[ 75.276592][ T24] audit: type=1800 audit(1564571058.547:30): pid=10135 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="rmnologin" dev="sda1" ino=2423 res=0 Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.0.183' (ECDSA) to the list of known hosts. 2019/07/31 11:04:26 fuzzer started 2019/07/31 11:04:30 dialing manager at 10.128.0.26:36235 2019/07/31 11:04:30 syscalls: 2484 2019/07/31 11:04:30 code coverage: enabled 2019/07/31 11:04:30 comparison tracing: enabled 2019/07/31 11:04:30 extra coverage: extra coverage is not supported by the kernel 2019/07/31 11:04:30 setuid sandbox: enabled 2019/07/31 11:04:30 namespace sandbox: enabled 2019/07/31 11:04:30 Android sandbox: /sys/fs/selinux/policy does not exist 2019/07/31 11:04:30 fault injection: enabled 2019/07/31 11:04:30 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2019/07/31 11:04:30 net packet injection: enabled 2019/07/31 11:04:30 net device setup: enabled 11:05:57 executing program 0: 11:05:57 executing program 1: syzkaller login: [ 174.021849][T10303] IPVS: ftp: loaded support on port[0] = 21 [ 174.158837][T10303] chnl_net:caif_netlink_parms(): no params data found [ 174.209960][T10303] bridge0: port 1(bridge_slave_0) entered blocking state [ 174.218034][T10303] bridge0: port 1(bridge_slave_0) entered disabled state [ 174.225964][T10303] device bridge_slave_0 entered promiscuous mode [ 174.234535][T10303] bridge0: port 2(bridge_slave_1) entered blocking state [ 174.241790][T10303] bridge0: port 2(bridge_slave_1) entered disabled state [ 174.250264][T10303] device bridge_slave_1 entered promiscuous mode [ 174.269271][T10306] IPVS: ftp: loaded support on port[0] = 21 [ 174.289379][T10303] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 174.300429][T10303] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link 11:05:57 executing program 2: [ 174.328634][T10303] team0: Port device team_slave_0 added [ 174.338330][T10303] team0: Port device team_slave_1 added 11:05:57 executing program 3: [ 174.435273][T10303] device hsr_slave_0 entered promiscuous mode [ 174.473083][T10303] device hsr_slave_1 entered promiscuous mode [ 174.552634][T10308] IPVS: ftp: loaded support on port[0] = 21 [ 174.583092][T10303] bridge0: port 2(bridge_slave_1) entered blocking state [ 174.590379][T10303] bridge0: port 2(bridge_slave_1) entered forwarding state [ 174.597987][T10303] bridge0: port 1(bridge_slave_0) entered blocking state [ 174.605107][T10303] bridge0: port 1(bridge_slave_0) entered forwarding state [ 174.658907][T10310] IPVS: ftp: loaded support on port[0] = 21 11:05:58 executing program 4: [ 174.815556][T10306] chnl_net:caif_netlink_parms(): no params data found [ 174.834856][T10303] 8021q: adding VLAN 0 to HW filter on device bond0 [ 174.910000][T10303] 8021q: adding VLAN 0 to HW filter on device team0 [ 174.935291][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 174.944494][ T5] bridge0: port 1(bridge_slave_0) entered disabled state [ 174.963274][ T5] bridge0: port 2(bridge_slave_1) entered disabled state [ 174.983330][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready 11:05:58 executing program 5: [ 175.048121][ T2881] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 175.061590][ T2881] bridge0: port 1(bridge_slave_0) entered blocking state [ 175.068908][ T2881] bridge0: port 1(bridge_slave_0) entered forwarding state [ 175.077098][ T2881] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 175.085646][ T2881] bridge0: port 2(bridge_slave_1) entered blocking state [ 175.093313][ T2881] bridge0: port 2(bridge_slave_1) entered forwarding state [ 175.125217][T10308] chnl_net:caif_netlink_parms(): no params data found [ 175.161875][T10314] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 175.173036][T10314] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 175.191648][T10306] bridge0: port 1(bridge_slave_0) entered blocking state [ 175.199048][T10306] bridge0: port 1(bridge_slave_0) entered disabled state [ 175.207621][T10306] device bridge_slave_0 entered promiscuous mode [ 175.217390][T10306] bridge0: port 2(bridge_slave_1) entered blocking state [ 175.224795][T10306] bridge0: port 2(bridge_slave_1) entered disabled state [ 175.232725][T10306] device bridge_slave_1 entered promiscuous mode [ 175.259282][T10314] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 175.275414][T10317] IPVS: ftp: loaded support on port[0] = 21 [ 175.300980][T10310] chnl_net:caif_netlink_parms(): no params data found [ 175.309525][T10319] IPVS: ftp: loaded support on port[0] = 21 [ 175.317639][ T3209] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 175.328380][ T3209] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 175.339969][T10303] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 175.351177][T10303] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 175.360934][T10306] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 175.372890][T10306] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 175.397944][T10308] bridge0: port 1(bridge_slave_0) entered blocking state [ 175.405905][T10308] bridge0: port 1(bridge_slave_0) entered disabled state [ 175.414170][T10308] device bridge_slave_0 entered promiscuous mode [ 175.424904][ T2881] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 175.433833][ T2881] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 175.465318][T10308] bridge0: port 2(bridge_slave_1) entered blocking state [ 175.473843][T10308] bridge0: port 2(bridge_slave_1) entered disabled state [ 175.481745][T10308] device bridge_slave_1 entered promiscuous mode [ 175.505280][T10308] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 175.521812][T10306] team0: Port device team_slave_0 added [ 175.536044][T10308] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 175.564315][T10306] team0: Port device team_slave_1 added [ 175.645339][T10306] device hsr_slave_0 entered promiscuous mode [ 175.682867][T10306] device hsr_slave_1 entered promiscuous mode [ 175.722652][T10306] debugfs: Directory 'hsr0' with parent '/' already present! [ 175.744714][T10310] bridge0: port 1(bridge_slave_0) entered blocking state [ 175.751855][T10310] bridge0: port 1(bridge_slave_0) entered disabled state [ 175.759684][T10310] device bridge_slave_0 entered promiscuous mode [ 175.773319][T10303] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 175.790137][T10306] bridge0: port 2(bridge_slave_1) entered blocking state [ 175.797262][T10306] bridge0: port 2(bridge_slave_1) entered forwarding state [ 175.817620][T10308] team0: Port device team_slave_0 added [ 175.824355][T10310] bridge0: port 2(bridge_slave_1) entered blocking state [ 175.831424][T10310] bridge0: port 2(bridge_slave_1) entered disabled state [ 175.839170][T10310] device bridge_slave_1 entered promiscuous mode [ 175.865417][T10308] team0: Port device team_slave_1 added [ 175.873052][T10310] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 175.906808][T10310] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 175.927911][T10310] team0: Port device team_slave_0 added [ 175.956066][T10310] team0: Port device team_slave_1 added [ 175.995805][T10308] device hsr_slave_0 entered promiscuous mode [ 176.033355][T10308] device hsr_slave_1 entered promiscuous mode [ 176.072725][T10308] debugfs: Directory 'hsr0' with parent '/' already present! 11:05:59 executing program 0: r0 = syz_open_dev$swradio(&(0x7f0000000080)='/dev/swradio#\x00', 0x1, 0x2) ioctl$VIDIOC_S_FREQUENCY(r0, 0x402c5639, &(0x7f0000001200)={0x0, 0x5}) 11:05:59 executing program 0: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000100)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x50000}]}) r0 = openat$cgroup(0xffffffffffffffff, 0x0, 0x200002, 0x0) ioctl$int_in(r0, 0x0, 0x0) 11:05:59 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r0, 0x540d, 0x0) [ 176.235169][T10310] device hsr_slave_0 entered promiscuous mode 11:05:59 executing program 0: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000300)={'nr0\x01\x00', 0x802}) ioctl$TUNSETOFFLOAD(r0, 0x800454dd, 0x0) [ 176.283192][T10310] device hsr_slave_1 entered promiscuous mode [ 176.322711][T10310] debugfs: Directory 'hsr0' with parent '/' already present! [ 176.333914][T10314] bridge0: port 2(bridge_slave_1) entered disabled state [ 176.369591][T10319] chnl_net:caif_netlink_parms(): no params data found [ 176.405078][T10317] chnl_net:caif_netlink_parms(): no params data found [ 176.468789][T10319] bridge0: port 1(bridge_slave_0) entered blocking state [ 176.476087][T10319] bridge0: port 1(bridge_slave_0) entered disabled state [ 176.484525][T10319] device bridge_slave_0 entered promiscuous mode [ 176.492066][T10319] bridge0: port 2(bridge_slave_1) entered blocking state [ 176.499250][T10319] bridge0: port 2(bridge_slave_1) entered disabled state [ 176.507390][T10319] device bridge_slave_1 entered promiscuous mode [ 176.538743][T10317] bridge0: port 1(bridge_slave_0) entered blocking state [ 176.554821][T10317] bridge0: port 1(bridge_slave_0) entered disabled state [ 176.563032][T10317] device bridge_slave_0 entered promiscuous mode [ 176.572246][T10306] 8021q: adding VLAN 0 to HW filter on device bond0 11:05:59 executing program 0: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000300)={'nr0\x01\x00', 0x802}) ioctl$TUNSETOFFLOAD(r0, 0x800454dd, 0x0) [ 176.591346][T10319] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 176.601557][T10317] bridge0: port 2(bridge_slave_1) entered blocking state [ 176.611805][T10317] bridge0: port 2(bridge_slave_1) entered disabled state [ 176.627759][T10317] device bridge_slave_1 entered promiscuous mode [ 176.647521][T10306] 8021q: adding VLAN 0 to HW filter on device team0 [ 176.659825][T10319] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 176.673807][ T2881] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 176.681634][ T2881] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 176.708521][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 176.717458][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 176.726163][ T5] bridge0: port 1(bridge_slave_0) entered blocking state [ 176.733246][ T5] bridge0: port 1(bridge_slave_0) entered forwarding state [ 176.740856][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 176.749675][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 176.758162][ T5] bridge0: port 2(bridge_slave_1) entered blocking state [ 176.765240][ T5] bridge0: port 2(bridge_slave_1) entered forwarding state [ 176.787351][T10317] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 176.798666][T10317] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 176.812106][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 176.828033][T10319] team0: Port device team_slave_0 added 11:06:00 executing program 0: pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mkdir(&(0x7f0000000240)='./file0\x00', 0x0) write$P9_RVERSION(r1, &(0x7f0000000340)={0x15, 0x65, 0xffff, 0x8001, 0x8, '9P2000.L'}, 0x15) r2 = dup(r1) write$FUSE_BMAP(r2, &(0x7f0000000000)={0x18}, 0x18) write$FUSE_NOTIFY_RETRIEVE(r2, &(0x7f00000000c0)={0x14c}, 0x26f) mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='9p\x00', 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1, @ANYBLOB=',dfltgid=', @ANYRESHEX=0x0]) [ 176.857518][T10317] team0: Port device team_slave_0 added [ 176.867749][T10319] team0: Port device team_slave_1 added [ 176.894597][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 176.912259][T10349] FS-Cache: Duplicate cookie detected [ 176.914039][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 176.918060][T10349] FS-Cache: O-cookie c=000000000d8cedc6 [p=0000000055d7a7c3 fl=222 nc=0 na=1] [ 176.926905][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 176.934593][T10349] FS-Cache: O-cookie d=00000000728ab6c2 n=000000008a2c77b7 [ 176.934609][T10349] FS-Cache: O-key=[10] '34323934393534373631' [ 176.943151][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 176.949656][T10349] FS-Cache: N-cookie c=00000000defec7f2 [p=0000000055d7a7c3 fl=2 nc=0 na=1] [ 176.956461][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 176.963636][T10349] FS-Cache: N-cookie d=00000000728ab6c2 n=0000000067f4955e [ 176.963651][T10349] FS-Cache: N-key=[10] '34323934393534373631' [ 176.973048][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 177.000770][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready 11:06:00 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) close(r0) seccomp(0x1, 0xa, &(0x7f0000000040)={0x1, &(0x7f0000000200)=[{0x10200000006}]}) r1 = dup2(r0, r0) ioctl$RTC_IRQP_READ(r1, 0x8004700b, 0x0) [ 177.018898][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 177.027408][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 177.037655][T10306] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 177.047623][T10317] team0: Port device team_slave_1 added [ 177.070453][T10308] 8021q: adding VLAN 0 to HW filter on device bond0 [ 177.078021][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 177.105492][T10310] 8021q: adding VLAN 0 to HW filter on device bond0 [ 177.154840][T10319] device hsr_slave_0 entered promiscuous mode [ 177.193067][T10319] device hsr_slave_1 entered promiscuous mode [ 177.244846][T10319] debugfs: Directory 'hsr0' with parent '/' already present! [ 177.258645][T10308] 8021q: adding VLAN 0 to HW filter on device team0 [ 177.315212][T10317] device hsr_slave_0 entered promiscuous mode [ 177.330839][ T24] audit: type=1326 audit(1564571160.617:31): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=10351 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=228 compat=0 ip=0x45c66a code=0x0 [ 177.353469][T10317] device hsr_slave_1 entered promiscuous mode [ 177.382764][T10317] debugfs: Directory 'hsr0' with parent '/' already present! [ 177.391871][ T2881] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 177.399657][ T2881] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 177.422074][T10310] 8021q: adding VLAN 0 to HW filter on device team0 [ 177.436498][T10306] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 177.445328][ T2881] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 177.456760][ T2881] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 177.465344][ T2881] bridge0: port 1(bridge_slave_0) entered blocking state [ 177.472405][ T2881] bridge0: port 1(bridge_slave_0) entered forwarding state [ 177.480090][ T2881] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 177.488751][ T2881] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 177.497103][ T2881] bridge0: port 2(bridge_slave_1) entered blocking state [ 177.504185][ T2881] bridge0: port 2(bridge_slave_1) entered forwarding state [ 177.511821][ T2881] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 177.519573][ T2881] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 177.527165][ T2881] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 177.535932][ T2881] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 177.544727][ T2881] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 177.553239][ T2881] bridge0: port 1(bridge_slave_0) entered blocking state [ 177.560280][ T2881] bridge0: port 1(bridge_slave_0) entered forwarding state [ 177.568255][ T2881] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 177.576119][ T2881] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 177.602689][ T3209] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 177.611532][ T3209] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 177.620392][ T3209] bridge0: port 2(bridge_slave_1) entered blocking state [ 177.627544][ T3209] bridge0: port 2(bridge_slave_1) entered forwarding state [ 177.635798][ T3209] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 177.644566][ T3209] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 177.653455][ T3209] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 177.661883][ T3209] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 177.670324][ T3209] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 177.678774][ T3209] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 177.687175][ T3209] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 177.695396][ T3209] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 177.721703][T10310] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 177.734143][T10310] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 177.742467][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 177.757148][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 177.766762][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 177.775332][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 177.783990][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 177.792753][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 177.801150][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 177.809999][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 177.818385][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 177.826703][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 177.835432][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 177.858815][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 177.867878][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 177.878660][T10308] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 177.895892][T10310] 8021q: adding VLAN 0 to HW filter on device batadv0 11:06:01 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000240)="11dca50d5e0bcfe47bf070") syz_mount_image$hfs(&(0x7f0000003080)='hfs\x00', &(0x7f00000030c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000003200)={[{@file_umask={'file_umask'}}]}) [ 177.977005][T10308] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 178.001683][T10317] 8021q: adding VLAN 0 to HW filter on device bond0 [ 178.033845][T10319] 8021q: adding VLAN 0 to HW filter on device bond0 [ 178.059383][T10317] 8021q: adding VLAN 0 to HW filter on device team0 [ 178.069169][T10346] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 178.085144][T10346] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 178.096640][T10369] hfs: can't find a HFS filesystem on dev loop1 [ 178.111162][T10319] 8021q: adding VLAN 0 to HW filter on device team0 [ 178.131318][ T24] audit: type=1326 audit(1564571161.417:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=10351 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=228 compat=0 ip=0x45c66a code=0x0 [ 178.147532][T10317] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 178.164270][T10317] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 178.178549][ T3209] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 178.195463][ T3209] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 178.205021][T10374] hfs: can't find a HFS filesystem on dev loop1 [ 178.223239][ T3209] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 178.231757][ T3209] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 178.240381][ T3209] bridge0: port 1(bridge_slave_0) entered blocking state [ 178.247503][ T3209] bridge0: port 1(bridge_slave_0) entered forwarding state [ 178.255710][ T3209] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 178.264600][ T3209] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 178.273493][ T3209] bridge0: port 1(bridge_slave_0) entered blocking state [ 178.289120][ T3209] bridge0: port 1(bridge_slave_0) entered forwarding state [ 178.297127][ T3209] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 178.305783][ T3209] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 178.315786][ T3209] bridge0: port 2(bridge_slave_1) entered blocking state [ 178.322868][ T3209] bridge0: port 2(bridge_slave_1) entered forwarding state [ 178.330624][ T3209] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 178.340143][ T3209] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 178.349095][ T3209] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 178.357737][ T3209] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 178.366633][ T3209] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 178.375618][ T3209] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 178.384525][ T3209] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 178.392958][ T3209] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 178.401557][ T3209] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 178.410320][ T3209] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 178.439304][T10317] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 178.478416][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 178.500138][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 178.520293][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 178.543505][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 178.551212][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 178.560257][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 178.568870][ T22] bridge0: port 2(bridge_slave_1) entered blocking state [ 178.576005][ T22] bridge0: port 2(bridge_slave_1) entered forwarding state [ 178.584792][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 178.593546][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 178.601971][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 178.610586][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 178.627301][T10319] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network 11:06:01 executing program 2: 11:06:01 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) close(r0) seccomp(0x1, 0xa, &(0x7f0000000040)={0x1, &(0x7f0000000200)=[{0x10200000006}]}) r1 = dup2(r0, r0) ioctl$RTC_IRQP_READ(r1, 0x8004700b, 0x0) [ 178.648182][T10319] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 178.678021][T10346] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 178.686745][T10346] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 178.696238][T10346] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 178.708088][T10346] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 178.716921][T10346] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 178.726426][T10346] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 178.735223][T10346] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 178.753334][T10346] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 178.768054][ T24] audit: type=1326 audit(1564571162.047:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=10391 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=228 compat=0 ip=0x45c66a code=0x0 [ 178.788301][T10319] 8021q: adding VLAN 0 to HW filter on device batadv0 11:06:02 executing program 4: 11:06:02 executing program 5: 11:06:02 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000240)="11dca50d5e0bcfe47bf070") syz_mount_image$hfs(&(0x7f0000003080)='hfs\x00', &(0x7f00000030c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000003200)={[{@file_umask={'file_umask'}}]}) 11:06:02 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) close(r0) seccomp(0x1, 0xa, &(0x7f0000000040)={0x1, &(0x7f0000000200)=[{0x10200000006}]}) r1 = dup2(r0, r0) ioctl$RTC_IRQP_READ(r1, 0x8004700b, 0x0) 11:06:02 executing program 2: 11:06:02 executing program 4: 11:06:02 executing program 2: [ 179.036360][ T24] audit: type=1326 audit(1564571162.327:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=10408 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=228 compat=0 ip=0x45c66a code=0x0 11:06:02 executing program 4: [ 179.078154][T10412] hfs: can't find a HFS filesystem on dev loop1 11:06:02 executing program 5: 11:06:02 executing program 2: 11:06:02 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000240)="11dca50d5e0bcfe47bf070") syz_mount_image$hfs(&(0x7f0000003080)='hfs\x00', &(0x7f00000030c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000003200)={[{@file_umask={'file_umask'}}]}) [ 179.320495][T10430] hfs: can't find a HFS filesystem on dev loop1 11:06:02 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) close(r0) seccomp(0x1, 0xa, &(0x7f0000000040)={0x1, &(0x7f0000000200)=[{0x10200000006}]}) r1 = dup2(r0, r0) ioctl$RTC_IRQP_READ(r1, 0x8004700b, 0x0) 11:06:02 executing program 5: 11:06:02 executing program 4: 11:06:02 executing program 2: [ 179.580935][ T24] audit: type=1326 audit(1564571162.867:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=10439 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=228 compat=0 ip=0x45c66a code=0x0 11:06:03 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) close(r0) seccomp(0x1, 0xa, &(0x7f0000000040)={0x1, &(0x7f0000000200)=[{0x10200000006}]}) r1 = dup2(r0, r0) ioctl$RTC_IRQP_READ(r1, 0x8004700b, 0x0) 11:06:03 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000240)="11dca50d5e0bcfe47bf070") syz_mount_image$hfs(&(0x7f0000003080)='hfs\x00', &(0x7f00000030c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000003200)={[{@file_umask={'file_umask'}}]}) 11:06:03 executing program 5: 11:06:03 executing program 4: 11:06:03 executing program 2: 11:06:03 executing program 5: 11:06:03 executing program 2: 11:06:03 executing program 4: [ 179.926189][T10450] hfs: can't find a HFS filesystem on dev loop1 [ 179.984233][ T24] audit: type=1326 audit(1564571163.277:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=10456 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=228 compat=0 ip=0x45c66a code=0x0 11:06:03 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) close(r0) seccomp(0x1, 0xa, &(0x7f0000000040)={0x1, &(0x7f0000000200)=[{0x10200000006}]}) r1 = dup2(r0, r0) ioctl$RTC_IRQP_READ(r1, 0x8004700b, 0x0) 11:06:03 executing program 2: 11:06:03 executing program 5: 11:06:03 executing program 4: [ 180.455135][ T24] audit: type=1326 audit(1564571163.747:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=10472 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=228 compat=0 ip=0x45c66a code=0x0 11:06:04 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) close(r0) seccomp(0x1, 0xa, &(0x7f0000000040)={0x1, &(0x7f0000000200)=[{0x10200000006}]}) r1 = dup2(r0, r0) ioctl$RTC_IRQP_READ(r1, 0x8004700b, 0x0) 11:06:04 executing program 1: socket$inet_udplite(0x2, 0x2, 0x88) syz_mount_image$hfs(&(0x7f0000003080)='hfs\x00', &(0x7f00000030c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000003200)={[{@file_umask={'file_umask'}}]}) 11:06:04 executing program 2: 11:06:04 executing program 5: 11:06:04 executing program 4: 11:06:04 executing program 2: 11:06:04 executing program 5: 11:06:04 executing program 4: [ 180.806155][T10483] hfs: can't find a HFS filesystem on dev loop1 [ 180.888712][ T24] audit: type=1326 audit(1564571164.177:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=10488 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=228 compat=0 ip=0x45c66a code=0x0 11:06:04 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) close(r0) seccomp(0x1, 0xa, &(0x7f0000000040)={0x1, &(0x7f0000000200)=[{0x10200000006}]}) ioctl$RTC_IRQP_READ(0xffffffffffffffff, 0x8004700b, 0x0) 11:06:04 executing program 2: 11:06:04 executing program 1: socket$inet_udplite(0x2, 0x2, 0x88) syz_mount_image$hfs(&(0x7f0000003080)='hfs\x00', &(0x7f00000030c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000003200)={[{@file_umask={'file_umask'}}]}) 11:06:04 executing program 4: [ 181.301785][T10500] hfs: can't find a HFS filesystem on dev loop1 [ 181.316336][ T24] audit: type=1326 audit(1564571164.607:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=10502 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=228 compat=0 ip=0x45c66a code=0x0 11:06:04 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) close(r0) seccomp(0x1, 0xa, &(0x7f0000000040)={0x1, &(0x7f0000000200)=[{0x10200000006}]}) dup2(r0, r0) 11:06:04 executing program 5: 11:06:04 executing program 4: 11:06:04 executing program 2: 11:06:04 executing program 1: socket$inet_udplite(0x2, 0x2, 0x88) syz_mount_image$hfs(&(0x7f0000003080)='hfs\x00', &(0x7f00000030c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000003200)={[{@file_umask={'file_umask'}}]}) 11:06:05 executing program 5: 11:06:05 executing program 2: 11:06:05 executing program 4: [ 181.754798][ T24] audit: type=1326 audit(1564571165.047:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=10517 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=228 compat=0 ip=0x45c66a code=0x0 [ 181.782670][T10514] hfs: can't find a HFS filesystem on dev loop1 11:06:05 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) close(r0) seccomp(0x1, 0xa, &(0x7f0000000040)={0x1, &(0x7f0000000200)=[{0x10200000006}]}) ioctl$RTC_IRQP_READ(0xffffffffffffffff, 0x8004700b, 0x0) 11:06:05 executing program 5: 11:06:05 executing program 1: ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000240)="11dca50d5e0bcfe47bf070") syz_mount_image$hfs(&(0x7f0000003080)='hfs\x00', &(0x7f00000030c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000003200)={[{@file_umask={'file_umask'}}]}) 11:06:05 executing program 2: [ 182.142597][T10533] hfs: can't find a HFS filesystem on dev loop1 11:06:05 executing program 5: 11:06:05 executing program 4: 11:06:05 executing program 2: 11:06:05 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) close(r0) seccomp(0x1, 0xa, &(0x7f0000000040)={0x1, &(0x7f0000000200)=[{0x10200000006}]}) 11:06:05 executing program 1: ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000240)="11dca50d5e0bcfe47bf070") syz_mount_image$hfs(&(0x7f0000003080)='hfs\x00', &(0x7f00000030c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000003200)={[{@file_umask={'file_umask'}}]}) 11:06:05 executing program 5: 11:06:05 executing program 2: [ 182.610260][T10548] hfs: can't find a HFS filesystem on dev loop1 11:06:05 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4008ae89, &(0x7f0000000000)={0x7b, 0x0, [0x4000009f, 0x0, 0x2ff, 0xfffffffffffffffd], [0xc1]}) [ 182.650479][ T24] kauditd_printk_skb: 1 callbacks suppressed [ 182.650492][ T24] audit: type=1326 audit(1564571165.937:42): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=10552 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=228 compat=0 ip=0x45c66a code=0x0 [ 182.795565][T10560] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. 11:06:06 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4008ae89, &(0x7f0000000000)={0x7b, 0x0, [0x4000009f, 0x0, 0x4d0, 0xfffffffffffffffd], [0xc1]}) 11:06:06 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) ioctl$KVM_SET_GSI_ROUTING(r2, 0x4008ae6a, &(0x7f0000000080)) 11:06:06 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) close(r0) seccomp(0x1, 0xa, &(0x7f0000000040)={0x1, &(0x7f0000000200)=[{0x10200000006}]}) ioctl$RTC_IRQP_READ(0xffffffffffffffff, 0x8004700b, 0x0) 11:06:06 executing program 1: ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000240)="11dca50d5e0bcfe47bf070") syz_mount_image$hfs(&(0x7f0000003080)='hfs\x00', &(0x7f00000030c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000003200)={[{@file_umask={'file_umask'}}]}) 11:06:06 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4008ae89, &(0x7f0000000000)={0x7b, 0x0, [0x4000009f, 0x0, 0x2ff, 0xfffffffffffffffd], [0xc1]}) [ 183.062024][T10569] hfs: can't find a HFS filesystem on dev loop1 [ 183.116472][ T24] audit: type=1326 audit(1564571166.407:43): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=10576 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=228 compat=0 ip=0x45c66a code=0x0 11:06:06 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe1000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4008ae89, &(0x7f0000000000)={0x7d, 0x0, [0x488], [0xc1]}) 11:06:06 executing program 1: socket$inet_udplite(0x2, 0x2, 0x88) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000240)="11dca50d5e0bcfe47bf070") syz_mount_image$hfs(&(0x7f0000003080)='hfs\x00', &(0x7f00000030c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000003200)={[{@file_umask={'file_umask'}}]}) [ 183.307168][T10586] hfs: can't find a HFS filesystem on dev loop1 11:06:06 executing program 3: socket$inet_udplite(0x2, 0x2, 0x88) seccomp(0x1, 0xa, &(0x7f0000000040)={0x1, &(0x7f0000000200)=[{0x10200000006}]}) 11:06:06 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4008ae89, &(0x7f0000000000)={0x7b, 0x0, [0x4000009f, 0x0, 0x2ff, 0xfffffffffffffffd], [0xc1]}) 11:06:06 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4008ae89, &(0x7f0000000000)={0x7b, 0x0, [0x4000009f, 0x0, 0x4d0, 0xfffffffffffffffd], [0xc1]}) 11:06:06 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4008ae89, &(0x7f0000000000)={0x7b, 0x0, [0x4000009f, 0x0, 0x12, 0xfffffffffffffffd], [0xc1]}) 11:06:06 executing program 1: socket$inet_udplite(0x2, 0x2, 0x88) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000240)="11dca50d5e0bcfe47bf070") syz_mount_image$hfs(&(0x7f0000003080)='hfs\x00', &(0x7f00000030c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000003200)={[{@file_umask={'file_umask'}}]}) [ 183.559334][ T24] audit: type=1326 audit(1564571166.847:44): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=10602 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=228 compat=0 ip=0x45c66a code=0x0 [ 183.583881][T10598] kvm [10596]: vcpu0, guest rIP: 0xfff0 disabled perfctr wrmsr: 0xc1 data 0x0 [ 183.599312][T10606] hfs: can't find a HFS filesystem on dev loop1 11:06:06 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4008ae89, &(0x7f0000000000)={0x7b, 0x0, [0x4000009f, 0x0, 0x4d0, 0xfffffffffffffffd], [0xc1]}) 11:06:07 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4008ae89, &(0x7f0000000000)={0x7b, 0x0, [0x4000009f, 0x0, 0x12, 0xfffffffffffffffd], [0xc1]}) [ 183.832092][T10617] kvm [10616]: vcpu0, guest rIP: 0xfff0 disabled perfctr wrmsr: 0xc1 data 0x0 11:06:07 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) close(r0) r1 = dup2(r0, r0) ioctl$RTC_IRQP_READ(r1, 0x8004700b, 0x0) 11:06:07 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4008ae89, &(0x7f0000000000)={0x7b, 0x0, [0x4000009f, 0x0, 0x2ff, 0xfffffffffffffffd], [0xc1]}) 11:06:07 executing program 1: socket$inet_udplite(0x2, 0x2, 0x88) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000240)="11dca50d5e0bcfe47bf070") syz_mount_image$hfs(&(0x7f0000003080)='hfs\x00', &(0x7f00000030c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000003200)={[{@file_umask={'file_umask'}}]}) 11:06:07 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4008ae89, &(0x7f0000000000)={0x7b, 0x0, [0x4000009f, 0x0, 0x4d0, 0xfffffffffffffffd], [0xc1]}) 11:06:07 executing program 5: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x4000000000002, 0x4000020032, 0xffffffffffffffff, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) getsockopt$netlink(r0, 0x10e, 0x4, &(0x7f00000020c0)=""/4096, &(0x7f0000000100)=0x1000) [ 183.983835][T10624] hfs: can't find a HFS filesystem on dev loop1 11:06:07 executing program 3: seccomp(0x1, 0xa, &(0x7f0000000040)={0x1, &(0x7f0000000200)=[{0x10200000006}]}) 11:06:07 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) close(r0) r1 = dup2(r0, r0) ioctl$RTC_IRQP_READ(r1, 0x8004700b, 0x0) 11:06:07 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_ENABLE_CAP_CPU(0xffffffffffffffff, 0x4008ae89, &(0x7f0000000000)={0x7b, 0x0, [0x4000009f, 0x0, 0x2ff, 0xfffffffffffffffd], [0xc1]}) 11:06:07 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_ENABLE_CAP_CPU(0xffffffffffffffff, 0x4008ae89, &(0x7f0000000000)={0x7b, 0x0, [0x4000009f, 0x0, 0x4d0, 0xfffffffffffffffd], [0xc1]}) 11:06:07 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x0, &(0x7f0000000240)="11dca50d5e0bcfe47bf070") syz_mount_image$hfs(&(0x7f0000003080)='hfs\x00', &(0x7f00000030c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000003200)={[{@file_umask={'file_umask'}}]}) 11:06:07 executing program 5: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x4000000000002, 0x4000020032, 0xffffffffffffffff, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) getsockopt$netlink(r0, 0x10e, 0x4, &(0x7f00000020c0)=""/4096, &(0x7f0000000100)=0x1000) 11:06:07 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_ENABLE_CAP_CPU(0xffffffffffffffff, 0x4008ae89, &(0x7f0000000000)={0x7b, 0x0, [0x4000009f, 0x0, 0x2ff, 0xfffffffffffffffd], [0xc1]}) [ 184.428207][ T24] audit: type=1326 audit(1564571167.717:45): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=10650 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=228 compat=0 ip=0x45c66a code=0x0 11:06:07 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) close(r0) r1 = dup2(r0, r0) ioctl$RTC_IRQP_READ(r1, 0x8004700b, 0x0) 11:06:07 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_ENABLE_CAP_CPU(0xffffffffffffffff, 0x4008ae89, &(0x7f0000000000)={0x7b, 0x0, [0x4000009f, 0x0, 0x4d0, 0xfffffffffffffffd], [0xc1]}) [ 184.469812][T10649] hfs: can't find a HFS filesystem on dev loop1 11:06:07 executing program 5: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x4000000000002, 0x4000020032, 0xffffffffffffffff, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) getsockopt$netlink(r0, 0x10e, 0x4, &(0x7f00000020c0)=""/4096, &(0x7f0000000100)=0x1000) 11:06:07 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) seccomp(0x1, 0xa, &(0x7f0000000040)={0x1, &(0x7f0000000200)=[{0x10200000006}]}) r1 = dup2(r0, r0) ioctl$RTC_IRQP_READ(r1, 0x8004700b, 0x0) 11:06:08 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x0, &(0x7f0000000240)="11dca50d5e0bcfe47bf070") syz_mount_image$hfs(&(0x7f0000003080)='hfs\x00', &(0x7f00000030c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000003200)={[{@file_umask={'file_umask'}}]}) [ 184.828315][ T24] audit: type=1326 audit(1564571168.117:46): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=10671 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=228 compat=0 ip=0x45c66a code=0x0 [ 184.860923][T10674] hfs: can't find a HFS filesystem on dev loop1 11:06:08 executing program 3: seccomp(0x0, 0xa, &(0x7f0000000040)={0x1, &(0x7f0000000200)=[{0x10200000006}]}) 11:06:08 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_ENABLE_CAP_CPU(0xffffffffffffffff, 0x4008ae89, &(0x7f0000000000)={0x7b, 0x0, [0x4000009f, 0x0, 0x2ff, 0xfffffffffffffffd], [0xc1]}) 11:06:08 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_ENABLE_CAP_CPU(0xffffffffffffffff, 0x4008ae89, &(0x7f0000000000)={0x7b, 0x0, [0x4000009f, 0x0, 0x4d0, 0xfffffffffffffffd], [0xc1]}) 11:06:08 executing program 5: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x4000000000002, 0x4000020032, 0xffffffffffffffff, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) getsockopt$netlink(r0, 0x10e, 0x4, &(0x7f00000020c0)=""/4096, &(0x7f0000000100)=0x1000) 11:06:08 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x0, &(0x7f0000000240)="11dca50d5e0bcfe47bf070") syz_mount_image$hfs(&(0x7f0000003080)='hfs\x00', &(0x7f00000030c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000003200)={[{@file_umask={'file_umask'}}]}) 11:06:08 executing program 2: openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r0, 0x4008ae89, &(0x7f0000000000)={0x7b, 0x0, [0x4000009f, 0x0, 0x4d0, 0xfffffffffffffffd], [0xc1]}) [ 185.286249][T10683] hfs: can't find a HFS filesystem on dev loop1 11:06:08 executing program 5: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x4000000000002, 0x4000020032, 0xffffffffffffffff, 0x0) getsockopt$netlink(0xffffffffffffffff, 0x10e, 0x4, &(0x7f00000020c0)=""/4096, &(0x7f0000000100)=0x1000) 11:06:08 executing program 4: openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r0, 0x4008ae89, &(0x7f0000000000)={0x7b, 0x0, [0x4000009f, 0x0, 0x2ff, 0xfffffffffffffffd], [0xc1]}) 11:06:08 executing program 3: seccomp(0x0, 0xa, &(0x7f0000000040)={0x1, &(0x7f0000000200)=[{0x10200000006}]}) 11:06:08 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, 0x0) syz_mount_image$hfs(&(0x7f0000003080)='hfs\x00', &(0x7f00000030c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000003200)={[{@file_umask={'file_umask'}}]}) [ 185.578599][T10709] hfs: can't find a HFS filesystem on dev loop1 11:06:08 executing program 4: openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r0, 0x4008ae89, &(0x7f0000000000)={0x7b, 0x0, [0x4000009f, 0x0, 0x2ff, 0xfffffffffffffffd], [0xc1]}) 11:06:08 executing program 2: openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r0, 0x4008ae89, &(0x7f0000000000)={0x7b, 0x0, [0x4000009f, 0x0, 0x4d0, 0xfffffffffffffffd], [0xc1]}) 11:06:08 executing program 3: seccomp(0x0, 0xa, &(0x7f0000000040)={0x1, &(0x7f0000000200)=[{0x10200000006}]}) 11:06:08 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) seccomp(0x1, 0xa, &(0x7f0000000040)={0x1, &(0x7f0000000200)=[{0x10200000006}]}) r1 = dup2(r0, r0) ioctl$RTC_IRQP_READ(r1, 0x8004700b, 0x0) 11:06:08 executing program 5: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x4000000000002, 0x4000020032, 0xffffffffffffffff, 0x0) getsockopt$netlink(0xffffffffffffffff, 0x10e, 0x4, &(0x7f00000020c0)=""/4096, &(0x7f0000000100)=0x1000) 11:06:08 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, 0x0) syz_mount_image$hfs(&(0x7f0000003080)='hfs\x00', &(0x7f00000030c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000003200)={[{@file_umask={'file_umask'}}]}) 11:06:09 executing program 3: seccomp(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000200)=[{0x10200000006}]}) 11:06:09 executing program 2: openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r0, 0x4008ae89, &(0x7f0000000000)={0x7b, 0x0, [0x4000009f, 0x0, 0x4d0, 0xfffffffffffffffd], [0xc1]}) [ 185.783850][T10727] hfs: can't find a HFS filesystem on dev loop1 11:06:09 executing program 4: openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r0, 0x4008ae89, &(0x7f0000000000)={0x7b, 0x0, [0x4000009f, 0x0, 0x2ff, 0xfffffffffffffffd], [0xc1]}) [ 185.823102][ T24] audit: type=1326 audit(1564571169.107:47): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=10726 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=228 compat=0 ip=0x45c66a code=0x0 11:06:09 executing program 5: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x4000000000002, 0x4000020032, 0xffffffffffffffff, 0x0) getsockopt$netlink(0xffffffffffffffff, 0x10e, 0x4, &(0x7f00000020c0)=""/4096, &(0x7f0000000100)=0x1000) 11:06:09 executing program 2: r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r1, 0x4008ae89, &(0x7f0000000000)={0x7b, 0x0, [0x4000009f, 0x0, 0x4d0, 0xfffffffffffffffd], [0xc1]}) [ 185.934694][ T24] audit: type=1326 audit(1564571169.217:48): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=10737 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=228 compat=0 ip=0x45c66a code=0x0 11:06:09 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, 0x0) syz_mount_image$hfs(&(0x7f0000003080)='hfs\x00', &(0x7f00000030c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000003200)={[{@file_umask={'file_umask'}}]}) 11:06:09 executing program 4: r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r1, 0x4008ae89, &(0x7f0000000000)={0x7b, 0x0, [0x4000009f, 0x0, 0x2ff, 0xfffffffffffffffd], [0xc1]}) 11:06:09 executing program 2: r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r1, 0x4008ae89, &(0x7f0000000000)={0x7b, 0x0, [0x4000009f, 0x0, 0x4d0, 0xfffffffffffffffd], [0xc1]}) [ 186.061167][T10751] hfs: can't find a HFS filesystem on dev loop1 11:06:09 executing program 5: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) getsockopt$netlink(r0, 0x10e, 0x4, &(0x7f00000020c0)=""/4096, &(0x7f0000000100)=0x1000) 11:06:09 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) seccomp(0x1, 0xa, &(0x7f0000000040)={0x1, &(0x7f0000000200)=[{0x10200000006}]}) r1 = dup2(r0, r0) ioctl$RTC_IRQP_READ(r1, 0x8004700b, 0x0) 11:06:09 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000240)) syz_mount_image$hfs(&(0x7f0000003080)='hfs\x00', &(0x7f00000030c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000003200)={[{@file_umask={'file_umask'}}]}) 11:06:09 executing program 4: r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r1, 0x4008ae89, &(0x7f0000000000)={0x7b, 0x0, [0x4000009f, 0x0, 0x2ff, 0xfffffffffffffffd], [0xc1]}) [ 186.635161][T10771] hfs: can't find a HFS filesystem on dev loop1 [ 186.644660][ T24] audit: type=1326 audit(1564571169.937:49): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=10775 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=228 compat=0 ip=0x45c66a code=0x0 11:06:10 executing program 3: seccomp(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000200)=[{0x10200000006}]}) 11:06:10 executing program 2: r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r1, 0x4008ae89, &(0x7f0000000000)={0x7b, 0x0, [0x4000009f, 0x0, 0x4d0, 0xfffffffffffffffd], [0xc1]}) 11:06:10 executing program 5: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) getsockopt$netlink(r0, 0x10e, 0x4, &(0x7f00000020c0)=""/4096, &(0x7f0000000100)=0x1000) 11:06:10 executing program 4: r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r1, 0x4008ae89, &(0x7f0000000000)={0x7b, 0x0, [0x4000009f, 0x0, 0x2ff, 0xfffffffffffffffd], [0xc1]}) 11:06:10 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000240)) syz_mount_image$hfs(&(0x7f0000003080)='hfs\x00', &(0x7f00000030c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000003200)={[{@file_umask={'file_umask'}}]}) 11:06:10 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4008ae89, &(0x7f0000000000)={0x7b, 0x0, [0x4000009f, 0x0, 0x4d0, 0xfffffffffffffffd], [0xc1]}) 11:06:10 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4008ae89, &(0x7f0000000000)={0x7b, 0x0, [0x4000009f, 0x0, 0x2ff, 0xfffffffffffffffd], [0xc1]}) [ 186.819396][ T24] audit: type=1326 audit(1564571170.107:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=10789 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=228 compat=0 ip=0x45c66a code=0x0 11:06:10 executing program 5: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) getsockopt$netlink(r0, 0x10e, 0x4, &(0x7f00000020c0)=""/4096, &(0x7f0000000100)=0x1000) 11:06:10 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4008ae89, &(0x7f0000000000)={0x7b, 0x0, [0x4000009f, 0x0, 0x2ff, 0xfffffffffffffffd], [0xc1]}) [ 186.881680][T10791] hfs: can't find a HFS filesystem on dev loop1 11:06:10 executing program 0: close(0xffffffffffffffff) seccomp(0x1, 0xa, &(0x7f0000000040)={0x1, &(0x7f0000000200)=[{0x10200000006}]}) r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff) ioctl$RTC_IRQP_READ(r0, 0x8004700b, 0x0) 11:06:10 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4008ae89, &(0x7f0000000000)={0x7b, 0x0, [0x4000009f, 0x0, 0x4d0, 0xfffffffffffffffd], [0xc1]}) 11:06:10 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000240)) syz_mount_image$hfs(&(0x7f0000003080)='hfs\x00', &(0x7f00000030c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000003200)={[{@file_umask={'file_umask'}}]}) [ 187.501307][T10810] hfs: can't find a HFS filesystem on dev loop1 [ 187.510853][ T24] audit: type=1326 audit(1564571170.797:51): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=10815 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=228 compat=0 ip=0x45c66a code=0x0 11:06:10 executing program 3: seccomp(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000200)=[{0x10200000006}]}) 11:06:10 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4008ae89, &(0x7f0000000000)={0x7b, 0x0, [0x4000009f, 0x0, 0x2ff, 0xfffffffffffffffd], [0xc1]}) 11:06:10 executing program 5: mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x4000000000002, 0x4000020032, 0xffffffffffffffff, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) getsockopt$netlink(r0, 0x10e, 0x4, &(0x7f00000020c0)=""/4096, &(0x7f0000000100)=0x1000) 11:06:10 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4008ae89, &(0x7f0000000000)={0x7b, 0x0, [0x4000009f, 0x0, 0x4d0, 0xfffffffffffffffd], [0xc1]}) 11:06:10 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000240)="11dca50d5e0b") syz_mount_image$hfs(&(0x7f0000003080)='hfs\x00', &(0x7f00000030c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000003200)={[{@file_umask={'file_umask'}}]}) 11:06:11 executing program 5: mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x4000000000002, 0x4000020032, 0xffffffffffffffff, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) getsockopt$netlink(r0, 0x10e, 0x4, &(0x7f00000020c0)=""/4096, &(0x7f0000000100)=0x1000) 11:06:11 executing program 2: openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r1, 0x4008ae89, &(0x7f0000000000)={0x7b, 0x0, [0x4000009f, 0x0, 0x4d0, 0xfffffffffffffffd], [0xc1]}) 11:06:11 executing program 4: openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r1, 0x4008ae89, &(0x7f0000000000)={0x7b, 0x0, [0x4000009f, 0x0, 0x2ff, 0xfffffffffffffffd], [0xc1]}) [ 187.710231][ T24] audit: type=1326 audit(1564571170.997:52): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=10826 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=228 compat=0 ip=0x45c66a code=0x0 [ 187.735821][T10832] hfs: can't find a HFS filesystem on dev loop1 11:06:11 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000240)="11dca50d5e0b") syz_mount_image$hfs(&(0x7f0000003080)='hfs\x00', &(0x7f00000030c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000003200)={[{@file_umask={'file_umask'}}]}) [ 187.968031][T10847] hfs: can't find a HFS filesystem on dev loop1 11:06:11 executing program 0: close(0xffffffffffffffff) seccomp(0x1, 0xa, &(0x7f0000000040)={0x1, &(0x7f0000000200)=[{0x10200000006}]}) r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff) ioctl$RTC_IRQP_READ(r0, 0x8004700b, 0x0) 11:06:11 executing program 5: mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x4000000000002, 0x4000020032, 0xffffffffffffffff, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) getsockopt$netlink(r0, 0x10e, 0x4, &(0x7f00000020c0)=""/4096, &(0x7f0000000100)=0x1000) 11:06:11 executing program 2: openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r1, 0x4008ae89, &(0x7f0000000000)={0x7b, 0x0, [0x4000009f, 0x0, 0x4d0, 0xfffffffffffffffd], [0xc1]}) [ 188.341298][ T24] audit: type=1326 audit(1564571171.627:53): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=10857 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=228 compat=0 ip=0x45c66a code=0x0 11:06:11 executing program 3: seccomp(0x1, 0xa, 0x0) 11:06:11 executing program 4: openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r1, 0x4008ae89, &(0x7f0000000000)={0x7b, 0x0, [0x4000009f, 0x0, 0x2ff, 0xfffffffffffffffd], [0xc1]}) 11:06:11 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000240)="11dca50d5e0b") syz_mount_image$hfs(&(0x7f0000003080)='hfs\x00', &(0x7f00000030c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000003200)={[{@file_umask={'file_umask'}}]}) 11:06:11 executing program 2: openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r1, 0x4008ae89, &(0x7f0000000000)={0x7b, 0x0, [0x4000009f, 0x0, 0x4d0, 0xfffffffffffffffd], [0xc1]}) 11:06:11 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x4000000000002, 0x4000020032, 0xffffffffffffffff, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) getsockopt$netlink(r0, 0x10e, 0x4, &(0x7f00000020c0)=""/4096, &(0x7f0000000100)=0x1000) 11:06:11 executing program 4: openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r1, 0x4008ae89, &(0x7f0000000000)={0x7b, 0x0, [0x4000009f, 0x0, 0x2ff, 0xfffffffffffffffd], [0xc1]}) 11:06:11 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r1, 0x4008ae89, &(0x7f0000000000)={0x7b, 0x0, [0x4000009f, 0x0, 0x4d0, 0xfffffffffffffffd], [0xc1]}) 11:06:11 executing program 3: seccomp(0x1, 0xa, 0x0) 11:06:11 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x4000000000002, 0x4000020032, 0xffffffffffffffff, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) getsockopt$netlink(r0, 0x10e, 0x4, &(0x7f00000020c0)=""/4096, &(0x7f0000000100)=0x1000) [ 188.566157][T10871] hfs: can't find a HFS filesystem on dev loop1 11:06:12 executing program 0: close(0xffffffffffffffff) seccomp(0x1, 0xa, &(0x7f0000000040)={0x1, &(0x7f0000000200)=[{0x10200000006}]}) r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff) ioctl$RTC_IRQP_READ(r0, 0x8004700b, 0x0) 11:06:12 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r1, 0x4008ae89, &(0x7f0000000000)={0x7b, 0x0, [0x4000009f, 0x0, 0x2ff, 0xfffffffffffffffd], [0xc1]}) 11:06:12 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000240)="11dca50d5e0bcfe47b") syz_mount_image$hfs(&(0x7f0000003080)='hfs\x00', &(0x7f00000030c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000003200)={[{@file_umask={'file_umask'}}]}) 11:06:12 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x4000000000002, 0x4000020032, 0xffffffffffffffff, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) getsockopt$netlink(r0, 0x10e, 0x4, &(0x7f00000020c0)=""/4096, &(0x7f0000000100)=0x1000) 11:06:12 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r1, 0x4008ae89, &(0x7f0000000000)={0x7b, 0x0, [0x4000009f, 0x0, 0x4d0, 0xfffffffffffffffd], [0xc1]}) 11:06:12 executing program 3: seccomp(0x1, 0xa, 0x0) 11:06:12 executing program 3: seccomp(0x1, 0xa, &(0x7f0000000040)={0x0, 0x0}) 11:06:12 executing program 5: perf_event_open(&(0x7f0000000140)={0x0, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x4000000000002, 0x4000020032, 0xffffffffffffffff, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) getsockopt$netlink(r0, 0x10e, 0x4, &(0x7f00000020c0)=""/4096, &(0x7f0000000100)=0x1000) 11:06:12 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r1, 0x4008ae89, &(0x7f0000000000)={0x7b, 0x0, [0x4000009f, 0x0, 0x2ff, 0xfffffffffffffffd], [0xc1]}) 11:06:12 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r1, 0x4008ae89, &(0x7f0000000000)={0x7b, 0x0, [0x4000009f, 0x0, 0x4d0, 0xfffffffffffffffd], [0xc1]}) [ 189.225550][T10903] hfs: can't find a HFS filesystem on dev loop1 [ 189.241093][ T24] audit: type=1326 audit(1564571172.527:54): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=10905 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=228 compat=0 ip=0x45c66a code=0x0 11:06:12 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000240)="11dca50d5e0bcfe47b") syz_mount_image$hfs(&(0x7f0000003080)='hfs\x00', &(0x7f00000030c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000003200)={[{@file_umask={'file_umask'}}]}) 11:06:12 executing program 3: seccomp(0x1, 0xa, &(0x7f0000000040)={0x0, 0x0}) [ 189.498870][T10923] hfs: can't find a HFS filesystem on dev loop1 11:06:13 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(0xffffffffffffffff, 0x4008ae89, &(0x7f0000000000)={0x7b, 0x0, [0x4000009f, 0x0, 0x4d0, 0xfffffffffffffffd], [0xc1]}) 11:06:13 executing program 5: perf_event_open(&(0x7f0000000140)={0x0, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x4000000000002, 0x4000020032, 0xffffffffffffffff, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) getsockopt$netlink(r0, 0x10e, 0x4, &(0x7f00000020c0)=""/4096, &(0x7f0000000100)=0x1000) 11:06:13 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) close(0xffffffffffffffff) seccomp(0x1, 0xa, &(0x7f0000000040)={0x1, &(0x7f0000000200)=[{0x10200000006}]}) r1 = dup2(r0, r0) ioctl$RTC_IRQP_READ(r1, 0x8004700b, 0x0) 11:06:13 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r1, 0x4008ae89, &(0x7f0000000000)={0x7b, 0x0, [0x4000009f, 0x0, 0x2ff, 0xfffffffffffffffd], [0xc1]}) 11:06:13 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000240)="11dca50d5e0bcfe47b") syz_mount_image$hfs(&(0x7f0000003080)='hfs\x00', &(0x7f00000030c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000003200)={[{@file_umask={'file_umask'}}]}) 11:06:13 executing program 3: seccomp(0x1, 0xa, &(0x7f0000000040)={0x0, 0x0}) 11:06:13 executing program 3: seccomp(0x1, 0xa, &(0x7f0000000040)={0x0, &(0x7f0000000200)}) 11:06:13 executing program 5: perf_event_open(&(0x7f0000000140)={0x0, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x4000000000002, 0x4000020032, 0xffffffffffffffff, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) getsockopt$netlink(r0, 0x10e, 0x4, &(0x7f00000020c0)=""/4096, &(0x7f0000000100)=0x1000) [ 190.125031][ T24] audit: type=1326 audit(1564571173.417:55): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=10943 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=228 compat=0 ip=0x45c66a code=0x0 11:06:13 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(0xffffffffffffffff, 0x4008ae89, &(0x7f0000000000)={0x7b, 0x0, [0x4000009f, 0x0, 0x2ff, 0xfffffffffffffffd], [0xc1]}) [ 190.192609][T10937] hfs: can't find a HFS filesystem on dev loop1 11:06:13 executing program 5: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x4000000000002, 0x4000020032, 0xffffffffffffffff, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) getsockopt$netlink(r0, 0x10e, 0x4, &(0x7f00000020c0)=""/4096, &(0x7f0000000100)=0x1000) 11:06:13 executing program 3: seccomp(0x1, 0xa, &(0x7f0000000040)={0x0, &(0x7f0000000200)}) 11:06:13 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(0xffffffffffffffff, 0x4008ae89, &(0x7f0000000000)={0x7b, 0x0, [0x4000009f, 0x0, 0x4d0, 0xfffffffffffffffd], [0xc1]}) 11:06:13 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(0xffffffffffffffff, 0x4008ae89, &(0x7f0000000000)={0x7b, 0x0, [0x4000009f, 0x0, 0x2ff, 0xfffffffffffffffd], [0xc1]}) 11:06:13 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000240)="11dca50d5e0bcfe47bf0") syz_mount_image$hfs(&(0x7f0000003080)='hfs\x00', &(0x7f00000030c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000003200)={[{@file_umask={'file_umask'}}]}) [ 190.535647][T10975] hfs: can't find a HFS filesystem on dev loop1 11:06:14 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) close(0xffffffffffffffff) seccomp(0x1, 0xa, &(0x7f0000000040)={0x1, &(0x7f0000000200)=[{0x10200000006}]}) r1 = dup2(r0, r0) ioctl$RTC_IRQP_READ(r1, 0x8004700b, 0x0) 11:06:14 executing program 5: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x4000000000002, 0x4000020032, 0xffffffffffffffff, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) getsockopt$netlink(r0, 0x10e, 0x4, &(0x7f00000020c0)=""/4096, &(0x7f0000000100)=0x1000) 11:06:14 executing program 3: seccomp(0x1, 0xa, &(0x7f0000000040)={0x0, &(0x7f0000000200)}) 11:06:14 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(0xffffffffffffffff, 0x4008ae89, &(0x7f0000000000)={0x7b, 0x0, [0x4000009f, 0x0, 0x4d0, 0xfffffffffffffffd], [0xc1]}) 11:06:14 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(0xffffffffffffffff, 0x4008ae89, &(0x7f0000000000)={0x7b, 0x0, [0x4000009f, 0x0, 0x2ff, 0xfffffffffffffffd], [0xc1]}) 11:06:14 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000240)="11dca50d5e0bcfe47bf0") syz_mount_image$hfs(&(0x7f0000003080)='hfs\x00', &(0x7f00000030c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000003200)={[{@file_umask={'file_umask'}}]}) 11:06:14 executing program 3: seccomp(0x1, 0xa, &(0x7f0000000040)={0x1, &(0x7f0000000200)=[{}]}) 11:06:14 executing program 5: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x4000000000002, 0x4000020032, 0xffffffffffffffff, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) getsockopt$netlink(r0, 0x10e, 0x4, &(0x7f00000020c0)=""/4096, &(0x7f0000000100)=0x1000) [ 190.977080][T10992] hfs: can't find a HFS filesystem on dev loop1 11:06:14 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4008ae89, 0x0) [ 191.012614][ T24] audit: type=1326 audit(1564571174.297:56): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=10996 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=228 compat=0 ip=0x45c66a code=0x0 11:06:14 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4008ae89, 0x0) 11:06:14 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000240)="11dca50d5e0bcfe47bf0") syz_mount_image$hfs(&(0x7f0000003080)='hfs\x00', &(0x7f00000030c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000003200)={[{@file_umask={'file_umask'}}]}) 11:06:14 executing program 5: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x0, 0x4000020032, 0xffffffffffffffff, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) getsockopt$netlink(r0, 0x10e, 0x4, &(0x7f00000020c0)=""/4096, &(0x7f0000000100)=0x1000) [ 191.251463][T11015] hfs: can't find a HFS filesystem on dev loop1 11:06:15 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) close(0xffffffffffffffff) seccomp(0x1, 0xa, &(0x7f0000000040)={0x1, &(0x7f0000000200)=[{0x10200000006}]}) r1 = dup2(r0, r0) ioctl$RTC_IRQP_READ(r1, 0x8004700b, 0x0) 11:06:15 executing program 3: seccomp(0x1, 0xa, &(0x7f0000000040)={0x1, &(0x7f0000000200)=[{}]}) 11:06:15 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4008ae89, 0x0) 11:06:15 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4008ae89, 0x0) 11:06:15 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000240)="11dca50d5e0bcfe47bf070") syz_mount_image$hfs(0x0, &(0x7f00000030c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000003200)={[{@file_umask={'file_umask'}}]}) 11:06:15 executing program 5: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x0, 0x4000020032, 0xffffffffffffffff, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) getsockopt$netlink(r0, 0x10e, 0x4, &(0x7f00000020c0)=""/4096, &(0x7f0000000100)=0x1000) 11:06:15 executing program 3: seccomp(0x1, 0xa, &(0x7f0000000040)={0x1, &(0x7f0000000200)=[{}]}) [ 191.856589][ T24] audit: type=1326 audit(1564571175.147:57): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=11038 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=228 compat=0 ip=0x45c66a code=0x0 11:06:15 executing program 5: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x0, 0x4000020032, 0xffffffffffffffff, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) getsockopt$netlink(r0, 0x10e, 0x4, &(0x7f00000020c0)=""/4096, &(0x7f0000000100)=0x1000) 11:06:15 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4008ae89, 0x0) 11:06:15 executing program 3: io_setup(0x0, 0x0) listen(0xffffffffffffffff, 0x0) ioctl$IMGETVERSION(0xffffffffffffffff, 0x80044942, 0x0) write$P9_RXATTRWALK(0xffffffffffffffff, 0x0, 0x0) openat$nullb(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(0xffffffffffffffff, 0xc00c642d, 0x0) sendmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'\x00', 0x4902}) 11:06:15 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4008ae89, 0x0) 11:06:15 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000240)="11dca50d5e0bcfe47bf070") syz_mount_image$hfs(0x0, &(0x7f00000030c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000003200)={[{@file_umask={'file_umask'}}]}) [ 192.098598][ C1] hrtimer: interrupt took 26381 ns 11:06:15 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) close(r0) seccomp(0x0, 0xa, &(0x7f0000000040)={0x1, &(0x7f0000000200)=[{0x10200000006}]}) r1 = dup2(r0, r0) ioctl$RTC_IRQP_READ(r1, 0x8004700b, 0x0) 11:06:15 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4008ae89, &(0x7f0000000000)={0x0, 0x0, [0x4000009f, 0x0, 0x2ff, 0xfffffffffffffffd], [0xc1]}) 11:06:15 executing program 5: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x4000000000002, 0x10, 0xffffffffffffffff, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) getsockopt$netlink(r0, 0x10e, 0x4, &(0x7f00000020c0)=""/4096, &(0x7f0000000100)=0x1000) 11:06:15 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4008ae89, &(0x7f0000000000)={0x0, 0x0, [0x4000009f, 0x0, 0x4d0, 0xfffffffffffffffd], [0xc1]}) 11:06:15 executing program 3: io_setup(0x0, 0x0) listen(0xffffffffffffffff, 0x0) ioctl$IMGETVERSION(0xffffffffffffffff, 0x80044942, 0x0) write$P9_RXATTRWALK(0xffffffffffffffff, 0x0, 0x0) openat$nullb(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(0xffffffffffffffff, 0xc00c642d, 0x0) sendmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'\x00', 0x4902}) 11:06:15 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000240)="11dca50d5e0bcfe47bf070") syz_mount_image$hfs(0x0, &(0x7f00000030c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000003200)={[{@file_umask={'file_umask'}}]}) 11:06:16 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) close(r0) seccomp(0x0, 0xa, &(0x7f0000000040)={0x1, &(0x7f0000000200)=[{0x10200000006}]}) r1 = dup2(r0, r0) ioctl$RTC_IRQP_READ(r1, 0x8004700b, 0x0) 11:06:16 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4008ae89, &(0x7f0000000000)={0x0, 0x0, [0x4000009f, 0x0, 0x4d0, 0xfffffffffffffffd], [0xc1]}) 11:06:16 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4008ae89, &(0x7f0000000000)={0x0, 0x0, [0x4000009f, 0x0, 0x2ff, 0xfffffffffffffffd], [0xc1]}) 11:06:16 executing program 5: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x4000000000002, 0x10, 0xffffffffffffffff, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) getsockopt$netlink(r0, 0x10e, 0x4, &(0x7f00000020c0)=""/4096, &(0x7f0000000100)=0x1000) 11:06:16 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000240)="11dca50d5e0bcfe47bf070") syz_mount_image$hfs(&(0x7f0000003080)='hfs\x00', 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000003200)={[{@file_umask={'file_umask'}}]}) 11:06:16 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) socket$alg(0x26, 0x5, 0x0) r1 = socket$alg(0x26, 0x5, 0x0) socket$inet6(0xa, 0x9, 0x7fc) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = getpgrp(0xffffffffffffffff) sched_setaffinity(r2, 0xfffffffffffffff1, &(0x7f0000000380)=0x7) ioctl$SIOCSIFHWADDR(r0, 0x8924, &(0x7f0000000240)={'batadv0\x00', @local}) r3 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x10000}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r4 = bpf$PROG_LOAD(0x5, 0x0, 0xfffffffffffffeb3) socket$inet6(0xa, 0x2, 0x4b2e) ioctl(r3, 0x10001, &(0x7f0000000100)="153f6234488dd25d766070") socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000440)={0xffffffffffffffff}) r6 = socket(0xa, 0x3, 0x8) r7 = syz_open_dev$amidi(&(0x7f0000000340)='/dev/amidi#\x00', 0x9c4, 0x70000) ioctl$TIOCGSID(r0, 0x5429, &(0x7f0000000800)=0x0) ioctl$sock_FIOSETOWN(r5, 0x8901, &(0x7f0000000200)=r8) ioctl$sock_inet_SIOCSIFFLAGS(r6, 0x89a2, &(0x7f0000000180)={'bridge0\x00\x00\x01\x00', 0x4}) ioctl$RTC_WKALM_RD(r7, 0x80287010, &(0x7f00000002c0)) r9 = memfd_create(&(0x7f0000000140)='bridge0\x00\x00\x01\x00', 0x1) write$binfmt_misc(r5, &(0x7f0000000c40)=ANY=[], 0x0) close(r4) r10 = dup3(r1, r9, 0x10000) setsockopt$inet_sctp_SCTP_EVENTS(r10, 0x84, 0xb, &(0x7f0000000280)={0x7fff, 0x1, 0x40, 0x7, 0x1f, 0x6, 0x100000000, 0x8001, 0x7d, 0x2, 0x86}, 0xb) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x10002, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sysinfo(&(0x7f0000000480)=""/125) ioctl$VIDIOC_QUERY_DV_TIMINGS(r0, 0x80845663, &(0x7f0000000500)) r11 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r11, &(0x7f0000000100)={&(0x7f0000000000), 0xc, &(0x7f00000000c0)={&(0x7f00000003c0)=@ipv4_newrule={0x2c, 0x20, 0xf29, 0x0, 0x0, {0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, [@FRA_GENERIC_POLICY=@FRA_UID_RANGE={0xc}]}, 0x2c}}, 0x0) sendmsg$key(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000008c0)=ANY=[@ANYBLOB="0201000210000000000006f6fffffc000000000000800000000000e000000100000000000094f40337ff6b4ed6cd69675e973e00003500bb7a7a2d00000000000000ff0000000058d52a000000bb00000000eeff48f89f48a0d44b9e8238ce8005ffff03003b00000000000000400000000000000000000000002000d40470c90b2bc791a93d1260cfcb71b779839a8713564f074461669c16c64aedc3c25152e01a8ce5141e33580d608bf181e9f9d2e98e88e508f32571efa7ae4630fc30eca5a3769370b5f39e26fec23cee7a88cbab031bc46152f2d641111831049f114b8c3f883277005a951410a3be0afc0f89d3720d601d1ec2105ca05dbfabfe9211efe41ff7fe51d88e12fba7ed5e68a2aafdc2fda1ba8eae74c39f94a4b8715a9eb39ea43c8e66fc81aa9aaf2dc65d95fc786f060c2fa51bbe3b71ea4f3c41b7b115b79c99ff1e52df15ffca2b3f706cfbc4689be85b89754f0c8362eace47a89b5c5a47494501bd6f5426b07bbbed743820d140f6405cbc814220995711024a715bdebe23de0a241310f73e66f94fbcef480d576c1482d9cb27f51ae442981411fb99338addb01e939668779db076af969a0a71f5207924326bbd01341c1a722f1cd1748798e56f49993cb4000000000000"], 0xdf}}, 0x0) 11:06:16 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) close(r0) seccomp(0x0, 0xa, &(0x7f0000000040)={0x1, &(0x7f0000000200)=[{0x10200000006}]}) r1 = dup2(r0, r0) ioctl$RTC_IRQP_READ(r1, 0x8004700b, 0x0) 11:06:16 executing program 5: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x4000000000002, 0x10, 0xffffffffffffffff, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) getsockopt$netlink(r0, 0x10e, 0x4, &(0x7f00000020c0)=""/4096, &(0x7f0000000100)=0x1000) 11:06:16 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4008ae89, &(0x7f0000000000)={0x0, 0x0, [0x4000009f, 0x0, 0x4d0, 0xfffffffffffffffd], [0xc1]}) 11:06:16 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4008ae89, &(0x7f0000000000)={0x0, 0x0, [0x4000009f, 0x0, 0x2ff, 0xfffffffffffffffd], [0xc1]}) 11:06:16 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000240)="11dca50d5e0bcfe47bf070") syz_mount_image$hfs(&(0x7f0000003080)='hfs\x00', 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000003200)={[{@file_umask={'file_umask'}}]}) 11:06:16 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) close(r0) seccomp(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000200)=[{0x10200000006}]}) r1 = dup2(r0, r0) ioctl$RTC_IRQP_READ(r1, 0x8004700b, 0x0) 11:06:16 executing program 5: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x4000000000002, 0x4000020032, 0xffffffffffffffff, 0x0) socket$nl_route(0x10, 0x3, 0x0) getsockopt$netlink(0xffffffffffffffff, 0x10e, 0x4, &(0x7f00000020c0)=""/4096, &(0x7f0000000100)=0x1000) 11:06:16 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4008ae89, &(0x7f0000000000)={0x7b, 0x0, [0x4000009f, 0x0, 0x2ff], [0xc1]}) [ 193.303272][T11128] bridge0: port 3(gretap0) entered blocking state 11:06:16 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4008ae89, &(0x7f0000000000)={0x7b, 0x0, [0x4000009f, 0x0, 0x4d0], [0xc1]}) [ 193.392104][T11128] bridge0: port 3(gretap0) entered disabled state [ 193.412293][ T24] audit: type=1326 audit(1564571176.697:58): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=11130 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=228 compat=0 ip=0x45c66a code=0x0 [ 193.454178][T11128] device gretap0 entered promiscuous mode [ 193.460579][T11128] bridge0: port 3(gretap0) entered blocking state [ 193.467102][T11128] bridge0: port 3(gretap0) entered forwarding state 11:06:16 executing program 5: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x4000000000002, 0x4000020032, 0xffffffffffffffff, 0x0) socket$nl_route(0x10, 0x3, 0x0) getsockopt$netlink(0xffffffffffffffff, 0x10e, 0x4, &(0x7f00000020c0)=""/4096, &(0x7f0000000100)=0x1000) [ 193.497137][T11143] kvm [11139]: vcpu0, guest rIP: 0xfff0 disabled perfctr wrmsr: 0xc1 data 0x0 [ 193.528024][T11146] kvm [11142]: vcpu0, guest rIP: 0xfff0 disabled perfctr wrmsr: 0xc1 data 0x0 11:06:16 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4008ae89, &(0x7f0000000000)={0x7b, 0x0, [0x4000009f, 0x0, 0x4d0], [0xc1]}) 11:06:17 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) socket$alg(0x26, 0x5, 0x0) r1 = socket$alg(0x26, 0x5, 0x0) socket$inet6(0xa, 0x9, 0x7fc) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = getpgrp(0xffffffffffffffff) sched_setaffinity(r2, 0xfffffffffffffff1, &(0x7f0000000380)=0x7) ioctl$SIOCSIFHWADDR(r0, 0x8924, &(0x7f0000000240)={'batadv0\x00', @local}) r3 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x10000}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r4 = bpf$PROG_LOAD(0x5, 0x0, 0xfffffffffffffeb3) socket$inet6(0xa, 0x2, 0x4b2e) ioctl(r3, 0x10001, &(0x7f0000000100)="153f6234488dd25d766070") socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000440)={0xffffffffffffffff}) r6 = socket(0xa, 0x3, 0x8) r7 = syz_open_dev$amidi(&(0x7f0000000340)='/dev/amidi#\x00', 0x9c4, 0x70000) ioctl$TIOCGSID(r0, 0x5429, &(0x7f0000000800)=0x0) ioctl$sock_FIOSETOWN(r5, 0x8901, &(0x7f0000000200)=r8) ioctl$sock_inet_SIOCSIFFLAGS(r6, 0x89a2, &(0x7f0000000180)={'bridge0\x00\x00\x01\x00', 0x4}) ioctl$RTC_WKALM_RD(r7, 0x80287010, &(0x7f00000002c0)) r9 = memfd_create(&(0x7f0000000140)='bridge0\x00\x00\x01\x00', 0x1) write$binfmt_misc(r5, &(0x7f0000000c40)=ANY=[], 0x0) close(r4) r10 = dup3(r1, r9, 0x10000) setsockopt$inet_sctp_SCTP_EVENTS(r10, 0x84, 0xb, &(0x7f0000000280)={0x7fff, 0x1, 0x40, 0x7, 0x1f, 0x6, 0x100000000, 0x8001, 0x7d, 0x2, 0x86}, 0xb) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x10002, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sysinfo(&(0x7f0000000480)=""/125) ioctl$VIDIOC_QUERY_DV_TIMINGS(r0, 0x80845663, &(0x7f0000000500)) r11 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r11, &(0x7f0000000100)={&(0x7f0000000000), 0xc, &(0x7f00000000c0)={&(0x7f00000003c0)=@ipv4_newrule={0x2c, 0x20, 0xf29, 0x0, 0x0, {0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, [@FRA_GENERIC_POLICY=@FRA_UID_RANGE={0xc}]}, 0x2c}}, 0x0) sendmsg$key(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000008c0)=ANY=[@ANYBLOB="0201000210000000000006f6fffffc000000000000800000000000e000000100000000000094f40337ff6b4ed6cd69675e973e00003500bb7a7a2d00000000000000ff0000000058d52a000000bb00000000eeff48f89f48a0d44b9e8238ce8005ffff03003b00000000000000400000000000000000000000002000d40470c90b2bc791a93d1260cfcb71b779839a8713564f074461669c16c64aedc3c25152e01a8ce5141e33580d608bf181e9f9d2e98e88e508f32571efa7ae4630fc30eca5a3769370b5f39e26fec23cee7a88cbab031bc46152f2d641111831049f114b8c3f883277005a951410a3be0afc0f89d3720d601d1ec2105ca05dbfabfe9211efe41ff7fe51d88e12fba7ed5e68a2aafdc2fda1ba8eae74c39f94a4b8715a9eb39ea43c8e66fc81aa9aaf2dc65d95fc786f060c2fa51bbe3b71ea4f3c41b7b115b79c99ff1e52df15ffca2b3f706cfbc4689be85b89754f0c8362eace47a89b5c5a47494501bd6f5426b07bbbed743820d140f6405cbc814220995711024a715bdebe23de0a241310f73e66f94fbcef480d576c1482d9cb27f51ae442981411fb99338addb01e939668779db076af969a0a71f5207924326bbd01341c1a722f1cd1748798e56f49993cb4000000000000"], 0xdf}}, 0x0) [ 193.761466][T11156] kvm [11155]: vcpu0, guest rIP: 0xfff0 disabled perfctr wrmsr: 0xc1 data 0x0 11:06:17 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000240)="11dca50d5e0bcfe47bf070") syz_mount_image$hfs(&(0x7f0000003080)='hfs\x00', 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000003200)={[{@file_umask={'file_umask'}}]}) 11:06:17 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4008ae89, &(0x7f0000000000)={0x7b, 0x0, [0x4000009f, 0x0, 0x2ff], [0xc1]}) 11:06:17 executing program 5: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x4000000000002, 0x4000020032, 0xffffffffffffffff, 0x0) socket$nl_route(0x10, 0x3, 0x0) getsockopt$netlink(0xffffffffffffffff, 0x10e, 0x4, &(0x7f00000020c0)=""/4096, &(0x7f0000000100)=0x1000) 11:06:17 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4008ae89, &(0x7f0000000000)={0x7b, 0x0, [0x4000009f, 0x0, 0x4d0], [0xc1]}) 11:06:17 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4008ae89, &(0x7f0000000000)={0x7b, 0x0, [0x4000009f, 0x0, 0x2ff], [0xc1]}) [ 193.856061][T11160] kvm [11159]: vcpu0, guest rIP: 0xfff0 disabled perfctr wrmsr: 0xc1 data 0x0 [ 193.984059][T11171] kvm [11170]: vcpu0, guest rIP: 0xfff0 disabled perfctr wrmsr: 0xc1 data 0x0 [ 194.018431][T11174] kvm [11172]: vcpu0, guest rIP: 0xfff0 disabled perfctr wrmsr: 0xc1 data 0x0 11:06:17 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) close(r0) seccomp(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000200)=[{0x10200000006}]}) r1 = dup2(r0, r0) ioctl$RTC_IRQP_READ(r1, 0x8004700b, 0x0) 11:06:17 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000240)="11dca50d5e0bcfe47bf070") syz_mount_image$hfs(&(0x7f0000003080)='hfs\x00', &(0x7f00000030c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 11:06:17 executing program 5: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x4000000000002, 0x4000020032, 0xffffffffffffffff, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) getsockopt$netlink(r0, 0x10e, 0x0, &(0x7f00000020c0)=""/4096, &(0x7f0000000100)=0x1000) 11:06:17 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4008ae89, &(0x7f0000000000)={0x7b, 0x0, [0x4000009f, 0x0, 0x0, 0xfffffffffffffffd], [0xc1]}) 11:06:17 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4008ae89, &(0x7f0000000000)={0x7b, 0x0, [0x4000009f, 0x0, 0x0, 0xfffffffffffffffd], [0xc1]}) 11:06:17 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) socket$alg(0x26, 0x5, 0x0) r1 = socket$alg(0x26, 0x5, 0x0) socket$inet6(0xa, 0x9, 0x7fc) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = getpgrp(0xffffffffffffffff) sched_setaffinity(r2, 0xfffffffffffffff1, &(0x7f0000000380)=0x7) ioctl$SIOCSIFHWADDR(r0, 0x8924, &(0x7f0000000240)={'batadv0\x00', @local}) r3 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x10000}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r4 = bpf$PROG_LOAD(0x5, 0x0, 0xfffffffffffffeb3) socket$inet6(0xa, 0x2, 0x4b2e) ioctl(r3, 0x10001, &(0x7f0000000100)="153f6234488dd25d766070") socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000440)={0xffffffffffffffff}) r6 = socket(0xa, 0x3, 0x8) r7 = syz_open_dev$amidi(&(0x7f0000000340)='/dev/amidi#\x00', 0x9c4, 0x70000) ioctl$TIOCGSID(r0, 0x5429, &(0x7f0000000800)=0x0) ioctl$sock_FIOSETOWN(r5, 0x8901, &(0x7f0000000200)=r8) ioctl$sock_inet_SIOCSIFFLAGS(r6, 0x89a2, &(0x7f0000000180)={'bridge0\x00\x00\x01\x00', 0x4}) ioctl$RTC_WKALM_RD(r7, 0x80287010, &(0x7f00000002c0)) r9 = memfd_create(&(0x7f0000000140)='bridge0\x00\x00\x01\x00', 0x1) write$binfmt_misc(r5, &(0x7f0000000c40)=ANY=[], 0x0) close(r4) r10 = dup3(r1, r9, 0x10000) setsockopt$inet_sctp_SCTP_EVENTS(r10, 0x84, 0xb, &(0x7f0000000280)={0x7fff, 0x1, 0x40, 0x7, 0x1f, 0x6, 0x100000000, 0x8001, 0x7d, 0x2, 0x86}, 0xb) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x10002, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sysinfo(&(0x7f0000000480)=""/125) ioctl$VIDIOC_QUERY_DV_TIMINGS(r0, 0x80845663, &(0x7f0000000500)) r11 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r11, &(0x7f0000000100)={&(0x7f0000000000), 0xc, &(0x7f00000000c0)={&(0x7f00000003c0)=@ipv4_newrule={0x2c, 0x20, 0xf29, 0x0, 0x0, {0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, [@FRA_GENERIC_POLICY=@FRA_UID_RANGE={0xc}]}, 0x2c}}, 0x0) sendmsg$key(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000008c0)=ANY=[@ANYBLOB="0201000210000000000006f6fffffc000000000000800000000000e000000100000000000094f40337ff6b4ed6cd69675e973e00003500bb7a7a2d00000000000000ff0000000058d52a000000bb00000000eeff48f89f48a0d44b9e8238ce8005ffff03003b00000000000000400000000000000000000000002000d40470c90b2bc791a93d1260cfcb71b779839a8713564f074461669c16c64aedc3c25152e01a8ce5141e33580d608bf181e9f9d2e98e88e508f32571efa7ae4630fc30eca5a3769370b5f39e26fec23cee7a88cbab031bc46152f2d641111831049f114b8c3f883277005a951410a3be0afc0f89d3720d601d1ec2105ca05dbfabfe9211efe41ff7fe51d88e12fba7ed5e68a2aafdc2fda1ba8eae74c39f94a4b8715a9eb39ea43c8e66fc81aa9aaf2dc65d95fc786f060c2fa51bbe3b71ea4f3c41b7b115b79c99ff1e52df15ffca2b3f706cfbc4689be85b89754f0c8362eace47a89b5c5a47494501bd6f5426b07bbbed743820d140f6405cbc814220995711024a715bdebe23de0a241310f73e66f94fbcef480d576c1482d9cb27f51ae442981411fb99338addb01e939668779db076af969a0a71f5207924326bbd01341c1a722f1cd1748798e56f49993cb4000000000000"], 0xdf}}, 0x0) [ 194.248972][T11186] hfs: can't find a HFS filesystem on dev loop1 11:06:17 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4008ae89, &(0x7f0000000000)={0x7b, 0x0, [0x4000009f, 0x0, 0x0, 0xfffffffffffffffd], [0xc1]}) [ 194.300501][ T24] audit: type=1326 audit(1564571177.587:59): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=11190 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=228 compat=0 ip=0x45c66a code=0x0 11:06:17 executing program 5: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x4000000000002, 0x4000020032, 0xffffffffffffffff, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) getsockopt$netlink(r0, 0x10e, 0x0, &(0x7f00000020c0)=""/4096, &(0x7f0000000100)=0x1000) 11:06:17 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4008ae89, &(0x7f0000000000)={0x7b, 0x0, [0x4000009f, 0x0, 0x0, 0xfffffffffffffffd], [0xc1]}) 11:06:17 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000240)="11dca50d5e0bcfe47bf070") syz_mount_image$hfs(&(0x7f0000003080)='hfs\x00', &(0x7f00000030c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 11:06:17 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4008ae89, &(0x7f0000000000)={0x7b, 0x0, [0x4000009f, 0x0, 0x0, 0xfffffffffffffffd], [0xc1]}) 11:06:17 executing program 3: r0 = openat$vnet(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vhost-net\x00', 0x2, 0x0) ioctl$VHOST_SET_FEATURES(r0, 0x4008af00, &(0x7f0000000040)) [ 194.660199][T11210] hfs: can't find a HFS filesystem on dev loop1 11:06:18 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) close(r0) seccomp(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000200)=[{0x10200000006}]}) r1 = dup2(r0, r0) ioctl$RTC_IRQP_READ(r1, 0x8004700b, 0x0) 11:06:18 executing program 5: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x4000000000002, 0x4000020032, 0xffffffffffffffff, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) getsockopt$netlink(r0, 0x10e, 0x0, &(0x7f00000020c0)=""/4096, &(0x7f0000000100)=0x1000) 11:06:18 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4008ae89, &(0x7f0000000000)={0x7b, 0x0, [0x4000009f, 0x0, 0x0, 0xfffffffffffffffd], [0xc1]}) 11:06:18 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4008ae89, &(0x7f0000000000)={0x7b, 0x0, [0x0, 0x0, 0x2ff, 0xfffffffffffffffd], [0xc1]}) 11:06:18 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000240)="11dca50d5e0bcfe47bf070") syz_mount_image$hfs(&(0x7f0000003080)='hfs\x00', &(0x7f00000030c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 11:06:18 executing program 3: perf_event_open(&(0x7f000001d000)={0x2, 0x70, 0x40, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) ioctl$FS_IOC_GETFLAGS(0xffffffffffffffff, 0x80086601, 0x0) writev(r0, &(0x7f0000000000)=[{&(0x7f0000000240)="39000000130009006900000000000000ab008048080000004600010700000014190001c010000000000003f5000000000000ef38bf461e59d7", 0x39}], 0x1) [ 195.121181][ T24] audit: type=1326 audit(1564571178.407:60): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=11234 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=228 compat=0 ip=0x45c66a code=0x0 11:06:18 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4008ae89, &(0x7f0000000000)={0x7b, 0x0, [0x0, 0x0, 0x4d0, 0xfffffffffffffffd], [0xc1]}) 11:06:18 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4008ae89, &(0x7f0000000000)={0x7b, 0x0, [0x0, 0x0, 0x2ff, 0xfffffffffffffffd], [0xc1]}) [ 195.178607][T11227] hfs: can't find a HFS filesystem on dev loop1 11:06:18 executing program 5: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x4000000000002, 0x4000020032, 0xffffffffffffffff, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) getsockopt$netlink(r0, 0x10e, 0x4, 0x0, &(0x7f0000000100)) 11:06:18 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000240)="11dca50d5e0bcfe47bf070") syz_mount_image$hfs(&(0x7f0000003080)='hfs\x00', &(0x7f00000030c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000003200)) 11:06:18 executing program 3: r0 = socket$inet6(0xa, 0x201000000000002, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) sendto$inet6(r0, 0x0, 0x0, 0x8000, &(0x7f0000000080)={0xa, 0x45, 0x0, @mcast2}, 0x1c) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="7f45"], 0x2) 11:06:18 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4008ae89, &(0x7f0000000000)={0x7b, 0x0, [0x0, 0x0, 0x2ff, 0xfffffffffffffffd], [0xc1]}) [ 195.471107][T11254] hfs: can't find a HFS filesystem on dev loop1 11:06:19 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) close(r0) seccomp(0x1, 0xa, 0x0) r1 = dup2(r0, r0) ioctl$RTC_IRQP_READ(r1, 0x8004700b, 0x0) 11:06:19 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4008ae89, &(0x7f0000000000)={0x7b, 0x0, [0x0, 0x0, 0x4d0, 0xfffffffffffffffd], [0xc1]}) 11:06:19 executing program 5: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x4000000000002, 0x4000020032, 0xffffffffffffffff, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) getsockopt$netlink(r0, 0x10e, 0x4, 0x0, &(0x7f0000000100)) 11:06:19 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4008ae89, &(0x7f0000000000)={0x7b, 0x0, [0x4000009f, 0x0, 0x277, 0xfffffffffffffffd], [0xc1]}) 11:06:19 executing program 4: r0 = socket$kcm(0x10, 0x3, 0x0) r1 = socket$kcm(0x2b, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) bpf$MAP_CREATE(0x0, 0x0, 0x0) sendmsg$kcm(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000200)="2e0000001c008105e00f80ecdb4cb9f207c804a01a000000480004000a0002000a0ada1b40d805000300c50083b8", 0x2e}], 0x1}, 0x0) 11:06:19 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000240)="11dca50d5e0bcfe47bf070") syz_mount_image$hfs(&(0x7f0000003080)='hfs\x00', &(0x7f00000030c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000003200)) [ 195.991077][T11273] netlink: 6 bytes leftover after parsing attributes in process `syz-executor.4'. [ 195.993024][T11275] hfs: can't find a HFS filesystem on dev loop1 11:06:19 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) close(r0) seccomp(0x1, 0xa, 0x0) r1 = dup2(r0, r0) ioctl$RTC_IRQP_READ(r1, 0x8004700b, 0x0) 11:06:19 executing program 5: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x4000000000002, 0x4000020032, 0xffffffffffffffff, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) getsockopt$netlink(r0, 0x10e, 0x4, 0x0, &(0x7f0000000100)) [ 196.080656][T11284] netlink: 6 bytes leftover after parsing attributes in process `syz-executor.4'. 11:06:19 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4008ae89, &(0x7f0000000000)={0x7b, 0x0, [0x0, 0x0, 0x4d0, 0xfffffffffffffffd], [0xc1]}) 11:06:19 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4008ae89, &(0x7f0000000000)={0x7b, 0x0, [0x4000009f, 0x0, 0x277, 0xfffffffffffffffd], [0xc1]}) 11:06:19 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000240)="11dca50d5e0bcfe47bf070") syz_mount_image$hfs(&(0x7f0000003080)='hfs\x00', &(0x7f00000030c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000003200)) 11:06:19 executing program 4: r0 = socket$kcm(0x10, 0x3, 0x0) r1 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0) sendmsg$tipc(0xffffffffffffffff, 0x0, 0x0) r2 = socket$kcm(0x2b, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$PERF_EVENT_IOC_RESET(r1, 0x2403, 0xbf9) sendmsg$kcm(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000200)="2e0000001c008105e00f80ecdb4cb9f207c804a01a000000480004000a0002000a0ada1b40d805000300c50083b8", 0x2e}], 0x1}, 0x0) 11:06:19 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) close(r0) seccomp(0x1, 0xa, 0x0) r1 = dup2(r0, r0) ioctl$RTC_IRQP_READ(r1, 0x8004700b, 0x0) 11:06:19 executing program 2: r0 = signalfd4(0xffffffffffffffff, &(0x7f0000000040), 0x8, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x0) r1 = gettid() timer_create(0x3, &(0x7f000049efa0)={0x0, 0x14, 0x4, @tid=r1}, &(0x7f0000044000)) read(r0, &(0x7f00000000c0)=""/240, 0xf0) timer_settime(0x0, 0x1, &(0x7f00009c8000)={{}, {0x0, 0x9}}, 0x0) [ 196.302280][T11299] hfs: can't find a HFS filesystem on dev loop1 11:06:19 executing program 5: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x4000000000002, 0x4000020032, 0xffffffffffffffff, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) getsockopt$netlink(r0, 0x10e, 0x4, &(0x7f00000020c0)=""/4096, 0x0) 11:06:19 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4008ae89, &(0x7f0000000000)={0x7b, 0x0, [0x4000009f, 0x0, 0x277, 0xfffffffffffffffd], [0xc1]}) [ 196.408721][T11303] netlink: 6 bytes leftover after parsing attributes in process `syz-executor.4'. 11:06:19 executing program 1: r0 = signalfd4(0xffffffffffffffff, &(0x7f0000000040), 0x8, 0x0) r1 = gettid() timer_create(0x3, &(0x7f000049efa0)={0x0, 0x14, 0x4, @tid=r1}, &(0x7f0000044000)) read(r0, &(0x7f00000000c0)=""/240, 0xf0) timer_settime(0x0, 0x1, &(0x7f00009c8000)={{}, {0x0, 0x9}}, 0x0) 11:06:19 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) close(r0) seccomp(0x1, 0xa, &(0x7f0000000040)={0x0, 0x0}) r1 = dup2(r0, r0) ioctl$RTC_IRQP_READ(r1, 0x8004700b, 0x0) [ 196.521286][T11316] netlink: 6 bytes leftover after parsing attributes in process `syz-executor.4'. 11:06:19 executing program 5: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x4000000000002, 0x4000020032, 0xffffffffffffffff, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) getsockopt$netlink(r0, 0x10e, 0x4, &(0x7f00000020c0)=""/4096, 0x0) 11:06:19 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4008ae89, &(0x7f0000000000)={0x7b, 0x0, [0x4000009f, 0x0, 0x277, 0xfffffffffffffffd], [0xc1]}) 11:06:20 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_ENABLE_CAP_CPU(0xffffffffffffffff, 0x4008ae89, &(0x7f0000000000)={0x7b, 0x0, [0x4000009f, 0x0, 0x277, 0xfffffffffffffffd], [0xc1]}) 11:06:20 executing program 4: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0) fchdir(r0) r1 = creat(&(0x7f0000000700)='./bus\x00', 0x0) ioctl$FS_IOC_FIEMAP(r1, 0xc020660b, &(0x7f0000000680)=ANY=[@ANYBLOB="0100010000000000010000000100000002"]) 11:06:20 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) close(r0) seccomp(0x1, 0xa, &(0x7f0000000040)={0x0, 0x0}) r1 = dup2(r0, r0) ioctl$RTC_IRQP_READ(r1, 0x8004700b, 0x0) 11:06:20 executing program 5: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x4000000000002, 0x4000020032, 0xffffffffffffffff, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) getsockopt$netlink(r0, 0x10e, 0x4, &(0x7f00000020c0)=""/4096, 0x0) 11:06:20 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) close(r0) seccomp(0x1, 0xa, &(0x7f0000000040)={0x0, 0x0}) r1 = dup2(r0, r0) ioctl$RTC_IRQP_READ(r1, 0x8004700b, 0x0) 11:06:22 executing program 2: r0 = signalfd4(0xffffffffffffffff, &(0x7f0000000040), 0x8, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x0) r1 = gettid() timer_create(0x3, &(0x7f000049efa0)={0x0, 0x14, 0x4, @tid=r1}, &(0x7f0000044000)) read(r0, &(0x7f00000000c0)=""/240, 0xf0) timer_settime(0x0, 0x1, &(0x7f00009c8000)={{}, {0x0, 0x9}}, 0x0) 11:06:22 executing program 4: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000b40)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000940)=@migrate={0xac, 0x21, 0xc21, 0x0, 0x0, {{@in=@local, @in=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2a0ffffffff}}, [@migrate={0x5c, 0x11, [{@in=@multicast2, @in6=@local}, {@in=@multicast2, @in6=@mcast2}]}]}, 0xac}}, 0x0) 11:06:22 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) close(r0) seccomp(0x1, 0xa, &(0x7f0000000040)={0x0, &(0x7f0000000200)}) r1 = dup2(r0, r0) ioctl$RTC_IRQP_READ(r1, 0x8004700b, 0x0) 11:06:22 executing program 1: r0 = socket$inet6(0xa, 0x5, 0x0) shutdown(r0, 0x0) setsockopt$inet6_int(r0, 0x29, 0x1000000000021, &(0x7f00000005c0)=0x1, 0x4) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") bind$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [], 0xe}, 0x2}, 0x1c) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @loopback}, 0x1c) 11:06:22 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_ENABLE_CAP_CPU(0xffffffffffffffff, 0x4008ae89, &(0x7f0000000000)={0x7b, 0x0, [0x4000009f, 0x0, 0x277, 0xfffffffffffffffd], [0xc1]}) 11:06:22 executing program 5: mknod$loop(&(0x7f0000000000)='./file0\x00', 0x0, 0xffffffffffffffff) mount(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000140)='ceph.', 0x0, 0x0) 11:06:22 executing program 4: r0 = syz_init_net_socket$netrom(0x6, 0x5, 0x0) getsockopt$netrom_NETROM_T2(r0, 0x103, 0x3, 0x0, &(0x7f0000000040)) 11:06:22 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) close(r0) seccomp(0x1, 0xa, &(0x7f0000000040)={0x0, &(0x7f0000000200)}) r1 = dup2(r0, r0) ioctl$RTC_IRQP_READ(r1, 0x8004700b, 0x0) 11:06:22 executing program 4: r0 = syz_open_dev$binder(&(0x7f00000000c0)='/dev/binder#\x00', 0x0, 0x0) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000040)) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000080)={0x14, 0x0, &(0x7f0000000300)=[@increfs_done={0x40046304}], 0x0, 0x0, 0x0}) 11:06:22 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_ENABLE_CAP_CPU(0xffffffffffffffff, 0x4008ae89, &(0x7f0000000000)={0x7b, 0x0, [0x4000009f, 0x0, 0x277, 0xfffffffffffffffd], [0xc1]}) 11:06:22 executing program 5: r0 = openat$vnet(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vhost-net\x00', 0x2, 0x0) ioctl$int_in(r0, 0x40000000af01, 0x0) ioctl$VHOST_NET_SET_BACKEND(r0, 0x4008af30, &(0x7f0000000000)={0x2}) 11:06:23 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) close(r0) seccomp(0x1, 0xa, &(0x7f0000000040)={0x0, &(0x7f0000000200)}) r1 = dup2(r0, r0) ioctl$RTC_IRQP_READ(r1, 0x8004700b, 0x0) [ 199.745200][T11380] binder: 11376:11380 unknown command 0 [ 199.752124][T11380] binder: 11376:11380 ioctl c0306201 20000080 returned -22 [ 199.793107][T11383] binder: 11376:11383 unknown command 0 [ 199.819002][T11383] binder: 11376:11383 ioctl c0306201 20000080 returned -22 11:06:25 executing program 2: 11:06:25 executing program 1: mknod$loop(&(0x7f0000000000)='./file0\x00', 0x0, 0xffffffffffffffff) mount(&(0x7f0000000040)=ANY=[@ANYBLOB='[d::]:'], &(0x7f0000000100)='./file0\x00', &(0x7f0000000140)='ceph\x00', 0x0, 0x0) 11:06:25 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) close(r0) seccomp(0x1, 0xa, &(0x7f0000000040)={0x1, &(0x7f0000000200)=[{}]}) r1 = dup2(r0, r0) ioctl$RTC_IRQP_READ(r1, 0x8004700b, 0x0) 11:06:25 executing program 4: 11:06:25 executing program 5: 11:06:25 executing program 3: openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r0, 0x4008ae89, &(0x7f0000000000)={0x7b, 0x0, [0x4000009f, 0x0, 0x277, 0xfffffffffffffffd], [0xc1]}) 11:06:25 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) close(r0) seccomp(0x1, 0xa, &(0x7f0000000040)={0x1, &(0x7f0000000200)=[{}]}) r1 = dup2(r0, r0) ioctl$RTC_IRQP_READ(r1, 0x8004700b, 0x0) 11:06:25 executing program 5: 11:06:25 executing program 4: 11:06:25 executing program 3: openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r0, 0x4008ae89, &(0x7f0000000000)={0x7b, 0x0, [0x4000009f, 0x0, 0x277, 0xfffffffffffffffd], [0xc1]}) [ 202.619207][ T2881] libceph: connect (1)[d::]:6789 error -101 [ 202.634728][ T2881] libceph: mon0 (1)[d::]:6789 connect error 11:06:26 executing program 2: 11:06:26 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) close(r0) seccomp(0x1, 0xa, &(0x7f0000000040)={0x1, &(0x7f0000000200)=[{}]}) r1 = dup2(r0, r0) ioctl$RTC_IRQP_READ(r1, 0x8004700b, 0x0) 11:06:26 executing program 5: 11:06:26 executing program 1: 11:06:26 executing program 3: openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r0, 0x4008ae89, &(0x7f0000000000)={0x7b, 0x0, [0x4000009f, 0x0, 0x277, 0xfffffffffffffffd], [0xc1]}) 11:06:26 executing program 4: 11:06:26 executing program 2: 11:06:26 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) close(r0) seccomp(0x1, 0xa, &(0x7f0000000040)={0x1, &(0x7f0000000200)=[{0x10200000006}]}) r1 = dup2(0xffffffffffffffff, r0) ioctl$RTC_IRQP_READ(r1, 0x8004700b, 0x0) 11:06:26 executing program 5: [ 203.360373][T11430] ceph: Failed to create client [ 203.372874][ T5] libceph: connect (1)[d::]:6789 error -101 [ 203.378835][ T5] libceph: mon0 (1)[d::]:6789 connect error 11:06:26 executing program 2: 11:06:26 executing program 4: syz_read_part_table(0x0, 0x1, &(0x7f00000002c0)=[{&(0x7f0000000100)="2b0f6e66142927108ecc60ed31e68814ee0b833da177dd3600816fbeba9c699983d600954ee37e9753c8344b9b48ac3c7fc5547bfc5b69656d78f9c8474bcb28c731f3336590092a952e904faab98fae66246b1720ebf272e42df79febe72245c0a922be196281640213b7616b425ceddf46c8bd782c57a6432e382a44b5d0e2bcedec2eb9a04e6bcbcb66c632a5abd0d6b02f72de6f110bbb6b3fc5a87c9fd8da13aac8f6a7cae97968032788f2206e73ddbfb7aec32577f63059175a83bf", 0xbf, 0x100}]) syz_read_part_table(0x0, 0x8ab7f30805c3de4, &(0x7f0000000080)=[{&(0x7f0000000000)="02000f00000001000000ff07000000000000000000000000000000000000000000004200000000000000000000000000000000000000000000000000000055aa", 0x40, 0x1c0}]) 11:06:26 executing program 3: r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r1, 0x4008ae89, &(0x7f0000000000)={0x7b, 0x0, [0x4000009f, 0x0, 0x277, 0xfffffffffffffffd], [0xc1]}) 11:06:26 executing program 5: perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0xf7d, 0x1, 0x0, 0x0, 0x0, 0x2000000000, 0x460, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 11:06:26 executing program 1: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x3) setsockopt$sock_linger(r0, 0x1, 0xd, &(0x7f00000000c0)={0xfffffffffbfffffb, 0x101}, 0x8) close(r0) [ 203.494082][ T24] audit: type=1326 audit(1564571186.787:61): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=11435 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=228 compat=0 ip=0x45c66a code=0x0 [ 203.554510][T11443] Dev loop4: unable to read RDB block 1 [ 203.594460][T11443] loop4: unable to read partition table 11:06:26 executing program 3: r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r1, 0x4008ae89, &(0x7f0000000000)={0x7b, 0x0, [0x4000009f, 0x0, 0x277, 0xfffffffffffffffd], [0xc1]}) 11:06:26 executing program 2: perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0xf7d, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x2000000802, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000f68000)={@loopback, 0x0, 0x0, 0xff, 0x1}, 0x20) [ 203.641160][T11443] loop4: partition table beyond EOD, truncated [ 203.678734][T11443] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) 11:06:27 executing program 3: r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r1, 0x4008ae89, &(0x7f0000000000)={0x7b, 0x0, [0x4000009f, 0x0, 0x277, 0xfffffffffffffffd], [0xc1]}) 11:06:27 executing program 5: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0x0, 0x0) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000340)={0x4, 0x0, &(0x7f0000000300)=[@enter_looper], 0x0, 0x0, 0x0}) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000200)={0x20, 0x0, &(0x7f0000000140)=[@acquire, @free_buffer, @dead_binder_done], 0x6, 0x0, &(0x7f0000000180)="0254a7476a59"}) ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000380)={0x28, 0x0, &(0x7f0000000440)=[@acquire, @request_death, @clear_death], 0x0, 0x0, 0x0}) [ 203.816388][T11443] Dev loop4: unable to read RDB block 1 [ 203.845618][T11443] loop4: unable to read partition table 11:06:27 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4008ae89, &(0x7f0000000000)={0x7b, 0x0, [0x4000009f, 0x0, 0x277, 0xfffffffffffffffd], [0xc1]}) [ 203.867611][T11443] loop4: partition table beyond EOD, truncated [ 203.908972][T11443] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) 11:06:27 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) close(r0) seccomp(0x1, 0xa, &(0x7f0000000040)={0x1, &(0x7f0000000200)=[{0x10200000006}]}) r1 = dup2(0xffffffffffffffff, r0) ioctl$RTC_IRQP_READ(r1, 0x8004700b, 0x0) 11:06:27 executing program 2: r0 = openat$autofs(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TCSETS2(r0, 0x402c542b, &(0x7f0000000240)={0x74b9119e, 0x2, 0x5, 0x8, 0x7, "66a2ec4a16f20576a442619a27ddfbc92bfd9d", 0x7fffffff, 0x3}) perf_event_open(&(0x7f0000000580)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet6_udp_encap(r0, 0x11, 0x64, &(0x7f0000000100)=0x7, 0x4) getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000040)={0x0, 0x48, &(0x7f0000000140)=[@in={0x2, 0x4e20, @rand_addr=0x64}, @in6={0xa, 0x4e23, 0x0, @dev, 0x1ff}, @in6={0xa, 0x0, 0x0, @ipv4={[], [], @local}}]}, 0x0) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x76, &(0x7f00000001c0)={0x0, 0x80}, &(0x7f0000000200)=0x8) ioctl$sock_inet6_SIOCADDRT(0xffffffffffffffff, 0x890b, &(0x7f0000000480)={@ipv4={[], [], @dev}, @initdev={0xfe, 0x88, [], 0x1}, @dev={0xfe, 0x80, [], 0x10}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x108}) prctl$PR_MCE_KILL_GET(0x22) ioctl$sock_inet_SIOCSIFADDR(r1, 0x8916, 0x0) prlimit64(0x0, 0x0, &(0x7f0000000280)={0x0, 0x6}, &(0x7f0000000340)) r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptmx\x00', 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_ELEM_READ(r0, 0xc4c85512, 0x0) ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000080)=0x1) gettid() 11:06:27 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4008ae89, &(0x7f0000000000)={0x7b, 0x0, [0x4000009f, 0x0, 0x277, 0xfffffffffffffffd], [0xc1]}) 11:06:27 executing program 5: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0x0, 0x0) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000340)={0x4, 0x0, &(0x7f0000000300)=[@enter_looper], 0x0, 0x0, 0x0}) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000200)={0x20, 0x0, &(0x7f0000000140)=[@acquire, @free_buffer, @dead_binder_done], 0x6, 0x0, &(0x7f0000000180)="0254a7476a59"}) ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000380)={0x28, 0x0, &(0x7f0000000440)=[@acquire, @request_death, @clear_death], 0x0, 0x0, 0x0}) 11:06:27 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0x0, 0x0) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000340)={0x4, 0x0, &(0x7f0000000300)=[@enter_looper], 0x0, 0x0, 0x0}) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000200)={0x20, 0x0, &(0x7f0000000140)=[@acquire, @free_buffer, @dead_binder_done], 0x6, 0x0, &(0x7f0000000180)="0254a7476a59"}) ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000380)={0x28, 0x0, &(0x7f0000000440)=[@acquire, @request_death, @clear_death], 0x0, 0x0, 0x0}) 11:06:27 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4008ae89, &(0x7f0000000000)={0x7b, 0x0, [0x4000009f, 0x0, 0x277, 0xfffffffffffffffd], [0xc1]}) [ 204.312267][ T24] audit: type=1326 audit(1564571187.597:62): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=11492 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=228 compat=0 ip=0x45c66a code=0x0 11:06:27 executing program 1: socketpair$unix(0x1, 0x5, 0x0, 0x0) ioctl$VIDIOC_G_FREQUENCY(0xffffffffffffffff, 0xc02c5638, &(0x7f00000000c0)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000080)='/dev/loop-control\x00', 0x0, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) 11:06:27 executing program 4: socketpair$unix(0x1, 0x5, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000080)='/dev/loop-control\x00', 0x0, 0x0) openat$pfkey(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) 11:06:27 executing program 5: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0x0, 0x0) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000340)={0x4, 0x0, &(0x7f0000000300)=[@enter_looper], 0x0, 0x0, 0x0}) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000200)={0x20, 0x0, &(0x7f0000000140)=[@acquire, @free_buffer, @dead_binder_done], 0x6, 0x0, &(0x7f0000000180)="0254a7476a59"}) ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000380)={0x28, 0x0, &(0x7f0000000440)=[@acquire, @request_death, @clear_death], 0x0, 0x0, 0x0}) 11:06:27 executing program 3: openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r1, 0x4008ae89, &(0x7f0000000000)={0x7b, 0x0, [0x4000009f, 0x0, 0x277, 0xfffffffffffffffd], [0xc1]}) 11:06:27 executing program 2: r0 = openat$autofs(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TCSETS2(r0, 0x402c542b, &(0x7f0000000240)={0x74b9119e, 0x2, 0x5, 0x8, 0x7, "66a2ec4a16f20576a442619a27ddfbc92bfd9d", 0x7fffffff, 0x3}) perf_event_open(&(0x7f0000000580)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet6_udp_encap(r0, 0x11, 0x64, &(0x7f0000000100)=0x7, 0x4) getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000040)={0x0, 0x48, &(0x7f0000000140)=[@in={0x2, 0x4e20, @rand_addr=0x64}, @in6={0xa, 0x4e23, 0x0, @dev, 0x1ff}, @in6={0xa, 0x0, 0x0, @ipv4={[], [], @local}}]}, 0x0) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x76, &(0x7f00000001c0)={0x0, 0x80}, &(0x7f0000000200)=0x8) ioctl$sock_inet6_SIOCADDRT(0xffffffffffffffff, 0x890b, &(0x7f0000000480)={@ipv4={[], [], @dev}, @initdev={0xfe, 0x88, [], 0x1}, @dev={0xfe, 0x80, [], 0x10}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x108}) prctl$PR_MCE_KILL_GET(0x22) ioctl$sock_inet_SIOCSIFADDR(r1, 0x8916, 0x0) prlimit64(0x0, 0x0, &(0x7f0000000280)={0x0, 0x6}, &(0x7f0000000340)) r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptmx\x00', 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_ELEM_READ(r0, 0xc4c85512, 0x0) ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000080)=0x1) gettid() 11:06:27 executing program 3: openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r1, 0x4008ae89, &(0x7f0000000000)={0x7b, 0x0, [0x4000009f, 0x0, 0x277, 0xfffffffffffffffd], [0xc1]}) 11:06:28 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) close(r0) seccomp(0x1, 0xa, &(0x7f0000000040)={0x1, &(0x7f0000000200)=[{0x10200000006}]}) r1 = dup2(0xffffffffffffffff, r0) ioctl$RTC_IRQP_READ(r1, 0x8004700b, 0x0) 11:06:28 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfe47bf070") r1 = socket(0x2, 0x80002, 0x0) close(r1) pipe(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) close(r3) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x2, 0x4, 0x4, 0x1}, 0x3c) splice(r1, 0x0, r3, 0x0, 0xbe, 0x0) close(r3) write$binfmt_elf64(r2, &(0x7f0000001240)=ANY=[@ANYPTR64], 0x193) 11:06:28 executing program 3: openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r1, 0x4008ae89, &(0x7f0000000000)={0x7b, 0x0, [0x4000009f, 0x0, 0x277, 0xfffffffffffffffd], [0xc1]}) 11:06:28 executing program 2: msgctl$IPC_STAT(0x0, 0x2, 0x0) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000000)) syz_open_dev$adsp(&(0x7f00000001c0)='/dev/adsp#\x00', 0x1, 0x0) openat$fuse(0xffffffffffffff9c, &(0x7f0000000200)='/dev/fuse\x00', 0x2, 0x0) openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0) r0 = dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x80000) write$FUSE_NOTIFY_INVAL_INODE(r0, 0x0, 0x4d165f2f4ff1a34b) r1 = getpid() sched_setscheduler(r1, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = syz_open_dev$loop(&(0x7f00000000c0)='/dev/loop#\x00', 0x0, 0x182) mknodat(0xffffffffffffffff, &(0x7f0000000180)='./file0\x00', 0x200, 0x0) r3 = memfd_create(&(0x7f00000003c0)='-bdevlo\x00', 0x0) ftruncate(r3, 0x321) ioctl$PIO_FONTRESET(0xffffffffffffffff, 0x4b6d, 0x0) openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/qat_adf_ctl\x00', 0x800, 0x0) ioctl$LOOP_CHANGE_FD(r2, 0x4c00, r3) sendfile(r2, r3, 0x0, 0x2000005) dup2(r3, r2) 11:06:28 executing program 5: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0x0, 0x0) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000340)={0x4, 0x0, &(0x7f0000000300)=[@enter_looper], 0x0, 0x0, 0x0}) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000200)={0x20, 0x0, &(0x7f0000000140)=[@acquire, @free_buffer, @dead_binder_done], 0x6, 0x0, &(0x7f0000000180)="0254a7476a59"}) ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000380)={0x28, 0x0, &(0x7f0000000440)=[@acquire, @request_death, @clear_death], 0x0, 0x0, 0x0}) 11:06:28 executing program 1: socketpair$unix(0x1, 0x5, 0x0, 0x0) ioctl$VIDIOC_G_FREQUENCY(0xffffffffffffffff, 0xc02c5638, &(0x7f00000000c0)={0x2}) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000080)='/dev/loop-control\x00', 0x0, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) 11:06:28 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r1, 0x4008ae89, &(0x7f0000000000)={0x7b, 0x0, [0x4000009f, 0x0, 0x277, 0xfffffffffffffffd], [0xc1]}) 11:06:28 executing program 5: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0x0, 0x0) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000340)={0x4, 0x0, &(0x7f0000000300)=[@enter_looper], 0x0, 0x0, 0x0}) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000200)={0x20, 0x0, &(0x7f0000000140)=[@acquire, @free_buffer, @dead_binder_done], 0x6, 0x0, &(0x7f0000000180)="0254a7476a59"}) ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0) [ 205.297457][ T24] audit: type=1326 audit(1564571188.587:63): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=11563 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=228 compat=0 ip=0x45c66a code=0x0 11:06:28 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000000)='/dev/vbi#\x00', 0x1, 0x2) r1 = memfd_create(&(0x7f0000000140)='\\\x00', 0x4) ftruncate(r1, 0x1000000) prctl$PR_GET_NAME(0x10, 0x0) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r1, &(0x7f00000000c0)=0xf18002, 0xeefffdee) ioctl$SNDRV_TIMER_IOCTL_INFO(r0, 0x80e85411, &(0x7f0000000340)=""/4096) 11:06:28 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r1, 0x4008ae89, &(0x7f0000000000)={0x7b, 0x0, [0x4000009f, 0x0, 0x277, 0xfffffffffffffffd], [0xc1]}) 11:06:28 executing program 5: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0x0, 0x0) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000340)={0x4, 0x0, &(0x7f0000000300)=[@enter_looper], 0x0, 0x0, 0x0}) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000200)={0x20, 0x0, &(0x7f0000000140)=[@acquire, @free_buffer, @dead_binder_done], 0x6, 0x0, &(0x7f0000000180)="0254a7476a59"}) ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0) 11:06:28 executing program 1: 11:06:29 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) close(r0) seccomp(0x1, 0xa, &(0x7f0000000040)={0x1, &(0x7f0000000200)=[{0x10200000006}]}) r1 = dup2(r0, 0xffffffffffffffff) ioctl$RTC_IRQP_READ(r1, 0x8004700b, 0x0) 11:06:29 executing program 2: msgctl$IPC_STAT(0x0, 0x2, 0x0) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000000)) syz_open_dev$adsp(&(0x7f00000001c0)='/dev/adsp#\x00', 0x1, 0x0) openat$fuse(0xffffffffffffff9c, &(0x7f0000000200)='/dev/fuse\x00', 0x2, 0x0) openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0) r0 = dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x80000) write$FUSE_NOTIFY_INVAL_INODE(r0, 0x0, 0x4d165f2f4ff1a34b) r1 = getpid() sched_setscheduler(r1, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = syz_open_dev$loop(&(0x7f00000000c0)='/dev/loop#\x00', 0x0, 0x182) mknodat(0xffffffffffffffff, &(0x7f0000000180)='./file0\x00', 0x200, 0x0) r3 = memfd_create(&(0x7f00000003c0)='-bdevlo\x00', 0x0) ftruncate(r3, 0x321) ioctl$PIO_FONTRESET(0xffffffffffffffff, 0x4b6d, 0x0) openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/qat_adf_ctl\x00', 0x800, 0x0) ioctl$LOOP_CHANGE_FD(r2, 0x4c00, r3) sendfile(r2, r3, 0x0, 0x2000005) dup2(r3, r2) 11:06:29 executing program 1: 11:06:29 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r1, 0x4008ae89, &(0x7f0000000000)={0x7b, 0x0, [0x4000009f, 0x0, 0x277, 0xfffffffffffffffd], [0xc1]}) 11:06:29 executing program 1: 11:06:29 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(0xffffffffffffffff, 0x4008ae89, &(0x7f0000000000)={0x7b, 0x0, [0x4000009f, 0x0, 0x277, 0xfffffffffffffffd], [0xc1]}) 11:06:29 executing program 1: [ 206.176487][ T24] audit: type=1326 audit(1564571189.467:64): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=11604 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=228 compat=0 ip=0x45c66a code=0x0 11:06:29 executing program 2: 11:06:29 executing program 4: 11:06:29 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(0xffffffffffffffff, 0x4008ae89, &(0x7f0000000000)={0x7b, 0x0, [0x4000009f, 0x0, 0x277, 0xfffffffffffffffd], [0xc1]}) 11:06:29 executing program 5: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0x0, 0x0) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000340)={0x4, 0x0, &(0x7f0000000300)=[@enter_looper], 0x0, 0x0, 0x0}) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000200)={0x20, 0x0, &(0x7f0000000140)=[@acquire, @free_buffer, @dead_binder_done], 0x6, 0x0, &(0x7f0000000180)="0254a7476a59"}) ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0) 11:06:29 executing program 1: 11:06:30 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) close(r0) seccomp(0x1, 0xa, &(0x7f0000000040)={0x1, &(0x7f0000000200)=[{0x10200000006}]}) r1 = dup2(r0, 0xffffffffffffffff) ioctl$RTC_IRQP_READ(r1, 0x8004700b, 0x0) 11:06:30 executing program 2: 11:06:30 executing program 4: 11:06:30 executing program 1: 11:06:30 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(0xffffffffffffffff, 0x4008ae89, &(0x7f0000000000)={0x7b, 0x0, [0x4000009f, 0x0, 0x277, 0xfffffffffffffffd], [0xc1]}) 11:06:30 executing program 2: 11:06:30 executing program 1: 11:06:30 executing program 4: 11:06:30 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4008ae89, 0x0) [ 207.109879][ T24] audit: type=1326 audit(1564571190.397:65): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=11640 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=228 compat=0 ip=0x45c66a code=0x0 11:06:30 executing program 2: 11:06:30 executing program 5: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0x0, 0x0) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000340)={0x4, 0x0, &(0x7f0000000300)=[@enter_looper], 0x0, 0x0, 0x0}) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000200)={0x20, 0x0, &(0x7f0000000140)=[@acquire, @free_buffer, @dead_binder_done], 0x6, 0x0, &(0x7f0000000180)="0254a7476a59"}) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000380)={0x28, 0x0, &(0x7f0000000440)=[@acquire, @request_death, @clear_death], 0x0, 0x0, 0x0}) 11:06:30 executing program 1: 11:06:31 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) close(r0) seccomp(0x1, 0xa, &(0x7f0000000040)={0x1, &(0x7f0000000200)=[{0x10200000006}]}) r1 = dup2(r0, 0xffffffffffffffff) ioctl$RTC_IRQP_READ(r1, 0x8004700b, 0x0) 11:06:31 executing program 4: 11:06:31 executing program 2: 11:06:31 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4008ae89, 0x0) 11:06:31 executing program 1: 11:06:31 executing program 2: 11:06:31 executing program 1: 11:06:31 executing program 4: 11:06:31 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4008ae89, 0x0) [ 207.976842][ T24] audit: type=1326 audit(1564571191.267:66): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=11671 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=228 compat=0 ip=0x45c66a code=0x0 11:06:31 executing program 2: 11:06:31 executing program 5: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0x0, 0x0) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000340)={0x4, 0x0, &(0x7f0000000300)=[@enter_looper], 0x0, 0x0, 0x0}) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000200)={0x20, 0x0, &(0x7f0000000140)=[@acquire, @free_buffer, @dead_binder_done], 0x6, 0x0, &(0x7f0000000180)="0254a7476a59"}) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000380)={0x28, 0x0, &(0x7f0000000440)=[@acquire, @request_death, @clear_death], 0x0, 0x0, 0x0}) 11:06:31 executing program 1: 11:06:32 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) close(r0) seccomp(0x1, 0xa, &(0x7f0000000040)={0x1, &(0x7f0000000200)=[{0x10200000006}]}) dup2(r0, r0) ioctl$RTC_IRQP_READ(0xffffffffffffffff, 0x8004700b, 0x0) 11:06:32 executing program 4: 11:06:32 executing program 2: 11:06:32 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4008ae89, &(0x7f0000000000)={0x0, 0x0, [0x4000009f, 0x0, 0x277, 0xfffffffffffffffd], [0xc1]}) 11:06:32 executing program 1: 11:06:32 executing program 1: 11:06:32 executing program 2: 11:06:32 executing program 4: [ 208.869858][ T24] audit: type=1326 audit(1564571192.157:67): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=11702 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=228 compat=0 ip=0x45c66a code=0x0 11:06:32 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4008ae89, &(0x7f0000000000)={0x0, 0x0, [0x4000009f, 0x0, 0x277, 0xfffffffffffffffd], [0xc1]}) 11:06:32 executing program 2: 11:06:32 executing program 5: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0x0, 0x0) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000340)={0x4, 0x0, &(0x7f0000000300)=[@enter_looper], 0x0, 0x0, 0x0}) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000200)={0x20, 0x0, &(0x7f0000000140)=[@acquire, @free_buffer, @dead_binder_done], 0x6, 0x0, &(0x7f0000000180)="0254a7476a59"}) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000380)={0x28, 0x0, &(0x7f0000000440)=[@acquire, @request_death, @clear_death], 0x0, 0x0, 0x0}) 11:06:32 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$video(&(0x7f00000000c0)='/dev/video#\x00', 0x400000086, 0x0) ioctl$VIDIOC_S_SELECTION(r0, 0xc0d05605, &(0x7f0000000000)={0x2}) 11:06:32 executing program 2: openat$qat_adf_ctl(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4) openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$KVM_SET_XCRS(0xffffffffffffffff, 0x4188aea7, 0x0) openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) setsockopt$sock_timeval(0xffffffffffffffff, 0x1, 0x14, 0x0, 0x0) setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0) getsockopt$inet_sctp_SCTP_SOCKOPT_PEELOFF(0xffffffffffffffff, 0x84, 0x66, 0x0, 0x0) ioctl$TIOCLINUX2(0xffffffffffffffff, 0x541c, &(0x7f0000000380)={0x2, 0xfd}) sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000e68000)={0x2, 0x0, @local}, 0x10) fcntl$setflags(0xffffffffffffffff, 0x2, 0x0) r0 = syz_open_dev$sndtimer(&(0x7f0000000000)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0xc0145401, &(0x7f0000000040)={0x3, 0x4, 0x0, 0x40000003}) setsockopt$inet_tcp_TCP_CONGESTION(0xffffffffffffffff, 0x6, 0xd, 0x0, 0x0) 11:06:32 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) close(r0) seccomp(0x1, 0xa, &(0x7f0000000040)={0x1, &(0x7f0000000200)=[{0x10200000006}]}) dup2(r0, r0) ioctl$RTC_IRQP_READ(0xffffffffffffffff, 0x8004700b, 0x0) 11:06:32 executing program 4: r0 = socket$inet6(0xa, 0x800000000000002, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x7}, 0x1c) setsockopt$sock_int(r0, 0x1, 0xb, &(0x7f0000000040)=0x4e6, 0x4) sendmmsg(r0, &(0x7f0000008e80)=[{{&(0x7f00000000c0)=@in={0x2, 0x4e24}, 0x80, 0x0}}], 0x1, 0x0) 11:06:32 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4008ae89, &(0x7f0000000000)={0x0, 0x0, [0x4000009f, 0x0, 0x277, 0xfffffffffffffffd], [0xc1]}) 11:06:32 executing program 1: r0 = openat$full(0xffffffffffffff9c, &(0x7f0000000000)='/dev/full\x00', 0x20000, 0x0) write$apparmor_current(r0, &(0x7f0000000100)=@hat={'changehat ', 0x2, 0x5e, ['/dev/loop-control\x00', '\x03bdev[wlan0\x00', '\x00', '.vboxnet0']}, 0x45) socket$packet(0x11, 0x0, 0x300) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000006000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$VIDIOC_G_FREQUENCY(0xffffffffffffffff, 0xc02c5638, &(0x7f00000000c0)={0x2, 0x0, 0x6}) r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, 0x0) r2 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000080)='/dev/loop-control\x00', 0x0, 0x0) ioctl$LOOP_CTL_ADD(r2, 0x4c80, 0x0) 11:06:33 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4008ae89, &(0x7f0000000000)={0x7b, 0x0, [0x4000009f, 0x0, 0x277], [0xc1]}) 11:06:33 executing program 4: r0 = openat$full(0xffffffffffffff9c, &(0x7f0000000000)='/dev/full\x00', 0x20000, 0x0) write$apparmor_current(r0, &(0x7f0000000100)=@hat={'changehat ', 0x2, 0x5e, ['/dev/loop-control\x00', '\x03bdev[wlan0\x00', '\x00', '.vboxnet0']}, 0x45) socket$packet(0x11, 0x0, 0x300) ioctl$VIDIOC_G_FREQUENCY(0xffffffffffffffff, 0xc02c5638, &(0x7f00000000c0)={0x2, 0x0, 0x6}) getpid() r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, 0x0) r2 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000080)='/dev/loop-control\x00', 0x0, 0x0) ioctl$LOOP_CTL_ADD(r2, 0x4c80, 0x0) 11:06:33 executing program 1: r0 = socket$kcm(0x2, 0x5, 0x0) r1 = socket$kcm(0x2b, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) sendmsg$inet(r0, &(0x7f0000000280)={&(0x7f0000000040)={0x2, 0x0, @initdev}, 0x10, &(0x7f0000000240)=[{&(0x7f0000000080)='R', 0x1}], 0x1}, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0) sendmsg$kcm(r0, &(0x7f0000001d40)={&(0x7f0000000740)=@in={0x2, 0x0, @dev}, 0x80, &(0x7f0000001c00)=[{&(0x7f0000001bc0)="01", 0x1}], 0x1}, 0x0) sendmsg$inet(r0, &(0x7f0000001a00)={&(0x7f00000005c0)={0x2, 0x0, @local}, 0x10, &(0x7f0000000000)=[{&(0x7f0000000600)='0', 0x33c00}], 0x1}, 0x0) [ 209.757888][ T24] audit: type=1326 audit(1564571193.047:68): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=11736 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=228 compat=0 ip=0x45c66a code=0x0 11:06:33 executing program 2: r0 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r0, &(0x7f0000000180)={0x2, 0x0, @multicast1}, 0x10) [ 209.846050][T11747] kvm [11743]: vcpu0, guest rIP: 0xfff0 disabled perfctr wrmsr: 0xc1 data 0x0 11:06:33 executing program 4: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup.cpu\x00', 0x200002, 0x0) fchdir(r0) r1 = creat(&(0x7f00000000c0)='./bus\x00', 0x0) r2 = creat(&(0x7f0000000200)='./bus\x00', 0x0) ftruncate(r2, 0x208200) r3 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) sendfile(r2, r3, 0x0, 0x8000fffffffe) r4 = open(&(0x7f0000000140)='./bus\x00', 0x141042, 0x0) r5 = creat(&(0x7f00000001c0)='./file0\x00', 0x0) write$P9_RREMOVE(r5, &(0x7f0000000280)={0x7}, 0xff7f) syncfs(r1) ioctl$EXT4_IOC_MOVE_EXT(r4, 0xc028660f, &(0x7f0000000100)={0x0, r5}) 11:06:33 executing program 5: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0x0, 0x0) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000200)={0x20, 0x0, &(0x7f0000000140)=[@acquire, @free_buffer, @dead_binder_done], 0x6, 0x0, &(0x7f0000000180)="0254a7476a59"}) ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000380)={0x28, 0x0, &(0x7f0000000440)=[@acquire, @request_death, @clear_death], 0x0, 0x0, 0x0}) 11:06:33 executing program 2: r0 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETUID(r0, 0x89e0, &(0x7f0000001600)={0x3, @null}) 11:06:33 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4008ae89, &(0x7f0000000000)={0x7b, 0x0, [0x4000009f, 0x0, 0x277], [0xc1]}) [ 210.094751][T11765] kvm [11764]: vcpu0, guest rIP: 0xfff0 disabled perfctr wrmsr: 0xc1 data 0x0 11:06:33 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) close(r0) seccomp(0x1, 0xa, &(0x7f0000000040)={0x1, &(0x7f0000000200)=[{0x10200000006}]}) dup2(r0, r0) ioctl$RTC_IRQP_READ(0xffffffffffffffff, 0x8004700b, 0x0) 11:06:33 executing program 2: r0 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETUID(r0, 0x89e2, &(0x7f0000001600)={0x3, @null}) 11:06:33 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000100)={0x1, &(0x7f0000000340)=[{0x6, 0x0, 0x0, 0x50000}]}) r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl$FICLONE(r0, 0x40049409, 0xffffffffffffffff) 11:06:33 executing program 5: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0x0, 0x0) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000200)={0x20, 0x0, &(0x7f0000000140)=[@acquire, @free_buffer, @dead_binder_done], 0x6, 0x0, &(0x7f0000000180)="0254a7476a59"}) ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000380)={0x28, 0x0, &(0x7f0000000440)=[@acquire, @request_death, @clear_death], 0x0, 0x0, 0x0}) 11:06:33 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4008ae89, &(0x7f0000000000)={0x7b, 0x0, [0x4000009f, 0x0, 0x277], [0xc1]}) 11:06:33 executing program 2: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000100)={0x1, &(0x7f0000000780)=[{0x6, 0x0, 0x0, 0x50000}]}) r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) write$P9_RCLUNK(r0, 0x0, 0x0) [ 210.637160][T11783] kvm [11782]: vcpu0, guest rIP: 0xfff0 disabled perfctr wrmsr: 0xc1 data 0x0 [ 210.665164][ T24] audit: type=1326 audit(1564571193.957:69): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=11785 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=228 compat=0 ip=0x45c66a code=0x0 11:06:34 executing program 1: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = fcntl$dupfd(r1, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) bpf$MAP_CREATE(0x0, &(0x7f0000000140)={0x5, 0x5, 0x81, 0x9, 0x41}, 0x3c) 11:06:34 executing program 5: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0x0, 0x0) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000200)={0x20, 0x0, &(0x7f0000000140)=[@acquire, @free_buffer, @dead_binder_done], 0x6, 0x0, &(0x7f0000000180)="0254a7476a59"}) ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000380)={0x28, 0x0, &(0x7f0000000440)=[@acquire, @request_death, @clear_death], 0x0, 0x0, 0x0}) 11:06:34 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4008ae89, &(0x7f0000000000)={0x7b, 0x0, [0x4000009f, 0x0, 0x0, 0xfffffffffffffffd], [0xc1]}) 11:06:34 executing program 4: r0 = socket$inet(0x10, 0x2, 0x0) socketpair$unix(0x1, 0x2, 0x0, 0x0) socket$inet_udplite(0x2, 0x2, 0x88) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x365f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) rt_sigtimedwait(&(0x7f00000005c0), 0x0, &(0x7f0000000200)={0x0, 0x1c9c380}, 0x8) r1 = getpid() rt_tgsigqueueinfo(r1, r1, 0x16, &(0x7f0000000100)) ptrace(0x10, r1) ptrace$pokeuser(0x6, r1, 0x388, 0xffffffffffffffff) sendmsg(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000300)="240000004a0007041dfffd946f6105000a0080001f02000000000800080000000400ff7e", 0x30c}], 0x1}, 0x0) 11:06:34 executing program 5: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f0000000340)={0x4, 0x0, &(0x7f0000000300)=[@enter_looper], 0x0, 0x0, 0x0}) ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f0000000200)={0x20, 0x0, &(0x7f0000000140)=[@acquire, @free_buffer, @dead_binder_done], 0x6, 0x0, &(0x7f0000000180)="0254a7476a59"}) ioctl$BINDER_SET_CONTEXT_MGR(0xffffffffffffffff, 0x40046207, 0x0) ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f0000000380)={0x28, 0x0, &(0x7f0000000440)=[@acquire, @request_death, @clear_death], 0x0, 0x0, 0x0}) 11:06:34 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4008ae89, &(0x7f0000000000)={0x7b, 0x0, [0x4000009f, 0x0, 0x0, 0xfffffffffffffffd], [0xc1]}) 11:06:34 executing program 5: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f0000000340)={0x4, 0x0, &(0x7f0000000300)=[@enter_looper], 0x0, 0x0, 0x0}) ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f0000000200)={0x20, 0x0, &(0x7f0000000140)=[@acquire, @free_buffer, @dead_binder_done], 0x6, 0x0, &(0x7f0000000180)="0254a7476a59"}) ioctl$BINDER_SET_CONTEXT_MGR(0xffffffffffffffff, 0x40046207, 0x0) ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f0000000380)={0x28, 0x0, &(0x7f0000000440)=[@acquire, @request_death, @clear_death], 0x0, 0x0, 0x0}) 11:06:34 executing program 1: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0xf, 0x4, 0x4, 0x9}, 0x11) bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000300)={r0, &(0x7f00000002c0)="b8"}, 0x10) 11:06:34 executing program 2: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f00000000c0)={0xa, 0x4e22}, 0x1c) listen(r1, 0x81) ioctl$DRM_IOCTL_GET_STATS(0xffffffffffffffff, 0x80f86406, 0x0) sendto$inet6(r0, 0x0, 0xfffffffffffffe32, 0x20004004, &(0x7f0000000040)={0xa, 0x20004e22, 0x0, @loopback}, 0x1c) setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f0000000000)='tls\x00', 0xc498ead121f97dd6) setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x1, &(0x7f0000000100)=@ccm_128={{0x303}, "91f5c9a1938f2b24", "596cdaad2f281b7cecca45f96ebb092d", "59a15945", "5e0d124dd7fdc23f"}, 0x28) sendto$inet6(r0, &(0x7f00000005c0), 0xffffffffffffffc1, 0x0, 0x0, 0x1201000000003618) 11:06:34 executing program 4: r0 = socket$inet(0x10, 0x2, 0x0) socketpair$unix(0x1, 0x2, 0x0, 0x0) socket$inet_udplite(0x2, 0x2, 0x88) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x365f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) rt_sigtimedwait(&(0x7f00000005c0), 0x0, &(0x7f0000000200)={0x0, 0x1c9c380}, 0x8) r1 = getpid() rt_tgsigqueueinfo(r1, r1, 0x16, &(0x7f0000000100)) ptrace(0x10, r1) ptrace$pokeuser(0x6, r1, 0x388, 0xffffffffffffffff) sendmsg(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000300)="240000004a0007041dfffd946f6105000a0080001f02000000000800080000000400ff7e", 0x30c}], 0x1}, 0x0) 11:06:34 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4008ae89, &(0x7f0000000000)={0x7b, 0x0, [0x4000009f, 0x0, 0x0, 0xfffffffffffffffd], [0xc1]}) 11:06:34 executing program 0: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000200)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128l-generic\x00'}, 0x58) setsockopt$ALG_SET_AEAD_AUTHSIZE(r0, 0x117, 0x5, 0x0, 0x0) 11:06:34 executing program 1: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0xf, 0x4, 0x4, 0x9}, 0x11) bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000300)={r0, &(0x7f00000002c0)="b8"}, 0x10) 11:06:34 executing program 5: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f0000000340)={0x4, 0x0, &(0x7f0000000300)=[@enter_looper], 0x0, 0x0, 0x0}) ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f0000000200)={0x20, 0x0, &(0x7f0000000140)=[@acquire, @free_buffer, @dead_binder_done], 0x6, 0x0, &(0x7f0000000180)="0254a7476a59"}) ioctl$BINDER_SET_CONTEXT_MGR(0xffffffffffffffff, 0x40046207, 0x0) ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f0000000380)={0x28, 0x0, &(0x7f0000000440)=[@acquire, @request_death, @clear_death], 0x0, 0x0, 0x0}) 11:06:34 executing program 4: socket$inet(0x10, 0x2, 0x0) socketpair$unix(0x1, 0x2, 0x0, 0x0) socket$inet_udplite(0x2, 0x2, 0x88) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x365f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) rt_sigtimedwait(&(0x7f00000005c0), 0x0, &(0x7f0000000200)={0x0, 0x1c9c380}, 0x8) r0 = getpid() rt_tgsigqueueinfo(r0, r0, 0x16, &(0x7f0000000100)) ptrace(0x10, r0) ptrace$pokeuser(0x6, r0, 0x388, 0xffffffffffffffff) 11:06:34 executing program 5: r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0x0, 0x0) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000340)={0x4, 0x0, &(0x7f0000000300)=[@enter_looper], 0x0, 0x0, 0x0}) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000200)={0x20, 0x0, &(0x7f0000000140)=[@acquire, @free_buffer, @dead_binder_done], 0x6, 0x0, &(0x7f0000000180)="0254a7476a59"}) ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000380)={0x28, 0x0, &(0x7f0000000440)=[@acquire, @request_death, @clear_death], 0x0, 0x0, 0x0}) 11:06:34 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4008ae89, &(0x7f0000000000)={0x7b, 0x0, [0x0, 0x0, 0x277, 0xfffffffffffffffd], [0xc1]}) 11:06:34 executing program 4: socket$inet(0x10, 0x2, 0x0) socketpair$unix(0x1, 0x2, 0x0, 0x0) socket$inet_udplite(0x2, 0x2, 0x88) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x365f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) rt_sigtimedwait(&(0x7f00000005c0), 0x0, &(0x7f0000000200)={0x0, 0x1c9c380}, 0x8) r0 = getpid() rt_tgsigqueueinfo(r0, r0, 0x16, &(0x7f0000000100)) ptrace(0x10, r0) ptrace$pokeuser(0x6, r0, 0x388, 0xffffffffffffffff) 11:06:35 executing program 1: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0xf, 0x4, 0x4, 0x9}, 0x11) bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000300)={r0, &(0x7f00000002c0)="b8"}, 0x10) 11:06:35 executing program 0: socket$inet(0x10, 0x2, 0x0) socketpair$unix(0x1, 0x2, 0x0, 0x0) socket$inet_udplite(0x2, 0x2, 0x88) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x365f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) rt_sigtimedwait(&(0x7f00000005c0), 0x0, &(0x7f0000000200)={0x0, 0x1c9c380}, 0x8) r0 = getpid() rt_tgsigqueueinfo(r0, r0, 0x16, &(0x7f0000000100)) ptrace(0x10, r0) ptrace$pokeuser(0x6, r0, 0x388, 0xffffffffffffffff) [ 356.816134][ C0] watchdog: BUG: soft lockup - CPU#0 stuck for 123s! [swapper/0:0] [ 356.824128][ C0] Modules linked in: [ 356.828045][ C0] irq event stamp: 83866 [ 356.832415][ C0] hardirqs last enabled at (83865): [] tick_nohz_idle_exit+0x181/0x2e0 [ 356.842350][ C0] hardirqs last disabled at (83866): [] __schedule+0x1dd/0x15b0 [ 356.851550][ C0] softirqs last enabled at (83248): [] __do_softirq+0x6cd/0x98c [ 356.860877][ C0] softirqs last disabled at (83199): [] irq_exit+0x19b/0x1e0 [ 356.870609][ C0] CPU: 0 PID: 0 Comm: swapper/0 Not tainted 5.3.0-rc2-next-20190731 #56 [ 356.878937][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 356.889121][ C0] RIP: 0010:check_memory_region+0x104/0x1a0 [ 356.895021][ C0] Code: 00 eb 0c 49 83 c0 01 4c 89 c8 4d 39 c8 74 10 41 80 38 00 74 ee 4b 8d 44 25 00 4d 85 c0 75 31 49 89 d9 49 29 c1 e9 68 ff ff ff <5b> b8 01 00 00 00 41 5c 41 5d 5d c3 4d 85 c9 74 ef 4d 01 e1 eb 09 [ 356.914626][ C0] RSP: 0018:ffff8880ae809b10 EFLAGS: 00000246 ORIG_RAX: ffffffffffffff13 [ 356.923038][ C0] RAX: ffffed100ca9e41a RBX: ffffed100ca9e41a RCX: ffffffff8158f467 [ 356.931027][ C0] RDX: 0000000000000000 RSI: 0000000000000004 RDI: ffff8880654f20c8 [ 356.938998][ C0] RBP: ffff8880ae809b28 R08: 1ffff1100ca9e419 R09: ffffed100ca9e41a [ 356.946979][ C0] R10: ffffed100ca9e419 R11: ffff8880654f20cb R12: ffffed100ca9e419 [ 356.954949][ C0] R13: 0000000000000003 R14: ffffed100ca9e419 R15: 0000000000000001 [ 356.962921][ C0] FS: 0000000000000000(0000) GS:ffff8880ae800000(0000) knlGS:0000000000000000 [ 356.971845][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 356.978440][ C0] CR2: 0000000020200000 CR3: 00000000885b4000 CR4: 00000000001406f0 [ 356.986418][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 356.994386][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 357.002354][ C0] Call Trace: [ 357.005673][ C0] [ 357.008537][ C0] __kasan_check_read+0x11/0x20 [ 357.013406][ C0] native_queued_spin_lock_slowpath+0xb7/0x9f0 [ 357.019558][ C0] ? __queue_work+0x568/0x1270 [ 357.024324][ C0] ? __pv_queued_spin_lock_slowpath+0xd10/0xd10 [ 357.030575][ C0] ? __kasan_check_read+0x11/0x20 [ 357.035601][ C0] ? mark_held_locks+0xf0/0xf0 [ 357.040413][ C0] ? debug_object_deactivate+0x1d9/0x320 [ 357.046045][ C0] do_raw_spin_lock+0x20e/0x2e0 [ 357.050891][ C0] ? rwlock_bug.part.0+0x90/0x90 [ 357.055821][ C0] ? lock_acquire+0x190/0x410 [ 357.060520][ C0] ? tcp_write_timer+0x2b/0x1e0 [ 357.065406][ C0] _raw_spin_lock+0x37/0x40 [ 357.069912][ C0] ? tcp_write_timer+0x2b/0x1e0 [ 357.074763][ C0] tcp_write_timer+0x2b/0x1e0 [ 357.079442][ C0] call_timer_fn+0x1ac/0x780 [ 357.084031][ C0] ? tcp_write_timer_handler+0x8d0/0x8d0 [ 357.089665][ C0] ? msleep_interruptible+0x150/0x150 [ 357.095053][ C0] ? trace_hardirqs_on+0x67/0x240 [ 357.100072][ C0] ? __kasan_check_read+0x11/0x20 [ 357.105091][ C0] ? tcp_write_timer_handler+0x8d0/0x8d0 [ 357.110728][ C0] ? tcp_write_timer_handler+0x8d0/0x8d0 [ 357.116391][ C0] run_timer_softirq+0x697/0x17a0 [ 357.121777][ C0] ? add_timer+0x930/0x930 [ 357.126207][ C0] ? kvm_clock_read+0x18/0x30 [ 357.130891][ C0] ? kvm_sched_clock_read+0x9/0x20 [ 357.136039][ C0] ? sched_clock+0x2e/0x50 [ 357.140452][ C0] ? sched_clock_cpu+0x1b/0x1b0 [ 357.145303][ C0] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 357.151540][ C0] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 357.157784][ C0] __do_softirq+0x262/0x98c [ 357.162281][ C0] ? sched_clock_cpu+0x1b/0x1b0 [ 357.167216][ C0] irq_exit+0x19b/0x1e0 [ 357.171370][ C0] smp_apic_timer_interrupt+0x1a3/0x610 [ 357.176918][ C0] apic_timer_interrupt+0xf/0x20 [ 357.181842][ C0] [ 357.184776][ C0] RIP: 0010:native_safe_halt+0xe/0x10 [ 357.190144][ C0] Code: 98 a5 6d fa eb 8a 90 90 90 90 90 90 e9 07 00 00 00 0f 00 2d 24 c7 48 00 f4 c3 66 90 e9 07 00 00 00 0f 00 2d 14 c7 48 00 fb f4 90 55 48 89 e5 41 57 41 56 41 55 41 54 53 e8 7e 6d 20 fa e8 c9 [ 357.209760][ C0] RSP: 0018:ffffffff88c07c50 EFLAGS: 00000286 ORIG_RAX: ffffffffffffff13 [ 357.218174][ C0] RAX: 1ffffffff11a5e97 RBX: 0000000000000000 RCX: 1ffffffff134c016 [ 357.226155][ C0] RDX: dffffc0000000000 RSI: ffffffff8177a12e RDI: ffffffff873f65ac [ 357.234156][ C0] RBP: ffffffff88c07c80 R08: ffffffff88c7a1c0 R09: fffffbfff118f439 [ 357.242137][ C0] R10: fffffbfff118f438 R11: ffffffff88c7a1c7 R12: 0000000000000001 [ 357.250106][ C0] R13: ffffffff89609760 R14: 0000000000000000 R15: 0000000000000001 [ 357.258093][ C0] ? trace_hardirqs_on+0x5e/0x240 [ 357.263123][ C0] ? default_idle+0x1c/0x360 [ 357.267799][ C0] ? default_idle+0x4e/0x360 [ 357.272440][ C0] default_enter_idle+0x71/0xf0 [ 357.277295][ C0] cpuidle_enter_state+0xee/0xf70 [ 357.282323][ C0] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 357.288567][ C0] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 357.294812][ C0] cpuidle_enter+0x4f/0xa0 [ 357.299232][ C0] do_idle+0x4bb/0x770 [ 357.303396][ C0] ? arch_cpu_idle_exit+0x80/0x80 [ 357.308892][ C0] cpu_startup_entry+0x1b/0x20 [ 357.313678][ C0] rest_init+0x245/0x37b [ 357.317978][ C0] arch_call_rest_init+0xe/0x1b [ 357.322833][ C0] start_kernel+0x912/0x951 [ 357.327336][ C0] ? mem_encrypt_init+0xb/0xb [ 357.332030][ C0] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 357.338455][ C0] ? x86_family+0x41/0x50 [ 357.342786][ C0] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 357.349057][ C0] x86_64_start_reservations+0x29/0x2b [ 357.354607][ C0] x86_64_start_kernel+0x77/0x7b [ 357.359576][ C0] secondary_startup_64+0xa4/0xb0 [ 357.364618][ C0] Sending NMI from CPU 0 to CPUs 1: [ 357.371140][ C1] INFO: NMI handler (nmi_cpu_backtrace_handler) took too long to run: 1.265 msecs [ 357.371817][ C0] NMI backtrace for cpu 1 [ 357.371824][ C0] CPU: 1 PID: 11822 Comm: syz-executor.2 Not tainted 5.3.0-rc2-next-20190731 #56 [ 357.371831][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 357.371835][ C0] RIP: 0010:check_memory_region+0x115/0x1a0 [ 357.371846][ C0] Code: 38 00 74 ee 4b 8d 44 25 00 4d 85 c0 75 31 49 89 d9 49 29 c1 e9 68 ff ff ff 5b b8 01 00 00 00 41 5c 41 5d 5d c3 4d 85 c9 74 ef <4d> 01 e1 eb 09 48 83 c0 01 4c 39 c8 74 e1 80 38 00 74 f2 eb 8c 4d [ 357.371851][ C0] RSP: 0018:ffff8880ae9091d8 EFLAGS: 00000202 [ 357.371859][ C0] RAX: ffffed100ca9e419 RBX: ffffed100ca9e41a RCX: ffffffff8158f467 [ 357.371864][ C0] RDX: 0000000000000000 RSI: 0000000000000004 RDI: ffff8880654f20c8 [ 357.371869][ C0] RBP: ffff8880ae9091f0 R08: 1ffff1100ca9e419 R09: 0000000000000001 [ 357.371875][ C0] R10: ffffed100ca9e419 R11: ffff8880654f20cb R12: ffffed100ca9e419 [ 357.371880][ C0] R13: 0000000000000003 R14: ffffed100ca9e419 R15: 0000000000000001 [ 357.371886][ C0] FS: 0000555556aa1940(0000) GS:ffff8880ae900000(0000) knlGS:0000000000000000 [ 357.371890][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 357.371895][ C0] CR2: 0000001b2ff27000 CR3: 000000008be29000 CR4: 00000000001406e0 [ 357.371900][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 357.371906][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000600 [ 357.371908][ C0] Call Trace: [ 357.371911][ C0] [ 357.371914][ C0] __kasan_check_read+0x11/0x20 [ 357.371919][ C0] native_queued_spin_lock_slowpath+0xb7/0x9f0 [ 357.371923][ C0] ? __pv_queued_spin_lock_slowpath+0xd10/0xd10 [ 357.371927][ C0] ? mark_held_locks+0xf0/0xf0 [ 357.371930][ C0] do_raw_spin_lock+0x20e/0x2e0 [ 357.371934][ C0] ? rwlock_bug.part.0+0x90/0x90 [ 357.371938][ C0] ? lock_acquire+0x190/0x410 [ 357.371941][ C0] ? release_sock+0x20/0x1c0 [ 357.371945][ C0] ? __kasan_check_read+0x11/0x20 [ 357.371948][ C0] _raw_spin_lock_bh+0x3b/0x50 [ 357.371952][ C0] ? release_sock+0x20/0x1c0 [ 357.371955][ C0] release_sock+0x20/0x1c0 [ 357.371959][ C0] wait_on_pending_writer+0x20f/0x420 [ 357.371962][ C0] ? tls_init+0x560/0x560 [ 357.371966][ C0] ? __kasan_check_read+0x11/0x20 [ 357.371970][ C0] ? prepare_to_wait_exclusive+0x320/0x320 [ 357.371973][ C0] ? lock_downgrade+0x920/0x920 [ 357.371977][ C0] tls_sk_proto_cleanup+0x2c5/0x3e0 [ 357.371981][ C0] ? wait_on_pending_writer+0x420/0x420 [ 357.371984][ C0] ? trace_hardirqs_on+0x67/0x240 [ 357.371988][ C0] ? drain_stock.isra.0+0x1cb/0x240 [ 357.371992][ C0] tls_sk_proto_unhash+0x90/0x3f0 [ 357.371995][ C0] tcp_set_state+0x5b9/0x7d0 [ 357.371999][ C0] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 357.372004][ C0] ? __sk_mem_reduce_allocated+0x1b0/0x560 [ 357.372007][ C0] ? tcp_alloc_md5sig_pool+0x4a0/0x4a0 [ 357.372011][ C0] ? __sk_mem_reclaim+0x55/0x70 [ 357.372015][ C0] ? tcp_write_queue_purge+0x5d8/0x1310 [ 357.372019][ C0] ? lock_downgrade+0x920/0x920 [ 357.372022][ C0] tcp_done+0xe2/0x320 [ 357.372025][ C0] tcp_reset+0x132/0x500 [ 357.372029][ C0] tcp_validate_incoming+0xa2d/0x1660 [ 357.372033][ C0] tcp_rcv_established+0x6b5/0x1e70 [ 357.372037][ C0] ? tcp_data_queue+0x4860/0x4860 [ 357.372040][ C0] tcp_v6_do_rcv+0x41e/0x12c0 [ 357.372044][ C0] tcp_v6_rcv+0x31f1/0x3500 [ 357.372048][ C0] ? tcp_v6_syn_recv_sock+0x2290/0x2290 [ 357.372051][ C0] ? nf_confirm+0x360/0x4d0 [ 357.372055][ C0] ? mark_held_locks+0xf0/0xf0 [ 357.372059][ C0] ip6_protocol_deliver_rcu+0x2fe/0x1660 [ 357.372062][ C0] ip6_input_finish+0x84/0x170 [ 357.372066][ C0] ip6_input+0xe4/0x3f0 [ 357.372069][ C0] ? ip6_input_finish+0x170/0x170 [ 357.372073][ C0] ? __kasan_check_read+0x11/0x20 [ 357.372077][ C0] ? ip6_protocol_deliver_rcu+0x1660/0x1660 [ 357.372080][ C0] ? lock_downgrade+0x920/0x920 [ 357.372085][ C0] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 357.372088][ C0] ip6_rcv_finish+0x1de/0x2f0 [ 357.372091][ C0] ipv6_rcv+0x10e/0x420 [ 357.372095][ C0] ? ip6_rcv_core.isra.0+0x1bb0/0x1bb0 [ 357.372099][ C0] ? lock_downgrade+0x920/0x920 [ 357.372102][ C0] ? lock_downgrade+0x920/0x920 [ 357.372106][ C0] ? ip6_rcv_finish_core.isra.0+0x560/0x560 [ 357.372110][ C0] ? trace_hardirqs_off+0x62/0x240 [ 357.372114][ C0] ? ip6_rcv_core.isra.0+0x1bb0/0x1bb0 [ 357.372119][ C0] __netif_receive_skb_one_core+0x113/0x1a0 [ 357.372123][ C0] ? __netif_receive_skb_core+0x3060/0x3060 [ 357.372127][ C0] ? lock_acquire+0x190/0x410 [ 357.372130][ C0] ? process_backlog+0x195/0x750 [ 357.372134][ C0] __netif_receive_skb+0x2c/0x1d0 [ 357.372138][ C0] process_backlog+0x206/0x750 [ 357.372141][ C0] ? lock_acquire+0x190/0x410 [ 357.372145][ C0] ? clockevents_program_event+0x15a/0x370 [ 357.372149][ C0] net_rx_action+0x508/0x10c0 [ 357.372152][ C0] ? napi_complete_done+0x4b0/0x4b0 [ 357.372156][ C0] ? sched_clock+0x2e/0x50 [ 357.372159][ C0] ? kvm_clock_read+0x18/0x30 [ 357.372163][ C0] ? inet_csk_listen_stop+0x1bc/0x850 [ 357.372167][ C0] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 357.372171][ C0] __do_softirq+0x262/0x98c [ 357.372174][ C0] ? inet_csk_listen_stop+0x1bc/0x850 [ 357.372178][ C0] do_softirq_own_stack+0x2a/0x40 [ 357.372181][ C0] [ 357.372184][ C0] do_softirq.part.0+0x11a/0x170 [ 357.372188][ C0] __local_bh_enable_ip+0x211/0x270 [ 357.372192][ C0] inet_csk_listen_stop+0x1e0/0x850 [ 357.372195][ C0] tcp_close+0xd5b/0x10e0 [ 357.372199][ C0] ? ip_mc_drop_socket+0x211/0x270 [ 357.372202][ C0] ? down_write+0xdf/0x150 [ 357.372206][ C0] inet_release+0xed/0x200 [ 357.372209][ C0] inet6_release+0x53/0x80 [ 357.372212][ C0] __sock_release+0xce/0x280 [ 357.372216][ C0] sock_close+0x1e/0x30 [ 357.372219][ C0] __fput+0x2ff/0x890 [ 357.372222][ C0] ? __sock_release+0x280/0x280 [ 357.372226][ C0] ____fput+0x16/0x20 [ 357.372229][ C0] task_work_run+0x145/0x1c0 [ 357.372233][ C0] exit_to_usermode_loop+0x316/0x380 [ 357.372236][ C0] do_syscall_64+0x65f/0x760 [ 357.372241][ C0] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 357.372244][ C0] RIP: 0033:0x413511 [ 357.372255][ C0] Code: 75 14 b8 03 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 04 1b 00 00 c3 48 83 ec 08 e8 0a fc ff ff 48 89 04 24 b8 03 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 53 fc ff ff 48 89 d0 48 83 c4 08 48 3d 01 [ 357.372259][ C0] RSP: 002b:00007fff434210e0 EFLAGS: 00000293 ORIG_RAX: 0000000000000003 [ 357.372268][ C0] RAX: 0000000000000000 RBX: 0000000000000006 RCX: 0000000000413511 [ 357.372273][ C0] RDX: 0000000000000000 RSI: 00000000000016cb RDI: 0000000000000005 [ 357.372279][ C0] RBP: 0000000000000001 R08: 00000000996116c9 R09: 00000000996116cd [ 357.372284][ C0] R10: 00007fff434211c0 R11: 0000000000000293 R12: 000000000075c9a0 [ 357.372289][ C0] R13: 000000000075c9a0 R14: 0000000000761038 R15: ffffffffffffffff [ 357.372298][ C0] Kernel panic - not syncing: softlockup: hung tasks [ 358.049714][ C0] CPU: 0 PID: 0 Comm: swapper/0 Tainted: G L 5.3.0-rc2-next-20190731 #56 [ 358.059529][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 358.069601][ C0] Call Trace: [ 358.072892][ C0] [ 358.075771][ C0] dump_stack+0x172/0x1f0 [ 358.080106][ C0] panic+0x2dc/0x755 [ 358.084005][ C0] ? add_taint.cold+0x16/0x16 [ 358.088687][ C0] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 358.094410][ C0] ? printk_safe_flush+0xf2/0x140 [ 358.099433][ C0] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 358.105680][ C0] ? watchdog_timer_fn.cold+0x5/0x2b [ 358.110972][ C0] ? watchdog_timer_fn+0x56e/0x5c0 [ 358.116087][ C0] watchdog_timer_fn.cold+0x16/0x2b [ 358.121292][ C0] __hrtimer_run_queues+0x364/0xe40 [ 358.126501][ C0] ? lockup_detector_update_enable+0xa0/0xa0 [ 358.132703][ C0] ? hrtimer_start_range_ns+0xcb0/0xcb0 [ 358.138256][ C0] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 358.144097][ C0] ? ktime_get_update_offsets_now+0x2d3/0x440 [ 358.150173][ C0] hrtimer_interrupt+0x314/0x770 [ 358.155125][ C0] smp_apic_timer_interrupt+0x160/0x610 [ 358.160771][ C0] apic_timer_interrupt+0xf/0x20 [ 358.165713][ C0] RIP: 0010:check_memory_region+0x104/0x1a0 [ 358.171605][ C0] Code: 00 eb 0c 49 83 c0 01 4c 89 c8 4d 39 c8 74 10 41 80 38 00 74 ee 4b 8d 44 25 00 4d 85 c0 75 31 49 89 d9 49 29 c1 e9 68 ff ff ff <5b> b8 01 00 00 00 41 5c 41 5d 5d c3 4d 85 c9 74 ef 4d 01 e1 eb 09 [ 358.191209][ C0] RSP: 0018:ffff8880ae809b10 EFLAGS: 00000246 ORIG_RAX: ffffffffffffff13 [ 358.199623][ C0] RAX: ffffed100ca9e41a RBX: ffffed100ca9e41a RCX: ffffffff8158f467 [ 358.207602][ C0] RDX: 0000000000000000 RSI: 0000000000000004 RDI: ffff8880654f20c8 [ 358.215688][ C0] RBP: ffff8880ae809b28 R08: 1ffff1100ca9e419 R09: ffffed100ca9e41a [ 358.224205][ C0] R10: ffffed100ca9e419 R11: ffff8880654f20cb R12: ffffed100ca9e419 [ 358.232479][ C0] R13: 0000000000000003 R14: ffffed100ca9e419 R15: 0000000000000001 [ 358.240558][ C0] ? apic_timer_interrupt+0xa/0x20 [ 358.246098][ C0] ? native_queued_spin_lock_slowpath+0xb7/0x9f0 [ 358.253145][ C0] __kasan_check_read+0x11/0x20 [ 358.259164][ C0] native_queued_spin_lock_slowpath+0xb7/0x9f0 [ 358.265601][ C0] ? __queue_work+0x568/0x1270 [ 358.270437][ C0] ? __pv_queued_spin_lock_slowpath+0xd10/0xd10 [ 358.279301][ C0] ? __kasan_check_read+0x11/0x20 [ 358.284448][ C0] ? mark_held_locks+0xf0/0xf0 [ 358.289408][ C0] ? debug_object_deactivate+0x1d9/0x320 [ 358.295136][ C0] do_raw_spin_lock+0x20e/0x2e0 [ 358.299995][ C0] ? rwlock_bug.part.0+0x90/0x90 [ 358.304963][ C0] ? lock_acquire+0x190/0x410 [ 358.312833][ C0] ? tcp_write_timer+0x2b/0x1e0 [ 358.318225][ C0] _raw_spin_lock+0x37/0x40 [ 358.323004][ C0] ? tcp_write_timer+0x2b/0x1e0 [ 358.327858][ C0] tcp_write_timer+0x2b/0x1e0 [ 358.332634][ C0] call_timer_fn+0x1ac/0x780 [ 358.338635][ C0] ? tcp_write_timer_handler+0x8d0/0x8d0 [ 358.345137][ C0] ? msleep_interruptible+0x150/0x150 [ 358.351052][ C0] ? trace_hardirqs_on+0x67/0x240 [ 358.356869][ C0] ? __kasan_check_read+0x11/0x20 [ 358.361989][ C0] ? tcp_write_timer_handler+0x8d0/0x8d0 [ 358.367998][ C0] ? tcp_write_timer_handler+0x8d0/0x8d0 [ 358.373638][ C0] run_timer_softirq+0x697/0x17a0 [ 358.378672][ C0] ? add_timer+0x930/0x930 [ 358.383111][ C0] ? kvm_clock_read+0x18/0x30 [ 358.387796][ C0] ? kvm_sched_clock_read+0x9/0x20 [ 358.393006][ C0] ? sched_clock+0x2e/0x50 [ 358.397436][ C0] ? sched_clock_cpu+0x1b/0x1b0 [ 358.402289][ C0] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 358.408626][ C0] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 358.414880][ C0] __do_softirq+0x262/0x98c [ 358.419868][ C0] ? sched_clock_cpu+0x1b/0x1b0 [ 358.424746][ C0] irq_exit+0x19b/0x1e0 [ 358.429109][ C0] smp_apic_timer_interrupt+0x1a3/0x610 [ 358.434771][ C0] apic_timer_interrupt+0xf/0x20 [ 358.439711][ C0] [ 358.442667][ C0] RIP: 0010:native_safe_halt+0xe/0x10 [ 358.448139][ C0] Code: 98 a5 6d fa eb 8a 90 90 90 90 90 90 e9 07 00 00 00 0f 00 2d 24 c7 48 00 f4 c3 66 90 e9 07 00 00 00 0f 00 2d 14 c7 48 00 fb f4 90 55 48 89 e5 41 57 41 56 41 55 41 54 53 e8 7e 6d 20 fa e8 c9 [ 358.467749][ C0] RSP: 0018:ffffffff88c07c50 EFLAGS: 00000286 ORIG_RAX: ffffffffffffff13 [ 358.476200][ C0] RAX: 1ffffffff11a5e97 RBX: 0000000000000000 RCX: 1ffffffff134c016 [ 358.484174][ C0] RDX: dffffc0000000000 RSI: ffffffff8177a12e RDI: ffffffff873f65ac [ 358.492166][ C0] RBP: ffffffff88c07c80 R08: ffffffff88c7a1c0 R09: fffffbfff118f439 [ 358.500142][ C0] R10: fffffbfff118f438 R11: ffffffff88c7a1c7 R12: 0000000000000001 [ 358.508114][ C0] R13: ffffffff89609760 R14: 0000000000000000 R15: 0000000000000001 [ 358.516111][ C0] ? trace_hardirqs_on+0x5e/0x240 [ 358.521137][ C0] ? default_idle+0x1c/0x360 [ 358.525730][ C0] ? default_idle+0x4e/0x360 [ 358.530425][ C0] default_enter_idle+0x71/0xf0 [ 358.535714][ C0] cpuidle_enter_state+0xee/0xf70 [ 358.543907][ C0] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 358.550155][ C0] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 358.556498][ C0] cpuidle_enter+0x4f/0xa0 [ 358.560929][ C0] do_idle+0x4bb/0x770 [ 358.565541][ C0] ? arch_cpu_idle_exit+0x80/0x80 [ 358.570577][ C0] cpu_startup_entry+0x1b/0x20 [ 358.575344][ C0] rest_init+0x245/0x37b [ 358.580218][ C0] arch_call_rest_init+0xe/0x1b [ 358.585159][ C0] start_kernel+0x912/0x951 [ 358.589666][ C0] ? mem_encrypt_init+0xb/0xb [ 358.594348][ C0] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 358.600591][ C0] ? x86_family+0x41/0x50 [ 358.604923][ C0] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 358.611172][ C0] x86_64_start_reservations+0x29/0x2b [ 358.616633][ C0] x86_64_start_kernel+0x77/0x7b [ 358.621577][ C0] secondary_startup_64+0xa4/0xb0 [ 358.627868][ C0] Kernel Offset: disabled [ 358.632215][ C0] Rebooting in 86400 seconds..