816.537432] Bluetooth: Short BCSP packet [ 2816.797877] Bluetooth: Error in BCSP hdr checksum 18:45:23 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x20000, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x4) r1 = socket(0x200000000000011, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'sit0\x00', 0x0}) r3 = socket(0x200000000000011, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000080)={'sit0\x00'}) bind$packet(r3, &(0x7f0000000200)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @local}, 0x14) sendmmsg(r1, &(0x7f0000000d00), 0x400004e, 0x0) sendmsg$IPCTNL_MSG_EXP_DELETE(r1, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x64, 0x2, 0x2, 0x401, 0x0, 0x0, {0x4, 0x0, 0x4}, [@CTA_EXPECT_TIMEOUT={0x8, 0x4, 0x1, 0x0, 0xdb4}, @CTA_EXPECT_ID={0x8, 0x5, 0x1, 0x0, 0x406}, @CTA_EXPECT_CLASS={0x8, 0x9, 0x1, 0x0, 0xffffffff}, @CTA_EXPECT_TUPLE={0x10, 0x2, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x3a}}]}, @CTA_EXPECT_TUPLE={0x20, 0x2, 0x0, 0x1, [@CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x3}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x3}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x84}}]}, @CTA_EXPECT_TIMEOUT={0x8, 0x4, 0x1, 0x0, 0x4c1}]}, 0x64}, 0x1, 0x0, 0x0, 0x20004014}, 0x5) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff}) r5 = socket$inet_udplite(0x2, 0x2, 0x88) r6 = fcntl$dupfd(r4, 0x0, r5) ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200) r7 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100)='/dev/net/tun\x00', 0x0, 0x0) r8 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r8, 0x400454ca, &(0x7f0000000000)={'\x00', 0x43732e5398416f1a}) ioctl$TUNSETQUEUE(r8, 0x400454d9, &(0x7f00000000c0)={'\x00', 0x400}) dup2(r7, r8) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000040)) 18:45:23 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x4) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000040)) 18:45:23 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x200000000, 0x2, &(0x7f00000001c0)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r1 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x148) write$binfmt_elf64(r1, &(0x7f0000000ec0)=ANY=[], 0x471) openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) sendfile(r1, r1, &(0x7f0000000480), 0xa198) 18:45:23 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) open(&(0x7f00000000c0)='./file0\x00', 0x40c2, 0x0) open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) r1 = socket(0x200000000000011, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'sit0\x00', 0x0}) bind$packet(r1, &(0x7f0000000200)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @local}, 0x14) sendmmsg(r1, &(0x7f0000000d00), 0x400004e, 0x0) ftruncate(r1, 0x8) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x200000000, 0x2, &(0x7f00000001c0)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r3 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) write$binfmt_elf64(r3, &(0x7f0000000ec0)=ANY=[], 0x471) sendfile(r3, r3, &(0x7f0000000480), 0xa198) [ 2816.946770] kauditd_printk_skb: 15 callbacks suppressed [ 2816.946781] audit: type=1800 audit(1590777923.798:1280): pid=31957 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="collect_data" cause="failed(directio)" comm="syz-executor.0" name="file0" dev="sda1" ino=16128 res=0 [ 2816.952043] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 2816.959212] audit: type=1804 audit(1590777923.818:1281): pid=31957 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="open_writers" comm="syz-executor.0" name="/root/syzkaller-testdir477172077/syzkaller.GVGvUQ/762/file0" dev="sda1" ino=16128 res=1 [ 2816.979496] Bluetooth: Unknown HCI packet type 5e [ 2817.021508] MINIX-fs: mounting unchecked file system, running fsck is recommended 18:45:23 executing program 3: pipe(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000040)='/dev/cuse\x00', 0x2, 0x0) splice(r1, 0x0, r0, 0x0, 0x20000038, 0x0) ioctl$KVM_ASSIGN_SET_MSIX_ENTRY(r0, 0x4010ae74, &(0x7f0000000180)={0xfffffffc, 0xa8d, 0x80}) r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptmx\x00', 0x141001, 0x0) ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r2, 0x400455c8, 0x4) r3 = socket(0x200000000000011, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000080)={'sit0\x00', 0x0}) bind$packet(r3, &(0x7f0000000200)={0x11, 0x0, r4, 0x1, 0x0, 0x6, @local}, 0x14) sendmmsg(r3, &(0x7f0000000d00), 0x400004e, 0x0) getsockopt$inet6_buf(r3, 0x29, 0x2e, &(0x7f0000000080)=""/114, &(0x7f0000000100)=0x72) r5 = socket(0x200000000000011, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000080)={'sit0\x00', 0x0}) bind$packet(r5, &(0x7f0000000200)={0x11, 0x0, r6, 0x1, 0x0, 0x6, @local}, 0x14) sendmmsg(r5, &(0x7f0000000d00), 0x400004e, 0x0) r7 = socket$vsock_stream(0x28, 0x1, 0x0) setsockopt$RDS_GET_MR_FOR_DEST(r5, 0x114, 0x7, &(0x7f0000000340)={@pppol2tpv3in6={0x18, 0x1, {0x0, r7, 0x1, 0x1, 0x2, 0x1, {0xa, 0x4e20, 0x3, @remote, 0x78ef}}}, {&(0x7f0000000240)=""/224, 0xe0}, &(0x7f0000000140), 0x2}, 0xa0) prctl$PR_CAPBSET_READ(0x17, 0x9f55) ioctl$TIOCSETD(r2, 0x5412, &(0x7f0000000040)) [ 2817.057526] Bluetooth: Error in BCSP hdr checksum [ 2817.098567] Bluetooth: Unknown HCI packet type 00 [ 2817.122985] minix_free_inode: bit 1 already cleared [ 2817.156770] Bluetooth: Unknown HCI packet type 5e [ 2817.162329] Bluetooth: Unknown HCI packet type 43 [ 2817.166552] Bluetooth: Unknown HCI packet type 43 [ 2817.173239] Bluetooth: Unknown HCI packet type 5e [ 2817.187249] Bluetooth: Unknown HCI packet type 50 [ 2817.192283] Bluetooth: Unknown HCI packet type 5e [ 2817.198845] Bluetooth: Unknown HCI packet type 5e 18:45:24 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x200000000, 0x2, &(0x7f00000001c0)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r1 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x148) write$binfmt_elf64(r1, &(0x7f0000000ec0)=ANY=[], 0x471) openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) sendfile(r1, r1, &(0x7f0000000480), 0xa198) [ 2817.207996] Bluetooth: Unknown HCI packet type 40 [ 2817.214144] audit: type=1804 audit(1590777924.069:1282): pid=31965 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="ToMToU" comm="syz-executor.0" name="/root/syzkaller-testdir477172077/syzkaller.GVGvUQ/762/file0" dev="loop0" ino=1 res=1 [ 2817.228941] Bluetooth: Unknown HCI packet type 50 18:45:24 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = open(&(0x7f00000000c0)='./file0\x00', 0x40c2, 0x0) open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) statx(r1, &(0x7f0000000440)='.\x00', 0x4000, 0x4, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x0, 0x0}) syz_mount_image$xfs(&(0x7f0000000100)='xfs\x00', &(0x7f0000000180)='./file0\x00', 0x7, 0x3, &(0x7f00000003c0)=[{&(0x7f0000000200)="df5f5dc0b234e1e4d74f27d9acef777e25597fd9cd23ff76ac06d7b2c4d6365e57e12890385ac407496cc5ccdb3f73b20cc043603766c862d7d9a7c6d76f1d4dbefef947e4f571b390b5e2d8859da99430b727f0bf4cf3b16c522c2a030b3e889d7c0be2420b8d9c97e266bb4efcf88d0dab47d7cc306b5acc52bb1dc2ef7175740523057b2fde23fee287038e67f5434d06bb90a7e6b5e1d4a3c60d483552", 0x9f, 0xdd}, {&(0x7f00000002c0)="34be07711f99cfc45a173973b188905c1c485b445c1fd825ab6432812be5f2c4b7af421f0adcfecf53b69204c750887b9dbe281e5dddb822ac0d4110005d8919d3d6254a69bf3863b89c15801f66cba14cfafa367de7b1fc82f4accd58", 0x5d}, {&(0x7f0000000340)="f1792b07f5acc2d18e0b4e63a9e0fbd044bc7feb2a1fe63eff2ee1e01a1f71ec8701e9e050f628506f1ee80afbd3acb74ad17739002aa6eb905f026b5aeb2bcb685c2df246", 0x45, 0x6799}], 0x100000, &(0x7f0000000c80)=ANY=[@ANYBLOB="7773796e632c67716e6f656e666f7263652c62736467726f7570732c6e6f757569642c6e6f6c617a7974696d652c736d61636b66736861743d6d696e6978002c646f6e745f6d6561737572652c61707072616973655f747970653d696d617369672c6f626a5f7573653af499f8723d6d696e6978002c657569643dfe4d73b7edc755f78f0e89d8b8cb55d799f85817082a70b51aec5bb5cb38736c77c203ff05ee00c51daabcac24224f95bdec709c779c4cd0ba4bd22f3b87e70517e593d412931de45e4b42f311975daec8650e273f60c9c53864baf11d9952c9e7c8c8553d3b42145cfea1a54bfb9dc5a123049a87ae4c54d1fcfc52d261a31150fbc5", @ANYRESDEC=r2, @ANYBLOB="3d664461d425b17af00b4e35cfe7d17346dacabb1e242f870d4f78220b60d3f1ba14765d9d891f7f16db188ba2ed96a8c86f92f7f617d347b94157c03b2bc6455f6f3471154981ed582f7c858593e33354db49571d4c63769e1dbc96c9fb080cd9ebd611a65ba4f5afeaf452be157262801b999e748731fddf8e"]) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x200000000, 0x2, &(0x7f00000001c0)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) ioctl$int_in(0xffffffffffffffff, 0x5452, &(0x7f0000000000)=0x80000001) r3 = openat$nvram(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/nvram\x00', 0x200001, 0x0) r4 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000600)='/dev/autofs\x00', 0x40000, 0x0) ioctl$KVM_SET_PIT(r4, 0x8048ae66, &(0x7f0000000a40)={[{0x401, 0xdc3, 0x0, 0x9, 0xff, 0x3, 0x4, 0x0, 0x4, 0x1, 0x40, 0x8, 0x41}, {0x2, 0x5c, 0x0, 0x1f, 0x9, 0x80, 0x4, 0xe0, 0xdd, 0x2, 0x79, 0x7, 0x1}, {0x3, 0x9, 0xec, 0x5, 0x1, 0x8, 0xff, 0x9, 0x7, 0x5, 0x3, 0x3, 0x6287cdee}], 0x9}) ioctl$SNDRV_PCM_IOCTL_STATUS64(r3, 0x80984120, &(0x7f0000000980)) r5 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) sendfile(r5, r5, &(0x7f0000000480), 0xa198) [ 2817.271678] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 2817.291762] Bluetooth: Unknown HCI packet type 5e [ 2817.292388] minix_free_inode: bit 1 already cleared [ 2817.318628] Bluetooth: Unknown HCI packet type 00 [ 2817.334349] Bluetooth: Unknown HCI packet type 40 [ 2817.340570] minix_free_inode: bit 1 already cleared 18:45:24 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)) open(&(0x7f00000000c0)='./file0\x00', 0x40c2, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x200000000, 0x2, &(0x7f00000001c0)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x148) write$binfmt_elf64(r0, &(0x7f0000000ec0)=ANY=[], 0x471) openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) sendfile(r0, r0, &(0x7f0000000480), 0xa198) [ 2817.395229] audit: type=1800 audit(1590777924.249:1283): pid=31999 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="collect_data" cause="failed(directio)" comm="syz-executor.0" name="file0" dev="sda1" ino=15778 res=0 [ 2817.451949] audit: type=1804 audit(1590777924.289:1284): pid=31999 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="open_writers" comm="syz-executor.0" name="/root/syzkaller-testdir477172077/syzkaller.GVGvUQ/763/file0" dev="sda1" ino=15778 res=1 [ 2817.497725] MINIX-fs: mounting unchecked file system, running fsck is recommended 18:45:24 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) open(&(0x7f00000000c0)='./file0\x00', 0x40c2, 0x0) open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) r1 = socket(0x200000000000011, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'sit0\x00', 0x0}) bind$packet(r1, &(0x7f0000000200)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @local}, 0x14) sendmmsg(r1, &(0x7f0000000d00), 0x400004e, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x17, &(0x7f0000000000)=0x80, 0x4) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x200000000, 0x2, &(0x7f00000001c0)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r3 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) write$binfmt_elf64(r3, &(0x7f0000000ec0)=ANY=[], 0x471) sendfile(r3, r3, &(0x7f0000000480), 0xa198) [ 2817.544423] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 2817.582901] audit: type=1800 audit(1590777924.389:1285): pid=32010 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="collect_data" cause="failed(directio)" comm="syz-executor.2" name="file0" dev="sda1" ino=16129 res=0 [ 2817.625815] audit: type=1804 audit(1590777924.399:1286): pid=32014 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="ToMToU" comm="syz-executor.0" name="/root/syzkaller-testdir477172077/syzkaller.GVGvUQ/763/file0" dev="loop0" ino=1 res=1 [ 2817.657845] minix_free_inode: bit 1 already cleared [ 2817.677292] Bluetooth: hci3 command 0x1003 tx timeout [ 2817.683613] Bluetooth: hci3 sending frame failed (-49) [ 2817.712659] audit: type=1800 audit(1590777924.569:1287): pid=32018 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="collect_data" cause="failed(directio)" comm="syz-executor.0" name="file0" dev="sda1" ino=16112 res=0 [ 2817.744752] audit: type=1804 audit(1590777924.569:1288): pid=32018 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="open_writers" comm="syz-executor.0" name="/root/syzkaller-testdir477172077/syzkaller.GVGvUQ/764/file0" dev="sda1" ino=16112 res=1 [ 2817.790464] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 2817.798460] minix_free_inode: bit 1 already cleared [ 2817.941434] audit: type=1804 audit(1590777924.799:1289): pid=32024 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="ToMToU" comm="syz-executor.0" name="/root/syzkaller-testdir477172077/syzkaller.GVGvUQ/764/file0" dev="loop0" ino=1 res=1 [ 2818.097906] minix_free_inode: bit 1 already cleared [ 2818.317099] Bluetooth: hci5 command 0x1003 tx timeout [ 2818.322466] Bluetooth: hci5 sending frame failed (-49) [ 2818.328957] Bluetooth: hci4 command 0x1003 tx timeout [ 2818.334266] Bluetooth: hci4 sending frame failed (-49) [ 2819.037124] Bluetooth: hci6 command 0x1003 tx timeout [ 2819.042460] Bluetooth: hci6 sending frame failed (-49) [ 2819.197161] Bluetooth: hci7 command 0x1003 tx timeout [ 2819.202517] Bluetooth: hci7 sending frame failed (-49) [ 2819.756956] Bluetooth: hci3 command 0x1001 tx timeout [ 2819.762291] Bluetooth: hci3 sending frame failed (-49) [ 2820.397017] Bluetooth: hci4 command 0x1001 tx timeout [ 2820.397021] Bluetooth: hci5 command 0x1001 tx timeout [ 2820.397992] Bluetooth: hci5 sending frame failed (-49) [ 2820.402443] Bluetooth: hci4 sending frame failed (-49) [ 2821.116983] Bluetooth: hci6 command 0x1001 tx timeout [ 2821.122334] Bluetooth: hci6 sending frame failed (-49) [ 2821.287056] Bluetooth: hci7 command 0x1001 tx timeout [ 2821.292438] Bluetooth: hci7 sending frame failed (-49) [ 2821.837023] Bluetooth: hci3 command 0x1009 tx timeout [ 2822.476889] Bluetooth: hci5 command 0x1009 tx timeout [ 2822.486910] Bluetooth: hci4 command 0x1009 tx timeout [ 2823.196893] Bluetooth: hci6 command 0x1009 tx timeout [ 2823.356821] Bluetooth: hci7 command 0x1009 tx timeout 18:45:32 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) open(&(0x7f00000000c0)='./file0\x00', 0x40c2, 0x0) open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x200000000, 0x2, &(0x7f00000001c0)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r1 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) write$binfmt_elf64(r1, &(0x7f0000000ec0)=ANY=[], 0x471) sendfile(r1, r1, &(0x7f0000000480), 0xa198) pipe(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000040)='/dev/cuse\x00', 0x2, 0x0) openat$zero(0xffffffffffffff9c, &(0x7f0000000100)='/dev/zero\x00', 0x18000, 0x0) splice(r3, 0x0, r2, 0x0, 0x20000038, 0x0) ioctl$SNDRV_CTL_IOCTL_POWER_STATE(r2, 0x800455d1, &(0x7f0000000000)) 18:45:32 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)) open(&(0x7f00000000c0)='./file0\x00', 0x40c2, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x200000000, 0x2, &(0x7f00000001c0)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x148) write$binfmt_elf64(r0, &(0x7f0000000ec0)=ANY=[], 0x471) openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) sendfile(r0, r0, &(0x7f0000000480), 0xa198) [ 2825.883500] audit: type=1800 audit(1590777932.739:1290): pid=32038 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="collect_data" cause="failed(directio)" comm="syz-executor.2" name="file0" dev="sda1" ino=16117 res=0 [ 2825.921979] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 2825.926110] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 2825.963887] audit: type=1800 audit(1590777932.769:1291): pid=32037 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="collect_data" cause="failed(directio)" comm="syz-executor.0" name="file0" dev="sda1" ino=16122 res=0 [ 2826.026017] audit: type=1804 audit(1590777932.769:1292): pid=32037 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="open_writers" comm="syz-executor.0" name="/root/syzkaller-testdir477172077/syzkaller.GVGvUQ/765/file0" dev="sda1" ino=16122 res=1 [ 2826.108016] minix_free_inode: bit 1 already cleared [ 2826.157585] minix_free_inode: bit 1 already cleared 18:45:33 executing program 1: pipe(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000040)='/dev/cuse\x00', 0x2, 0x0) splice(r1, 0x0, r0, 0x0, 0x20000038, 0x0) ioctl$VIDIOC_S_AUDOUT(r0, 0x40345632, &(0x7f0000000000)={0x5, "4aa67a156f2e30312416aaf92ea9a4f0a1c494ae07b961eba4dcfc0e94fe5752"}) r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r2, 0x400455c8, 0x0) ioctl$KDADDIO(r2, 0x400455c8, 0x0) [ 2826.535435] Bluetooth: hci3: Frame reassembly failed (-84) 18:45:34 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x20000, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x4) r1 = socket(0x200000000000011, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'sit0\x00', 0x0}) r3 = socket(0x200000000000011, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000080)={'sit0\x00'}) bind$packet(r3, &(0x7f0000000200)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @local}, 0x14) sendmmsg(r1, &(0x7f0000000d00), 0x400004e, 0x0) sendmsg$IPCTNL_MSG_EXP_DELETE(r1, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x64, 0x2, 0x2, 0x401, 0x0, 0x0, {0x4, 0x0, 0x4}, [@CTA_EXPECT_TIMEOUT={0x8, 0x4, 0x1, 0x0, 0xdb4}, @CTA_EXPECT_ID={0x8, 0x5, 0x1, 0x0, 0x406}, @CTA_EXPECT_CLASS={0x8, 0x9, 0x1, 0x0, 0xffffffff}, @CTA_EXPECT_TUPLE={0x10, 0x2, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x3a}}]}, @CTA_EXPECT_TUPLE={0x20, 0x2, 0x0, 0x1, [@CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x3}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x3}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x84}}]}, @CTA_EXPECT_TIMEOUT={0x8, 0x4, 0x1, 0x0, 0x4c1}]}, 0x64}, 0x1, 0x0, 0x0, 0x20004014}, 0x5) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff}) r5 = socket$inet_udplite(0x2, 0x2, 0x88) r6 = fcntl$dupfd(r4, 0x0, r5) ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200) r7 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100)='/dev/net/tun\x00', 0x0, 0x0) r8 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r8, 0x400454ca, &(0x7f0000000000)={'\x00', 0x43732e5398416f1a}) ioctl$TUNSETQUEUE(r8, 0x400454d9, &(0x7f00000000c0)={'\x00', 0x400}) dup2(r7, r8) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000040)) 18:45:34 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = open(&(0x7f00000000c0)='./file0\x00', 0x40c2, 0x0) open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) statx(r1, &(0x7f0000000440)='.\x00', 0x4000, 0x4, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x0, 0x0}) syz_mount_image$xfs(&(0x7f0000000100)='xfs\x00', &(0x7f0000000180)='./file0\x00', 0x7, 0x3, &(0x7f00000003c0)=[{&(0x7f0000000200)="df5f5dc0b234e1e4d74f27d9acef777e25597fd9cd23ff76ac06d7b2c4d6365e57e12890385ac407496cc5ccdb3f73b20cc043603766c862d7d9a7c6d76f1d4dbefef947e4f571b390b5e2d8859da99430b727f0bf4cf3b16c522c2a030b3e889d7c0be2420b8d9c97e266bb4efcf88d0dab47d7cc306b5acc52bb1dc2ef7175740523057b2fde23fee287038e67f5434d06bb90a7e6b5e1d4a3c60d483552", 0x9f, 0xdd}, {&(0x7f00000002c0)="34be07711f99cfc45a173973b188905c1c485b445c1fd825ab6432812be5f2c4b7af421f0adcfecf53b69204c750887b9dbe281e5dddb822ac0d4110005d8919d3d6254a69bf3863b89c15801f66cba14cfafa367de7b1fc82f4accd58", 0x5d}, {&(0x7f0000000340)="f1792b07f5acc2d18e0b4e63a9e0fbd044bc7feb2a1fe63eff2ee1e01a1f71ec8701e9e050f628506f1ee80afbd3acb74ad17739002aa6eb905f026b5aeb2bcb685c2df246", 0x45, 0x6799}], 0x100000, &(0x7f0000000c80)=ANY=[@ANYBLOB="7773796e632c67716e6f656e666f7263652c62736467726f7570732c6e6f757569642c6e6f6c617a7974696d652c736d61636b66736861743d6d696e6978002c646f6e745f6d6561737572652c61707072616973655f747970653d696d617369672c6f626a5f7573653af499f8723d6d696e6978002c657569643dfe4d73b7edc755f78f0e89d8b8cb55d799f85817082a70b51aec5bb5cb38736c77c203ff05ee00c51daabcac24224f95bdec709c779c4cd0ba4bd22f3b87e70517e593d412931de45e4b42f311975daec8650e273f60c9c53864baf11d9952c9e7c8c8553d3b42145cfea1a54bfb9dc5a123049a87ae4c54d1fcfc52d261a31150fbc5", @ANYRESDEC=r2, @ANYBLOB="3d664461d425b17af00b4e35cfe7d17346dacabb1e242f870d4f78220b60d3f1ba14765d9d891f7f16db188ba2ed96a8c86f92f7f617d347b94157c03b2bc6455f6f3471154981ed582f7c858593e33354db49571d4c63769e1dbc96c9fb080cd9ebd611a65ba4f5afeaf452be157262801b999e748731fddf8e"]) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x200000000, 0x2, &(0x7f00000001c0)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) ioctl$int_in(0xffffffffffffffff, 0x5452, &(0x7f0000000000)=0x80000001) r3 = openat$nvram(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/nvram\x00', 0x200001, 0x0) r4 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000600)='/dev/autofs\x00', 0x40000, 0x0) ioctl$KVM_SET_PIT(r4, 0x8048ae66, &(0x7f0000000a40)={[{0x401, 0xdc3, 0x0, 0x9, 0xff, 0x3, 0x4, 0x0, 0x4, 0x1, 0x40, 0x8, 0x41}, {0x2, 0x5c, 0x0, 0x1f, 0x9, 0x80, 0x4, 0xe0, 0xdd, 0x2, 0x79, 0x7, 0x1}, {0x3, 0x9, 0xec, 0x5, 0x1, 0x8, 0xff, 0x9, 0x7, 0x5, 0x3, 0x3, 0x6287cdee}], 0x9}) ioctl$SNDRV_PCM_IOCTL_STATUS64(r3, 0x80984120, &(0x7f0000000980)) r5 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) sendfile(r5, r5, &(0x7f0000000480), 0xa198) 18:45:34 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)) open(&(0x7f00000000c0)='./file0\x00', 0x40c2, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x200000000, 0x2, &(0x7f00000001c0)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x148) write$binfmt_elf64(r0, &(0x7f0000000ec0)=ANY=[], 0x471) openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) sendfile(r0, r0, &(0x7f0000000480), 0xa198) 18:45:34 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x4204c2, 0x0) open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000100)='./file0\x00', 0x7, 0x5, &(0x7f0000000340)=[{&(0x7f0000000200)="2ac44427e1682c9eab150142e006b15097737fc6ef3124bf9a73fb62210a3942e9efe81517c4a279c170c6a0777f3021e79a81a49982bd6a386ed13cc03c8831b4e0a9d06be9f88859599be3961900b2ef710c853efb568768054c8033f16000a23a097672704f9b247e3cb8832326f9a70e31f8810f0daea6f46578aed05745a27732e3940e9f69669967646c5c62d9bb29c6d20f4bfcc93b013319700ae7eca60f3c92300e7f26054f61c652cd4930", 0xb0, 0x9}, {&(0x7f0000000180)="b400f4419fc88c41b6d700426a7d6e5a012df71017a98bd5", 0x18, 0x84e}, {0x0, 0x0, 0x7}, {&(0x7f00000002c0)="ddd5fc3f481a0a435f1453a04c42a23954d844a3ca61a642656b6dc7f04092e1b788ae387a434aedabf7b00a2cafb920da", 0x31, 0x3}, {&(0x7f0000000300)="76461c814b947e2e90000001006e90f449409cbaf8daa4b997bd235057407e9acec738f8d8a8dcf2c2", 0x29}], 0x800020, &(0x7f00000003c0)={[{@commit={'commit', 0x3d, 0x7}}, {@grpquota='grpquota'}, {@hash_rupasov='hash=rupasov'}, {@hash_tea='hash=tea'}, {@noattrs='noattrs'}, {@notail='notail'}, {@noquota='noquota'}], [{@measure='measure'}]}) ioctl$TIOCL_UNBLANKSCREEN(r0, 0x541c, &(0x7f00000005c0)) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x200000000, 0x2, &(0x7f00000001c0)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcc92cee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r1 = open(&(0x7f0000000040)='./file0\x00', 0x145842, 0x147) r2 = openat$nvme_fabrics(0xffffffffffffff9c, &(0x7f0000000500)='/dev/nvme-fabrics\x00', 0x400, 0x0) r3 = socket(0x200000000000011, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000080)={'sit0\x00', 0x0}) bind$packet(r3, &(0x7f0000000200)={0x11, 0x0, r4, 0x1, 0x0, 0x6, @local}, 0x14) sendmmsg(r3, &(0x7f0000000d00), 0x0, 0x40) r5 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$sock_cred(r5, 0x1, 0x11, &(0x7f0000000240)={0x0, 0x0}, &(0x7f0000000280)=0x5) mount$9p_fd(0x0, &(0x7f0000000440)='./file0\x00', &(0x7f00000004c0)='9p\x00', 0x2000, &(0x7f0000000980)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB="00000000bd864235fe1ec5077218d5e60e6e4902fa8880386b585dd7a11bf4dd90133b004884cef41bffca83a54e4439afc09478f9d1a7770c76b1cffe8ee78ba60f7d6f60d57c3ff6ff0f02dda107cfcc49e2cd12cf79a8fb1efa730a24a95107beecce0f0016a235ef8094e3e8fc2b038b64faac84925e1b00"/138, @ANYRESHEX=r3, @ANYBLOB=',noextend,access=any,uid<', @ANYRESDEC=r6, @ANYBLOB=',\x00']) write$binfmt_elf64(r1, &(0x7f0000000ec0)=ANY=[], 0x471) sendfile(r1, r1, &(0x7f0000000480), 0xa198) [ 2827.253296] audit: type=1800 audit(1590777934.109:1293): pid=32077 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="collect_data" cause="failed(directio)" comm="syz-executor.2" name="file0" dev="sda1" ino=15969 res=0 [ 2827.284351] Bluetooth: Unknown HCI packet type 5e [ 2827.291010] Bluetooth: Unknown HCI packet type 43 [ 2827.298655] print_req_error: I/O error, dev loop0, sector 0 [ 2827.312797] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 2827.314657] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 2827.333500] minix_free_inode: bit 1 already cleared [ 2827.337797] Bluetooth: Unknown HCI packet type 5e [ 2827.350622] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 2827.372839] Bluetooth: Unknown HCI packet type 50 [ 2827.373595] audit: type=1800 audit(1590777934.149:1294): pid=32079 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="collect_data" cause="failed(directio)" comm="syz-executor.4" name="file0" dev="sda1" ino=15985 res=0 [ 2827.405812] Bluetooth: Unknown HCI packet type 5e [ 2827.412315] Bluetooth: Unknown HCI packet type 00 [ 2827.437674] Bluetooth: Unknown HCI packet type 40 [ 2827.506939] minix_free_inode: bit 1 already cleared [ 2827.542880] audit: type=1804 audit(1590777934.149:1295): pid=32079 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="open_writers" comm="syz-executor.4" name="/root/syzkaller-testdir136762549/syzkaller.XFJfnY/551/file0" dev="sda1" ino=15985 res=1 [ 2827.627015] minix_free_inode: bit 1 already cleared 18:45:34 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) sendmsg$NFQNL_MSG_VERDICT(0xffffffffffffffff, &(0x7f0000000280)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f0000000080)={0x1a0, 0x1, 0x3, 0x5, 0x0, 0x0, {0x7, 0x0, 0x1}, [@NFQA_VLAN={0x54, 0x13, 0x0, 0x1, [@NFQA_VLAN_PROTO={0x6, 0x1, 0x1, 0x0, 0x88a8}, @NFQA_VLAN_PROTO={0x6, 0x1, 0x1, 0x0, 0x88a8}, @NFQA_VLAN_TCI={0x6, 0x2, 0x1, 0x0, 0x400}, @NFQA_VLAN_TCI={0x6, 0x2, 0x1, 0x0, 0x400}, @NFQA_VLAN_TCI={0x6, 0x2, 0x1, 0x0, 0x3}, @NFQA_VLAN_TCI={0x6, 0x2, 0x1, 0x0, 0x6}, @NFQA_VLAN_PROTO={0x6, 0x1, 0x1, 0x0, 0x88a8}, @NFQA_VLAN_PROTO={0x6, 0x1, 0x1, 0x0, 0x8100}, @NFQA_VLAN_PROTO={0x6, 0x1, 0x1, 0x0, 0x88a8}, @NFQA_VLAN_PROTO={0x6, 0x1, 0x1, 0x0, 0x8100}]}, @NFQA_MARK={0x8, 0x3, 0x1, 0x0, 0x3}, @NFQA_MARK={0x8, 0x3, 0x1, 0x0, 0x4}, @NFQA_VLAN={0x2c, 0x13, 0x0, 0x1, [@NFQA_VLAN_TCI={0x6, 0x2, 0x1, 0x0, 0x3}, @NFQA_VLAN_TCI={0x6, 0x2, 0x1, 0x0, 0x8}, @NFQA_VLAN_PROTO={0x6, 0x1, 0x1, 0x0, 0x8100}, @NFQA_VLAN_TCI={0x6, 0x2, 0x1, 0x0, 0x7}, @NFQA_VLAN_TCI={0x6, 0x2, 0x1, 0x0, 0x1}]}, @NFQA_VLAN={0x3c, 0x13, 0x0, 0x1, [@NFQA_VLAN_TCI={0x6, 0x2, 0x1, 0x0, 0xccb7}, @NFQA_VLAN_TCI={0x6, 0x2, 0x1, 0x0, 0x1}, @NFQA_VLAN_PROTO={0x6, 0x1, 0x1, 0x0, 0x8100}, @NFQA_VLAN_PROTO={0x6, 0x1, 0x1, 0x0, 0x88a8}, @NFQA_VLAN_TCI={0x6, 0x2, 0x1, 0x0, 0x4}, @NFQA_VLAN_PROTO={0x6, 0x1, 0x1, 0x0, 0x8100}, @NFQA_VLAN_TCI={0x6, 0x2, 0x1, 0x0, 0x2}]}, @NFQA_PAYLOAD={0x86, 0xa, "145aee46a936ff86f34c54e3624188957b37d8c1314b4b4bbc618b1d460c35b3a96f794403ca8e50804d9da7f77d207bf737bb5c00f023503a8fd8350c3a975f04f54ffbe38779140b19e19e81bbc9856935c293435b5ca3f2297342142c7ca6b81404f7d62f6952ceb8b58c531804a8ce754e1e07a6389acb09452d1a562660a5ef"}, @NFQA_PAYLOAD={0x36, 0xa, "87ed26367a26a06b6f7a53f11e2033c0cb29bee333e86389f3eeaaab29b0b3872b9da578a629438b13e198d425871d114c26"}]}, 0x1a0}, 0x1, 0x0, 0x0, 0x801}, 0x0) ioctl$KDADDIO(r0, 0x400455c8, 0x4) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000040)) 18:45:34 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x20000, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x4) r1 = socket(0x200000000000011, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'sit0\x00', 0x0}) r3 = socket(0x200000000000011, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000080)={'sit0\x00'}) bind$packet(r3, &(0x7f0000000200)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @local}, 0x14) sendmmsg(r1, &(0x7f0000000d00), 0x400004e, 0x0) sendmsg$IPCTNL_MSG_EXP_DELETE(r1, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x64, 0x2, 0x2, 0x401, 0x0, 0x0, {0x4, 0x0, 0x4}, [@CTA_EXPECT_TIMEOUT={0x8, 0x4, 0x1, 0x0, 0xdb4}, @CTA_EXPECT_ID={0x8, 0x5, 0x1, 0x0, 0x406}, @CTA_EXPECT_CLASS={0x8, 0x9, 0x1, 0x0, 0xffffffff}, @CTA_EXPECT_TUPLE={0x10, 0x2, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x3a}}]}, @CTA_EXPECT_TUPLE={0x20, 0x2, 0x0, 0x1, [@CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x3}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x3}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x84}}]}, @CTA_EXPECT_TIMEOUT={0x8, 0x4, 0x1, 0x0, 0x4c1}]}, 0x64}, 0x1, 0x0, 0x0, 0x20004014}, 0x5) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff}) r5 = socket$inet_udplite(0x2, 0x2, 0x88) r6 = fcntl$dupfd(r4, 0x0, r5) ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200) r7 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100)='/dev/net/tun\x00', 0x0, 0x0) r8 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r8, 0x400454ca, &(0x7f0000000000)={'\x00', 0x43732e5398416f1a}) ioctl$TUNSETQUEUE(r8, 0x400454d9, &(0x7f00000000c0)={'\x00', 0x400}) dup2(r7, r8) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000040)) 18:45:34 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = open(&(0x7f00000000c0)='./file0\x00', 0x40c2, 0x0) open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x200000000, 0x2, &(0x7f00000001c0)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) fcntl$getownex(r1, 0x10, &(0x7f0000000000)) r2 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) write$binfmt_elf64(r2, &(0x7f0000000ec0)=ANY=[], 0x471) sendfile(r2, r2, &(0x7f0000000480), 0xa198) r3 = socket(0x200000000000011, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000080)={'sit0\x00', 0x0}) bind$packet(r3, &(0x7f0000000200)={0x11, 0x0, r4, 0x1, 0x0, 0x6, @local}, 0x14) sendmmsg(r3, &(0x7f0000000d00), 0x400004e, 0x0) setsockopt(r2, 0x1, 0xfffffff8, &(0x7f0000000300)="09b7e70e415ce0d11a3d8f6ad17715fa40a910e5fe096fd1bb59a848986a501693f4bf706b1e8fab723a7a1bf38910fe617e273f2fa026431ec32663eef6af923e210892a81ca02c", 0x48) sendmmsg(r3, &(0x7f0000000180)=[{{0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000200)="486a6844687d329e1f69fb54512ed694a94c7ade1ee06f9267ea383299adbea5bd948c28990853119fc389c3d7b130cba5e6e3a37c4f4f7de0d3261b539e68c248a1e105c0d9aa3b33cfe5b25c862c6710", 0x51}], 0x1, &(0x7f0000000280)=ANY=[@ANYBLOB="680000000000000009010000000800005e92aa581cdb0e996a40cbf80558c144a90cd1ae0f1bd6c4c81c087186ede8a68077d64132d2fb24e97c4a4528812fb1eae98871b049e4e8517e60cc40978f6267a9b5c5ec3f4e616e41264b28e11bdb76f5be61c6000000"], 0x68}}], 0x1, 0x40040040) 18:45:34 executing program 2: ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) open(&(0x7f00000000c0)='./file0\x00', 0x40c2, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x200000000, 0x2, &(0x7f00000001c0)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x148) write$binfmt_elf64(r0, &(0x7f0000000ec0)=ANY=[], 0x471) openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) sendfile(r0, r0, &(0x7f0000000480), 0xa198) [ 2827.894089] audit: type=1800 audit(1590777934.749:1296): pid=32124 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="collect_data" cause="failed(directio)" comm="syz-executor.0" name="file0" dev="sda1" ino=16003 res=0 [ 2827.907557] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 2827.927875] Bluetooth: Unknown HCI packet type 5e [ 2827.932760] Bluetooth: Unknown HCI packet type 43 [ 2827.940518] Bluetooth: Unknown HCI packet type 5e [ 2827.945953] Bluetooth: Unknown HCI packet type 43 [ 2827.948863] Bluetooth: Unknown HCI packet type 5e [ 2827.958280] Bluetooth: Unknown HCI packet type 00 [ 2827.960157] Bluetooth: Unknown HCI packet type 50 [ 2827.970154] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 2827.980280] Bluetooth: Unknown HCI packet type 5e [ 2828.023283] Bluetooth: Unknown HCI packet type 5e [ 2828.029271] Bluetooth: Unknown HCI packet type 50 [ 2828.034092] Bluetooth: Unknown HCI packet type 00 [ 2828.042400] audit: type=1800 audit(1590777934.749:1297): pid=32126 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="collect_data" cause="failed(directio)" comm="syz-executor.2" name="file0" dev="sda1" ino=16017 res=0 [ 2828.050816] Bluetooth: Unknown HCI packet type 40 [ 2828.088297] Bluetooth: Unknown HCI packet type 5e [ 2828.122534] Bluetooth: Unknown HCI packet type 40 18:45:35 executing program 2: ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) open(&(0x7f00000000c0)='./file0\x00', 0x40c2, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x200000000, 0x2, &(0x7f00000001c0)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x148) write$binfmt_elf64(r0, &(0x7f0000000ec0)=ANY=[], 0x471) openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) sendfile(r0, r0, &(0x7f0000000480), 0xa198) [ 2828.161836] audit: type=1804 audit(1590777934.749:1298): pid=32124 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="open_writers" comm="syz-executor.0" name="/root/syzkaller-testdir477172077/syzkaller.GVGvUQ/767/file0" dev="sda1" ino=16003 res=1 [ 2828.246467] minix_free_inode: bit 1 already cleared [ 2828.284010] audit: type=1804 audit(1590777935.139:1299): pid=32147 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="ToMToU" comm="syz-executor.0" name="/root/syzkaller-testdir477172077/syzkaller.GVGvUQ/767/file0" dev="loop0" ino=1 res=1 [ 2828.300175] MINIX-fs: mounting unchecked file system, running fsck is recommended 18:45:35 executing program 2: ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) open(&(0x7f00000000c0)='./file0\x00', 0x40c2, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x200000000, 0x2, &(0x7f00000001c0)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x148) write$binfmt_elf64(r0, &(0x7f0000000ec0)=ANY=[], 0x471) openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) sendfile(r0, r0, &(0x7f0000000480), 0xa198) [ 2828.457565] minix_free_inode: bit 1 already cleared 18:45:35 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) open(&(0x7f00000000c0)='./file0\x00', 0x40c2, 0x0) open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x7, 0x0, &(0x7f00000001c0), 0x0, 0x0) r1 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) sendmsg$NFQNL_MSG_CONFIG(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000100)={&(0x7f0000000180)={0x60, 0x2, 0x3, 0x101, 0x0, 0x0, {0x0, 0x0, 0x8}, [@NFQA_CFG_FLAGS={0x8, 0x5, 0x1, 0x0, 0x4}, @NFQA_CFG_QUEUE_MAXLEN={0x8}, @NFQA_CFG_QUEUE_MAXLEN={0x8, 0x3, 0x1, 0x0, 0x10001}, @NFQA_CFG_QUEUE_MAXLEN={0x8, 0x3, 0x1, 0x0, 0x5000000}, @NFQA_CFG_PARAMS={0x9, 0x2, {0x5, 0x1}}, @NFQA_CFG_CMD={0x8, 0x1, {0x4, 0x0, 0x26}}, @NFQA_CFG_CMD={0x8, 0x1, {0x3, 0x0, 0xb}}, @NFQA_CFG_FLAGS={0x8, 0x5, 0x1, 0x0, 0x10}, @NFQA_CFG_FLAGS={0x8, 0x5, 0x1, 0x0, 0x10}]}, 0x60}, 0x1, 0x0, 0x0, 0x40}, 0x4020040) write$binfmt_elf64(r1, &(0x7f0000000ec0)=ANY=[], 0x471) sendfile(r1, r1, &(0x7f0000000480), 0xa198) [ 2828.509035] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 2828.557129] Bluetooth: hci3 command 0x1003 tx timeout [ 2828.562600] Bluetooth: hci3 sending frame failed (-49) [ 2828.577709] minix_free_inode: bit 1 already cleared [ 2828.665668] VFS: Can't find a Minix filesystem V1 | V2 | V3 on device loop0. [ 2828.677811] minix_free_inode: bit 1 already cleared [ 2828.833458] VFS: Can't find a Minix filesystem V1 | V2 | V3 on device loop0. [ 2829.356367] Bluetooth: hci4 command 0x1003 tx timeout [ 2829.356465] Bluetooth: hci4 sending frame failed (-49) [ 2829.996263] Bluetooth: hci5 command 0x1003 tx timeout [ 2829.996354] Bluetooth: hci6 command 0x1003 tx timeout [ 2830.001682] Bluetooth: hci5 sending frame failed (-49) [ 2830.014884] Bluetooth: hci6 sending frame failed (-49) [ 2830.636211] Bluetooth: hci3 command 0x1001 tx timeout [ 2830.641668] Bluetooth: hci3 sending frame failed (-49) [ 2831.436296] Bluetooth: hci4 command 0x1001 tx timeout [ 2831.441613] Bluetooth: hci4 sending frame failed (-49) [ 2832.076180] Bluetooth: hci6 command 0x1001 tx timeout [ 2832.081544] Bluetooth: hci5 command 0x1001 tx timeout [ 2832.081631] Bluetooth: hci6 sending frame failed (-49) [ 2832.093340] Bluetooth: hci5 sending frame failed (-49) [ 2832.716132] Bluetooth: hci3 command 0x1009 tx timeout [ 2833.516106] Bluetooth: hci4 command 0x1009 tx timeout [ 2834.157277] Bluetooth: hci5 command 0x1009 tx timeout [ 2834.162546] Bluetooth: hci6 command 0x1009 tx timeout 18:45:43 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x1010c0, 0x0) r1 = inotify_init1(0x80000) pipe(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000040)='/dev/cuse\x00', 0x2, 0x0) splice(r3, 0x0, r2, 0x0, 0x20000038, 0x0) ioctl$ION_IOC_ALLOC(r2, 0xc0184900, &(0x7f0000000000)={0x5, 0x0, 0x1, 0xffffffffffffffff}) ioctl$FICLONERANGE(r1, 0x4020940d, &(0x7f0000000080)={{r4}, 0x8, 0x0, 0x6}) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) ioctl$KDADDIO(r0, 0x400455c8, 0x0) 18:45:44 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x20000, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x4) r1 = socket(0x200000000000011, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'sit0\x00', 0x0}) r3 = socket(0x200000000000011, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000080)={'sit0\x00'}) bind$packet(r3, &(0x7f0000000200)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @local}, 0x14) sendmmsg(r1, &(0x7f0000000d00), 0x400004e, 0x0) sendmsg$IPCTNL_MSG_EXP_DELETE(r1, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x64, 0x2, 0x2, 0x401, 0x0, 0x0, {0x4, 0x0, 0x4}, [@CTA_EXPECT_TIMEOUT={0x8, 0x4, 0x1, 0x0, 0xdb4}, @CTA_EXPECT_ID={0x8, 0x5, 0x1, 0x0, 0x406}, @CTA_EXPECT_CLASS={0x8, 0x9, 0x1, 0x0, 0xffffffff}, @CTA_EXPECT_TUPLE={0x10, 0x2, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x3a}}]}, @CTA_EXPECT_TUPLE={0x20, 0x2, 0x0, 0x1, [@CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x3}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x3}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x84}}]}, @CTA_EXPECT_TIMEOUT={0x8, 0x4, 0x1, 0x0, 0x4c1}]}, 0x64}, 0x1, 0x0, 0x0, 0x20004014}, 0x5) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff}) r5 = socket$inet_udplite(0x2, 0x2, 0x88) r6 = fcntl$dupfd(r4, 0x0, r5) ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200) r7 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100)='/dev/net/tun\x00', 0x0, 0x0) r8 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r8, 0x400454ca, &(0x7f0000000000)={'\x00', 0x43732e5398416f1a}) ioctl$TUNSETQUEUE(r8, 0x400454d9, &(0x7f00000000c0)={'\x00', 0x400}) dup2(r7, r8) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000040)) 18:45:44 executing program 2: socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) open(&(0x7f00000000c0)='./file0\x00', 0x40c2, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x200000000, 0x2, &(0x7f00000001c0)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r1 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x148) write$binfmt_elf64(r1, &(0x7f0000000ec0)=ANY=[], 0x471) openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) sendfile(r1, r1, &(0x7f0000000480), 0xa198) 18:45:44 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) open(&(0x7f00000000c0)='./file0\x00', 0x40c2, 0x0) prctl$PR_SET_MM_AUXV(0x23, 0xc, &(0x7f0000000380)="5734f5f021d136ffa602000000ef67cb5f58033a44f2acbe5e1e545f2c019c74f78f27566976d7689097c295d6d48c1ae4ce165cf4eb8bbf7a640008291e893d52cf025cdf0000f6cd00ef943aaee5a8000043b31dd2c711e899ed1a2fa020e07e81616aa60cadf9e1a944394b9d8d3e4b7a5c3fa229d7c2629fa4399b7f8fd95327aff68cebbf9fe0e079c3ffdd83f1b87730624734f760d5f853e4abd3ef093ace9800844b0a5a3e17039f91ec73a1ada0b5611d22bd31b0e7ebfbf9f5f7dabc00a90000000000000000bffe3cd8f109a99f8d18869ad5ad385131a33c792cbc9706054a207b32", 0xe8) open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x200000000, 0x2, &(0x7f00000001c0)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r1 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) write$binfmt_elf64(r1, &(0x7f0000000ec0)=ANY=[], 0x471) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000001140)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000008009500f10100000000487591731cba12c07d57d995b61e89a4530f92304f242b416ae9eeefc0e9c60ebab1c176bf9bb4dde984510c82dc2b9381b72b100d0682fd0a0c4a06b29e220dc28dac72599456d4c4e6f3fe2d1dee18f638ac947b5e026a9705735b68727d6ef3834293812e927c03c7da1322da44c7f2ed1084a12f72d1cb398dff1db3df98588374e267846442f9e49b9e473c6c58a4ca03767c69cee1b6be486e4c9507af216bd889eff7dd5adb8e49f4a94615e49c08c9a20819e02cc22e6be4557cd4ff0fb37ab8d7674c644dca2f1b4d745fd9d42f49db6d4a4762e5cc23dfc1adafd1e5a3e7f2e898961cb43e438c4e41ae43e8118e1407a601dae4b8b99bffffb1ac006c67767b03b95151aeb89e6d0843c625aa2285b6e4afd8c1cc3eb215ba22f43115f4d39dc7beedb130d9f2be90133a0e3ed34258b8c9370634060105baa664953514605fba3973aa021945b985a8a66e9cfa9d9e57033815717b4fdbe55b37cb8d7f41aacfbd4089ea1bd22440f64909a09b5a759a703e71f358e11ac8e13db17d792e604a4f279b3bd6621bdf2c17bc04000000000000000000c4006200607a9a76e5d9656a7154c75773902a1fdf399df3925130312d095e9c1f973d091cec77e7198c1a11a755761fe46169b2b5b8cdedb695cc425fe203d2f2655a76865c2cb4e2470fcfff248c0add5431a78143f34dadf8bbfbcb0ebf69e2d560aa848a11cd521efaf4f66a09af93a089ab1daae4b518d7a5d95a017864487366d6d7ee7bb0749cacf56cf27409c60fca2e2981b22d08f874e0a9cb6fca7844f9dab530388eb1f43d4abbfc59d6f1b18fff80df4bf024f120bd715d82033f2fb7d8fc9e0d77b294e097e293db58992c0024ab2fd8e5e7003af92d11de48e8b4d32972cba6f49051cec1bf6f16231bbb90a2d201e5a47811a2270058ffebd7ccde2480ae40d6156e9a4a2039d0416e3f83074192c48c63384f52b8eeb60571e5bbbab3e6d2b557a52bee6f81968981811f832d06404840e0bbe46984b2f0d0504255c22ee8674053d0e160e525536edf56a93d0a7a6f0889f4ee8964875fea6ff57ba6ae25c5e8ca4f78d5a01308243b08f1caa46be5244d64f8e875858e083144c642f71cdc8e5634c1360c056430f677ee7ed7ac1f9743786b2fb8c2fc8dda2e8b641818f4725710fd085351f6905625bf4dd0fcfcc3d36c93230b7b059bc295aa0e38b1c3edc349ab96e73d2060acfd8145e4a5851bc4d6fdc5ad939d7795f3879baa88bd0c09892c58000987e5c7954e9f3684d116b01ce0b8ef953de70e7cd9311c8b018956f8a42ca26ab295f1ecf617a8dc38e525f415a1bd46b3884575bee3b9c8d57bee297d26ebca04061bacbf627f798a7f520078fee48f83b5989543729e57a9e1d686bc86cd515b4f309130f5347413776a7b7bea3c46c0c4c4b7c27c45057d95ac85ac1cdcee8e6fa31fc02137ed1fb4b21c13b9a2c5e3f7c9ef9c45a314a6f0b9352be92986d63263b5aa5264cb4a82cf080de1633aa4fd9c3e4455ac6a029a1513cb132d28c69a5fc6d17a5700d9bc22a4dda51c0bb5dd70d3155ed199e0e4f33dfef7f1efbb4f81f2f48a228cb93f41921220e18b54eaf8cfe1a783d5a99e95ecd6e86ae04ee8bd60235c53ccfc7eaa9a83a004f1aeffbad240825b7178e7bc5afb7c0000800000000000000500000000d2121369200ad88c4ad1730185b1e9efd2d9e4f08948e1552331ee20a5228fcf0ed8f3337a5c1c2851f6338308ca045cb5206e8fd856ecb111d06d74f4526c4b0f2919f0e46c4f509d2c271f6be8f14d038b7ac581362efee013162257615b09e4de239a46940ba0f372c8a91e04f5624d60c346b7bca4b656d80d23eedb18cb6800b9101d336f1be2c2136e4f108a8aaf6f61b21f722a0d8cd3fa65bbf3f6793df43e1bfb2d5cfd9acfbfb061e20e4313aeb9891096522d36b9bc739d567eeec3425b77e1f78fb9f3f1ea841cd2158733fb84f4494db2703314ad83bcb19d55bed59dac0261806b57dc61cd897d1849eb9332c0c2d0908dfee8d40600000000000000ff3aeed1ab5da8c0516dab40d42529a6105b0a2d9f860d83f83a375ccdc3202de525b450e0da386e372adfdd08f7de73c3150b64c863485ec8dbeff8cb0d8e3a5e1eb725ad84d8d96ced5d70e5837e1531546700c98c9db7287db0fc213810895883cbaa6d3d4a023bef3eb70acb313ed257ec5984ed7a9e243e40e6e6afbd922635d4495a0c8783b1d826e1026707e10bf5d705a21e351d2aa8d1710b40c201786aac4396db7a156e1690c1247ae34f7ce471b8428ef5040722c91bc564286b3ccad3a47f3f88a446f3b14ccc9e30e95c90a63caf5cbee130d567d0b5357f4df69bef8303580846d8059d89bf706772c0473a8a50352359cd5722d02995556da0fb57082abd9a39ec9e01a09913e37a7955dde1dd7f2ea48d32b96e3fcadc95f0aa1a056799f429663582b39f5c5b60db6646a8e51732c052080b5acb161f0d581adc485f1c51d541e26a841977cd25da5bd9c804a49218d925257bc2d3e87d228accb4daeb84dac91b4fc760e80f444dd422fdad2161bc318a52828c3943e322e2df635b"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x222}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r2, 0x18000000000002a0, 0x23, 0x0, &(0x7f0000000280)="b9ff03c64d0d698cb89e0bf088ca1fffffff1400484cb059c38a5dab51da7bd1544b93", 0x0, 0x2d, 0x0, 0x0, 0x0, &(0x7f0000000280)}, 0x40) bpf$OBJ_PIN_PROG(0x6, &(0x7f0000000100)={&(0x7f0000000000)='./file0\x00', r2}, 0x10) r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r3, 0x400455c8, 0x1) ioctl$TIOCSETD(r3, 0x5412, &(0x7f0000000040)) ioctl$TIOCGPTLCK(r3, 0x80045439, &(0x7f0000000180)) sendfile(r1, r1, &(0x7f0000000480), 0xa198) 18:45:44 executing program 1: pipe(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000040)='/dev/cuse\x00', 0x2, 0x0) splice(r1, 0x0, r0, 0x0, 0x20000038, 0x0) r2 = openat$cgroup_ro(r0, &(0x7f0000000000)='hugetlb.2MB.usage_in_bytes\x00', 0x0, 0x0) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r2, 0xc0845657, &(0x7f0000000080)={0x0, @reserved}) ioctl$TCSBRKP(r2, 0x5425, 0x1) r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r3, 0x400455c8, 0x0) r4 = socket(0x200000000000011, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000080)={'sit0\x00', 0x0}) bind$packet(r4, &(0x7f0000000200)={0x11, 0x0, r5, 0x1, 0x0, 0x6, @local}, 0x14) sendmmsg(r4, &(0x7f0000000d00), 0x400004e, 0x0) recvfrom(r4, &(0x7f00000001c0)=""/4096, 0x1000, 0x1, &(0x7f00000011c0)=@ax25={{0x3, @default, 0x2}, [@remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @null, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @bcast, @bcast, @default, @default]}, 0xfffffe69) pipe(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r7 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000040)='/dev/cuse\x00', 0x2, 0x0) splice(r7, 0x0, r6, 0x0, 0x20000038, 0x0) ioctl$EVIOCSREP(r6, 0x40084503, &(0x7f0000000140)=[0x2, 0x4]) ioctl$KDADDIO(r3, 0x400455c8, 0x0) [ 2837.477560] kauditd_printk_skb: 6 callbacks suppressed [ 2837.477571] audit: type=1800 audit(1590777944.340:1306): pid=32201 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="collect_data" cause="failed(directio)" comm="syz-executor.0" name="file0" dev="sda1" ino=16133 res=0 [ 2837.507264] audit: type=1800 audit(1590777944.350:1307): pid=32205 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="collect_data" cause="failed(directio)" comm="syz-executor.2" name="file0" dev="sda1" ino=16134 res=0 [ 2837.510066] Bluetooth: hci3: Frame reassembly failed (-84) [ 2837.536186] Bluetooth: Unknown HCI packet type 5e [ 2837.549221] Bluetooth: Unknown HCI packet type 43 [ 2837.558107] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 2837.572635] audit: type=1804 audit(1590777944.430:1308): pid=32214 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="open_writers" comm="syz-executor.0" name="/root/syzkaller-testdir477172077/syzkaller.GVGvUQ/769/file0" dev="sda1" ino=16133 res=1 [ 2837.606435] Bluetooth: Unknown HCI packet type 5e [ 2837.621206] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 2837.637436] Bluetooth: Unknown HCI packet type 50 [ 2837.650784] Bluetooth: Unknown HCI packet type 00 [ 2837.661702] Bluetooth: Unknown HCI packet type 5e [ 2837.688165] Bluetooth: Unknown HCI packet type 40 [ 2837.767752] minix_free_inode: bit 1 already cleared 18:45:44 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x4) r1 = accept(0xffffffffffffffff, &(0x7f0000000080)=@pppoe={0x18, 0x0, {0x0, @remote}}, &(0x7f0000000000)=0x80) r2 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0)='batadv\x00') r3 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r3, 0x8933, &(0x7f0000000000)={'batadv0\x00', 0x0}) r5 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$BATADV_CMD_GET_GATEWAYS(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000200)={0x24, r2, 0x711, 0x0, 0x0, {0x9}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r4}, @BATADV_ATTR_HARD_IFINDEX={0x8}]}, 0x24}}, 0x0) sendmsg$BATADV_CMD_GET_ROUTING_ALGOS(r1, &(0x7f00000001c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000180)={&(0x7f0000000240)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r2, @ANYBLOB="0002c3bd7000fbdb0000800000000000000030adfbaa305c4830ba8f3d07b1912c00000000"], 0x1c}, 0x1, 0x0, 0x0, 0x4000800}, 0x10014091) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000040)) 18:45:44 executing program 4: pipe(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000040)='/dev/cuse\x00', 0x2, 0x0) splice(r1, 0x0, r0, 0x0, 0x20000038, 0x0) ioctl$KVM_ASSIGN_SET_MSIX_ENTRY(r0, 0x4010ae74, &(0x7f0000000180)={0xfffffffc, 0xa8d, 0x80}) r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptmx\x00', 0x141001, 0x0) ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r2, 0x400455c8, 0x4) r3 = socket(0x200000000000011, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000080)={'sit0\x00', 0x0}) bind$packet(r3, &(0x7f0000000200)={0x11, 0x0, r4, 0x1, 0x0, 0x6, @local}, 0x14) sendmmsg(r3, &(0x7f0000000d00), 0x400004e, 0x0) getsockopt$inet6_buf(r3, 0x29, 0x2e, &(0x7f0000000080)=""/114, &(0x7f0000000100)=0x72) r5 = socket(0x200000000000011, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000080)={'sit0\x00', 0x0}) bind$packet(r5, &(0x7f0000000200)={0x11, 0x0, r6, 0x1, 0x0, 0x6, @local}, 0x14) sendmmsg(r5, &(0x7f0000000d00), 0x400004e, 0x0) r7 = socket$vsock_stream(0x28, 0x1, 0x0) setsockopt$RDS_GET_MR_FOR_DEST(r5, 0x114, 0x7, &(0x7f0000000340)={@pppol2tpv3in6={0x18, 0x1, {0x0, r7, 0x1, 0x1, 0x2, 0x1, {0xa, 0x4e20, 0x3, @remote, 0x78ef}}}, {&(0x7f0000000240)=""/224, 0xe0}, &(0x7f0000000140), 0x2}, 0xa0) prctl$PR_CAPBSET_READ(0x17, 0x9f55) ioctl$TIOCSETD(r2, 0x5412, &(0x7f0000000040)) 18:45:44 executing program 2: socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) open(&(0x7f00000000c0)='./file0\x00', 0x40c2, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x200000000, 0x2, &(0x7f00000001c0)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r1 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x148) write$binfmt_elf64(r1, &(0x7f0000000ec0)=ANY=[], 0x471) openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) sendfile(r1, r1, &(0x7f0000000480), 0xa198) [ 2838.066783] Bluetooth: Unknown HCI packet type 00 [ 2838.066991] Bluetooth: Unknown HCI packet type 5e [ 2838.078074] Bluetooth: Unknown HCI packet type 43 [ 2838.083813] Bluetooth: Unknown HCI packet type 5e [ 2838.089793] Bluetooth: Unknown HCI packet type 50 [ 2838.105218] Bluetooth: Unknown HCI packet type 5e [ 2838.133099] Bluetooth: Unknown HCI packet type 40 [ 2838.141977] audit: type=1800 audit(1590777945.000:1309): pid=32247 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="collect_data" cause="failed(directio)" comm="syz-executor.2" name="file0" dev="sda1" ino=16139 res=0 [ 2838.171172] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 2838.217759] Bluetooth: Unknown HCI packet type 00 [ 2838.223055] Bluetooth: Unknown HCI packet type 5e [ 2838.230930] Bluetooth: Unknown HCI packet type 43 [ 2838.254109] Bluetooth: Unknown HCI packet type 5e 18:45:45 executing program 2: socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) open(&(0x7f00000000c0)='./file0\x00', 0x40c2, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x200000000, 0x2, &(0x7f00000001c0)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r1 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x148) write$binfmt_elf64(r1, &(0x7f0000000ec0)=ANY=[], 0x471) openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) sendfile(r1, r1, &(0x7f0000000480), 0xa198) [ 2838.281886] Bluetooth: Unknown HCI packet type 50 [ 2838.301174] Bluetooth: Unknown HCI packet type 5e [ 2838.307097] Bluetooth: Unknown HCI packet type 40 [ 2838.337459] minix_free_inode: bit 1 already cleared [ 2838.411105] audit: type=1800 audit(1590777945.270:1310): pid=32261 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="collect_data" cause="failed(directio)" comm="syz-executor.2" name="file0" dev="sda1" ino=16139 res=0 [ 2838.412866] MINIX-fs: mounting unchecked file system, running fsck is recommended 18:45:45 executing program 2: socketpair$unix(0x1, 0x5, 0x0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) open(&(0x7f00000000c0)='./file0\x00', 0x40c2, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x200000000, 0x2, &(0x7f00000001c0)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x148) write$binfmt_elf64(r0, &(0x7f0000000ec0)=ANY=[], 0x471) openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) sendfile(r0, r0, &(0x7f0000000480), 0xa198) [ 2838.577310] minix_free_inode: bit 1 already cleared [ 2838.641176] audit: type=1800 audit(1590777945.500:1311): pid=32267 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="collect_data" cause="failed(directio)" comm="syz-executor.2" name="file0" dev="sda1" ino=16139 res=0 [ 2838.645908] MINIX-fs: mounting unchecked file system, running fsck is recommended 18:45:45 executing program 2: socketpair$unix(0x1, 0x5, 0x0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) open(&(0x7f00000000c0)='./file0\x00', 0x40c2, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x200000000, 0x2, &(0x7f00000001c0)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x148) write$binfmt_elf64(r0, &(0x7f0000000ec0)=ANY=[], 0x471) openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) sendfile(r0, r0, &(0x7f0000000480), 0xa198) [ 2838.776600] minix_free_inode: bit 1 already cleared [ 2838.835915] audit: type=1800 audit(1590777945.700:1312): pid=32274 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="collect_data" cause="failed(directio)" comm="syz-executor.2" name="file0" dev="sda1" ino=16139 res=0 [ 2838.863862] MINIX-fs: mounting unchecked file system, running fsck is recommended 18:45:45 executing program 2: socketpair$unix(0x1, 0x5, 0x0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) open(&(0x7f00000000c0)='./file0\x00', 0x40c2, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x200000000, 0x2, &(0x7f00000001c0)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x148) write$binfmt_elf64(r0, &(0x7f0000000ec0)=ANY=[], 0x471) openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) sendfile(r0, r0, &(0x7f0000000480), 0xa198) [ 2838.957182] minix_free_inode: bit 1 already cleared [ 2839.032950] audit: type=1800 audit(1590777945.890:1313): pid=32282 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="collect_data" cause="failed(directio)" comm="syz-executor.2" name="file0" dev="sda1" ino=16139 res=0 [ 2839.047756] MINIX-fs: mounting unchecked file system, running fsck is recommended 18:45:46 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) open(&(0x7f00000000c0)='./file0\x00', 0x40c2, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x200000000, 0x2, &(0x7f00000001c0)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x148) write$binfmt_elf64(r0, &(0x7f0000000ec0)=ANY=[], 0x471) openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) sendfile(r0, r0, &(0x7f0000000480), 0xa198) [ 2839.166550] minix_free_inode: bit 1 already cleared [ 2839.233911] audit: type=1800 audit(1590777946.090:1314): pid=32290 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="collect_data" cause="failed(directio)" comm="syz-executor.2" name="file0" dev="sda1" ino=16145 res=0 [ 2839.239781] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 2839.396635] minix_free_inode: bit 1 already cleared [ 2839.515578] Bluetooth: hci4 command 0x1003 tx timeout [ 2839.520958] Bluetooth: hci4 sending frame failed (-49) [ 2839.527223] Bluetooth: hci3 command 0x1003 tx timeout [ 2839.532522] Bluetooth: hci3 sending frame failed (-49) [ 2839.755550] Bluetooth: hci7 command 0x1003 tx timeout [ 2839.761022] Bluetooth: hci7 sending frame failed (-49) [ 2840.075765] Bluetooth: hci5 command 0x1003 tx timeout [ 2840.081091] Bluetooth: hci5 sending frame failed (-49) [ 2840.235500] Bluetooth: hci6 command 0x1003 tx timeout [ 2840.240965] Bluetooth: hci6 sending frame failed (-49) [ 2841.595479] Bluetooth: hci3 command 0x1001 tx timeout [ 2841.600967] Bluetooth: hci3 sending frame failed (-49) [ 2841.607469] Bluetooth: hci4 command 0x1001 tx timeout [ 2841.612825] Bluetooth: hci4 sending frame failed (-49) [ 2841.835592] Bluetooth: hci7 command 0x1001 tx timeout [ 2841.840926] Bluetooth: hci7 sending frame failed (-49) [ 2842.155749] Bluetooth: hci5 command 0x1001 tx timeout [ 2842.161178] Bluetooth: hci5 sending frame failed (-49) [ 2842.325498] Bluetooth: hci6 command 0x1001 tx timeout [ 2842.330825] Bluetooth: hci6 sending frame failed (-49) [ 2843.675340] Bluetooth: hci3 command 0x1009 tx timeout [ 2843.675344] Bluetooth: hci4 command 0x1009 tx timeout [ 2843.915388] Bluetooth: hci7 command 0x1009 tx timeout [ 2844.245707] Bluetooth: hci5 command 0x1009 tx timeout [ 2844.395269] Bluetooth: hci6 command 0x1009 tx timeout 18:45:54 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) open(&(0x7f00000000c0)='./file0\x00', 0x40c2, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x200000000, 0x2, &(0x7f00000001c0)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x148) write$binfmt_elf64(r0, &(0x7f0000000ec0)=ANY=[], 0x471) openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) sendfile(r0, r0, &(0x7f0000000480), 0xa198) 18:45:54 executing program 1: r0 = socket(0x200000000000011, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'sit0\x00', 0x0}) bind$packet(r0, &(0x7f0000000200)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @local}, 0x14) sendmmsg(r0, &(0x7f0000000d00), 0x400004e, 0x0) ioctl$sock_inet_SIOCSIFDSTADDR(r0, 0x8918, &(0x7f0000000000)={'veth0_vlan\x00', {0x2, 0x4e23, @loopback}}) r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r2, 0x400455c8, 0x0) ioctl$KDADDIO(r2, 0x400455c8, 0x0) [ 2847.696945] audit: type=1800 audit(1590777954.561:1315): pid=32306 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="collect_data" cause="failed(directio)" comm="syz-executor.2" name="file0" dev="sda1" ino=15872 res=0 [ 2847.723337] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 2847.802894] Bluetooth: hci3: Frame reassembly failed (-84) [ 2847.925777] minix_free_inode: bit 1 already cleared 18:45:55 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) open(&(0x7f00000000c0)='./file0\x00', 0x40c2, 0x0) open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x200000000, 0x2, &(0x7f00000001c0)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b73be73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811b4fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e0000000000000000", 0x309, 0x34f9}], 0x0, 0x0) r1 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) write$binfmt_elf64(r1, &(0x7f0000000ec0)=ANY=[], 0x471) sendfile(r1, r1, &(0x7f0000000480), 0xa198) 18:45:55 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x20000, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x4) r1 = socket(0x200000000000011, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'sit0\x00', 0x0}) r3 = socket(0x200000000000011, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000080)={'sit0\x00'}) bind$packet(r3, &(0x7f0000000200)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @local}, 0x14) sendmmsg(r1, &(0x7f0000000d00), 0x400004e, 0x0) sendmsg$IPCTNL_MSG_EXP_DELETE(r1, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x64, 0x2, 0x2, 0x401, 0x0, 0x0, {0x4, 0x0, 0x4}, [@CTA_EXPECT_TIMEOUT={0x8, 0x4, 0x1, 0x0, 0xdb4}, @CTA_EXPECT_ID={0x8, 0x5, 0x1, 0x0, 0x406}, @CTA_EXPECT_CLASS={0x8, 0x9, 0x1, 0x0, 0xffffffff}, @CTA_EXPECT_TUPLE={0x10, 0x2, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x3a}}]}, @CTA_EXPECT_TUPLE={0x20, 0x2, 0x0, 0x1, [@CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x3}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x3}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x84}}]}, @CTA_EXPECT_TIMEOUT={0x8, 0x4, 0x1, 0x0, 0x4c1}]}, 0x64}, 0x1, 0x0, 0x0, 0x20004014}, 0x5) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff}) r5 = socket$inet_udplite(0x2, 0x2, 0x88) r6 = fcntl$dupfd(r4, 0x0, r5) ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200) openat$tun(0xffffffffffffff9c, &(0x7f0000000100)='/dev/net/tun\x00', 0x0, 0x0) r7 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r7, 0x400454ca, &(0x7f0000000000)={'\x00', 0x43732e5398416f1a}) ioctl$TUNSETQUEUE(r7, 0x400454d9, &(0x7f00000000c0)={'\x00', 0x400}) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000040)) 18:45:55 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) open(&(0x7f00000000c0)='./file0\x00', 0x40c2, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x200000000, 0x2, &(0x7f00000001c0)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x148) write$binfmt_elf64(r0, &(0x7f0000000ec0)=ANY=[], 0x471) openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) sendfile(r0, r0, &(0x7f0000000480), 0xa198) [ 2848.296844] minix_free_inode: bit 1 already cleared [ 2848.324431] audit: type=1800 audit(1590777955.181:1316): pid=32335 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="collect_data" cause="failed(directio)" comm="syz-executor.2" name="file0" dev="sda1" ino=15953 res=0 [ 2848.358019] Bluetooth: Unknown HCI packet type 5e [ 2848.362947] Bluetooth: Unknown HCI packet type 43 18:45:55 executing program 4: pipe(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000040)='/dev/cuse\x00', 0x2, 0x0) splice(r1, 0x0, r0, 0x0, 0x20000038, 0x0) ioctl$KVM_ASSIGN_SET_MSIX_ENTRY(r0, 0x4010ae74, &(0x7f0000000180)={0xfffffffc, 0xa8d, 0x80}) r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptmx\x00', 0x141001, 0x0) ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r2, 0x400455c8, 0x4) r3 = socket(0x200000000000011, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000080)={'sit0\x00', 0x0}) bind$packet(r3, &(0x7f0000000200)={0x11, 0x0, r4, 0x1, 0x0, 0x6, @local}, 0x14) sendmmsg(r3, &(0x7f0000000d00), 0x400004e, 0x0) getsockopt$inet6_buf(r3, 0x29, 0x2e, &(0x7f0000000080)=""/114, &(0x7f0000000100)=0x72) r5 = socket(0x200000000000011, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000080)={'sit0\x00', 0x0}) bind$packet(r5, &(0x7f0000000200)={0x11, 0x0, r6, 0x1, 0x0, 0x6, @local}, 0x14) sendmmsg(r5, &(0x7f0000000d00), 0x400004e, 0x0) r7 = socket$vsock_stream(0x28, 0x1, 0x0) setsockopt$RDS_GET_MR_FOR_DEST(r5, 0x114, 0x7, &(0x7f0000000340)={@pppol2tpv3in6={0x18, 0x1, {0x0, r7, 0x1, 0x1, 0x2, 0x1, {0xa, 0x4e20, 0x3, @remote, 0x78ef}}}, {&(0x7f0000000240)=""/224, 0xe0}, &(0x7f0000000140), 0x2}, 0xa0) prctl$PR_CAPBSET_READ(0x17, 0x9f55) ioctl$TIOCSETD(r2, 0x5412, &(0x7f0000000040)) [ 2848.376814] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 2848.404498] Bluetooth: Unknown HCI packet type 5e [ 2848.435501] Bluetooth: Unknown HCI packet type 00 [ 2848.435660] audit: type=1800 audit(1590777955.301:1317): pid=32345 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="collect_data" cause="failed(directio)" comm="syz-executor.0" name="file0" dev="sda1" ino=16133 res=0 [ 2848.444523] Bluetooth: Unknown HCI packet type 50 18:45:55 executing program 3: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) openat$cuse(0xffffffffffffff9c, &(0x7f0000000040)='/dev/cuse\x00', 0x2, 0x0) socket$tipc(0x1e, 0x5, 0x0) r1 = socket(0x200000000000011, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'sit0\x00', 0x0}) bind$packet(r1, &(0x7f0000000200)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @local}, 0x14) sendmmsg(r1, &(0x7f0000000d00), 0x400004e, 0x0) r3 = socket(0x200000000000011, 0x3, 0x0) splice(r3, 0x0, r1, 0x0, 0x20000037, 0x4) ioctl$SCSI_IOCTL_START_UNIT(r0, 0x5) r4 = socket(0x200000000000011, 0x3, 0x0) sendmsg$TIPC_CMD_SHOW_STATS(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x1c, 0x0, 0x300, 0x70bd26, 0x25dfdbfc, {}, ["", "", "", "", "", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x80}, 0x20000001) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000080)={'sit0\x00', 0x0}) bind$packet(r4, &(0x7f0000000200)={0x11, 0x0, r5, 0x1, 0x0, 0x6, @local}, 0x14) sendmmsg(r4, &(0x7f0000000d00), 0x400004e, 0x0) getsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, &(0x7f0000000400)={{{@in6=@private2, @in6=@private2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@mcast2}}}, &(0x7f00000001c0)=0xe8) setsockopt$packet_drop_memb(r0, 0x107, 0x2, &(0x7f00000003c0)={r6, 0x1, 0x6, @broadcast}, 0x10) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(0xffffffffffffffff, 0x400455c8, 0x4) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000000)=0x2) [ 2848.484707] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 2848.545895] audit: type=1804 audit(1590777955.331:1318): pid=32345 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="open_writers" comm="syz-executor.0" name="/root/syzkaller-testdir477172077/syzkaller.GVGvUQ/770/file0" dev="sda1" ino=16133 res=1 [ 2848.551884] Bluetooth: Unknown HCI packet type 5e [ 2848.596288] Bluetooth: Unknown HCI packet type 00 18:45:55 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x0) open(&(0x7f00000000c0)='./file0\x00', 0x40c2, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x200000000, 0x2, &(0x7f00000001c0)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r1 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x148) write$binfmt_elf64(r1, &(0x7f0000000ec0)=ANY=[], 0x471) openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) sendfile(r1, r1, &(0x7f0000000480), 0xa198) [ 2848.645302] Bluetooth: Unknown HCI packet type 5e [ 2848.650213] Bluetooth: Unknown HCI packet type 40 [ 2848.685427] minix_free_inode: bit 1 already cleared [ 2848.692114] Bluetooth: Unknown HCI packet type 43 [ 2848.705350] minix_free_inode: bit 1 already cleared [ 2848.710113] Bluetooth: Unknown HCI packet type 5e [ 2848.754931] Bluetooth: Unknown HCI packet type 50 [ 2848.754938] Bluetooth: Unknown HCI packet type 5e [ 2848.754942] Bluetooth: Unknown HCI packet type 40 [ 2848.788638] audit: type=1800 audit(1590777955.651:1319): pid=32369 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="collect_data" cause="failed(directio)" comm="syz-executor.2" name="file0" dev="sda1" ino=15953 res=0 [ 2848.818989] MINIX-fs: mounting unchecked file system, running fsck is recommended 18:45:55 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = open(&(0x7f00000000c0)='./file0\x00', 0x40c2, 0x0) open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x200000000, 0x2, &(0x7f00000001c0)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r2 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) write$binfmt_elf64(r2, &(0x7f0000000ec0)=ANY=[], 0x471) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$fou(&(0x7f00000001c0)='fou\x00') sendmsg$FOU_CMD_DEL(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000240)={0x14, r4, 0xe7a035cf4856fee5}, 0x14}}, 0x0) sendmsg$FOU_CMD_ADD(r1, &(0x7f0000000200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)={0x40, r4, 0x400, 0x70bd2a, 0x25dfdbfe, {}, [@FOU_ATTR_PEER_V4={0x8, 0x8, @multicast1}, @FOU_ATTR_LOCAL_V6={0x14, 0x7, @ipv4={[], [], @private=0xa010102}}, @FOU_ATTR_PEER_PORT={0x6, 0xa, 0x4e23}, @FOU_ATTR_PEER_PORT={0x6, 0xa, 0x4e20}]}, 0x40}, 0x1, 0x0, 0x0, 0x400}, 0x20e65fd2995471f0) sendfile(r2, r2, &(0x7f0000000480), 0xa198) r5 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$TIOCCBRK(r5, 0x5428) 18:45:55 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x0) open(&(0x7f00000000c0)='./file0\x00', 0x40c2, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x200000000, 0x2, &(0x7f00000001c0)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r1 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x148) write$binfmt_elf64(r1, &(0x7f0000000ec0)=ANY=[], 0x471) openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) sendfile(r1, r1, &(0x7f0000000480), 0xa198) [ 2849.064015] audit: type=1800 audit(1590777955.921:1320): pid=32377 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="collect_data" cause="failed(directio)" comm="syz-executor.0" name="file0" dev="sda1" ino=15985 res=0 [ 2849.068605] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 2849.121329] audit: type=1804 audit(1590777955.921:1321): pid=32377 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="open_writers" comm="syz-executor.0" name="/root/syzkaller-testdir477172077/syzkaller.GVGvUQ/771/file0" dev="sda1" ino=15985 res=1 [ 2849.156228] minix_free_inode: bit 1 already cleared 18:45:56 executing program 0: socketpair$unix(0x1, 0x5, 0x0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) open(&(0x7f00000000c0)='./file0\x00', 0x40c2, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x200000000, 0x2, &(0x7f00000001c0)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x148) write$binfmt_elf64(r0, &(0x7f0000000ec0)=ANY=[], 0x471) openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) sendfile(r0, r0, &(0x7f0000000480), 0xa198) [ 2849.206904] audit: type=1804 audit(1590777956.061:1322): pid=32377 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="ToMToU" comm="syz-executor.0" name="/root/syzkaller-testdir477172077/syzkaller.GVGvUQ/771/file0" dev="loop0" ino=1 res=1 [ 2849.261661] minix_free_inode: bit 1 already cleared [ 2849.278170] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 2849.288261] audit: type=1800 audit(1590777956.131:1323): pid=32387 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="collect_data" cause="failed(directio)" comm="syz-executor.2" name="file0" dev="sda1" ino=15972 res=0 18:45:56 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x4) r1 = socket(0x200000000000011, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'sit0\x00', 0x0}) bind$packet(r1, &(0x7f0000000200)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @local}, 0x14) sendmmsg(r1, &(0x7f0000000d00), 0x400004e, 0x0) sendmsg$AUDIT_USER_AVC(r1, &(0x7f0000001100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f00000010c0)={&(0x7f0000000080)={0x1010, 0x453, 0x10, 0x70bd27, 0x25dfdbfd, "c54a3843970de1244f616aa58bd0a626aa7b01e006c02ed60b9ef8b313056215a66709fdf358f8ca7dae68ff4bda32b1de4ead3c41eee6460194ab86df34cb6f7823059b0fdcbca095e8c6761c7d1409d64328114b9dd301c4e15469d714d0fe715a9304d1498250ed5e609af56754111642ef33e5ff641828897eb19c269fb0bd6a3575b98079183bc12e9429147683f17c905ddb135468d0e994e0a77f617708287b2664ea4278741708d3deac79019187c823209aaa57016e120055ddc9633b656d7497509f199f82507094e9206ba25bf80b5755515c9aa21845c2ae2fe9ff56037871c19e568d5fc1b6322f702a9155330cf3afe33b1b791a518a46c26cdca3c15d609315ace816c29ec662675ea429aa48c2f744f632dd4de895e9b95135e273e0346ac897a6df7f0bc5c502ed6fede422b66dc18a7f14e3dda47a282da3c6504bdc1919f74a6952ccfb73a2b728a9757e9aab0540275f896bba4e85814236035ccb4c476167d4a91c2d2406ff962172ab352d155faaaba7006c4a986b3b4ab2efacca508d372d0f5fee474cc16442320bfa651d5103cc6934917a2f64635f6c9884c621cfa33c436e53ef186d81268d05688691b3fdfc21688aa94aa0880ae9c2cbb14b20fd92781bff3abe3ed5006496ad3b5beec950855e8d8ce69973cdf40967ba9f7ee57787c954ef4b355d62ba1b61759256f60dd3734100cbdebb7520541abbd04ac4328eae8266c4cb77bf8e4faae3c9d9304959604689454efb4a74bdfd72435b41655e8fa85cfc79ecec7b5e827ff06106e4c7b547b91f71d66fd37e480fe13fd27aab65a1ba0c85b8de1fa5a67173899d36b0a61c89ba670261ed0d8c7cd054a29104153c617430fc4416091cfa2252005f88bd219039ac66a01f65032ef7920e13abf3da9ffc77bae987f3dd92105122e2b3ef94b9b7c4e46add42e8b705b339ca4285b1a68406a88b70b83558c7e5b1f7a51b8324ee8ac7142a5f4febd77e115d9717d0debb61e3773dcfc22fc974aa7b4315429fea7ca90a761d17265396aff7e5ae72040fd815032bcf1dbc2270687a572f48b667535dd8881e06a3ed066dffe0b220ba025c65849840eec512d1b9d733e38b4ccaff30e53326a04afc685c81baed4a66f4e8a9f355cc134fcedefd59aa213ed845fccff065ed2020d57dc0c89af9e5b8e4b1c6097cc72e2c4afdb9eccb36ac6426e9297a3b7f38bc1e5c9f60d4760983e75e91ada9af04d0730232ef7a9afff5b2a91370254a74e591c8327f6b4d82237ea99a4bc3d5d3c5b976a7f1f14f6d03cd9f3d0a35640cf78a5bbb74afaf633670e06e5ae878eeedf82c12c236fdd43627c73cabe73b057cba2eb95a13d23f8a2385ac3abf608c644b8129b95d0362684af6ab9567e99912bd00a1badb325c8e614fbfdc16708234785762192b7729a2697237829bb0963e8cc6acace9ab1f6123e87aebdef1a59757ea038f676a5c6b5b8b674f4764f23ae60f6331f3321d4a8b9f00957ce161fb38c5b9e1df487931ff67b69efdbc87b2ceb4558522ff118a0da35e8a0bc763b376cb8a943cdbfab0969f26e65d9682fe770f2f479a4e9d702f9ea9b8c9e66202954ea5f8c01a004ed2e2a9066aa721482cb468907f23f6fb6e9f968fcfa7c9644698adfa35b307a29454196dc90be5b5058cf15257920a7a88857d5cafdbd5808027916b1bcb381d9e72415b6774f4be419abe17d8725e4967240b52b4043628cfba8d4117356279378a25cb9fc38f84f75995d4ac38a35ee004e03288457ca964e0e355a96feb135245b99c1efe2888e7b122a59edc1dada811fea83bd1095d243dbe51c76ccf0eeceafca44a2edd7c1568489aa6384917cc3e02a51e0993bbae908ba74735d208c734aa76b39308b592e7bc9e8f514c8809146be16d1a79aa22362fadb56bb578dd6b7be7a8126b51b9e4ca6b465d96fd0cfc24bf274c5c94cf30e6632a269b67706084ddde6a305e6af2cf60e60b80f5377bd6fed27df6f0262a0d13b2befb3cf73e8ffc7cf0c89fe2076048f41a6beb535b5e9534f8382fb2be78bc8903f63163b2ffb9dce897f3dc208865e2244f1f7c2f1fea0a6b4567c0738a38b2d76710f37a95309d28e9c7f0023af98f9a59e122d1d5e9a1728848fa9e4a86241a3b70fe1d0e1597953c06041f5492050da65bf3c0a0a1140ceb20b4fa7458a273134574e4bce6e3404dc38cdd98d22407f7f3939824bc05d69228fe3f22a69e08a0940e78d46a8fb71c51bc504a66d9a3c433578610c0e736c8800cf400e815b8f4b5fb4196069203590570cee31859d4cdd96157565ad94ea9c23cbd7332d6a2c8f188744b6b23198642a43362da964871260770f500be4065682424d3aea85f3c7f5ded1ad3bb592fc4a47caf3012c34809df56c89bc4e0a33f6b6d9b9d24efca028b7a42bb2cb6f6af3fe206130b267426cf0c6ac99f3eea2d418219487fe273210226358a922bb3721c2904095ba8d3d6b08a0965d7678d2f609efc6fac973cee353b3f9ff486288dd4ebf1a2182e94c4f57c7abdf16c15bd2e958a705e3d2b45ce351c071609ca2dba72114cca00bc7b6a803670ea19681d7e1a1fb00787812e7eb964c480945b89819314cedf41678198eeab5caf0b618032a0a5f4d6c5b7177911222ebf0fbeb0312e9a9fc433669cc6f9e9d2d79b617d422e1fab8529e2b9c45dfca088b6cbbf2b8458196a20b9942f8b196a74b7d535d330daa90f6850385bb1e7a894c7f5f750e1c26300f4e74594c8cf87ee340451fbd429649cc83c25745b3d71ae2f315d2336d8e2fabaecd7feaf3a6a07884bc5e02545303aa68ee58654ea4833cf9d551f11e2ff53ffd7aa9dd8240807881cda9c293cb7c757e5ca14408786559f067037c1e6f08a1782904993d073972db6da4c4da87aa60f5ff776f43656a5895ff1deb6fb6c94ae5da874ee2026735b718ba145abc4243211b0f6ffb0d499d3e1591fb813af4a6068a3ff54a2063709dc5528cc1939e81ab1659ea60442f2ec11669f8632ab027d20abd819b3373bab3073aaa6863c12d879db8183dfcd12255fed5bdb0143b37c1c7652e91a01771bdec9ff4d2bf6210bb4c80d04f5a821900992851e97b44dd39ba8bf6c72cede5c4702ec51c9d81bf4aae3862bce618b48397420deec823969a19d7dcab616bf57f26d1a9669ae84c2ab754b4a1b5e838ecbf0f942ffdb78abcd95557b55a8899938c179f3bf8a5f907f3498b7acdf62374cc0564c5a4e7b1060c420dddb4b66f9df72ddd35e0adf541a0e0b8c4ffd2a8edcf5bd5260b4a11a352f04e1bed59490b6a173f8ff7a4f08cf5fceaa78b25227cd8db4a64e076cf708c13a0064883b270342f81c28bf46874f9edf3ff3978d5f97b041196e32687ddfa7e11864f5ae07aa3ffc2af791e82dc2efe0f421c94105d9eae5bcf2513dcf53e35bb7f4cae67b43dd077b8b08ca34aa9b30b7ad9b95d2a55f5c141c0a38898d4cb6b861a5b383113b322b126e7905eb15b9e29b32de9d0c793187f18d0b829171dc6ffda6fdedc57ca33f8a71ab1b2365fb7a6b3ecc8a171df172afd4ce3e57db0065b48f1559c39e20d4ec0f44c9e428473d24e9707f9189a23c56c07e47d513fd683f9a146688479480b0f717b736d4205e4e897b975702a8b5b559c5cc2c18be45f657857654bd1b03839b5b3000bb83ee2af1a532e5d6b255f8537927b36d38f3b3803a6e016ab7f05d165e52c11d02c186ba2842973b04df0cb2d7c9189831b0b38bc4433ae3feea941442c874569b186e0a7e0ef989f5f7978b3f46d637de001a9425b2917a2f918016834f7f49e20c8c8d9ec8d562961a2ad66933d7aaefd2bde5a47228cd2c764d0525eaee2bf3bbfa5392c5eab0c265d615eb9ab0c32e6c19d6dd0e10b720b8c40366845e12f4bc3c0fcc5cda2157a4833deec892764e167be35aab54176b1c69d1e0830764dff60dd6201feb48bcb7883ae3e072a395ba0c0246b8817eda6c1472b5292a5c3fccc9cbe24edba8268102ea60b955b39fd6750ee16d05719811643a1b70417863d9a479e550664d001bdffc4629c65537d897b38bdef45fca72e057e3f95b4b25e4d215b7862f57b6113fd826be17e2fadd0dedb407b4750e63e9ec07f1d7242481adde19a139f7365f9f352f78f779385aed039a35af6d81f471e6940fa5a4e257b26dbbf33f45217e98ed0e8b11ba494795c7b5a20bcd7ebeda715eb8d1b6eae26a4a443b236ae79ba9b5820491d04457b0a85b3d04e6dbb9f6bf42ae8a91b74f355bdcb6f9f674120901d3ba68b9c9e886238b0f3ae29ce3ad4e719963c22dfcb111b5ff0bb12b8826a15a6dcfbd1c409cc159315a1e73cf25023fcef52b8530eceaa05331b305cbfa20f5469a07cc3c72c7b8a8cb7ee8b0f3ae06841f512d0a154199f98bf7e448e63379734c42dd1769b9d3a9ef8621ec2b23c52b520d935bc208321c67969b20325e9eb80d59b3657ee77b40cec4d8670957905c933741496788850b0a5c2ac3bcaeb9330a966a1bd832546d5e55fab9fafa662f347b68624b9335800c62c37947eb0e477ddd9795d8eddcbd5df7367f95f63fcfa9137bd002bd094ddd0fac8b70b13a775103669d6e2e8e7f1f21547bb0eb7df75b2de8b3622eb755c6fade7245350519e66891d2e45b0d6d312987f4298d5152044bc6567625ec6072d0fdc7b9178149445395ebe15683decd3727798e4c8b4998c27917942f8644e21d834ae4119df09124989f06c9f8b00a516bc9cf60a553588fc3084c3f2493c922236cede17798fa6d67a9ed70edee10f7144e1ac6b680d72c39ebed89d9bef1ac3eaa260e0337cee7c79f5e08c0b49a4203af93e788c8154c257d31613557e9f446da516a10e610320eb65849f68a7da26e8ffdd71ffbab6d6f0e94bd83baba5e70d9b541232c856b540015d67229dfd6d4a3d02be56993a2c26aab90730c1513097657bcb556b2a3f188beb6c5bdc2ec73967878a3129b7684137b87d0c8765680f4b1df6475719387d6b6fd6466c247ef5059d945abbdc8c0443fa04e4db252a720e23718620c4d925b1d2cc7f82ef18ed83818cf53ff2e35ff362692a648b4d2d12e10501d1add1a29c0f06c8b2abdd77a0927bf27814874cdfae280f2a77e6475cba21a0d0d22774a2cd74e5e766606d1ba5e7bdb5a286a19baa36ff89f3b7f3bef7533863ef46dd5ac47bb34dd657b63ac66ddf9635317b489fe5bf168a00dfdcf882d23d0e1889745ea0a00d6d2a4398957ee2f373e3d23f8f242828162eb54c2764a6b3e8985d8c868677241db4b9bfd7b6c753919c7160848f3d9c07af707026fe3f2c24608405227d042d0ed7a12cde818498ef3ed581143c2cf1aedaf2f4532abaea805915c46cff42f1d71107aee170f98f1d9f5d26aec7d70c885c0373c6721c289555e98311c5dab45e9d13d172207c275881e95192779a508db7dff89738f215666cba42dc4a5b1c89d2f82bcac08ac4a03907d587745328609301cb00e40a590131b5829084fb11b2e738e021cf51e58d378ee701938c02e742dc0e83ca7bf2eef134b6f3e813d2fc7b40d877bbfcc48b70c0104338b9d5160af60754a566f1dfbf21e7e82af6643d36add5d74db86b293ead5d6697ed423f93e921b00efe99d9fe72a93e5e0527995b0051b79f6229777747362a127581f7f8672aa00b33a5c01b8251fc8fd8d1bc32a8aef8a38f93ee8c439a2877eba3617c8cb7cddce297b9ca946a107ce4072897cad07652e571b181326", ["", "", "", "", "", ""]}, 0x1010}}, 0x20008844) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000040)) [ 2849.394058] audit: type=1800 audit(1590777956.251:1324): pid=32395 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="collect_data" cause="failed(directio)" comm="syz-executor.0" name="file0" dev="sda1" ino=15955 res=0 18:45:56 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x0) open(&(0x7f00000000c0)='./file0\x00', 0x40c2, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x200000000, 0x2, &(0x7f00000001c0)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r1 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x148) write$binfmt_elf64(r1, &(0x7f0000000ec0)=ANY=[], 0x471) openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) sendfile(r1, r1, &(0x7f0000000480), 0xa198) [ 2849.437452] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 2849.450283] Bluetooth: Unknown HCI packet type 5e [ 2849.470744] Bluetooth: Unknown HCI packet type 00 [ 2849.477901] minix_free_inode: bit 1 already cleared [ 2849.481838] Bluetooth: Unknown HCI packet type 43 [ 2849.501507] Bluetooth: Unknown HCI packet type 5e [ 2849.507703] Bluetooth: Unknown HCI packet type 50 [ 2849.513330] Bluetooth: Unknown HCI packet type 5e [ 2849.550828] Bluetooth: Unknown HCI packet type 40 [ 2849.630535] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 2849.715716] minix_free_inode: bit 1 already cleared [ 2849.815577] minix_free_inode: bit 1 already cleared [ 2849.834943] Bluetooth: hci3 command 0x1003 tx timeout [ 2849.840692] Bluetooth: hci3 sending frame failed (-49) [ 2850.394790] Bluetooth: hci4 command 0x1003 tx timeout [ 2850.400154] Bluetooth: hci4 sending frame failed (-49) [ 2850.554859] Bluetooth: hci5 command 0x1003 tx timeout [ 2850.560467] Bluetooth: hci5 sending frame failed (-49) [ 2851.434831] Bluetooth: hci6 command 0x1003 tx timeout [ 2851.440195] Bluetooth: hci6 sending frame failed (-49) [ 2851.924688] Bluetooth: hci3 command 0x1001 tx timeout [ 2851.930087] Bluetooth: hci3 sending frame failed (-49) [ 2852.474620] Bluetooth: hci4 command 0x1001 tx timeout [ 2852.479946] Bluetooth: hci4 sending frame failed (-49) [ 2852.634689] Bluetooth: hci5 command 0x1001 tx timeout [ 2852.640159] Bluetooth: hci5 sending frame failed (-49) [ 2853.514650] Bluetooth: hci6 command 0x1001 tx timeout [ 2853.520024] Bluetooth: hci6 sending frame failed (-49) [ 2853.994639] Bluetooth: hci3 command 0x1009 tx timeout [ 2854.554525] Bluetooth: hci4 command 0x1009 tx timeout [ 2854.714570] Bluetooth: hci5 command 0x1009 tx timeout [ 2855.594475] Bluetooth: hci6 command 0x1009 tx timeout 18:46:04 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r1, 0x400455c8, 0x1) ioctl$TIOCSETD(r1, 0x5412, &(0x7f0000000040)) ioctl$KDADDIO(r1, 0x400455c8, 0x2) ioctl$KDADDIO(r0, 0x400455c8, 0x0) 18:46:04 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x0) open(&(0x7f00000000c0)='./file0\x00', 0x40c2, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x200000000, 0x2, &(0x7f00000001c0)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r1 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x148) write$binfmt_elf64(r1, &(0x7f0000000ec0)=ANY=[], 0x471) openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) sendfile(r1, r1, &(0x7f0000000480), 0xa198) [ 2857.878043] kauditd_printk_skb: 1 callbacks suppressed [ 2857.878053] audit: type=1800 audit(1590777964.741:1326): pid=32422 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="collect_data" cause="failed(directio)" comm="syz-executor.0" name="file0" dev="sda1" ino=16083 res=0 [ 2857.931872] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 2858.125408] minix_free_inode: bit 1 already cleared [ 2858.204431] Bluetooth: Error in BCSP hdr checksum [ 2858.464480] Bluetooth: Error in BCSP hdr checksum 18:46:05 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x20000, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x4) r1 = socket(0x200000000000011, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'sit0\x00', 0x0}) r3 = socket(0x200000000000011, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000080)={'sit0\x00'}) bind$packet(r3, &(0x7f0000000200)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @local}, 0x14) sendmmsg(r1, &(0x7f0000000d00), 0x400004e, 0x0) sendmsg$IPCTNL_MSG_EXP_DELETE(r1, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x64, 0x2, 0x2, 0x401, 0x0, 0x0, {0x4, 0x0, 0x4}, [@CTA_EXPECT_TIMEOUT={0x8, 0x4, 0x1, 0x0, 0xdb4}, @CTA_EXPECT_ID={0x8, 0x5, 0x1, 0x0, 0x406}, @CTA_EXPECT_CLASS={0x8, 0x9, 0x1, 0x0, 0xffffffff}, @CTA_EXPECT_TUPLE={0x10, 0x2, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x3a}}]}, @CTA_EXPECT_TUPLE={0x20, 0x2, 0x0, 0x1, [@CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x3}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x3}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x84}}]}, @CTA_EXPECT_TIMEOUT={0x8, 0x4, 0x1, 0x0, 0x4c1}]}, 0x64}, 0x1, 0x0, 0x0, 0x20004014}, 0x5) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff}) r5 = socket$inet_udplite(0x2, 0x2, 0x88) r6 = fcntl$dupfd(r4, 0x0, r5) ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200) openat$tun(0xffffffffffffff9c, &(0x7f0000000100)='/dev/net/tun\x00', 0x0, 0x0) r7 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r7, 0x400454ca, &(0x7f0000000000)={'\x00', 0x43732e5398416f1a}) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000040)) 18:46:05 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) open(0x0, 0x40c2, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x200000000, 0x2, &(0x7f00000001c0)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r1 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x148) write$binfmt_elf64(r1, &(0x7f0000000ec0)=ANY=[], 0x471) openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) sendfile(r1, r1, &(0x7f0000000480), 0xa198) [ 2858.649719] Bluetooth: Unknown HCI packet type 5e [ 2858.660692] Bluetooth: Unknown HCI packet type 43 [ 2858.660891] Bluetooth: Unknown HCI packet type 00 [ 2858.673656] Bluetooth: Unknown HCI packet type 5e [ 2858.686863] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 2858.694516] Bluetooth: Unknown HCI packet type 50 [ 2858.697603] minix_free_inode: bit 1 already cleared [ 2858.699717] Bluetooth: Unknown HCI packet type 5e [ 2858.699722] Bluetooth: Unknown HCI packet type 40 [ 2858.726271] Bluetooth: Error in BCSP hdr checksum [ 2858.984426] Bluetooth: Error in BCSP hdr checksum 18:46:06 executing program 4: pipe(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000040)='/dev/cuse\x00', 0x2, 0x0) splice(r1, 0x0, r0, 0x0, 0x20000038, 0x0) ioctl$KVM_ASSIGN_SET_MSIX_ENTRY(r0, 0x4010ae74, &(0x7f0000000180)={0xfffffffc, 0xa8d, 0x80}) r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptmx\x00', 0x141001, 0x0) ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r2, 0x400455c8, 0x4) r3 = socket(0x200000000000011, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000080)={'sit0\x00', 0x0}) bind$packet(r3, &(0x7f0000000200)={0x11, 0x0, r4, 0x1, 0x0, 0x6, @local}, 0x14) sendmmsg(r3, &(0x7f0000000d00), 0x400004e, 0x0) getsockopt$inet6_buf(r3, 0x29, 0x2e, &(0x7f0000000080)=""/114, &(0x7f0000000100)=0x72) r5 = socket(0x200000000000011, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000080)={'sit0\x00', 0x0}) bind$packet(r5, &(0x7f0000000200)={0x11, 0x0, r6, 0x1, 0x0, 0x6, @local}, 0x14) sendmmsg(r5, &(0x7f0000000d00), 0x400004e, 0x0) r7 = socket$vsock_stream(0x28, 0x1, 0x0) setsockopt$RDS_GET_MR_FOR_DEST(r5, 0x114, 0x7, &(0x7f0000000340)={@pppol2tpv3in6={0x18, 0x1, {0x0, r7, 0x1, 0x1, 0x2, 0x1, {0xa, 0x4e20, 0x3, @remote, 0x78ef}}}, {&(0x7f0000000240)=""/224, 0xe0}, &(0x7f0000000140), 0x2}, 0xa0) prctl$PR_CAPBSET_READ(0x17, 0x9f55) ioctl$TIOCSETD(r2, 0x5412, &(0x7f0000000040)) 18:46:06 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) mount$fuseblk(&(0x7f0000000080)='/dev/loop0\x00', 0x0, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000000b000/0x18000)=nil, &(0x7f00000008c0)=[@text32={0x20, &(0x7f00000000c0)="b805000000b9510000000f01c10f46a78900000066ba2100b067ee66ba4100edb9800000c00f3266ba400066ed0f30c4c271de9d0000000066b808008ed0660f38806f000f011c2666b8bf008ee0", 0x4e}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)) r3 = inotify_init() r4 = inotify_init() r5 = dup3(r3, r4, 0x0) ioctl$sock_inet_udp_SIOCINQ(r5, 0x541b, &(0x7f0000000040)) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4cb]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 18:46:06 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) open(0x0, 0x40c2, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x200000000, 0x2, &(0x7f00000001c0)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r1 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x148) write$binfmt_elf64(r1, &(0x7f0000000ec0)=ANY=[], 0x471) openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) sendfile(r1, r1, &(0x7f0000000480), 0xa198) [ 2859.244306] Bluetooth: Error in BCSP hdr checksum [ 2859.254987] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 2859.265174] minix_free_inode: bit 1 already cleared [ 2859.284707] Bluetooth: Unknown HCI packet type 5e [ 2859.292822] Bluetooth: Unknown HCI packet type 43 [ 2859.300272] Bluetooth: Unknown HCI packet type 00 [ 2859.311182] Bluetooth: Unknown HCI packet type 5e 18:46:06 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r1, 0x400455c8, 0x1) ioctl$TIOCSETD(r1, 0x5412, &(0x7f0000000040)) ioctl$KDADDIO(r1, 0x400455c8, 0x9e4) pipe(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000040)='/dev/cuse\x00', 0x2, 0x0) splice(r3, 0x0, r2, 0x0, 0x20000038, 0x0) write$tun(r2, &(0x7f0000000080)={@void, @void, @mpls={[{0x47}, {0xffff8}, {0x7}, {0x8, 0x0, 0x1}, {0xeef9, 0x0, 0x1}, {0x5}, {0x3, 0x0, 0x1}, {0x3ae, 0x0, 0x1}, {0x1}], @ipv4=@udp={{0x19, 0x4, 0x1, 0x5, 0x107c, 0x64, 0x0, 0x40, 0x11, 0x0, @remote, @local, {[@ra={0x94, 0x4, 0x1}, @timestamp={0x44, 0x18, 0x71, 0x0, 0x3, [0x7fffffff, 0x2e, 0xb69, 0x1, 0x2]}, @lsrr={0x83, 0x13, 0x72, [@broadcast, @multicast1, @private=0xa010101, @dev={0xac, 0x14, 0x14, 0x23}]}, @lsrr={0x83, 0x3, 0x9c}, @end, @end, @lsrr={0x83, 0x17, 0x99, [@initdev={0xac, 0x1e, 0x1, 0x0}, @multicast2, @multicast1, @broadcast, @multicast2]}, @ra={0x94, 0x4}]}}, {0x4e21, 0x4e22, 0x1018, 0x0, @wg=@data={0x4, 0x2, 0x7, "797b4cb56d677164048b68e1b82b1d0ff5eb4064ffb98ea5d7d6e76e316bf918a43d77eaedd642103573ce6ed90c518e50b6d7bb8e5af805cdf71dd669c331fb534aef2de95261550ac8716529717d2e35bca807a979b66afa78fce32f692354c7a5da0274f9715f94971df0dff7ddbab9c09111701f996f5bdeec39278ace813e169d81afb8eac9364a9ff6576dac45d6344219a68a97e018592d3267a1c22004f5ee4d3f97444f7c41893cf420267b8e04440f7de9e51b237643b72615b3f592d12df4d4d065896572690d4d788a5735c754481e463e12c34d47649a4897706f03fae32b05d79b1ebcb9c8f11edd45156cafbe6faa1a970a29d289cfd5fd6e94aa066d135a4bf345caf52e80f99edd2594c7cf093c5b7870ab3374f90cb561d0123826074a79ba5c784f70a96d98f40ce16e1927ea40c88766b28a021bb198802e06caabffe461a6cee0066c91d2445e23a236a51443f5afec92db23c177796365e15da38a4a1f935a02c8de1d7ba911bce765693fbf66a304f9710d125752dfff844ebd60365b94587a19cd7c91a44aacd9bb163a5efd28e0c05ff24db721eef1b2ccc1f4f676f4abef747b15d81ea369caf031ada87735db987862ddbec02a6dd61bacbafde9638923de1e6ff6aaa241e4ae02aca843842ff9587f34ccc8ce062012e3b2cf7b1bfd9168455cc242c9285d448a26056b27bbb2a4d638612131e5012278c4e0e8964bcc0b775dd1e105b547fe9bb0346ac6606e73a6c857a272160a5a398a9e116f5009b4192c02da871055cab0a32d10f03db6bc5fa874e6c55a9c78aa134f617b8eeff1da4c112282cf68d2a5c212d4d5054997a1221a4cbfabd90f9d1678478117ce4a0740d16d64a3cae116313022f67bc93433d8351fe788a6d53cab4ff5d97172d37d5ea0a708b7ba12a9b5650453b12ee4dcfe78e5ef39dac30e779069c59946e9d1707beddd96f95b46775ef0eef18f1fdd9f6a9fc47d6b3eeaa30c3d0f53cc777040987780bc7f463a462a58c74fc24b69ecf034c03fc29366ec76df8e232651c52c7aa2fd1120c69d7a92e8d4482ff809087dc737b7759cdccf7582acb0f7a7c4fcb4ef2676f47e0b5ddf035ed903f3202a5363b233aa1bcf003a9adc2f6ebbec31208d69c65f29a1779c625fb7b4a3fcb09d71dd82f481cf883f4ccca906a8da3cee8a5374190b23c4ab5a8a4e18bfc7d7bba5cc883c7c2cf1b6579fca34ca903fff3fe1867ae24cf88fe8f3b48cc757bda2a17f9cc9d12b8feb8d9b46ec72a1cbcc420155a2cdc07d73d75c8bfb75ee2ff621d50e8166118d170bd333b89b75af42d608916f80d7516d3f5557756aab48e9df53bff39ce69197f24bf0ba6d3c59487b5babe3d57daa0aaf4108c4d98ac8927777040b3ca671a2beb141688fc7fa913ae19afbd9cec5ea9ebf4e83199f7d4d6893afdee1ba93f18793c4bcab0ee227203101a8a6498447ab5d45295a8582bddf5dfc91a1380947428c82b8226216d4f6a497e1acc77744bfcad688edefb8f9ee9389d942db70f2b85ff01ffa00bff2679a3bc67fa7d4f366087f4ddce13c5e1f6f549691cf03ac41a55759901d98b9c05b1387d72d605b7cb80d3ddb92e7e17255ebe1b36cea0afe39fd68a5f4599729b2d5677a7559a0dbca52024b1b16b2919c9dcd4ce10fdeee664b7dd6c2ff5179f03ee027282362ec111dca59be8ffc0281e2a10d965099ee5724a17cab7cb54d821da009ce16b48d6d1424ed4572792f0402812080cd9fe420b4db42382a6f9a2f3117b4f20c75f56fe026458d3fe08073bc5d09515f2eaf38053754891a6b2afe8d0b24581984df7923e39a4a7881eb9e9d3f924a56c156fe2abd9a9a1dfa3e9bdc43cce863620f924fcd210e524b9536672a47993e56d2e3f0284d1a695af700b45076bd6e58c7018fe929037e872a1e0fd7a24e1c57a016ff2712d9952b849664d2a2efaf060b1ba94a7aba70fc6bf3062e56d867fb38ab26c8290cb2744b39b414822b094d69b6eea1655692cb75aba6563603b4a66d85d1fbdd8809a00506b6a9f1108d6a693d7e0a45ae7da51d012dbb0d19de7a01b745e75a98bdcfdd89fbc4ed0625388ca3e3ebf9394d1d34ea4cefcc99baa34fd35987c6b912b47a85a6cf419df4a4fb6f1c29ca712f4b45a9b19728420a174929277b9bf4d015e911e33c355bbf9f8407ae6fe39d72f9beeaf129f1b5f00bcfd0339020f393f4dc968273bd3c5405035ec30347622c957143a619ea3d8b211351fadf951c9f8d2d2f3241f90c83dc16216609c7cb67d2eea6de960b0aaef6ec8bbe3af70b2a9fb92bc7b6212795c7b4e6405aac959775888028060bab36f2938ed4cbac918f67a002d5b2f6ce1c27c50f3414b8e106a108d512f7f0f31dc2ac5ad5e9a12549f965b07226fd0bf71baeedd3aedc19e62910599d4778f4bdce0fc1960f28dd673e01318805e86d745b330ff42079427a3024c96aaf31d81124728a0b89e052d176d00951c6652639966ea2d6a5a3dd6ba3511752f3b1517ce30a47edf2ecc9c2a83c8489d9c04ba5f72866f381392bf0d297cbb2f1d385f4adf6a8a92a1b5f52c07cdb8bfbf8076a7d78e4f521d6926cc3f9de17a3f38adb3826b83a053c71d2c7c4a35a5b0cf6b38091f3773f6dd4fc2001e98d3c93583b33151c58bb92e23692d07bb103ee258f8d6f0f6f5885708c153d576b590078e9ecc6dea3daf4ca8fd51165c4f4ef6e0d4584e35bf5daffdc249e082d1c4c3425ef0ab537812e223cfda1bd2589b45e4be5c33c43feec20ad7318758814741a629731ad14e58872446ac0752c3f3628fbc8eab90b10c998dad2310760dfde5069ad0659d71e2d2cb6c569d9ddedda3b257ada602b71e0721e4621776088c91acca71b3f9db32dad7d70aa07c043033ebbe620895233a0696fe0aa6a3f97f29fc6a7ae6e4d4e19f7fbce5b938fa0f7f9be8151da94a264687d87aac8cb5794b2aab951d26cbcdbe846e748a0ae5940e72fd7a842e204776bbd1770753b829e160dfdaab96f13343deae532e426c29752f7c03ac38c3b5905dcf47cc2a5a2b9df305f5ea3a08f4c186569acc0ca2996547ded4a89e2ea3d20600119b77fae327a9021967fc2f0127a8c0a54d04a2729cf113c1071bfff4d95f42ba3805331946255387081763b0a17bf669fdf2baa3c0ae2177e7208c17a1fe7cdebe87b37ea6c1a8f56bf85b8a158007ad507ba57adfb772ebc3b6d900033cebf9a7cd0cee0f8fdd2d5b04acd97296c84f6939d5d93c0357a94eeee79cd14d68eca474e3938c10dcaa7b7987a1107a770123370280466faf9b6a38fc79094281f97c642c079081d300b5d6475f535de4d91fc8f307dce49195c27770f99478c98fe9b9360aabdca3a1e9635cece3a14fa9bfa4efbce430e36639d3aa93e251081b1e5d6f9488b00ee68e4eea79babc659cf07bd9ea9235ca94353c47721b9db5e48c463bdb3728ca4a5858f1f5b10e724a473138ba4e6fb21150dbf30c50e9a8ef4e10cdd7f65032758692c52e28327c4a75483425623f0c447e0dafbac972dfdbd0a392b2225f6a8f5214dfc8c0af5f833b0dc6ba6f8b29f72b2b45fb87e7d9e830323068cd3ea82e4f4bc9cb23c30707cc005842d2cddc00e18af36ed449d84f97fa81278f6586728a9d476eb127f9603f6868562348af884b3c76213ebdad97873124e796d1401538ec2bcf4475a92f974b41dfc9f83f89137ce44e8137c00c4f184584a49756458f9dba5bc17b7369fbfdf979f65a3ebc470c9d6383d1bbf64db91409b95eabda5b0ec54a139f36c144085cdf2060d51c8fd86530f183370219b5f515054ddad7bb00fa05f68a023fef71da4a5e34934e78789078b1927579adff5b1a2b2e3a5da8420f36eaff4cc721aa4a32f77253eeae4a58558bf77a4874cf73c2186824e67e86f27131100d9bd8733cf7fa0124132d80b8a1cec0c0eb0b25e0fe63619491e35a3c7da4489d16fce2a4dd69d0ffaf3a3f40a31a667d3f0cff199e782644e428554b94eacaa3c642429e51c5a0dd6d9306b4f96d3e06b7f7f2e71f27cc3e0b7096b69bb1366b0e032cac049f19cd13cc11ec2efc207f50eca439415f97158a8db04656e54987394614f181980c409534672a8b993a5827eeef91758ad304ba25deadadedfae2df2d40496a7958fa16134787de8c9598a335701fed5103719ae2c727b89ee66c56db0cbdc20996d39d5f3bfa9e7ec009fbf9258c861701d67ca1d5657419f14c352e9dbc4f4b0e94643152e5f187e31a6b14814ed2f30658d22d98c40311e1847ac44eba0607d30c6a22c5f90e1ef70499e2045e7410b44b8c6c2f7679a0411b081c33e03f5e1582f56dd6568d674d27db37babaab2d9c568641ff6d68d596b0e28741147bdd746ac2e1d8001507ba968479d504b0b130303f7262cf7598bcc131b5bead569a41b35936c6923e838b1e9b304395694347380c5f95dd0fe1f3283b5144e70c0f3ba80715812f1aa0bd992f23d73c80e72e7ecb327bd5ebb392aa97804735b4be2a5b4fe6abffdc5b9b926a005237d03bc97e22f23f06cc4425c52ffe774fd9e5909c8507d715a8f05ee2ab7f209162695fec632b1987cc09f239f5f9e29f72d055be1d893f38e955c5e799fe32a7659df6e8ef73069cf990ceb46e7371607f33d812e8ba82c9b59658f39e20b963bf53d2bac76b2cdbff882136f40bcc5ebca8a402c4050c98280c25cac907774e0b6d88733b377d1d318cb414598581fdb21d717af4c09a54e9505fef25b1fb132ce3f25ae949d449412515566f07b6ccfeb1d5435db03b149e3659a7cc6796bd00c83ed396a37334368710921b7dd510ff4a32f6623ba038f7766f32353a7ae36f22541fc06c611619d55483db71b2290221c48c01c1e7653329ba4a928a77565d70ec35dbe6ad37b112b699a596ac66d6fa08dd3a44ee5e02ecc376a1c427b8af70fb1b2a454e3dfae2878838c070a2396eb9f510da55952106621a18d58b681a45d51fd3fc26ed26e4389514ea379d20ce880cfc26fad5199f3961e9de836ec182a562f5bfd24b589bf2afceaaee8b6d56376019f355bb4abf821d2019884275be8f20a4996a80a229586ae966c3b69919f1fcb48e2d7ea524971f38eac454f0b87653989d94ad76cad4daa3746c011b0ff05c8dbf32e2684839af3873662aedb30d61bf8d36a4b4ef5161c40047d60b264b24417cf9f0ab83befbd9c638703e8b90b93861a9191e9e2741b9765ee6b0d39d1701986c762dc46bd8fda07672ea3251f40e64916d0dffeaebf05127cdf0af34456ca278dbcb3c3151c9e92c15aa1e22053cd021fe4ff614fed7e6bb33c7db190230ab7458deb88ba6ac000cf19957dd75279ca04158b3a0f9aa601b301644a125067fec0338b286a2a5671217d8ea3cbb0f2b3db7294f546960612e6d44521f3a6adcc58b4ba78eae2eef4c40f4cd429a9b238b21c53cf9880702b90b12db6caca9e3d253d66810e2591c0e29548002d16fbb1b171f63d8f582aa4b3388c8db5f0e2b674a33cfbe730b6cd82b54edcab7b7aa8b227a897f2dbb04d212d381b5c166cc155eb0eaaa1a794b5e53339399866bce8a3b8d5f9808715bc3ea9db0069589d2b682696e8d5d03a4898bdaa33e8650e5e1bd9b331adad0a46d7524bf85bfa439792f935797b743870e38862f82dae8efe6bf52ebde4cdfaf0a2b6fed049440dd092964af284a2942ca2a662bfad96e91c18e3e234c57186e390f135de3ef470f01e36b02fe43741"}}}}}, 0x10a0) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000040)) 18:46:06 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) open(0x0, 0x40c2, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x200000000, 0x2, &(0x7f00000001c0)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r1 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x148) write$binfmt_elf64(r1, &(0x7f0000000ec0)=ANY=[], 0x471) openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) sendfile(r1, r1, &(0x7f0000000480), 0xa198) [ 2859.344583] Bluetooth: Unknown HCI packet type 50 [ 2859.373047] Bluetooth: Unknown HCI packet type 5e [ 2859.388907] Bluetooth: Unknown HCI packet type 40 18:46:06 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) open(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x200000000, 0x2, &(0x7f00000001c0)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r1 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x148) write$binfmt_elf64(r1, &(0x7f0000000ec0)=ANY=[], 0x471) openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) sendfile(r1, r1, &(0x7f0000000480), 0xa198) [ 2859.453468] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 2859.462081] minix_free_inode: bit 1 already cleared [ 2859.504451] Bluetooth: Error in BCSP hdr checksum [ 2859.565586] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 2859.575937] minix_free_inode: bit 1 already cleared [ 2859.769939] Bluetooth: Error in BCSP hdr checksum 18:46:06 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) open(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x200000000, 0x2, &(0x7f00000001c0)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r1 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x148) write$binfmt_elf64(r1, &(0x7f0000000ec0)=ANY=[], 0x471) openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) sendfile(r1, r1, &(0x7f0000000480), 0xa198) 18:46:06 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r1, 0x400455c8, 0x1) ioctl$TIOCSETD(r1, 0x5412, &(0x7f0000000040)) r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r2, 0x400455c8, 0x1) ioctl$TIOCSETD(r2, 0x5412, &(0x7f0000000040)) ioctl$TIOCSBRK(0xffffffffffffffff, 0x5427) ioctl$KDADDIO(r2, 0x400455c8, 0x20) ioctl$VIDIOC_SUBDEV_S_CROP(0xffffffffffffffff, 0xc038563c, &(0x7f00000004c0)={0x0, 0x0, {0x70, 0xdbc, 0x6, 0x3f}}) ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f0000000480)={0x5b3, 0x7ec, 0x2, 0x64, 0x8, "ab8c9b94af23b96ce0366a150aff361c7932b7", 0x80000000, 0x3}) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000040)) ioctl$KDFONTOP_SET(r0, 0x4b72, &(0x7f0000000000)={0x0, 0x0, 0x1b, 0x18, 0x179, &(0x7f0000000080)="7a75598af6f5b9fe6e51575af877560204c34e55c61b7e026ceb2f951a371167b2bd4c66d8b78fa7ed64ee497201e4caf10298e31ed898d9a963e0ccf171bfb65a28dab8873472d7b791c9ed00fe7556e5a849357f7881e9a82ade16ad25c7f43a2acaf9f196dc4a1107b9a2ce03dd7f8ef9d0a07a4fff3417044d21ba1dd504be9ae333d888f9178e74b542247bba652e29c0f9131dad08dac77f0923ac88548ddb5051226a0d0667b9c0a138e38a50a25dde3f2452d06ce0a0f1db8e813ccc8bd929484128887daecb5ce1549cb6d6d83ea42b00461494fb6d8c1231f9e7f95f39602c12121607ad53bf23200eafff2941aab72823db2f302937c116202daa8d18c380f772b9135236a44432f82da68d3aac96f217b74254cde9897656239bebd6006677ceddf48b8b8049bc93dd19422fbcd6da67d9e60eb9081c0e17b3ac67218555902784e3dd3ae1394336a345c08b458bc7c8da03ead3eaf2f650b0908558374b527597dabc20184e2fe6e6f66868eab23699560a3a245328e04f410d474307571b391c48eb2306525446ba27646dfb587d2ef71712819233c4d3e1fd3998061e6eefa35f9bc49c5672a180ac4ecc6e6c521254aaa64fe45486183603e55263f9b81a7468e35413537cb5da5b4c114bd449f562e47e66f17ca9512ad29a02c994b6383f527cc0a62e9aafb41e102805dc0ae13b92a35699602aee4e2188a5eeb11c577bf7484350528ba1cfbb38d8de7f923b07bd592c424e2148557444b7cc0eb7c4cc1d8d15d7122f9fc8e2e94b00f932f088435b9c68cd29a1cf6e94b4253403619271c18900331b9a33bbf5f902e776b2a0c5b4b7805bf6223e1dbb1a153b8080c74954422de36a4c53b454d4aefe67d17704c5ecb63286414d98b3b5cec26ac640436e296dc52ac51a330fdf27262fb413c6abcceff8c314fd15503f26838def06afa9dc6e93323a2ac6a682ce8697f0d84b897adb4a7c3a96bbd619c65f032e5c65b25ff2b2586398c5fdb6f2de48b74f8c6d3176ce7152b998f62f44245c420cf15934a915f763b758fb5bfcdcb16340191afcc9cadb230441fa617a284717e7a34b64f8d144b53ef17f66e41204edc35b97391edfd4c76d5a9562211fa71ab8b588b60d96ead71e2eb2e8e2cc55cb58c88a1927080b1798281b4a77120b49f735961abf88dbd8a1f8af3f6c4e57df90c29bf94a17544845c0d4b879fa592fc6f3fb59fcb35423c8cc5868b0075338c31b173ecca43a8de83e8b543a25cc44c50390463572c6635a90c76f8ba92a44ac4ffd76467cdddd7282549435b74db497f1008d06332f675abda195cbee4b68f3f18293cf64e3e2caaf1edece20fc2eca956ba2c90a306230ff23c0ccfcf85939978a0687d2029970df08040e0e1865ff3baf7383cb152c791e06f188c152545a1f72eb686de9d861f0"}) [ 2859.853913] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 2859.868413] minix_free_inode: bit 1 already cleared [ 2860.004112] Bluetooth: hci7 command 0x1003 tx timeout [ 2860.009662] Bluetooth: hci7 sending frame failed (-49) [ 2860.016172] Bluetooth: hci3 command 0x1003 tx timeout [ 2860.021743] Bluetooth: Error in BCSP hdr checksum [ 2860.114343] Bluetooth: Error in BCSP hdr checksum [ 2860.274307] Bluetooth: Error in BCSP hdr checksum [ 2860.374273] Bluetooth: Error in BCSP hdr checksum [ 2860.544376] Bluetooth: Error in BCSP hdr checksum [ 2860.634478] Bluetooth: Error in BCSP hdr checksum [ 2860.714085] Bluetooth: hci4 command 0x1003 tx timeout [ 2860.719562] Bluetooth: hci4 sending frame failed (-49) [ 2860.804282] Bluetooth: Error in BCSP hdr checksum [ 2860.894282] Bluetooth: Error in BCSP hdr checksum [ 2861.064268] Bluetooth: Error in BCSP hdr checksum [ 2861.154214] Bluetooth: Error in BCSP hdr checksum [ 2861.324328] Bluetooth: Error in BCSP hdr checksum [ 2861.354003] Bluetooth: hci5 command 0x1003 tx timeout [ 2861.359385] Bluetooth: hci5 sending frame failed (-49) [ 2861.414421] Bluetooth: Error in BCSP hdr checksum [ 2861.433951] Bluetooth: hci8 command 0x1003 tx timeout [ 2861.439319] Bluetooth: hci8 sending frame failed (-49) [ 2861.584576] Bluetooth: Error in BCSP hdr checksum [ 2861.675192] Bluetooth: Error in BCSP hdr checksum [ 2861.844338] Bluetooth: Error in BCSP hdr checksum [ 2861.913940] Bluetooth: hci9 command 0x1003 tx timeout [ 2861.919483] Bluetooth: hci6 command 0x1003 tx timeout [ 2861.919841] Bluetooth: Error in BCSP hdr checksum [ 2861.931247] Bluetooth: hci6 sending frame failed (-49) [ 2862.073930] Bluetooth: hci3 command 0x1001 tx timeout [ 2862.079379] Bluetooth: hci7 command 0x1001 tx timeout [ 2862.079721] Bluetooth: Error in BCSP hdr checksum [ 2862.090877] Bluetooth: hci7 sending frame failed (-49) [ 2862.184251] Bluetooth: Error in BCSP hdr checksum [ 2862.334357] Bluetooth: Error in BCSP hdr checksum [ 2862.339413] Bluetooth: Error in BCSP hdr checksum [ 2862.444241] Bluetooth: Error in BCSP hdr checksum [ 2862.594979] Bluetooth: Error in BCSP hdr checksum [ 2862.600220] Bluetooth: Error in BCSP hdr checksum [ 2862.704144] Bluetooth: Error in BCSP hdr checksum [ 2862.794010] Bluetooth: hci4 command 0x1001 tx timeout [ 2862.799390] Bluetooth: hci4 sending frame failed (-49) [ 2862.854973] Bluetooth: Error in BCSP hdr checksum [ 2862.859911] Bluetooth: Error in BCSP hdr checksum [ 2862.974188] Bluetooth: Error in BCSP hdr checksum [ 2863.114968] Bluetooth: Error in BCSP hdr checksum [ 2863.120156] Bluetooth: Error in BCSP hdr checksum [ 2863.234190] Bluetooth: Error in BCSP hdr checksum [ 2863.374261] Bluetooth: Error in BCSP hdr checksum [ 2863.379468] Bluetooth: Error in BCSP hdr checksum [ 2863.384524] Bluetooth: Error in BCSP hdr checksum [ 2863.434057] Bluetooth: hci5 command 0x1001 tx timeout [ 2863.439538] Bluetooth: hci5 sending frame failed (-49) [ 2863.494300] Bluetooth: Error in BCSP hdr checksum [ 2863.513977] Bluetooth: hci8 command 0x1001 tx timeout [ 2863.514078] Bluetooth: hci8 sending frame failed (-49) [ 2863.634147] Bluetooth: Error in BCSP hdr checksum [ 2863.639270] Bluetooth: Error in BCSP hdr checksum [ 2863.754435] Bluetooth: Error in BCSP hdr checksum [ 2863.894249] Bluetooth: Error in BCSP hdr checksum [ 2863.899353] Bluetooth: Error in BCSP hdr checksum [ 2863.993898] Bluetooth: hci6 command 0x1001 tx timeout [ 2863.999435] Bluetooth: hci9 command 0x1001 tx timeout [ 2863.999642] Bluetooth: hci6 sending frame failed (-49) [ 2864.011372] Bluetooth: Error in BCSP hdr checksum [ 2864.154004] Bluetooth: hci7 command 0x1009 tx timeout [ 2864.154008] Bluetooth: hci3 command 0x1009 tx timeout [ 2864.154356] Bluetooth: Error in BCSP hdr checksum [ 2864.169634] Bluetooth: Error in BCSP hdr checksum [ 2864.264387] Bluetooth: Error in BCSP hdr checksum [ 2864.269660] Bluetooth: Error in BCSP hdr checksum [ 2864.414167] Bluetooth: Error in BCSP hdr checksum [ 2864.419088] Bluetooth: Error in BCSP hdr checksum [ 2864.524176] Bluetooth: Error in BCSP hdr checksum [ 2864.529273] Bluetooth: Error in BCSP hdr checksum [ 2864.674261] Bluetooth: Error in BCSP hdr checksum [ 2864.679565] Bluetooth: Error in BCSP hdr checksum [ 2864.784259] Bluetooth: Error in BCSP hdr checksum [ 2864.789348] Bluetooth: Error in BCSP hdr checksum [ 2864.874037] Bluetooth: hci4 command 0x1009 tx timeout [ 2864.933966] Bluetooth: Error in BCSP hdr checksum [ 2864.939108] Bluetooth: Error in BCSP hdr checksum [ 2865.054347] Bluetooth: Error in BCSP hdr checksum [ 2865.059289] Bluetooth: Error in BCSP hdr checksum [ 2865.194236] Bluetooth: Error in BCSP hdr checksum [ 2865.199279] Bluetooth: Error in BCSP hdr checksum [ 2865.314229] Bluetooth: Error in BCSP hdr checksum [ 2865.319581] Bluetooth: Error in BCSP hdr checksum [ 2865.454288] Bluetooth: Error in BCSP hdr checksum [ 2865.459385] Bluetooth: Error in BCSP hdr checksum [ 2865.513822] Bluetooth: hci5 command 0x1009 tx timeout [ 2865.574285] Bluetooth: Error in BCSP hdr checksum [ 2865.579222] Bluetooth: Error in BCSP hdr checksum [ 2865.593795] Bluetooth: hci8 command 0x1009 tx timeout [ 2865.714033] Bluetooth: Error in BCSP hdr checksum [ 2865.719134] Bluetooth: Error in BCSP hdr checksum [ 2865.834438] Bluetooth: Error in BCSP hdr checksum [ 2865.839555] Bluetooth: Error in BCSP hdr checksum [ 2865.974020] Bluetooth: Error in BCSP hdr checksum [ 2865.978962] Bluetooth: Error in BCSP hdr checksum [ 2866.073785] Bluetooth: hci9 command 0x1009 tx timeout [ 2866.079226] Bluetooth: hci6 command 0x1009 tx timeout [ 2866.094119] Bluetooth: Error in BCSP hdr checksum [ 2866.099168] Bluetooth: Error in BCSP hdr checksum [ 2866.234330] Bluetooth: Error in BCSP hdr checksum [ 2866.239263] Bluetooth: Error in BCSP hdr checksum [ 2866.354297] Bluetooth: Error in BCSP hdr checksum [ 2866.359260] Bluetooth: Error in BCSP hdr checksum [ 2866.494191] Bluetooth: Error in BCSP hdr checksum [ 2866.499360] Bluetooth: Error in BCSP hdr checksum [ 2866.614107] Bluetooth: Error in BCSP hdr checksum [ 2866.619035] Bluetooth: Error in BCSP hdr checksum [ 2866.753923] Bluetooth: Error in BCSP hdr checksum [ 2866.759058] Bluetooth: Error in BCSP hdr checksum [ 2866.874531] Bluetooth: Error in BCSP hdr checksum [ 2866.879549] Bluetooth: Error in BCSP hdr checksum [ 2867.014099] Bluetooth: Error in BCSP hdr checksum [ 2867.019233] Bluetooth: Error in BCSP hdr checksum [ 2867.134127] Bluetooth: Error in BCSP hdr checksum [ 2867.139178] Bluetooth: Error in BCSP hdr checksum [ 2867.273925] Bluetooth: Error in BCSP hdr checksum [ 2867.279193] Bluetooth: Error in BCSP hdr checksum [ 2867.393940] Bluetooth: Error in BCSP hdr checksum [ 2867.399029] Bluetooth: Error in BCSP hdr checksum [ 2867.534000] Bluetooth: Error in BCSP hdr checksum [ 2867.538934] Bluetooth: Error in BCSP hdr checksum [ 2867.653989] Bluetooth: Error in BCSP hdr checksum [ 2867.659153] Bluetooth: Error in BCSP hdr checksum [ 2867.793885] Bluetooth: Error in BCSP hdr checksum [ 2867.798829] Bluetooth: Error in BCSP hdr checksum [ 2867.914015] Bluetooth: Error in BCSP hdr checksum [ 2867.919158] Bluetooth: Error in BCSP hdr checksum [ 2868.053968] Bluetooth: Error in BCSP hdr checksum [ 2868.059183] Bluetooth: Error in BCSP hdr checksum 18:46:15 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x4) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000040)) r1 = socket(0x200000000000011, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'sit0\x00', 0x0}) bind$packet(r1, &(0x7f0000000200)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @local}, 0x14) sendmmsg(r1, &(0x7f0000000d00), 0x400004e, 0x0) r3 = creat(&(0x7f0000000280)='./file0\x00', 0x0) close(r3) r4 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r4, 0x84, 0x1d, &(0x7f00000000c0)=ANY=[@ANYBLOB="8ccc0210bec9bfb6143a22707a8ff0254000000055086406c712984600ca9645cb48f7b6d7df1040bdf1ce", @ANYRES32=0x0], &(0x7f000095dffc)=0x8) getsockopt$inet_sctp6_SCTP_ASSOCINFO(r3, 0x84, 0x1, &(0x7f0000000180)={r5}, &(0x7f0000000200)=0x14) setsockopt$inet_sctp6_SCTP_MAX_BURST(r1, 0x84, 0x14, &(0x7f0000000080)=@assoc_value={r5, 0x9}, 0x8) set_thread_area(&(0x7f0000000000)={0x10000, 0x100000, 0x1000, 0x1, 0x0, 0x1, 0x1, 0x1}) 18:46:15 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) open(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x200000000, 0x2, &(0x7f00000001c0)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r1 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x148) write$binfmt_elf64(r1, &(0x7f0000000ec0)=ANY=[], 0x471) openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) sendfile(r1, r1, &(0x7f0000000480), 0xa198) [ 2868.182406] Bluetooth: Error in BCSP hdr checksum [ 2868.190012] Bluetooth: Error in BCSP hdr checksum [ 2868.212646] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 2868.228761] Bluetooth: Unknown HCI packet type 5e [ 2868.233933] Bluetooth: Unknown HCI packet type 00 [ 2868.242182] Bluetooth: Unknown HCI packet type 43 [ 2868.250927] minix_free_inode: bit 1 already cleared [ 2868.265261] Bluetooth: Unknown HCI packet type 5e [ 2868.281124] Bluetooth: Unknown HCI packet type 50 [ 2868.293051] Bluetooth: Unknown HCI packet type 5e [ 2868.306851] Bluetooth: Unknown HCI packet type 40 [ 2868.433762] Bluetooth: Error in BCSP hdr checksum [ 2868.438750] Bluetooth: Error in BCSP hdr checksum [ 2868.693862] Bluetooth: Error in BCSP hdr checksum [ 2868.698800] Bluetooth: Error in BCSP hdr checksum 18:46:15 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x20000, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x4) r1 = socket(0x200000000000011, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'sit0\x00', 0x0}) r3 = socket(0x200000000000011, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000080)={'sit0\x00'}) bind$packet(r3, &(0x7f0000000200)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @local}, 0x14) sendmmsg(r1, &(0x7f0000000d00), 0x400004e, 0x0) sendmsg$IPCTNL_MSG_EXP_DELETE(r1, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x64, 0x2, 0x2, 0x401, 0x0, 0x0, {0x4, 0x0, 0x4}, [@CTA_EXPECT_TIMEOUT={0x8, 0x4, 0x1, 0x0, 0xdb4}, @CTA_EXPECT_ID={0x8, 0x5, 0x1, 0x0, 0x406}, @CTA_EXPECT_CLASS={0x8, 0x9, 0x1, 0x0, 0xffffffff}, @CTA_EXPECT_TUPLE={0x10, 0x2, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x3a}}]}, @CTA_EXPECT_TUPLE={0x20, 0x2, 0x0, 0x1, [@CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x3}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x3}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x84}}]}, @CTA_EXPECT_TIMEOUT={0x8, 0x4, 0x1, 0x0, 0x4c1}]}, 0x64}, 0x1, 0x0, 0x0, 0x20004014}, 0x5) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff}) r5 = socket$inet_udplite(0x2, 0x2, 0x88) r6 = fcntl$dupfd(r4, 0x0, r5) ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200) openat$tun(0xffffffffffffff9c, &(0x7f0000000100)='/dev/net/tun\x00', 0x0, 0x0) openat$tun(0xffffffffffffff9c, &(0x7f0000000100)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000040)) 18:46:15 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) open(&(0x7f00000000c0)='./file0\x00', 0x40c2, 0x0) syz_mount_image$minix(0x0, &(0x7f0000000080)='./file0\x00', 0x200000000, 0x2, &(0x7f00000001c0)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r1 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x148) write$binfmt_elf64(r1, &(0x7f0000000ec0)=ANY=[], 0x471) openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) sendfile(r1, r1, &(0x7f0000000480), 0xa198) [ 2868.871889] audit: type=1800 audit(1590777975.732:1327): pid=32551 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="collect_data" cause="failed(directio)" comm="syz-executor.2" name="file0" dev="sda1" ino=15829 res=0 [ 2868.887992] Bluetooth: Unknown HCI packet type 00 [ 2868.899662] Bluetooth: Unknown HCI packet type 5e [ 2868.907359] Bluetooth: Unknown HCI packet type 43 [ 2868.919372] Bluetooth: Unknown HCI packet type 5e [ 2868.930401] Bluetooth: Unknown HCI packet type 50 [ 2868.948166] Bluetooth: Unknown HCI packet type 5e [ 2868.954350] Bluetooth: Error in BCSP hdr checksum [ 2868.959606] Bluetooth: Error in BCSP hdr checksum [ 2868.969549] Bluetooth: Unknown HCI packet type 40 [ 2869.213780] Bluetooth: Error in BCSP hdr checksum [ 2869.218806] Bluetooth: Error in BCSP hdr checksum 18:46:16 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xe) ioctl$KDADDIO(r0, 0x400455c8, 0x4) r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='cpuset.effective_mems\x00', 0x0, 0x0) ioctl$VHOST_RESET_OWNER(r1, 0xaf02, 0x0) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000040)) r2 = accept4$packet(r1, &(0x7f0000000080)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local}, &(0x7f00000000c0)=0x14, 0x80800) r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r3, 0x400455c8, 0x1) ioctl$TIOCSETD(r3, 0x5412, &(0x7f0000000040)) ioctl$KDADDIO(r3, 0x4b34, 0x0) getsockopt$SO_TIMESTAMP(r2, 0x1, 0x40, &(0x7f0000000100), &(0x7f0000000140)=0x4) 18:46:16 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) open(&(0x7f00000000c0)='./file0\x00', 0x40c2, 0x0) syz_mount_image$minix(0x0, &(0x7f0000000080)='./file0\x00', 0x200000000, 0x2, &(0x7f00000001c0)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r1 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x148) write$binfmt_elf64(r1, &(0x7f0000000ec0)=ANY=[], 0x471) openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) sendfile(r1, r1, &(0x7f0000000480), 0xa198) [ 2869.468371] audit: type=1800 audit(1590777976.332:1328): pid=32569 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="collect_data" cause="failed(directio)" comm="syz-executor.2" name="file0" dev="sda1" ino=15900 res=0 [ 2869.488931] Bluetooth: Error in BCSP hdr checksum [ 2869.501737] Bluetooth: Error in BCSP hdr checksum 18:46:16 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) open(&(0x7f00000000c0)='./file0\x00', 0x40c2, 0x0) syz_mount_image$minix(0x0, &(0x7f0000000080)='./file0\x00', 0x200000000, 0x2, &(0x7f00000001c0)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r1 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x148) write$binfmt_elf64(r1, &(0x7f0000000ec0)=ANY=[], 0x471) openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) sendfile(r1, r1, &(0x7f0000000480), 0xa198) [ 2869.641795] audit: type=1800 audit(1590777976.502:1329): pid=32585 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="collect_data" cause="failed(directio)" comm="syz-executor.2" name="file0" dev="sda1" ino=15900 res=0 [ 2869.743661] Bluetooth: Error in BCSP hdr checksum [ 2869.748829] Bluetooth: Error in BCSP hdr checksum 18:46:16 executing program 0 (fault-call:3 fault-nth:0): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x4) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000040)=0x3) 18:46:16 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) open(&(0x7f00000000c0)='./file0\x00', 0x40c2, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', 0x0, 0x200000000, 0x2, &(0x7f00000001c0)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r1 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x148) write$binfmt_elf64(r1, &(0x7f0000000ec0)=ANY=[], 0x471) openat$ptmx(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/ptmx\x00', 0x0, 0x0) sendfile(r1, r1, &(0x7f0000000480), 0xa198) [ 2870.007380] Bluetooth: Error in BCSP hdr checksum [ 2870.012345] Bluetooth: Error in BCSP hdr checksum [ 2870.052740] audit: type=1800 audit(1590777976.912:1330): pid=32599 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="collect_data" cause="failed(directio)" comm="syz-executor.2" name="file0" dev="sda1" ino=15900 res=0 [ 2870.083207] FAULT_INJECTION: forcing a failure. [ 2870.083207] name failslab, interval 1, probability 0, space 0, times 0 [ 2870.095358] kasan: CONFIG_KASAN_INLINE enabled [ 2870.100315] kasan: GPF could be caused by NULL-ptr deref or user memory access [ 2870.108989] general protection fault: 0000 [#1] PREEMPT SMP KASAN [ 2870.115247] Modules linked in: [ 2870.118451] CPU: 1 PID: 21060 Comm: kworker/u4:1 Not tainted 4.14.182-syzkaller #0 [ 2870.126154] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2870.135509] Workqueue: events_unbound flush_to_ldisc [ 2870.140602] task: ffff888054cd41c0 task.stack: ffff888052d70000 [ 2870.146654] RIP: 0010:skb_put+0x29/0x170 [ 2870.150695] RSP: 0018:ffff888052d77b98 EFLAGS: 00010202 [ 2870.156047] RAX: dffffc0000000000 RBX: ffff88808bea7a40 RCX: ffff88808a1e5540 [ 2870.163306] RDX: 000000000000001a RSI: 0000000000000001 RDI: 00000000000000d0 [ 2870.170566] RBP: 0000000000000000 R08: 0000000000007156 R09: ffffffff89e8d3f0 [ 2870.177822] R10: ffff888054cd4ae8 R11: ffff888054cd41c0 R12: 0000000000000001 [ 2870.185077] R13: ffff88808bea7a50 R14: 0000000000000001 R15: ffff88808fd90060 [ 2870.198606] FS: 0000000000000000(0000) GS:ffff8880aed00000(0000) knlGS:0000000000000000 [ 2870.206835] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 2870.212702] CR2: 0000001b30f23000 CR3: 0000000091f10000 CR4: 00000000001406e0 [ 2870.219961] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 2870.227219] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 2870.234470] Call Trace: [ 2870.237073] ll_recv+0x4f5/0x1040 [ 2870.240516] hci_uart_tty_receive+0x1ec/0x4c0 [ 2870.245115] ? hci_uart_send_frame+0x3f0/0x3f0 [ 2870.249689] tty_ldisc_receive_buf+0x12e/0x170 [ 2870.254259] tty_port_default_receive_buf+0x6e/0xa0 [ 2870.259262] flush_to_ldisc+0x1dd/0x3f0 [ 2870.263230] process_one_work+0x7c0/0x14c0 [ 2870.267457] ? pwq_dec_nr_in_flight+0x2b0/0x2b0 [ 2870.272129] ? worker_thread+0x163/0x1080 [ 2870.276266] ? _raw_spin_unlock_irq+0x24/0x90 [ 2870.280760] worker_thread+0x5d7/0x1080 [ 2870.284833] ? process_one_work+0x14c0/0x14c0 [ 2870.289367] kthread+0x30d/0x420 [ 2870.292726] ? kthread_create_on_node+0xd0/0xd0 [ 2870.297506] ret_from_fork+0x24/0x30 [ 2870.301206] Code: 00 00 41 55 41 54 41 89 f4 55 48 89 fd 53 e8 5f 1b 61 fc 48 8d bd d0 00 00 00 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 <80> 3c 02 00 0f 85 24 01 00 00 48 8d bd c8 00 00 00 4c 8b ad d0 [ 2870.320499] RIP: skb_put+0x29/0x170 RSP: ffff888052d77b98 [ 2870.333052] CPU: 1 PID: 32603 Comm: syz-executor.0 Tainted: G D 4.14.182-syzkaller #0 [ 2870.333472] Bluetooth: hci3 command 0x1003 tx timeout [ 2870.342180] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2870.342184] Call Trace: [ 2870.342213] dump_stack+0x1b2/0x283 [ 2870.342230] should_fail.cold+0x10a/0x154 [ 2870.342246] should_failslab+0xd6/0x130 [ 2870.342256] kmem_cache_alloc_node+0x54/0x400 [ 2870.342266] __alloc_skb+0x9a/0x4c0 [ 2870.342279] ? __kmalloc_reserve.isra.0+0xd0/0xd0 [ 2870.370938] Bluetooth: hci3 sending frame failed (-49) [ 2870.371230] ? __ldsem_down_read_nested+0xc6/0x5d0 [ 2870.394316] ? selinux_inode_copy_up+0x180/0x180 [ 2870.399063] ll_recv+0x3d6/0x1040 [ 2870.402509] hci_uart_tty_receive+0x1ec/0x4c0 [ 2870.406992] ? hci_uart_send_frame+0x3f0/0x3f0 [ 2870.411566] tty_ioctl+0xd5f/0x1220 [ 2870.415179] ? tty_vhangup+0x30/0x30 [ 2870.418884] ? check_preemption_disabled+0x35/0x240 [ 2870.423916] ? tty_vhangup+0x30/0x30 [ 2870.427618] do_vfs_ioctl+0x75a/0xfe0 [ 2870.431407] ? selinux_parse_skb.constprop.0+0x16c0/0x16c0 [ 2870.437026] ? ioctl_preallocate+0x1a0/0x1a0 [ 2870.441433] ? security_file_ioctl+0x76/0xb0 [ 2870.445833] ? security_file_ioctl+0x83/0xb0 [ 2870.450247] SyS_ioctl+0x7f/0xb0 [ 2870.453604] ? do_vfs_ioctl+0xfe0/0xfe0 [ 2870.457656] do_syscall_64+0x1d5/0x640 [ 2870.461537] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 2870.466712] RIP: 0033:0x45ca69 [ 2870.469882] RSP: 002b:00007f8a0a12bc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2870.477576] RAX: ffffffffffffffda RBX: 00000000004ef140 RCX: 000000000045ca69 [ 2870.484838] RDX: 0000000020000040 RSI: 0000000000005412 RDI: 0000000000000003 [ 2870.492111] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 2870.499366] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 2870.506619] R13: 000000000000058b R14: 00000000004c8452 R15: 00007f8a0a12c6d4 [ 2870.523047] Bluetooth: Can't allocate mem for new packet [ 2870.528744] ---[ end trace 5aa2c3c26bb9bf48 ]--- [ 2870.538564] Kernel panic - not syncing: Fatal exception [ 2870.545357] Kernel Offset: disabled [ 2870.548991] Rebooting in 86400 seconds..