bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) write$P9_ROPEN(r0, &(0x7f0000000280)={0x18, 0x71, 0x0, {{0x0, 0x0, 0xffffffffffffffff}}}, 0x18) 16:48:16 executing program 4: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r1 = fcntl$dupfd(r0, 0x0, r0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r3 = fcntl$dupfd(r2, 0x0, r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$KVM_GET_PIT(r3, 0xc048ae65, &(0x7f0000000000)) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r4 = socket$nl_generic(0x10, 0x3, 0x10) perf_event_open(&(0x7f0000000200)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r5 = perf_event_open(&(0x7f0000000000)={0x2, 0x70, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r6 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') dup3(r6, r5, 0x0) r7 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/backup_only\x00', 0x2, 0x0) r8 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ubi_ctrl\x00', 0x0, 0x0) ioctl$ASHMEM_GET_SIZE(r8, 0x40186f40, 0x76006e) ioctl$DRM_IOCTL_ADD_CTX(0xffffffffffffffff, 0xc0086420, &(0x7f0000000080)={0x0}) ioctl$DRM_IOCTL_LOCK(r8, 0x4008642a, &(0x7f00000000c0)={r9, 0xc}) ioctl$DRM_IOCTL_RM_CTX(r7, 0xc0086421, &(0x7f00000000c0)={r9, 0x1}) ioctl$DRM_IOCTL_RM_CTX(r6, 0xc0086421, &(0x7f0000000080)={r9, 0x1}) sendmsg$ETHTOOL_MSG_STRSET_GET(r4, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000740)={&(0x7f00000000c0)={0x28, 0x0, 0x703, 0x0, 0x0, {}, [@ETHTOOL_A_STRSET_HEADER={0x4}, @ETHTOOL_A_STRSET_STRINGSETS={0x10, 0x2, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x3}]}]}]}, 0x28}}, 0x0) 16:48:16 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = perf_event_open(&(0x7f000001d000)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={0x0, 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000200)={0x1, 0x70, 0x0, 0xfc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, @perf_bp={0x0}, 0x2200, 0x0, 0x9}, 0x0, 0x0, r2, 0x0) r3 = perf_event_open(&(0x7f0000000000)={0x2, 0x70, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r2, 0x0) r4 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') r5 = dup3(r4, r3, 0x0) r6 = perf_event_open(&(0x7f000001d000)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={0x0, 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000200)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r6, 0x0) perf_event_open(&(0x7f0000000000)={0x2, 0x70, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r6, 0x0) r7 = fcntl$dupfd(r6, 0x0, r5) ioctl$EVIOCGNAME(r7, 0x80404506, &(0x7f0000000280)=""/153) ioctl$VIDIOC_G_EXT_CTRLS(r4, 0xc0205647, &(0x7f0000000140)={0x9e0000, 0x0, 0x4, r1, 0x0, &(0x7f0000000100)={0xa20929, 0xfffff156, [], @p_u32=&(0x7f0000000000)=0x5bcd}}) ioctl$PPPIOCCONNECT(r8, 0x4004743a, &(0x7f0000000180)=0x4) r9 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r9, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff0000631658852a1581cd10c727000600007f000600efe3b3dc69cfce0819ee00000100000000"]) r10 = perf_event_open(&(0x7f000001d000)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={0x0, 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000200)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r10, 0x0) perf_event_open(&(0x7f0000000000)={0x2, 0x70, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r10, 0x0) ioctl$KVM_SET_MSRS(r9, 0xc008ae88, &(0x7f0000000040)=ANY=[]) 16:48:16 executing program 5: open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) write$P9_ROPEN(r0, &(0x7f0000000280)={0x18}, 0x18) [ 607.463239][T14113] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 607.477041][T14113] attempt to access beyond end of device [ 607.483870][T14113] loop5: rw=2049, want=6434, limit=52 [ 607.499138][T14126] attempt to access beyond end of device [ 607.505034][T14126] loop5: rw=0, want=6434, limit=52 16:48:16 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x483, 0x0, 0xd000000}]}) 16:48:16 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {0x0, 0x400300}, 0x2}}}, 0xf8}}, 0x0) [ 607.535270][ T7238] minix_free_inode: bit 1 already cleared 16:48:16 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x482, 0x0, 0xa000000}]}) 16:48:16 executing program 4: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000440)='ethtool\x00') sendmsg$ETHTOOL_MSG_STRSET_GET(r2, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)={0x28, r3, 0x703, 0x0, 0x0, {}, [@ETHTOOL_A_STRSET_HEADER={0x4}, @ETHTOOL_A_STRSET_STRINGSETS={0x10, 0x2, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x3}]}]}]}, 0x28}}, 0x0) 16:48:16 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000efaa"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0xc1}]}) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_DEL(r3, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x1c, 0xa, 0x6, 0x101, 0x0, 0x0, {0x2}, [@IPSET_ATTR_LINENO={0x8, 0x9, 0x1, 0x0, 0xffff}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000}, 0x8000) 16:48:16 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x483, 0x0, 0xe000000}]}) [ 607.704534][T14151] MINIX-fs: mounting unchecked file system, running fsck is recommended 16:48:16 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {0x0, 0x1000000}, 0x2}}}, 0xf8}}, 0x0) [ 607.763472][T14151] attempt to access beyond end of device 16:48:16 executing program 4: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000440)='ethtool\x00') ioctl$DRM_IOCTL_MODE_SETCRTC(0xffffffffffffffff, 0xc06864a2, &(0x7f0000000040)={&(0x7f0000000000)=[0xf5, 0x8, 0x3, 0x7ff], 0x4, 0x9, 0x445fcb9, 0x9, 0x0, 0xffffffff, 0xfaf, {0x1, 0x800, 0x1, 0x6, 0x9, 0x7, 0x9, 0x6, 0x8, 0x4, 0x200, 0x8, 0x1, 0x4, "38cbab6fa0f1ba551923d398bf4ec9014ab0b4fa93429b51adfa3faf08322797"}}) sendmsg$ETHTOOL_MSG_STRSET_GET(r2, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000740)={&(0x7f00000000c0)={0x28, r3, 0x703, 0x0, 0x0, {}, [@ETHTOOL_A_STRSET_HEADER={0x4}, @ETHTOOL_A_STRSET_STRINGSETS={0x10, 0x2, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x3}]}]}]}, 0x28}}, 0x0) [ 607.839833][T14151] loop5: rw=2049, want=6434, limit=52 16:48:16 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x482, 0x0, 0xb000000}]}) 16:48:16 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000001c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef041505c005061871abe7cc62b95079843cb6f183a6b27e753982983004da8cd5abacfd62e0346b4ea81fd08288cef8cd01faaa7e7233f561f968827a1b1006b46ee78f47a1963e3ac3f65c2c019166af0800000000000000d20faadcc2012de9060dff89e6436e19c3d3d87b802fef10ab0e93829fdf84680a1ed94ce980917404e4b7916f1b2439dc1a7afdef417570c4f968971302982dbb1200e5fc94e486b63936f4e0000000000000"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)=ANY=[@ANYBLOB="010000000000c10000000000000000004000000000000000"]) 16:48:16 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {0x0, 0x2000000}, 0x2}}}, 0xf8}}, 0x0) [ 607.896726][T14188] attempt to access beyond end of device [ 607.939862][T14188] loop5: rw=0, want=6434, limit=52 16:48:16 executing program 5: open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) write$P9_ROPEN(r0, &(0x7f0000000280)={0x18, 0x71, 0x0, {{}, 0x2}}, 0x18) 16:48:16 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x483, 0x0, 0x10000000}]}) 16:48:16 executing program 0: r0 = syz_open_dev$media(&(0x7f0000000000)='/dev/media#\x00', 0x0, 0x654a80) ioctl$TIOCNXCL(r0, 0x540d) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r3, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000efaa"]) ioctl$KVM_SET_MSRS(r3, 0xc008ae88, &(0x7f0000000040)=ANY=[@ANYBLOB="ff03000000000000ed000000000000000000"]) 16:48:16 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {0x0, 0x3000000}, 0x2}}}, 0xf8}}, 0x0) [ 608.078893][ T7238] minix_free_inode: bit 1 already cleared 16:48:16 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {0x0, 0x4000000}, 0x2}}}, 0xf8}}, 0x0) 16:48:16 executing program 0: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000440)='ethtool\x00') ioctl$VIDIOC_QUERY_DV_TIMINGS(0xffffffffffffffff, 0x80845663, &(0x7f0000000480)) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r5, 0x8933, &(0x7f0000000000)={'batadv0\x00', 0x0}) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r8 = fcntl$dupfd(r7, 0x0, r7) ioctl$PERF_EVENT_IOC_ENABLE(r8, 0x8912, 0x400200) r9 = socket$nl_generic(0x10, 0x3, 0x10) r10 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000140)='l2tp\x00') sendmsg$L2TP_CMD_TUNNEL_CREATE(r9, &(0x7f0000000240)={0x0, 0xffffffff, &(0x7f0000000200)={&(0x7f0000001180)={0x5c, r10, 0x917, 0x0, 0x0, {}, [@L2TP_ATTR_PROTO_VERSION={0x5}, @L2TP_ATTR_CONN_ID={0x8}, @L2TP_ATTR_IP6_DADDR={0x14, 0x20, @mcast2={0xfc}}, @L2TP_ATTR_PEER_CONN_ID={0x8}, @L2TP_ATTR_ENCAP_TYPE={0x6, 0x2, 0x1}, @L2TP_ATTR_IP6_SADDR={0x14, 0x1f, @empty}]}, 0x5c}}, 0x0) sendmsg$L2TP_CMD_SESSION_DELETE(r8, &(0x7f0000000280)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000240)={&(0x7f0000000180)={0x1c, r10, 0x400, 0x70bd28, 0x25dfdbfc, {}, [@L2TP_ATTR_UDP_ZERO_CSUM6_RX={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x8060}, 0xc0c1) r11 = syz_genetlink_get_family_id$batadv(&(0x7f0000000100)='batadv\x00') sendmsg$BATADV_CMD_SET_MESH(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000340)=ANY=[@ANYBLOB='d\x00\x00\x00', @ANYRES16=r11, @ANYBLOB="010001000000000000000f0000000500300001000000060028000000000008003900d709000005002f000000000005002f000000000008000b000000000008003c000002000005002f00f0ffff0005002e000100000008000300", @ANYRES32=r6], 0x64}}, 0x0) sendmsg$BATADV_CMD_SET_VLAN(r1, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x1c, r11, 0x4, 0x70bd29, 0x25dfdbfd, {}, [@BATADV_ATTR_THROUGHPUT_OVERRIDE={0x8, 0x3b, 0x1}]}, 0x1c}, 0x1, 0x0, 0x0, 0x50}, 0x8000) sendmsg$ETHTOOL_MSG_STRSET_GET(r2, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000740)={&(0x7f00000000c0)={0x28, r3, 0x703, 0x0, 0x0, {}, [@ETHTOOL_A_STRSET_HEADER={0x4}, @ETHTOOL_A_STRSET_STRINGSETS={0x10, 0x2, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x3}]}]}]}, 0x28}}, 0x0) 16:48:16 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x482, 0x0, 0xc000000}]}) [ 608.277054][T14248] MINIX-fs: mounting unchecked file system, running fsck is recommended 16:48:17 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x483, 0x0, 0x11000000}]}) 16:48:17 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {0x0, 0x9000000}, 0x2}}}, 0xf8}}, 0x0) [ 608.351971][T14260] attempt to access beyond end of device 16:48:17 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x489}]}) [ 608.461922][T14260] loop5: rw=2049, want=6434, limit=52 [ 608.495614][T14260] attempt to access beyond end of device 16:48:17 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {0x0, 0xa000000}, 0x2}}}, 0xf8}}, 0x0) [ 608.537938][T14260] loop5: rw=0, want=6434, limit=52 16:48:17 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x483, 0x0, 0x12000000}]}) 16:48:17 executing program 5: open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) write$P9_ROPEN(r0, &(0x7f0000000280)={0x18, 0x71, 0x0, {{}, 0x3}}, 0x18) 16:48:17 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x482, 0x0, 0xd000000}]}) 16:48:17 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x488}]}) 16:48:17 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {0x0, 0xf000000}, 0x2}}}, 0xf8}}, 0x0) [ 608.679540][ T7238] minix_free_inode: bit 1 already cleared 16:48:17 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x483, 0x0, 0x25000000}]}) 16:48:17 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x482, 0x0, 0xe000000}]}) 16:48:17 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x488}]}) [ 608.872608][T14315] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 608.922338][T14315] attempt to access beyond end of device [ 608.928018][T14315] loop5: rw=2049, want=6434, limit=52 16:48:17 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x483, 0x0, 0x5c000000}]}) [ 609.049550][T14342] attempt to access beyond end of device [ 609.086280][T14342] loop5: rw=0, want=6434, limit=52 16:48:17 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x488}]}) [ 609.115073][ T27] kauditd_printk_skb: 9 callbacks suppressed [ 609.115080][ T27] audit: type=1800 audit(1591289297.729:1238): pid=14342 uid=0 auid=0 ses=4 subj=_ op=collect_data cause=failed comm="syz-executor.5" name="/" dev="loop5" ino=1 res=0 16:48:17 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x482, 0x0, 0x10000000}]}) 16:48:17 executing program 5: open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) write$P9_ROPEN(r0, &(0x7f0000000280)={0x18, 0x71, 0x0, {{}, 0x4}}, 0x18) [ 609.213181][ T7238] minix_free_inode: bit 1 already cleared 16:48:17 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x483, 0x0, 0xffff8000}]}) 16:48:17 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {0x0, 0x3b040000}, 0x2}}}, 0xf8}}, 0x0) 16:48:17 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x488}]}) [ 609.379947][ T27] audit: type=1800 audit(1591289297.989:1239): pid=14379 uid=0 auid=0 ses=4 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.5" name="file0" dev="sda1" ino=16341 res=0 16:48:18 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x482, 0x0, 0x11000000}]}) 16:48:18 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {0x0, 0x60000000}, 0x2}}}, 0xf8}}, 0x0) [ 609.421716][T14388] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 609.482592][T14379] attempt to access beyond end of device [ 609.488626][T14379] loop5: rw=2049, want=6434, limit=52 16:48:18 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x483, 0x0, 0x80ffff00000000}]}) 16:48:18 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x488}]}) [ 609.564965][T14379] buffer_io_error: 8 callbacks suppressed [ 609.564975][T14379] Buffer I/O error on dev loop5, logical block 3216, lost async page write [ 609.631612][T14388] attempt to access beyond end of device [ 609.638551][T14388] loop5: rw=0, want=6434, limit=52 16:48:18 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {0x0, 0x9effffff}, 0x2}}}, 0xf8}}, 0x0) [ 609.681405][T14388] Buffer I/O error on dev loop5, logical block 3216, async page read 16:48:18 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x482, 0x0, 0x12000000}]}) 16:48:18 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x483, 0x0, 0x100000000000000}]}) [ 609.735043][ T27] audit: type=1800 audit(1591289298.349:1240): pid=14388 uid=0 auid=0 ses=4 subj=_ op=collect_data cause=failed comm="syz-executor.5" name="/" dev="loop5" ino=1 res=0 16:48:18 executing program 5: open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) write$P9_ROPEN(r0, &(0x7f0000000280)={0x18, 0x71, 0x0, {{}, 0x5}}, 0x18) 16:48:18 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {0x0, 0xefffffff}, 0x2}}}, 0xf8}}, 0x0) [ 609.830872][ T7238] minix_free_inode: bit 1 already cleared 16:48:18 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x488}]}) 16:48:18 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x482, 0x0, 0x25000000}]}) [ 609.976179][ T27] audit: type=1800 audit(1591289298.589:1241): pid=14460 uid=0 auid=0 ses=4 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.5" name="file0" dev="sda1" ino=16248 res=0 16:48:18 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x488}]}) 16:48:18 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x483, 0x0, 0x200000000000000}]}) [ 610.034139][T14460] MINIX-fs: mounting unchecked file system, running fsck is recommended 16:48:18 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {0x0, 0xf0ffffff}, 0x2}}}, 0xf8}}, 0x0) [ 610.111704][T14460] attempt to access beyond end of device [ 610.176020][T14460] loop5: rw=2049, want=6434, limit=52 [ 610.206242][T14460] Buffer I/O error on dev loop5, logical block 3216, lost async page write 16:48:18 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x482, 0x0, 0x3f000000}]}) [ 610.265155][T14471] attempt to access beyond end of device [ 610.273386][T14471] loop5: rw=0, want=6434, limit=52 16:48:18 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x488}]}) 16:48:18 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x483, 0x0, 0x300000000000000}]}) [ 610.326893][T14471] Buffer I/O error on dev loop5, logical block 3216, async page read 16:48:19 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {0x0, 0xfc020000}, 0x2}}}, 0xf8}}, 0x0) [ 610.382675][ T27] audit: type=1800 audit(1591289298.999:1242): pid=14471 uid=0 auid=0 ses=4 subj=_ op=collect_data cause=failed comm="syz-executor.5" name="/" dev="loop5" ino=1 res=0 16:48:19 executing program 5: open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) write$P9_ROPEN(r0, &(0x7f0000000280)={0x18, 0x71, 0x0, {{}, 0x6}}, 0x18) [ 610.430471][ T7238] minix_free_inode: bit 1 already cleared 16:48:19 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x488}]}) 16:48:19 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x482, 0x0, 0x5c000000}]}) 16:48:19 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {0x0, 0xffff0000}, 0x2}}}, 0xf8}}, 0x0) 16:48:19 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x483, 0x0, 0x400000000000000}]}) [ 610.624300][ T27] audit: type=1800 audit(1591289299.239:1243): pid=14529 uid=0 auid=0 ses=4 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.5" name="file0" dev="sda1" ino=16235 res=0 [ 610.633545][T14529] MINIX-fs: mounting unchecked file system, running fsck is recommended 16:48:19 executing program 5: open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) write$P9_ROPEN(r0, &(0x7f0000000280)={0x18, 0x71, 0x0, {{}, 0x7}}, 0x18) 16:48:19 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x482, 0x0, 0xffff8000}]}) 16:48:19 executing program 0: openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r0, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r0, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x488}]}) 16:48:19 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {0x0, 0xffffff7f}, 0x2}}}, 0xf8}}, 0x0) [ 610.863715][ T7238] minix_free_inode: bit 1 already cleared 16:48:19 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x483, 0x0, 0x500000000000000}]}) 16:48:19 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {0x0, 0xffffff9e}, 0x2}}}, 0xf8}}, 0x0) [ 611.010438][ T27] audit: type=1800 audit(1591289299.629:1244): pid=14575 uid=0 auid=0 ses=4 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.5" name="file0" dev="sda1" ino=16380 res=0 16:48:19 executing program 0: openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r0, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r0, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x488}]}) [ 611.068917][T14575] MINIX-fs: mounting unchecked file system, running fsck is recommended 16:48:19 executing program 0: openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r0, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r0, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x488}]}) 16:48:19 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x482, 0x0, 0x80ffff00000000}]}) [ 611.141016][T14590] attempt to access beyond end of device 16:48:19 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {0x0, 0xffffffef}, 0x2}}}, 0xf8}}, 0x0) [ 611.199826][T14590] loop5: rw=2049, want=6434, limit=52 16:48:19 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x483, 0x0, 0x600000000000000}]}) [ 611.259482][T14590] Buffer I/O error on dev loop5, logical block 3216, lost async page write 16:48:19 executing program 0: r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r1, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r1, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x488}]}) [ 611.326038][T14590] attempt to access beyond end of device [ 611.350514][T14590] loop5: rw=0, want=6434, limit=52 [ 611.374845][T14590] Buffer I/O error on dev loop5, logical block 3216, async page read [ 611.411445][ T27] audit: type=1800 audit(1591289300.029:1245): pid=14590 uid=0 auid=0 ses=4 subj=_ op=collect_data cause=failed comm="syz-executor.5" name="/" dev="loop5" ino=1 res=0 16:48:20 executing program 5: open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) write$P9_ROPEN(r0, &(0x7f0000000280)={0x18, 0x71, 0x0, {{}, 0x8}}, 0x18) 16:48:20 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {0x0, 0xfffffff0}, 0x2}}}, 0xf8}}, 0x0) 16:48:20 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x482, 0x0, 0x100000000000000}]}) 16:48:20 executing program 0: r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r1, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r1, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x488}]}) 16:48:20 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x483, 0x0, 0x700000000000000}]}) [ 611.500513][ T7238] minix_free_inode: bit 1 already cleared 16:48:20 executing program 0: r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r1, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r1, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x488}]}) 16:48:20 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2}}}, 0xf8}}, 0x0) 16:48:20 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x482, 0x0, 0x200000000000000}]}) [ 611.697831][ T27] audit: type=1800 audit(1591289300.309:1246): pid=14648 uid=0 auid=0 ses=4 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.5" name="file0" dev="sda1" ino=16186 res=0 [ 611.745595][T14655] MINIX-fs: mounting unchecked file system, running fsck is recommended 16:48:20 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x488}]}) 16:48:20 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x483, 0x0, 0x800000000000000}]}) 16:48:20 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x488}]}) 16:48:20 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {0x0, 0x0, 0x2}, 0x2}}}, 0xf8}}, 0x0) 16:48:20 executing program 5: open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) write$P9_ROPEN(r0, &(0x7f0000000280)={0x18, 0x71, 0x0, {{}, 0x9}}, 0x18) [ 611.993722][ T7238] minix_free_inode: bit 1 already cleared 16:48:20 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x482, 0x0, 0x300000000000000}]}) 16:48:20 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {0x0, 0x0, 0x3}, 0x2}}}, 0xf8}}, 0x0) 16:48:20 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x483, 0x0, 0x900000000000000}]}) 16:48:20 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x488}]}) [ 612.138939][ T27] audit: type=1800 audit(1591289300.749:1247): pid=14701 uid=0 auid=0 ses=4 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.5" name="file0" dev="sda1" ino=16235 res=0 [ 612.177931][T14701] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 612.213070][T14701] attempt to access beyond end of device [ 612.218746][T14701] loop5: rw=2049, want=6434, limit=52 16:48:20 executing program 0: openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r1, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r1, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x488}]}) [ 612.303777][T14701] Buffer I/O error on dev loop5, logical block 3216, lost async page write 16:48:21 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {0x0, 0x0, 0x4}, 0x2}}}, 0xf8}}, 0x0) 16:48:21 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x482, 0x0, 0x400000000000000}]}) [ 612.410560][T14732] attempt to access beyond end of device [ 612.441041][T14732] loop5: rw=0, want=6434, limit=52 16:48:21 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x483, 0x0, 0xa00000000000000}]}) 16:48:21 executing program 0: openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r1, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r1, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x488}]}) [ 612.471793][T14732] Buffer I/O error on dev loop5, logical block 3216, async page read 16:48:21 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {0x0, 0x0, 0x9}, 0x2}}}, 0xf8}}, 0x0) 16:48:21 executing program 5: open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) write$P9_ROPEN(r0, &(0x7f0000000280)={0x18, 0x71, 0x0, {{}, 0xa}}, 0x18) 16:48:21 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x482, 0x0, 0x500000000000000}]}) [ 612.595476][ T7238] minix_free_inode: bit 1 already cleared 16:48:21 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {0x0, 0x0, 0xa}, 0x2}}}, 0xf8}}, 0x0) 16:48:21 executing program 0: openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r1, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r1, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x488}]}) 16:48:21 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x483, 0x0, 0xb00000000000000}]}) [ 612.724158][T14765] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 612.737121][T14765] attempt to access beyond end of device [ 612.743968][T14765] loop5: rw=2049, want=6434, limit=52 [ 612.749467][T14765] Buffer I/O error on dev loop5, logical block 3216, lost async page write 16:48:21 executing program 5: open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) write$P9_ROPEN(r0, &(0x7f0000000280)={0x18, 0x71, 0x0, {{}, 0xb}}, 0x18) [ 612.773271][T14773] attempt to access beyond end of device [ 612.779053][T14773] loop5: rw=0, want=6434, limit=52 [ 612.786558][T14773] Buffer I/O error on dev loop5, logical block 3216, async page read [ 612.842018][ T7238] minix_free_inode: bit 1 already cleared 16:48:21 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {0x0, 0x0, 0xf}, 0x2}}}, 0xf8}}, 0x0) 16:48:21 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x482, 0x0, 0x600000000000000}]}) [ 612.952659][T14790] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 612.980839][T14790] attempt to access beyond end of device [ 612.993409][T14790] loop5: rw=2049, want=6434, limit=52 16:48:21 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r1, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r1, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x488}]}) [ 613.062782][T14796] attempt to access beyond end of device 16:48:21 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x483, 0x0, 0xc00000000000000}]}) [ 613.112022][T14796] loop5: rw=0, want=6434, limit=52 16:48:21 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r1, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r1, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x488}]}) 16:48:21 executing program 5: open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) write$P9_ROPEN(r0, &(0x7f0000000280)={0x18, 0x71, 0x0, {{}, 0xc}}, 0x18) 16:48:21 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {0x0, 0x0, 0x60}, 0x2}}}, 0xf8}}, 0x0) [ 613.191304][ T7238] minix_free_inode: bit 1 already cleared 16:48:21 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x482, 0x0, 0x700000000000000}]}) 16:48:21 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x483, 0x0, 0xd00000000000000}]}) 16:48:21 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r1, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r1, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x488}]}) 16:48:22 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {0x0, 0x0, 0x2fc}, 0x2}}}, 0xf8}}, 0x0) [ 613.420354][T14835] MINIX-fs: mounting unchecked file system, running fsck is recommended 16:48:22 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x483, 0x0, 0xe00000000000000}]}) 16:48:22 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x488}]}) 16:48:22 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {0x0, 0x0, 0x300}, 0x2}}}, 0xf8}}, 0x0) 16:48:22 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x482, 0x0, 0x800000000000000}]}) 16:48:22 executing program 5: open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) write$P9_ROPEN(r0, &(0x7f0000000280)={0x18, 0x71, 0x0, {{}, 0xd}}, 0x18) [ 613.624781][ T7238] minix_free_inode: bit 1 already cleared 16:48:22 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x488}]}) 16:48:22 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {0x0, 0x0, 0x43b}, 0x2}}}, 0xf8}}, 0x0) 16:48:22 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x482, 0x0, 0x900000000000000}]}) 16:48:22 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x483, 0x0, 0x1000000000000000}]}) [ 613.778390][T14893] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 613.821059][T14893] attempt to access beyond end of device [ 613.826723][T14893] loop5: rw=2049, want=6434, limit=52 [ 613.862995][T14902] attempt to access beyond end of device [ 613.868646][T14902] loop5: rw=0, want=6434, limit=52 16:48:22 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x483, 0x0, 0x1100000000000000}]}) 16:48:22 executing program 5: open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) write$P9_ROPEN(r0, &(0x7f0000000280)={0x18, 0x71, 0x0, {{}, 0xe}}, 0x18) 16:48:22 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {0x0, 0x0, 0x900}, 0x2}}}, 0xf8}}, 0x0) 16:48:22 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x482, 0x0, 0xa00000000000000}]}) 16:48:22 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x488}]}) [ 614.025983][ T7238] minix_free_inode: bit 1 already cleared 16:48:22 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {0x0, 0x0, 0xa00}, 0x2}}}, 0xf8}}, 0x0) 16:48:22 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x483, 0x0, 0x1200000000000000}]}) 16:48:22 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, 0x0) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x488}]}) [ 614.193640][ T27] kauditd_printk_skb: 8 callbacks suppressed [ 614.193647][ T27] audit: type=1800 audit(1591289302.809:1256): pid=14950 uid=0 auid=0 ses=4 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.5" name="file0" dev="sda1" ino=16186 res=0 [ 614.233380][T14950] MINIX-fs: mounting unchecked file system, running fsck is recommended 16:48:22 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x482, 0x0, 0xb00000000000000}]}) 16:48:22 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {0x0, 0x0, 0xf00}, 0x2}}}, 0xf8}}, 0x0) 16:48:22 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, 0x0) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x488}]}) [ 614.319527][T14950] attempt to access beyond end of device [ 614.342372][T14950] loop5: rw=2049, want=6434, limit=52 [ 614.378906][T14966] attempt to access beyond end of device [ 614.396916][T14966] loop5: rw=0, want=6434, limit=52 16:48:23 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, 0x0) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x488}]}) [ 614.424216][ T27] audit: type=1800 audit(1591289303.039:1257): pid=14966 uid=0 auid=0 ses=4 subj=_ op=collect_data cause=failed comm="syz-executor.5" name="/" dev="loop5" ino=1 res=0 16:48:23 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x483, 0x0, 0x2500000000000000}]}) 16:48:23 executing program 5: open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) write$P9_ROPEN(r0, &(0x7f0000000280)={0x18, 0x71, 0x0, {{}, 0x10}}, 0x18) 16:48:23 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x482, 0x0, 0xc00000000000000}]}) 16:48:23 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {0x0, 0x0, 0x3b04}, 0x2}}}, 0xf8}}, 0x0) [ 614.531571][ T7238] minix_free_inode: bit 1 already cleared 16:48:23 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x488}]}) 16:48:23 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {0x0, 0x0, 0x6000}, 0x2}}}, 0xf8}}, 0x0) [ 614.654926][ T27] audit: type=1800 audit(1591289303.269:1258): pid=15020 uid=0 auid=0 ses=4 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.5" name="file0" dev="sda1" ino=16286 res=0 16:48:23 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x482, 0x0, 0xd00000000000000}]}) 16:48:23 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x488}]}) [ 614.731014][T15020] MINIX-fs: mounting unchecked file system, running fsck is recommended 16:48:23 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {0x0, 0x0, 0xfc02}, 0x2}}}, 0xf8}}, 0x0) 16:48:23 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x483, 0x0, 0x5c00000000000000}]}) 16:48:23 executing program 5: open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) write$P9_ROPEN(r0, &(0x7f0000000280)={0x18, 0x71, 0x0, {{}, 0x11}}, 0x18) 16:48:23 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x488}]}) 16:48:23 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x482, 0x0, 0xe00000000000000}]}) 16:48:23 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {0x0, 0x0, 0x34000}, 0x2}}}, 0xf8}}, 0x0) [ 614.904414][ T7238] minix_free_inode: bit 1 already cleared 16:48:23 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x483, 0x0, 0xffffffff00000000}]}) 16:48:23 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x488}]}) 16:48:23 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x482, 0x0, 0x1000000000000000}]}) 16:48:23 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {0x0, 0x0, 0x400300}, 0x2}}}, 0xf8}}, 0x0) [ 615.126596][ T27] audit: type=1800 audit(1591289303.739:1259): pid=15089 uid=0 auid=0 ses=4 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.5" name="file0" dev="sda1" ino=16281 res=0 [ 615.171626][T15089] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 615.187513][T15089] attempt to access beyond end of device [ 615.196144][T15089] loop5: rw=2049, want=6434, limit=52 [ 615.208874][T15089] buffer_io_error: 6 callbacks suppressed [ 615.208883][T15089] Buffer I/O error on dev loop5, logical block 3216, lost async page write 16:48:23 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x488}]}) 16:48:23 executing program 5: open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) write$P9_ROPEN(r0, &(0x7f0000000280)={0x18, 0x71, 0x0, {{}, 0x12}}, 0x18) [ 615.247143][T15105] attempt to access beyond end of device [ 615.253212][T15105] loop5: rw=0, want=6434, limit=52 [ 615.258447][T15105] Buffer I/O error on dev loop5, logical block 3216, async page read [ 615.269183][ T27] audit: type=1800 audit(1591289303.889:1260): pid=15105 uid=0 auid=0 ses=4 subj=_ op=collect_data cause=failed comm="syz-executor.5" name="/" dev="loop5" ino=1 res=0 16:48:24 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {0x0, 0x0, 0x1000000}, 0x2}}}, 0xf8}}, 0x0) [ 615.338594][ T7238] minix_free_inode: bit 1 already cleared 16:48:24 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x488}]}) 16:48:24 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) r3 = perf_event_open(&(0x7f000001d000)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={0x0, 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r4 = perf_event_open(&(0x7f0000000200)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r3, 0x0) r5 = perf_event_open(&(0x7f0000000000)={0x2, 0x70, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r3, 0x0) r6 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') dup3(r6, r5, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r8 = fcntl$dupfd(r7, 0x0, r7) ioctl$PERF_EVENT_IOC_ENABLE(r8, 0x8912, 0x400200) r9 = fcntl$dupfd(0xffffffffffffffff, 0x406, r4) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r11 = fcntl$dupfd(r10, 0x0, r10) ioctl$PERF_EVENT_IOC_ENABLE(r11, 0x8912, 0x400200) ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r11, 0xc01064b5, &(0x7f0000000100)={&(0x7f0000000000)=[0x0, 0x0, 0x0, 0x0, 0x0], 0x5}) ioctl$DRM_IOCTL_MODE_GETPLANE(r9, 0xc02064b6, &(0x7f0000000180)={r12, 0x0, 0x0, 0x0, 0x0, 0x7, &(0x7f0000000140)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$FS_IOC_FIEMAP(0xffffffffffffffff, 0xc020660b, &(0x7f0000000380)={0x2, 0x1, 0x6, 0x3, 0x1, [{0x1, 0xac4, 0x0, [], 0x1}]}) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000280)=ANY=[@ANYBLOB="0100000000000000830495eca8aa36411550000000000002bb3b21eb2cd770d00e4e099353948019695c05a5243031178faa8695d2fd9bc2235d6a9e662a8ea233bc916b5579185f8d6f8fa15fc83528d9b67e1034540e950dc6743ca8f1a3b88f2f34530f8fbe7a88f2db509c3d1845b3fe16c1af838dcf45be31e491fb020ad93e38493f057e2676b796d1264055812bd9617bfdf7e6f0a755f3bbb25e3cc1c69c3dea65cadb3dfeb0c512d5b530dbb2c9e893637b36f3a7bfea721e72c1e52dca1554e006279236f8902efee40fe4b08052edadc381cf1765973ee4005ca1030b2e136cb6c9e923ad3cf8bb5fe1"]) 16:48:24 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x482, 0x0, 0x1100000000000000}]}) [ 615.453118][ T27] audit: type=1800 audit(1591289304.069:1261): pid=15126 uid=0 auid=0 ses=4 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.5" name="file0" dev="sda1" ino=16255 res=0 [ 615.492610][T15126] MINIX-fs: mounting unchecked file system, running fsck is recommended 16:48:24 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {0x0, 0x0, 0x2000000}, 0x2}}}, 0xf8}}, 0x0) [ 615.544480][T15126] attempt to access beyond end of device [ 615.561690][T15126] loop5: rw=2049, want=6434, limit=52 [ 615.618101][T15126] Buffer I/O error on dev loop5, logical block 3216, lost async page write 16:48:24 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x488}]}) 16:48:24 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x482, 0x0, 0x1200000000000000}]}) [ 615.692847][T15156] attempt to access beyond end of device [ 615.712157][T15156] loop5: rw=0, want=6434, limit=52 [ 615.744114][T15156] Buffer I/O error on dev loop5, logical block 3216, async page read 16:48:24 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {0x0, 0x0, 0x3000000}, 0x2}}}, 0xf8}}, 0x0) 16:48:24 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) r3 = perf_event_open(&(0x7f000001d000)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={0x0, 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000200)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000000)={0x2, 0x70, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000200)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r3, 0x0) r4 = perf_event_open(&(0x7f0000000000)={0x2, 0x70, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r3, 0x0) r5 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') dup3(r5, r4, 0x0) ioctl$sock_SIOCGIFVLAN_ADD_VLAN_CMD(r5, 0x8982, &(0x7f0000000000)={0x0, 'ipvlan0\x00', {0x1}, 0x1}) r6 = perf_event_open(&(0x7f000001d000)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={0x0, 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000200)={0x1, 0x70, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r6, 0x0) r7 = perf_event_open(&(0x7f0000000000)={0x2, 0x70, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r6, 0x0) r8 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') dup3(r8, r7, 0x0) ioctl$VIDIOC_G_PRIORITY(r8, 0x80045643, 0x2) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)=ANY=[@ANYBLOB="01ff00000000000000"]) [ 615.787468][ T27] audit: type=1800 audit(1591289304.399:1262): pid=15156 uid=0 auid=0 ses=4 subj=_ op=collect_data cause=failed comm="syz-executor.5" name="/" dev="loop5" ino=1 res=0 16:48:24 executing program 5: open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) write$P9_ROPEN(r0, &(0x7f0000000280)={0x18, 0x71, 0x0, {{}, 0x17}}, 0x18) 16:48:24 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x488}]}) [ 615.845731][ T7238] minix_free_inode: bit 1 already cleared 16:48:24 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x482, 0x0, 0x2500000000000000}]}) 16:48:24 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {0x0, 0x0, 0x4000000}, 0x2}}}, 0xf8}}, 0x0) [ 615.988737][ T27] audit: type=1800 audit(1591289304.599:1263): pid=15192 uid=0 auid=0 ses=4 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.5" name="file0" dev="sda1" ino=15842 res=0 [ 616.014914][T15192] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 616.057299][T15192] attempt to access beyond end of device [ 616.069823][T15192] loop5: rw=2049, want=6434, limit=52 [ 616.079431][T15192] Buffer I/O error on dev loop5, logical block 3216, lost async page write [ 616.094712][T15206] attempt to access beyond end of device [ 616.101002][T15206] loop5: rw=0, want=6434, limit=52 16:48:24 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x488}]}) [ 616.106483][T15206] Buffer I/O error on dev loop5, logical block 3216, async page read 16:48:24 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r2 = fcntl$dupfd(r1, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$NFT_MSG_GETRULE(r2, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)=ANY=[@ANYBLOB="28000000070a014400000000000000000500000408000940000000020900010073797a3000000000"], 0x28}, 0x1, 0x0, 0x0, 0x40480c0}, 0x400c000) r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r4, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) r5 = syz_open_dev$tty20(0xc, 0x4, 0x1) ioctl$VT_RELDISP(r5, 0x5605) ioctl$KVM_SET_MSRS(r4, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x483}]}) [ 616.155049][ T27] audit: type=1800 audit(1591289304.729:1264): pid=15206 uid=0 auid=0 ses=4 subj=_ op=collect_data cause=failed comm="syz-executor.5" name="/" dev="loop5" ino=1 res=0 16:48:24 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x482, 0x0, 0x3f00000000000000}]}) 16:48:24 executing program 5: open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) write$P9_ROPEN(r0, &(0x7f0000000280)={0x18, 0x71, 0x0, {{}, 0x18}}, 0x18) 16:48:24 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {0x0, 0x0, 0x9000000}, 0x2}}}, 0xf8}}, 0x0) 16:48:24 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee00000100"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x488}]}) [ 616.293028][ T7238] minix_free_inode: bit 1 already cleared 16:48:25 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x482, 0x0, 0x5c00000000000000}]}) [ 616.427073][ T27] audit: type=1800 audit(1591289305.039:1265): pid=15245 uid=0 auid=0 ses=4 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.5" name="file0" dev="sda1" ino=16186 res=0 [ 616.462877][T15245] MINIX-fs: mounting unchecked file system, running fsck is recommended 16:48:25 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {0x0, 0x0, 0xa000000}, 0x2}}}, 0xf8}}, 0x0) 16:48:25 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[]) r3 = perf_event_open(&(0x7f000001d000)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={0x0, 0x1}, 0x0, 0xffffffffffffffff}, 0x0, 0x3, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000200)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r3, 0x0) r4 = perf_event_open(&(0x7f0000000000)={0x2, 0x70, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, 0x0, 0x0, r3, 0x0) r5 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') r6 = openat$null(0xffffffffffffff9c, &(0x7f0000000a40)='/dev/null\x00', 0x40, 0x0) getsockopt$bt_BT_FLUSHABLE(0xffffffffffffffff, 0x112, 0x8, &(0x7f0000000a80)=0x3, &(0x7f0000000ac0)=0x4) ioctl$MON_IOCT_RING_SIZE(r6, 0x9204, 0x32c3f) dup3(r5, r4, 0x0) getsockopt$TIPC_SOCK_RECVQ_DEPTH(r5, 0x10f, 0x84, &(0x7f00000009c0), &(0x7f0000000a00)=0x4) r7 = perf_event_open(&(0x7f000001d000)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={0x0, 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r8 = perf_event_open(&(0x7f0000000000)={0x2, 0x70, 0x0, 0x1, 0x0, 0xff, 0x0, 0x2000000000000000, 0x804, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000b40), 0x4}, 0x1180, 0x0, 0x10000000, 0x0, 0x40000, 0x0, 0x4}, 0x0, 0x0, r7, 0x0) r9 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') get_mempolicy(&(0x7f0000000180), &(0x7f00000001c0), 0x0, &(0x7f0000ffa000/0x4000)=nil, 0x2) dup3(r9, r8, 0x0) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000b00)=ANY=[@ANYRESOCT]) setsockopt$IP6T_SO_SET_REPLACE(r9, 0x29, 0x40, &(0x7f0000000280)=@mangle={'mangle\x00', 0x1f, 0x6, 0x6b8, 0x0, 0x4f8, 0x118, 0x0, 0x3e0, 0x5e8, 0x5e8, 0x5e8, 0x5e8, 0x5e8, 0x6, &(0x7f00000000c0), {[{{@uncond, 0x0, 0xd0, 0x118, 0x0, {}, [@inet=@rpfilter={{0x28, 'rpfilter\x00'}, {0x9}}]}, @SNPT={0x48, 'SNPT\x00', 0x0, {@ipv6=@empty, @ipv4=@loopback, 0xa, 0x1b, 0x100}}}, {{@uncond, 0x0, 0xd0, 0x1f8, 0x0, {}, [@common=@hl={{0x28, 'hl\x00'}, {0x1, 0x3f}}]}, @common=@unspec=@SECMARK={0x128, 'SECMARK\x00', 0x0, {0x1, 0x3, 'system_u:object_r:logrotate_exec_t:s0\x00'}}}, {{@uncond, 0x0, 0xa8, 0xd0}, @inet=@TOS={0x28, 'TOS\x00', 0x0, {0x3, 0x3f}}}, {{@ipv6={@dev={0xfe, 0x80, [], 0x24}, @local, [0xff000000, 0xff000000, 0x0, 0xffffff00], [0x0, 0xff], 'vlan1\x00', 'ipvlan0\x00', {0xff}, {}, 0x32, 0xdb, 0x6, 0x84}, 0x0, 0xd0, 0x118, 0x0, {}, [@inet=@rpfilter={{0x28, 'rpfilter\x00'}, {0x2}}]}, @SNPT={0x48, 'SNPT\x00', 0x0, {@ipv6=@private0={0xfc, 0x0, [], 0x1}, @ipv4=@initdev={0xac, 0x1e, 0x0, 0x0}, 0x1c, 0x2e}}}, {{@ipv6={@mcast2, @ipv4={[], [], @multicast2}, [0xffffffff, 0xffffffff, 0xffffff00, 0xffffffff], [0xff, 0xffffff00, 0xffffffff, 0xffffff00], 'erspan0\x00', 'veth1_to_hsr\x00', {}, {}, 0x17, 0x6, 0x0, 0x40}, 0x0, 0xa8, 0xf0}, @SNPT={0x48, 'SNPT\x00', 0x0, {@ipv6=@empty, @ipv4=@initdev={0xac, 0x1e, 0x1, 0x0}, 0x33, 0x36, 0x101}}}], {{[], 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x718) [ 616.503308][T15245] attempt to access beyond end of device [ 616.529363][T15245] loop5: rw=2049, want=6434, limit=52 [ 616.553912][T15245] Buffer I/O error on dev loop5, logical block 3216, lost async page write 16:48:25 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee00000100"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x488}]}) 16:48:25 executing program 1: r0 = syz_open_dev$media(&(0x7f0000000000)='/dev/media#\x00', 0xb6, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x3, &(0x7f0000000100)={0xffffffffffffffff}, 0x13f}}, 0x20) write$RDMA_USER_CM_CMD_RESOLVE_IP(r0, &(0x7f0000000180)={0x3, 0x40, 0xfa00, {{0xa, 0x4e23, 0x4, @private1={0xfc, 0x1, [], 0x1}, 0x164}, {0xa, 0x4e24, 0x1, @mcast2}, r1, 0x9}}, 0x48) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r4, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r4, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x482}]}) 16:48:25 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {0x0, 0x0, 0xf000000}, 0x2}}}, 0xf8}}, 0x0) [ 616.670681][T15268] attempt to access beyond end of device [ 616.676342][T15268] loop5: rw=0, want=6434, limit=52 [ 616.693412][T15268] Buffer I/O error on dev loop5, logical block 3216, async page read 16:48:25 executing program 5: open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) write$P9_ROPEN(r0, &(0x7f0000000280)={0x18, 0x71, 0x0, {{}, 0x25}}, 0x18) 16:48:25 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x1a0280, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_GET_DIRTY_LOG(r1, 0x4010ae42, &(0x7f0000000000)={0x10000, 0x0, &(0x7f0000ffc000/0x1000)=nil}) r3 = getpid() sched_setscheduler(r3, 0x5, &(0x7f0000000380)) ptrace$cont(0x9, r3, 0x4, 0x0) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x483}]}) 16:48:25 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee00000100"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x488}]}) [ 616.827380][ T7238] minix_free_inode: bit 1 already cleared 16:48:25 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee00000100000000000000"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x488}]}) 16:48:25 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {0x0, 0x0, 0x3b040000}, 0x2}}}, 0xf8}}, 0x0) [ 616.976760][T15306] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 617.006620][T15306] attempt to access beyond end of device 16:48:25 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x80000, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = perf_event_open(&(0x7f000001d000)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={0x0, 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000200)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4ea, 0xea383, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x4, 0xffffff20}, 0x0, 0x0, r3, 0x0) perf_event_open(&(0x7f0000000000)={0x2, 0x70, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x1, r3, 0x0) r4 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') dup3(r4, 0xffffffffffffffff, 0x0) ioctl$VIDIOC_QUERY_EXT_CTRL(r4, 0xc0e85667, &(0x7f0000001340)={0xc0000000, 0x6, "2a35dfef117fcec56ae27a430f9c3f3656122f750d50d58240e98e6233754cf5", 0x7fffffff, 0x80000001, 0x6, 0x4, 0x9, 0x1, 0x80, 0x9, [0x30, 0x8000, 0x401, 0x3f]}) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f0000000300)=ANY=[@ANYRES16=r3]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x482}]}) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r6 = fcntl$dupfd(r5, 0x0, r5) ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200) ioctl$RTC_RD_TIME(r6, 0x80247009, &(0x7f0000000100)) prctl$PR_SET_DUMPABLE(0x4, 0x1) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r8 = fcntl$dupfd(r7, 0x0, r7) ioctl$PERF_EVENT_IOC_ENABLE(r8, 0x8912, 0x400200) ioctl$DRM_IOCTL_SET_UNIQUE(r8, 0x40106410, &(0x7f00000000c0)={0x1000, &(0x7f0000000340)="b98e192a39202c1cdf0a881b0997b0d8dc98fdef211bbb591831138d3fd6f13ce6cb0b8237dc97ddc7f9a69b87234fff57382b59c43652d5c5500a7583b94720999706ecbd48963eb7f6edf22c2c3a775bdd0ca341fe94a150369adb5425c4b2c3a8168662d56e101c06e1e02eb5d4e10a7f579e00e864590b4f00bdc1d7cc0dacd220742a221cdab08afb74fd5359bbca6a579e91af0a76a441128e4a984c051969263b8abb43430bb4dfbf23959f8e66b22ae2055c4ad23ba9ec77638257a62b114a40fb893c01c8c47ecf5077e7c6e2fc2bc70a52d12cd0fcc5fad098c335bb52fdab384bcb87766545c55841313f66421ff4711321a0aff15081919a4fbc9c4deff4a4955628a53bd887c41664f2ad0fa4c94c0f8557f930ee15ffd7bede9cdd1ad67a807974cb2e36954177a60aeca8f44910d2cef33c356dd33ccc6ee348afaa77ccb33da958533dc4f2426e8555b167007faa55d06c8498d2a74099078ecc62028f9b6c71ef4a5350cc55bdc061c24f2666088220ee4afd932316148e9077ade9325fd3522fbac011e02df68c5454935db50efd08a653c05e168f9bc8d631e059f058aec231a35a325904e4dbc86db16e57fe7ae8659adf4a04ac61ca5161b9e9d1675a8a04aac7d1eddcb4f8263cdae7b2a7045d53b1dbf70dedf543a31cd1a8f9456f566786a428776a6bb27e2247b78b86be89da9b353f1fcefc932a046f968d4722f4aba9e30fac4ed185c5143983d8ddffd39940048ed1a6fb73effdef42efe88efa361489ab38fd8eb446700f0a856d27f39c5151947081efb3e1f0b8fa8bd8328b05481d11915c48d30154751b51d64ac838d64683fabcea28136edca120acc734dbf49fa2695818769f8bbc841e4af585a202d79227bd91a38b6c458702fee54a1995e585b772166bc7bcd0721f853499a33a2f43cb284d90235a4151a64c4db4fe9446ec8a5107f6a5e2d4225784f9fef9cc7eaf571eb7a783dff41444c60e96ef477a0effd98e6c49a9ffbad236c065d9046889a9b9ea60ca47b1050acf82b5e74f26d94a67a9bfaefbbb625804bc13987914efc0c46f841ba55dd272cfcaca3eba5a59d4be5d634654e774f3d7195e9e9721479103f5fc970f54340c14dfc89717105506b96cdd6f1ac4f994c0145ef6fc0f5944fb324a07431b475651f59e58e117a9d6a1c055f500e5290ead78e27d55caaeace118e521f04819b1a7fef003115d0a995eae9737b83829b0a503c065ca0a9e792736b453ba62360497bfc1b3d997190acdc87e4c7fb55559d1f122808669225125565e1b71339d265d2e8cede0ff228539ada3418a5ac1fcfb1db9389766ed2d235896c308e464bec4f6e9494c1c4a0415de186ad3065b1dc6e7fde0edda9d2414681fe4f7923119a688f020991649b6a0463eb55ea4661407d82808a7ad3d69e62f7ff08f55abba06c7edb7f3ac6df3a59f38f2cd13b5d0edb72f641e045f063689afc4ff3eb8db4e621e0866690e2446fc1b3972f707dc11713379730e1d43fbfc10fa40c2be3f04177be49a2487c4afadb16c4ffaa6ce15dad03a8e213678d335eb5a6597727030a2238b606576fd7e67ddfa5a7320f7b17a9830089f2fb194d19e9426fa27113fa039d5ef75429c08dc7c2562c4e8a42c8a5c12046e079bfa81a96f047a412d8c5cf76a9d98fb7e9af957b2908d8574712567623364f9de7061c1111e2b7b6dc330f8aed83acf45469af822808c03afb34999eb21df440795b96985af5a095a03110093c67291103a7f2fdbb56ab2b74d3f2c2a50dce17104306998f6b04ab362bbd7bd4e94378e71dcd561c5b1ad30b405c0b936a2048bab4d2317e7e2577cdf83a676df2c043994a2d258c3b910ee9cb33b2371ef13c80ea7c762ea7801d65ec65982a04c5984ecbaab0cb5a31bc2fb18b0f5f989e44b3334c956ca216d7698df188b95e7f5f5d5367b4041da8b498a8f40bbada8f77af27afeed4e8f8035d77911af405ea5e81e7241b859208fe8259e9636e449ba3ece52e4c040aa1b399acbe23e2aae44a95c5076aa542e89efa66ed94c354c44dc96801a48faaa3f2c72612978c03efd588d0799794948dc21718496c2b977b3f77cfbeeb284b6919a6e75fc72833ae911d01406e93b05b4da4c259187fce8c3b767989ba10f52910fe6da2c0c2a72621a1ea772f4f3b7ad46d01bf46e233cc15be707a0dd46296f71269d4f0cd680a61a69c4b7f61d43ff1e63dc6494517d5019a1b487caeaf5d3b7778cd4d539baa6b30e4c5c2507518c08ae87cf002fdeb63fb46bab3a61615e2189e8cfa3a1677d8aea6c26966a7ff25a2ec8433690f5ed2b7e85fa7b7ffab5d9aba898a724bbcc3d760eb470e4566b91a70af384be5ea1a1e52f6c827b175f9300a182315a6b0d6aec7fbf33bbe77830146b05715f602718de47aadb42c69fba91c9fa3ab2ab4ac243747a75bb1ba1f0a70b923118f0f0922a2b9cc07371591bc1ab5a8538fb13bbd3f92050776d5bbe25cb8801e18ad5e49279830a647c33403743902f20f7675eb0be4b2c2e94c702354d3c60712351d27cdfb990206f257077c9cacca8f38208f6df2a206a49d823bbbf8970eb1a883cd4d3496750269d033064702a06e28d8b98d0903c349dac21f6a3b725b21a2baae378e553d65204eec485441e95676d271c89cc70eb0e9112274aa20545a6f229d70e840e79c2fcd1ded43e2263952e82ce51ddbe358fe9528de7cb09973783dae43e719ee8e62cca57018d93d117e38d5b903b222596da5aacb0967cbb3fb7419eb5d68955295d110f2cf69b585456fd4e5a87ecb6ce102949d284a7e3a9263d3d4262c9043c51786ab9bbd390bed80e056be3f5e003597fb957e13ecff33ae10eb8b960fb92a7f68a0809b2b0263432340924d739ed6cd9af1190c67b65d4fddecb0745d66ec13a645ec6fd9e6f7cdeda165903d8fd9096f50d8c83435ceafe03e492afd7fce34799b8320caad52c5850dabc846c0501e929c1eb6c13c99af42434719f8ec5ac93fb23b0e19714354a52556cd90b8399d50ab9f4685a57c3542fbc66129a5b80b8b076567986ecc05ced8f04a15178e15fae42698f9fb4aecf36551bc8b3084761df62bd04c43deb9127416478ef75efdb512702bd72875698f806ca9d8483b864437b5438e338c9a2adc54c410947838bd953638790457fd58249d507e76ba8bcd2e17aa962afe69d4bf1b2471f6fcdf9835d3d7932315fbe3d72ee5f0d409759203c893baadc5d2661cdeb754774c2bb6290796813d73e1279dfe5679ed8a7fea2a94c4271c62817725940c361785e6845f68fdeed8e01a60976d6cd74321852414f93c47f5618bef72335091c33ba091221ba149680b9bfd2d3e520019f45392db9f10c647a284ab36f60a03456c7e1e038832105e8e7b22a0be68d4830f4109ed5869d5bdc5fba3459dcd15b727e3b7839e742930e28953037f655c8ef7c11c41e6d6f722d3f469fc6914f6560293d0496876f1fefe8ce090d953acbf463b46196459724dfaf7221c577b6ab1596e0aee6819aded662a1b032d3c503051962601875c61cbec74e265f070a96d0be36a49eeb11e1e68acbdbbc909a2d4c3a25fa10f10f9015beba4f799413f6e89b4309b6b9447a621efcdb3757409ea585d2e8582bd1bd69d48d6d01cc9b35af02f1d127512feb98036659d42244ffb2f1c82100ca1f9cc69d0712ed6cb6d0cdb1d2aa228e62b7b9382676b184309bc32945111bd46a3acbb2eec9f7ab1e0e6d79f44abd7f6d7138780716bab5360ef5902c40a735219082c6c2c8840ebe8ad9c6e91e2a59c9fa45db629ec608b4cd3fba18f4ab469118c067796fedbc635acad9a5d3af8b80390c22647b1166201512f32460b5781f84543a3a2376e6a0be64c96e6d55fe9feee833de2f88d711112cce4756055f07869f324f30b4d3253ee565c8a4c9a7157aca8efea34228bb13de329d9861a3af4ecc77b20d3f347f101c278b4cfccd6396e7adb7c11a161897ae4cdebf5eef9c7c4404ccc12778618822305f254bdfbb173c3e56d74308b307dd6cd4d34bd1b4ded2354e570c1b42b4ccac74265f79fc51fb84db79014d7af76827d10f335e393f15e099f46227cca45e7e8bd58a84e74279de2ccdae5e4af7b56b1b9e96fff1339950ea60567d17af6d5ed522cf8523b09228d0389e5183f1a32b0838b1efd8201203d386d3d024e78848cc39aebfdd12d17f3a4c550dbd02a003065fc4bbeffb6157d6d3dbb19a76ddf4d45ce4d67e086c0665460a032fd0b2756743f3f3597c4ea268370c593384906847813e48f316af346387270a9c14baf629e712381a43ba112dc434918e1c3c1b363420d1c29f379b81bfa27a007374d189219193f242455acf7c39d0c22e2e8ffac540f8cd72dfe5b5fe95ed7c66a18490779b12fc7ade8a65b6df4e9f84c5141173be5cb29a689d110ae8a7498eeef2a685176e0a1110b6d4540e14436292ac3188c877d89b5e11bbd14ca2c5712a3066e4015c415116074b2e994a94f9f9a73d43efc6eb8a36ffaabf839b7dcaa0357fd5edef22e94d9a3bbda5552251a275d52bc714a79259397a850b036ce811cd5ae80d19faa8c5c04831f8731c2b7b954ec3de312d2873686e918912c0900609347b92056700ce2ecee955c98d08979c94929cbded9e58b0412e3fc026723ea85cf2c7cf60b37e28a450438a6567ed5fcad972927127661e8c3f2a55a7a010617cebad3f5517da72bff7a64238643de23fdf1f3182db76248957544be2eefd76e60025487e6da52e166ad2bb2b61cc6a29591fb18dc608dc2ea7df9b617db663ac72176eab7f121aab503f67b766b67a3fa2537a05f2bfc778ee6a27acf2ae716b8f7764f41ca02ad3e349ad2ae8a18956b2c4bc737e8f6ddf8e364d527266ce7a8814a3a4bdc08557b6dbc5504a76155cdf4fe9411e6e28133c0a1f4c8a78738408890054bc73f22ddcacd7a8ca669da3e56df55b7486f28df790426ad2979733e5c3d065c6795ec9c50fa1c12deedb2c0401b5b6fa299f666d3ad9ba3133a0d4458275de00a22b3714fe64a8afbb0be20bb2a4e23233b875f95e018d056bf4be8e95628ed37f3cf268f1c5cb8495e4be60c22b47c11d40b9c9fad613ebdaa52632d278add07ede5b96b187cf735644f72448185e2ea208b63e746fcfe558f5513b9239f448d736a162396db79d99ed97cc43da0de21a93da4dcb3fdb2b373f9cd13645bd4b4c8e44b1bf2d56db81a936ac8745d7d302552968d0c614cc6d3201f1c5c0375209f524bedcd6d11886774139e4c63d0d5bd18f3f5d24543f3c1c9a734e5afb51d4427d21514e81df37a9fc4c80629bb2ce2ec37a7e7249d3fbcd81a441ae46727bd1202742243c6479d4db22abae5b9bc6231d4c608c6b62636eb119f4239f0394655d0cc35c2a5ca609cb9b5a290837391cb142186a4cb97c16f4f024ad4ca8f27ce96e6d7a2c099ab9b79dc0c28a023cedcd7c7ab155d28ec96050662a2c16efec290e9288deab876e37c3f0c0170681bf0c9b56d8fa0e1cb337bff4a8ccdd564659f9c8d9d6bd4422cfc3ce04615b666375ccb8e00ec7fe15d9440c99f1e854d98a819003a4180e761ebc02b9203370d6e698fda11b535167aa5cf406b27d0218bffb23fc28e036968c20a253863f2f379c04593d54887b33ea59a78f4650280622cfa7158a0aba7bbfedee544cba194d30e848fe403050a23873b1747f3cdca1120d27a95bea5d51804660b52dd6df5a60577594"}) [ 617.047127][T15306] loop5: rw=2049, want=6434, limit=52 [ 617.102459][T15306] Buffer I/O error on dev loop5, logical block 3216, lost async page write 16:48:25 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee00000100000000000000"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x488}]}) 16:48:25 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {0x0, 0x0, 0x60000000}, 0x2}}}, 0xf8}}, 0x0) [ 617.160211][T15322] attempt to access beyond end of device [ 617.165871][T15322] loop5: rw=0, want=6434, limit=52 [ 617.189804][T15322] Buffer I/O error on dev loop5, logical block 3216, async page read 16:48:25 executing program 5: open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) write$P9_ROPEN(r0, &(0x7f0000000280)={0x18, 0x71, 0x0, {{}, 0x48}}, 0x18) 16:48:25 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r1 = perf_event_open(&(0x7f000001d000)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={0x0, 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/dlm_plock\x00', 0xc1eccbb5aea71e7, 0x0) r3 = perf_event_open(&(0x7f000001d000)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={0x0, 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000200)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r3, 0x0) r4 = perf_event_open(&(0x7f0000000000)={0x2, 0x70, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r3, 0x0) r5 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') dup3(r5, r4, 0x0) clock_gettime(0x0, &(0x7f0000000180)={0x0, 0x0}) ioctl$VIDIOC_QUERYBUF(r2, 0xc0585609, &(0x7f0000000280)={0x10000, 0x3, 0x4, 0x80000, 0x80, {r6, r7/1000+60000}, {0x4, 0x8, 0xfa, 0x6, 0x3, 0xff, "2e11a677"}, 0x4880, 0x3, @offset=0x3f, 0xfffffff7, 0x0, r4}) perf_event_open(&(0x7f0000000200)={0x1, 0x70, 0x0, 0x80, 0x3, 0x0, 0x0, 0x5, 0x90003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x10}, 0x0, 0x0, r8, 0x0) r9 = perf_event_open(&(0x7f0000000000)={0x2, 0x70, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xffffffffffffffff, 0x2}}, 0x0, 0x0, r1, 0x0) r10 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') dup3(r10, r9, 0x0) r11 = ioctl$KVM_CREATE_VCPU(r10, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r11, 0x4008ae8a, &(0x7f0000000100)=ANY=[@ANYBLOB="03bc000400000000000000dc69cfce8819ee000001000093544531e19f000000005edc8cbd00"/49]) ioctl$KVM_SET_MSRS(r11, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x482}]}) [ 617.280205][ T7238] minix_free_inode: bit 1 already cleared 16:48:25 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee00000100000000000000"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x488}]}) 16:48:25 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {0x0, 0x0, 0x9effffff}, 0x2}}}, 0xf8}}, 0x0) 16:48:26 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee00000100"/43]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x488}]}) [ 617.470271][T15347] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 617.527286][T15347] attempt to access beyond end of device [ 617.564818][T15347] loop5: rw=2049, want=6434, limit=52 [ 617.620968][T15367] attempt to access beyond end of device [ 617.626652][T15367] loop5: rw=0, want=6434, limit=52 [ 617.704964][ T7238] minix_free_inode: bit 1 already cleared 16:48:27 executing program 5: open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) write$P9_ROPEN(r0, &(0x7f0000000280)={0x18, 0x71, 0x0, {{}, 0x4c}}, 0x18) 16:48:27 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {0x0, 0x0, 0xefffffff}, 0x2}}}, 0xf8}}, 0x0) 16:48:27 executing program 1: r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r1, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r1, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x482}]}) r2 = perf_event_open(&(0x7f000001d000)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={0x0, 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000200)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r2, 0x0) ioctl$HIDIOCGUSAGE(0xffffffffffffffff, 0xc018480b, &(0x7f0000000080)={0x2, 0x1, 0x101, 0x1f, 0x6, 0x7}) r3 = perf_event_open(&(0x7f0000000000)={0x2, 0x70, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r2, 0x0) r4 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') dup3(r4, r3, 0x0) perf_event_open(&(0x7f0000000200)={0x1, 0x70, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000300), 0x8}, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe}, 0x0, 0x2, 0xffffffffffffffff, 0x0) r5 = perf_event_open(&(0x7f0000000000)={0x2, 0x70, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x10, 0xffffffffffffffff, 0x0) r6 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') dup3(r6, r5, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r8 = fcntl$dupfd(r7, 0x0, r7) ioctl$PERF_EVENT_IOC_ENABLE(r8, 0x8912, 0x400200) write$RDMA_USER_CM_CMD_CREATE_ID(r8, &(0x7f0000000280)={0x0, 0x18, 0xfa00, {0x0, &(0x7f00000001c0)={0xffffffffffffffff}, 0x13f, 0xa}}, 0x20) write$RDMA_USER_CM_CMD_NOTIFY(r6, &(0x7f00000002c0)={0xf, 0x8, 0xfa00, {r9, 0x2}}, 0x10) ioctl$VIDIOC_G_JPEGCOMP(r4, 0x808c563d, &(0x7f0000000100)) 16:48:27 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee00000100"/43]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x488}]}) 16:48:27 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = openat$nvram(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nvram\x00', 0x24c2, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r5 = getpid() sched_setscheduler(r5, 0x5, &(0x7f0000000380)) r6 = perf_event_open(&(0x7f000001d000)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={0x0, 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000200)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r6, 0x0) perf_event_open(&(0x7f0000000000)={0x2, 0x70, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r6, 0x0) perf_event_open(&(0x7f0000000100)={0x4, 0x70, 0x6, 0x5, 0x0, 0x4a, 0x0, 0xd572, 0x84400, 0x8, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0x9}, 0x418, 0x4, 0x7, 0x0, 0x0, 0xd8fe, 0x20}, r5, 0x9, r6, 0x2) r7 = fcntl$dupfd(r4, 0x0, r4) ioctl$PERF_EVENT_IOC_ENABLE(r7, 0x8912, 0x400200) ioctl$KVM_SET_CPUID(r3, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYRESOCT=r7]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)=ANY=[@ANYBLOB="01000000000000e600000000"]) [ 619.349580][ T27] kauditd_printk_skb: 5 callbacks suppressed [ 619.349589][ T27] audit: type=1800 audit(1591289307.959:1271): pid=15403 uid=0 auid=0 ses=4 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.5" name="file0" dev="sda1" ino=16359 res=0 [ 619.394860][T15403] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 619.417743][T15403] attempt to access beyond end of device [ 619.426950][T15403] loop5: rw=2049, want=6434, limit=52 [ 619.438488][T15414] attempt to access beyond end of device [ 619.472084][T15414] loop5: rw=0, want=6434, limit=52 16:48:28 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {0x0, 0x0, 0xf0ffffff}, 0x2}}}, 0xf8}}, 0x0) 16:48:28 executing program 5: open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) write$P9_ROPEN(r0, &(0x7f0000000280)={0x18, 0x71, 0x0, {{}, 0x60}}, 0x18) [ 619.498789][ T7238] minix_free_inode: bit 1 already cleared 16:48:28 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee00000100"/43]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x488}]}) [ 619.576816][ T27] audit: type=1800 audit(1591289308.089:1272): pid=15414 uid=0 auid=0 ses=4 subj=_ op=collect_data cause=failed comm="syz-executor.5" name="/" dev="loop5" ino=1 res=0 [ 619.625074][ T27] audit: type=1800 audit(1591289308.179:1273): pid=15423 uid=0 auid=0 ses=4 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.5" name="file0" dev="sda1" ino=16300 res=0 16:48:28 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {0x0, 0x0, 0xfc020000}, 0x2}}}, 0xf8}}, 0x0) 16:48:28 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = perf_event_open(&(0x7f000001d000)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={0x0, 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000200)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r1, 0x0) r2 = perf_event_open(&(0x7f0000000000)={0x2, 0x70, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r1, 0x0) r3 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') dup3(r3, r2, 0x0) ioctl$VIDIOC_S_FBUF(r3, 0x4030560b, &(0x7f0000000000)={0x0, 0x29, &(0x7f00000000c0)="82aa6b6d69b8c0b925431c975e4be855e99c50a0d44fc189e51869bbd456c93bd8c69fcf3aca1a8bd48f692757d34a5cbed469245847960442956e2dd17781d54a084d557c2600bc2ec1b443325351cb11faa0a9c0971cf1394f8a23bb15bd47e319f344e530af2d08908316def17cbf0d7bfbe9df", {0xd196, 0x7f, 0x39565559, 0x7, 0x200, 0x2, 0x9, 0x1}}) r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0) ioctl$KVM_SET_MSRS(r5, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x482}]}) 16:48:28 executing program 5: open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) write$P9_ROPEN(r0, &(0x7f0000000280)={0x18, 0x71, 0x0, {{}, 0x68}}, 0x18) 16:48:28 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee00000100"/44]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x488}]}) [ 619.847738][ T27] audit: type=1800 audit(1591289308.459:1274): pid=15448 uid=0 auid=0 ses=4 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.5" name="file0" dev="sda1" ino=16312 res=0 16:48:28 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {0x0, 0x0, 0xffff0000}, 0x2}}}, 0xf8}}, 0x0) [ 619.929642][T15454] MINIX-fs: mounting unchecked file system, running fsck is recommended 16:48:28 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee00000100"/44]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x488}]}) 16:48:28 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {0x0, 0x0, 0xffffff7f}, 0x2}}}, 0xf8}}, 0x0) 16:48:28 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) r3 = perf_event_open(&(0x7f000001d000)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={0x0, 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000200)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r3, 0x0) r4 = perf_event_open(&(0x7f0000000000)={0x2, 0x70, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r3, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r6 = fcntl$dupfd(r5, 0x0, r5) ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200) ioctl$sock_SIOCGIFVLAN_SET_VLAN_FLAG_CMD(r6, 0x8982, &(0x7f0000000180)={0x7, 'team_slave_0\x00', {0x2}, 0x7}) r7 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') dup3(r7, r4, 0x0) perf_event_open(&(0x7f0000000200)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0x4}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r8 = perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000280), 0x8}, 0x0, 0x0, 0xf1f, 0x0, 0xf538, 0x3}, 0x0, 0xd, 0xffffffffffffffff, 0x0) r9 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') dup3(r9, r8, 0x0) setsockopt$inet_udp_int(r9, 0x11, 0x65, &(0x7f00000001c0)=0xfffffffc, 0x4) getsockopt$sock_int(r7, 0x1, 0x20, &(0x7f0000000000), &(0x7f0000000100)=0x4) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x482}]}) [ 620.064482][ T7238] minix_free_inode: bit 1 already cleared 16:48:29 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r1 = perf_event_open(&(0x7f000001d000)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={0x0, 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000200)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r1, 0x0) r2 = perf_event_open(&(0x7f0000000000)={0x2, 0x70, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r1, 0x0) r3 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') dup3(r3, r2, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x20800) ioctl$KVM_SET_CPUID(r4, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r4, 0xc008ae88, &(0x7f0000000280)=ANY=[@ANYBLOB="0100000000000000830400000000000000000000000000002ac84ad5be1eced49bedae60929509848e2d4ef2aa5c93a58fea23a2ccd95a46f2312fbf0bf4f810797ae79d87a711d2c3ea68ae1cc4206e7e8ebb178ec2eebd7fe88c95f4dc5f5049236c115b076cfa1db59e7c1fa88dc70d189d21a3c732f9b69ccd74e1149083af00cb0d09"]) 16:48:29 executing program 5: open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) write$P9_ROPEN(r0, &(0x7f0000000280)={0x18, 0x71, 0x0, {{}, 0x6c}}, 0x18) 16:48:29 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee00000100"/44]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x488}]}) 16:48:29 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {0x0, 0x0, 0xffffff9e}, 0x2}}}, 0xf8}}, 0x0) 16:48:29 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = perf_event_open(&(0x7f000001d000)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={0x0, 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000200)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r1, 0x0) r2 = perf_event_open(&(0x7f0000000000)={0x2, 0x70, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r1, 0x0) r3 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') dup3(r3, r2, 0x0) r4 = openat$cgroup_ro(r3, &(0x7f0000000000)='memory.swap.current\x00', 0x0, 0x0) ioctl$KVM_S390_VCPU_FAULT(r4, 0x4008ae52, &(0x7f0000000180)=0x7f) r5 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r6, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) r7 = dup(r5) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_REM(r7, 0x84, 0x65, &(0x7f0000000100)=[@in6={0xa, 0x4e20, 0xd6, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x5}, @in6={0xa, 0x4e21, 0xcb2, @private0, 0x1}, @in={0x2, 0x4e20, @multicast2}], 0x48) ioctl$KVM_SET_MSRS(r6, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x482}]}) [ 620.458019][ T27] audit: type=1800 audit(1591289309.069:1275): pid=15495 uid=0 auid=0 ses=4 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.5" name="file0" dev="sda1" ino=16348 res=0 [ 620.536133][T15501] MINIX-fs: mounting unchecked file system, running fsck is recommended 16:48:29 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {0x0, 0x0, 0xffffffef}, 0x2}}}, 0xf8}}, 0x0) 16:48:29 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x488}]}) [ 620.582094][T15495] attempt to access beyond end of device [ 620.587914][T15495] loop5: rw=2049, want=6434, limit=52 16:48:29 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x488}]}) 16:48:29 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) fcntl$dupfd(r3, 0x0, r3) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f0000000040)=ANY=[@ANYRES16=r3]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000000)=ANY=[@ANYBLOB="01000054000000000000000000000000000000000000dd7784db0000ce3b573b7af8a38eb90c2e09de87bd1fb918a76d56e660bb1245777f5f9e0cf8ee4241"]) 16:48:29 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {0x0, 0x0, 0xfffffff0}, 0x2}}}, 0xf8}}, 0x0) [ 620.671390][T15495] buffer_io_error: 4 callbacks suppressed [ 620.671400][T15495] Buffer I/O error on dev loop5, logical block 3216, lost async page write [ 620.738530][T15501] attempt to access beyond end of device [ 620.749387][T15501] loop5: rw=0, want=6434, limit=52 [ 620.754555][T15501] Buffer I/O error on dev loop5, logical block 3216, async page read [ 620.786078][ T27] audit: type=1800 audit(1591289309.399:1276): pid=15501 uid=0 auid=0 ses=4 subj=_ op=collect_data cause=failed comm="syz-executor.5" name="/" dev="loop5" ino=1 res=0 16:48:29 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) r2 = fcntl$dupfd(r1, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x8) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r5 = fcntl$dupfd(r4, 0x0, r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) r6 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_EVENTS(r6, 0x84, 0xb, &(0x7f0000000040)={0x0, 0x3}, 0xe) shutdown(r6, 0x0) mmap$binder(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x1, 0x11, r5, 0x5b) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r6, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x10, &(0x7f00000002c0)=[@in={0x2, 0x0, @local}]}, &(0x7f0000000180)=0x10) r7 = socket$inet(0x2, 0x80001, 0x84) getsockopt$inet_sctp_SCTP_MAX_BURST(r7, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={0x0}, &(0x7f0000000040)=0x8) setsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r6, 0x84, 0x79, &(0x7f00000000c0)={r8}, 0x8) getsockopt$inet_sctp_SCTP_RECONFIG_SUPPORTED(r5, 0x84, 0x75, &(0x7f0000000100)={r8, 0x1}, &(0x7f0000000140)=0x8) ioctl$KVM_SET_CPUID(r3, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03620800000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000011000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r3, 0xc008ae88, &(0x7f0000000040)=ANY=[@ANYBLOB="010000000000000082b37500"/24]) 16:48:29 executing program 5: open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) write$P9_ROPEN(r0, &(0x7f0000000280)={0x18, 0x71, 0x0, {{}, 0x74}}, 0x18) 16:48:29 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x488}]}) 16:48:29 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2}}}, 0xf8}}, 0x0) [ 620.886592][ T7238] minix_free_inode: bit 1 already cleared 16:48:29 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = perf_event_open(&(0x7f000001d000)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={0x0, 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000200)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x8, 0x80000000}, 0x0, 0x0, r3, 0x0) socketpair(0x2c, 0x3, 0x7f, &(0x7f00000000c0)) r4 = perf_event_open(&(0x7f0000000000)={0x2, 0x70, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r3, 0x0) r5 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') dup3(r5, r4, 0x0) ioctl$KVM_SET_CPUID(r5, 0x4008ae8a, &(0x7f00000000c0)=ANY=[]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x483, 0x0, 0x4}]}) [ 621.055465][ T27] audit: type=1800 audit(1591289309.669:1277): pid=15567 uid=0 auid=0 ses=4 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.5" name="file0" dev="sda1" ino=16364 res=0 16:48:29 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2, 0x2}}}, 0xf8}}, 0x0) 16:48:29 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x284080, 0x0) acct(&(0x7f0000000080)='./file0\x00') r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x482}]}) 16:48:29 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, 0x0) [ 621.110677][T15572] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 621.168721][T15567] attempt to access beyond end of device [ 621.191495][T15567] loop5: rw=2049, want=6434, limit=52 [ 621.237083][T15567] Buffer I/O error on dev loop5, logical block 3216, lost async page write 16:48:29 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2, 0x3}}}, 0xf8}}, 0x0) [ 621.289136][T15572] attempt to access beyond end of device [ 621.316030][T15572] loop5: rw=0, want=6434, limit=52 [ 621.343507][T15572] Buffer I/O error on dev loop5, logical block 3216, async page read 16:48:30 executing program 2: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r1 = perf_event_open(&(0x7f000001d000)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={0x0, 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000200)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r1, 0x0) r2 = perf_event_open(&(0x7f0000000000)={0x2, 0x70, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r1, 0x0) r3 = fcntl$dupfd(r0, 0x0, r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) move_mount(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', r3, &(0x7f00000000c0)='./file0\x00', 0x6) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r6, 0x4008ae8a, &(0x7f0000000140)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cf00000000000000ef33ba508a62b4fd6da983b8587645ed9486e1f0d4b1d7abb56bddf69e50acf748e62505973746589bfdacc32978230a7eb8a21bb10a4edc6393a2907816fafbbe7722e81686d40d661325db170000000000"]) openat$md(0xffffffffffffff9c, &(0x7f0000000100)='/dev/md0\x00', 0x44082, 0x0) r7 = perf_event_open(&(0x7f000001d000)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={0x0, 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000200)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r7, 0x0) r8 = perf_event_open(&(0x7f0000000000)={0x2, 0x70, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r7, 0x0) r9 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') dup3(r9, r8, 0x0) r10 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200)='nl80211\x00') sendmsg$NL80211_CMD_SET_STATION(r9, &(0x7f0000000340)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000300)={&(0x7f0000000240)={0x84, r10, 0x300, 0x70bd2b, 0x25dfdbfe, {}, [@NL80211_ATTR_STA_FLAGS2={0xc, 0x43, {0x1ff, 0x974}}, @NL80211_ATTR_STA_TX_POWER_SETTING={0x5, 0x113, 0x1}, @NL80211_ATTR_STA_EXT_CAPABILITY={0x2c, 0xac, "22fa145700a255fe98baa0707b3fe41bcaf9b088784068900a356790ad19f5a66d42e76cdb0893ca"}, @NL80211_ATTR_STA_TX_POWER={0x6, 0x114, 0x3}, @NL80211_ATTR_OPMODE_NOTIF={0x5, 0xc2, 0x80}, @NL80211_ATTR_STA_LISTEN_INTERVAL={0x6}, @NL80211_ATTR_VLAN_ID={0x6, 0x11a, 0x1}, @NL80211_ATTR_AIRTIME_WEIGHT={0x6, 0x112, 0x7}, @NL80211_ATTR_STA_SUPPORTED_RATES={0x5, 0x13, '$'}]}, 0x84}, 0x1, 0x0, 0x0, 0x4}, 0x20000000) ioctl$KVM_SET_MSRS(r6, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x483}]}) 16:48:30 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$PPPIOCSFLAGS1(0xffffffffffffffff, 0x40047459, &(0x7f0000000680)=0x8020230) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r2 = fcntl$dupfd(r1, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) clock_gettime(0x0, &(0x7f00000005c0)={0x0, 0x0}) r5 = perf_event_open(&(0x7f000001d000)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={0x0, 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000200)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r5, 0x0) r6 = perf_event_open(&(0x7f0000000000)={0x2, 0x70, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r5, 0x0) r7 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') dup3(r7, r6, 0x0) ioctl$VIDIOC_QBUF(r2, 0xc058560f, &(0x7f0000000600)={0x4, 0x1, 0x4, 0x2, 0x7, {r3, r4/1000+10000}, {0x2, 0x1, 0xe0, 0x0, 0x80, 0x3, "7be58179"}, 0xfffffffc, 0x2, @fd, 0x2d, 0x0, r6}) r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x1) ioctl$KVM_SET_CPUID(r9, 0x4008ae8a, &(0x7f0000000000)=ANY=[@ANYBLOB="050020fd000000ff000000000006005ee8315b0000e3b300696402e58bee0000010500000000000000003cb75dd1940000ef"]) r10 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x800c80, 0x0) ioctl$KDFONTOP_SET_DEF(r10, 0x4b72, &(0x7f0000000500)={0x2, 0x0, 0x2, 0x19, 0x1f7, &(0x7f0000000100)="c7d5fd6901f77e770bf2abba3ef6101b8f2e57d454713df5b2746ebdb0117b88807dba26ec4b3888424c524691a06efa60aac5709008212dff465bf4856440a66c0b6b82839ecdb07a1393031005b04d2d7e93089373fbc73ef5893bbc90ee34e2851cd609b59f61ab064e5521eadd2081469ab6415a6492d979ab12a9fc0478ec51ce0ccdfe0d0f38cd7dba1fbce675dca2f4eaf64651d15c004a84468469098bfc4bc6e0604ba8fbb4c1adb0c53ade258ee308b3a078f624c656efe0b0491ab26b703b65e0b52403d6c02ab08080c252fc3c42df991fc339902ef1d0fdada1657fa1ae093118d9552e5c556a0306601d9c48d2add28695ae5842da037c9292153e9753b46e92f7d3bba6ce15ce0ecf5f690ef28cfcb9545dd6169cfec975611413da87d363c2e5cb17fb8320f5355164c2ec740771ae273e0e006aef3136e88364e0452c9e4f3263c9750c22642956f6053476e9d13d2bfd64cf3ddec9b58458f589e77f1efdc9957de35c4bdfabdbfc734434519ee4445884a92f2cbb5a17a6ebb831a1089e4ca4e9e58276a403c10eb8964ac4b1139266c7fbfb73be303eae133117f311933fa1542c01654d483eba02fdfd7482ee178b0fe9184fc140ec5378b5adf44890e95bfd088ea7263800c3135c32edfb70b781aaf6cda1f1669380c6daef0da2b10081d1e4c2279c0f7f03b4a98a07343e0781e3cb7eea3d123bc468ba2666d1e1c8911606b536d7f2f023b3b5c0860a7f67fbfdf75e2be763d89185e4d165153af951b040d3ea0e41f1223f62dae8689807ff0af299025857e1397ac82dbe5092b5771e6df8e221678c7ac7d49cf46b64ba87144e5c71ad16f12cf36e356e6849481ea91f0d34efe544b3b0c9de59bd14b03d033b936dc6672b59b699318089262790abcb3ad09bb5bac16c5b493ac2359e92ffde6be7b64b6fcc793b19e992628ea6f9ca0c00230b5dbc411bc48befd9d2352a90e99153812ac3d6d907b314e39a1dd9650b022de2c232ee2ef70758db6962070fb28aab9e2552911f2a31fb0aa885fe64158a8866433575b1d0365f730d00cb552a4791a69a7b4e7b89ea53dc3abc43917b44241b38caa8716dc6dfc8058fe806e66580f2a45b94ef1aa13b2e833dbc28a8dfacaab6d4cdc8c46a84d8738a7fa110d197afa771c4ed6b0b0041ed365b5f5d9d09b8747d824d760044e6400eb9f9717475b37dca121b890a866337762ee2642b7f7c755b3ae6fa3227bca61f34451ed6a951f9588e379d411ba2dfc839875c88a218ccee452ba1a22eb065359115ba6c0684381ea2b288e78af59968070c00d0100d417400f025eb26bd5ff27537a9d5b6a8645346299ae388b86e4f1886dbc83c2f7e9d070b2aa598583c1ec70992c65d4488adeb20d0ffa6a47f52488985568d6caddde8dce3db448d717080f9d7d4bac615"}) ioctl$KVM_SET_MSRS(r9, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x482}]}) r11 = openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000540)='/dev/dlm-control\x00', 0x400202, 0x0) ioctl$SNDRV_PCM_IOCTL_REWIND(r11, 0x40084146, &(0x7f0000000580)) [ 621.382742][ T27] audit: type=1800 audit(1591289309.999:1278): pid=15572 uid=0 auid=0 ses=4 subj=_ op=collect_data cause=failed comm="syz-executor.5" name="/" dev="loop5" ino=1 res=0 16:48:30 executing program 5: open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) write$P9_ROPEN(r0, &(0x7f0000000280)={0x18, 0x71, 0x0, {{}, 0x7a}}, 0x18) 16:48:30 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, 0x0) 16:48:30 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2, 0x4}}}, 0xf8}}, 0x0) [ 621.444695][ T7238] minix_free_inode: bit 1 already cleared [ 621.579196][ T27] audit: type=1800 audit(1591289310.189:1279): pid=15619 uid=0 auid=0 ses=4 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.5" name="file0" dev="sda1" ino=16382 res=0 [ 621.614566][T15619] MINIX-fs: mounting unchecked file system, running fsck is recommended 16:48:30 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2, 0x9}}}, 0xf8}}, 0x0) 16:48:30 executing program 4: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)) r0 = perf_event_open(&(0x7f000001d000)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={0x0, 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000200)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0) r1 = perf_event_open(&(0x7f0000000000)={0x2, 0x70, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r0, 0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') dup3(r2, r1, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r4 = fcntl$dupfd(r3, 0x0, r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) r5 = perf_event_open(&(0x7f000001d000)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000080), 0x2}, 0x0, 0x0, 0x0, 0x3}, 0x0, 0x0, 0xffffffffffffffff, 0x2) perf_event_open(&(0x7f0000000200)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r5, 0x0) r6 = perf_event_open(&(0x7f0000000000)={0x2, 0x70, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r5, 0x0) r7 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') dup3(r7, r6, 0x0) perf_event_open(&(0x7f000001d000)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={0x0, 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r8 = fcntl$dupfd(r7, 0x0, 0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r8, 0x8912, 0x400200) r9 = socket$nl_generic(0x10, 0x3, 0x10) r10 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000440)='ethtool\x00') sendmsg$ETHTOOL_MSG_STRSET_GET(r9, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000740)={&(0x7f00000000c0)={0x28, r10, 0x703, 0x0, 0x0, {}, [@ETHTOOL_A_STRSET_HEADER={0x4}, @ETHTOOL_A_STRSET_STRINGSETS={0x10, 0x2, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x3}]}]}]}, 0x28}}, 0x0) [ 621.660779][T15619] attempt to access beyond end of device [ 621.682289][T15619] loop5: rw=2049, want=6434, limit=52 16:48:30 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, 0x0) 16:48:30 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_XSAVE(r2, 0x5000aea5, &(0x7f0000000100)={[0x8, 0xfffff779, 0x9, 0x40, 0x0, 0x7fff, 0x5, 0x2, 0x4, 0x120b, 0x7fff, 0x2, 0x9, 0x1f, 0x80, 0xa8b9, 0x2, 0x3, 0x0, 0x2, 0x34, 0x3, 0x5, 0x1ff, 0xffff, 0x7fffffff, 0x3, 0x4, 0x0, 0xfffffff9, 0xffffff54, 0x3061, 0x2, 0x40, 0x3, 0x4, 0x81, 0x4, 0x1, 0x8, 0x80000000, 0xbbfb, 0x1ff, 0x401, 0x7, 0x1, 0x7, 0x401, 0x5, 0xff, 0xfffffff8, 0x90ab, 0x7, 0x3ff, 0x9, 0x7, 0xfffffff8, 0x4, 0xffffffff, 0x8001, 0x3, 0x2, 0x3, 0x6, 0xbec3, 0x1, 0x1f, 0x9, 0x4d, 0x8d42, 0x3, 0xd03, 0x5a8b, 0x1, 0x4, 0x7, 0x3, 0x8, 0x5, 0x2, 0x0, 0x1, 0x7, 0x6, 0x3, 0x401, 0x401, 0x10, 0xf5c7, 0x0, 0xc6ac, 0xff, 0x6, 0x2, 0x9, 0x5, 0x800, 0x20, 0x79, 0x45d576fe, 0x7, 0xfffff729, 0x4957, 0x4, 0x7, 0x0, 0xffff0001, 0x6, 0xd48d, 0x8, 0x1, 0x0, 0x0, 0x5, 0x3, 0x80, 0x20, 0x5, 0x5, 0x80000001, 0xeaa, 0x2, 0x4c, 0xb8, 0x0, 0x926a, 0x81, 0x9, 0x20, 0x3, 0x6, 0x8, 0xfff, 0x4, 0x82a, 0x80000001, 0xf23, 0x3, 0x8, 0xfffffff9, 0x9694, 0xd2, 0x2, 0xf3b, 0x0, 0x5, 0x1, 0x6, 0x1, 0x6, 0x7fff, 0x5, 0x8, 0x101, 0x6, 0x0, 0x3, 0x3, 0x9, 0x80, 0x1, 0x3c5, 0x5, 0x6, 0x3, 0x3, 0x4, 0xc1, 0xffff, 0x7, 0x1, 0x7, 0x1, 0x2, 0x8, 0x8, 0x8, 0xff, 0x9, 0x8, 0xff, 0x8000, 0x800, 0x81, 0x9, 0x0, 0x5, 0x6, 0x8, 0x2, 0xfffffffd, 0x5, 0x10001, 0xa4ac, 0x8, 0xfff, 0x1, 0x7fffffff, 0x5, 0x2, 0x4, 0x2, 0x1, 0x9, 0x200, 0x2, 0x0, 0x100, 0x3, 0x101, 0x7de5, 0xf3, 0xa7, 0x3, 0xa1, 0x10000, 0x9, 0x8, 0x4, 0x4, 0xfffffffd, 0xfffffffb, 0x7, 0xd9, 0x3, 0x7b6, 0x2, 0x9, 0xbf, 0x10001, 0x4, 0x2, 0x2, 0x0, 0x5, 0x200, 0x3, 0x4, 0x0, 0xc, 0xffff, 0x6, 0x310, 0x6, 0xfff, 0x0, 0x5, 0x35a, 0x39, 0x401, 0xffffffe0, 0xff, 0x2, 0x94, 0x800, 0x101, 0x3, 0x1, 0x2, 0x3, 0x6, 0xff, 0x4, 0x1, 0x8, 0x0, 0x0, 0x1f, 0x5, 0x9, 0x4, 0x6, 0x1000000, 0x100020, 0x10001, 0x0, 0x4, 0x0, 0xffff, 0xbc, 0x8, 0x15dc, 0x0, 0x310, 0x4, 0x6, 0x10001, 0xb850, 0x4, 0x0, 0x0, 0x6, 0x4, 0x6, 0x9, 0x7fffffff, 0x100, 0x8d, 0x4, 0xffff, 0xffffff93, 0xffffffff, 0x81, 0x7fff, 0x1, 0x200, 0x80000000, 0xfffffffa, 0x3, 0x1, 0x5, 0x101, 0x2, 0x0, 0x6, 0x112, 0x0, 0x7, 0x2, 0x7fffffff, 0x9635, 0xfda3, 0xecac, 0x20, 0x7ff, 0x200, 0xbc, 0x5, 0xff, 0x0, 0xca, 0xae1, 0x4, 0x0, 0x1, 0x7, 0x9, 0x7, 0x5763384d, 0x7fffffff, 0x6, 0x9, 0x3, 0x0, 0x2, 0x2, 0x8, 0xe4, 0x4, 0x8a14, 0x7, 0x4, 0x8, 0x200, 0x86b, 0x401, 0x8001, 0x20, 0x0, 0x9, 0x2, 0x8, 0x5a4, 0x400, 0x7, 0x4, 0x5, 0x0, 0x7ff, 0x0, 0x259, 0xffffffff, 0x8, 0x4, 0xfffffff9, 0x3, 0xffff75a0, 0xfff, 0x1, 0x1484, 0x23ae968f, 0xffff, 0x2ad, 0x3, 0xfdbb, 0x1, 0x40, 0x7, 0x7, 0x5, 0x1, 0x100, 0x2, 0x6, 0x5, 0x9, 0x1, 0x3ff, 0x6, 0x7, 0x101, 0x8, 0x20, 0x40, 0x9c4d, 0x9, 0x4, 0x2, 0x1000, 0x2, 0x1, 0x800, 0x3, 0x20, 0x0, 0x0, 0x40, 0x0, 0x0, 0xc6, 0x401, 0xb406, 0x6, 0x400, 0x9, 0x1, 0x9, 0x6, 0xfab, 0x1, 0xffffff81, 0x5, 0x10001, 0x20, 0x7fff, 0x6d2, 0x7, 0xd99, 0x6, 0x2, 0x23f8f002, 0x2, 0x5, 0x7fffffff, 0x3f, 0x9, 0x200, 0x7fffffff, 0x3, 0x3, 0x3, 0xe004, 0x42, 0x5, 0x2, 0x7fffffff, 0x0, 0x2, 0xff, 0x1, 0x3ff, 0x4, 0x36, 0x401, 0x8001, 0x7, 0x6, 0x6, 0x4, 0x0, 0x401, 0x302a434d, 0x9, 0x1dc, 0xfffffff7, 0x7, 0x0, 0x1950, 0x1, 0x7, 0x0, 0x3, 0xffffffff, 0x7f, 0x4, 0x4, 0x7, 0x5, 0x5e1f894a, 0xfffffffa, 0x47, 0x1f, 0x2, 0x4, 0x3, 0xffffff7f, 0x1, 0x800, 0x0, 0x7, 0x9, 0xfffffff8, 0x1c00, 0x6, 0x8, 0x9, 0xffffffbc, 0x0, 0x1f, 0x3ff, 0x3, 0x5, 0x1, 0x2, 0x1, 0x3, 0x0, 0x0, 0x8, 0x4, 0x4, 0x5, 0xfff, 0x401, 0x0, 0xfffff001, 0xb5, 0x80000000, 0x5, 0x4, 0x6, 0x1, 0x728, 0x1, 0x6, 0x1, 0x2, 0x401, 0xffffffff, 0x8, 0x7fffffff, 0x1, 0x2, 0xff, 0xffff, 0x8, 0x8000, 0x24000000, 0x703, 0x3, 0xa80, 0x4, 0x81, 0x0, 0x5, 0xff, 0x4534, 0x7, 0x20, 0x8, 0x3, 0xff, 0x401, 0x4, 0x101, 0x4, 0x3336, 0x5, 0x2, 0x8, 0xe5, 0x84, 0x5, 0x6, 0x5, 0x4, 0x1000, 0x1, 0x42, 0x9, 0x4, 0x202, 0x1, 0x2, 0x4, 0x734, 0xff, 0x3, 0xfff, 0x7, 0x3, 0xffffffff, 0x3ff, 0x80, 0x40, 0x80b4, 0x7, 0xfffffffb, 0x80, 0x100, 0x9, 0x8, 0xff, 0x1, 0x200, 0x0, 0x3, 0x8, 0x0, 0x1, 0x7, 0x5, 0x1, 0x5, 0x401, 0x0, 0xffffffff, 0x6f03, 0x1, 0x4a, 0x8001, 0xb86, 0xecf, 0x8, 0x6, 0x68, 0x81, 0x3, 0x101, 0xb6ac, 0x0, 0x2, 0x8, 0x7fff, 0x6, 0x0, 0x7, 0xfa, 0x8, 0x4, 0x8, 0xfffffff8, 0xfff, 0x6, 0x4, 0x0, 0x853, 0x2, 0x967, 0xfffffff7, 0x10000, 0x5, 0x8f, 0x10000, 0x6, 0x393e, 0x0, 0x401, 0x5, 0x5, 0x80000001, 0x3fe0, 0x6e, 0xfffffff8, 0xfffffff9, 0x80, 0x6, 0xd12, 0x0, 0x738, 0x8000, 0x1b, 0x9, 0x7, 0x3, 0x40, 0x3, 0x5b, 0x3, 0x10000, 0x7fffffff, 0x4, 0xffffff04, 0x541, 0x7, 0x2, 0xff, 0x9, 0x10001, 0x7fff, 0x5, 0x7, 0x4, 0x80000001, 0x638c, 0x10001, 0x5, 0x7, 0x8, 0x72bf, 0x1, 0x100, 0x5, 0x400, 0x0, 0x401, 0x2, 0x81, 0xfffff800, 0x2, 0x4, 0x0, 0x8000, 0x7f, 0x100, 0x5, 0x3, 0x1, 0x80000001, 0x0, 0x7fffffff, 0x5, 0x4, 0x7, 0x8, 0x78, 0x3ff, 0x5, 0x10001, 0x7, 0xb665, 0x10001, 0x1ff, 0x9, 0x1, 0x47a, 0x90, 0x1000, 0x11, 0x1, 0x80, 0x0, 0x8000, 0x9d2b1f0, 0x7, 0x0, 0xfffffe01, 0xfffffffa, 0x6, 0x0, 0x20, 0x0, 0x1ff, 0x2, 0x2, 0x4d0c, 0x7, 0x1, 0x1f, 0x8000, 0x6bb, 0x8, 0x100, 0xffffffff, 0x6, 0x0, 0x80000000, 0x0, 0x80, 0xfffffffb, 0x7, 0x3, 0x2, 0x971, 0x7, 0xffff, 0x1ff, 0x3, 0x101, 0x9, 0x7, 0x8, 0xd2e, 0xffffff80, 0xfff80000, 0xff, 0x1ff, 0x4, 0x5, 0x1ff, 0x7f, 0x2, 0xf2, 0x9, 0x4, 0x3, 0x8000, 0xffffffff, 0x80000000, 0x9, 0x4, 0x5, 0x1, 0x8001, 0xffff, 0x1, 0x8, 0x5a4, 0x1, 0xffffa2cc, 0x20, 0x7, 0x3, 0x1f, 0x8, 0xff, 0x81, 0x10000, 0x3, 0x4, 0x3, 0x7f, 0x3f, 0x517b, 0x8a1, 0x1, 0x0, 0x1, 0xc0, 0xffff8000, 0x80, 0x1, 0x601, 0x12f, 0xffffffe1, 0x5, 0x3, 0x2, 0x57, 0x82b, 0x6f0be58c, 0x8, 0x7, 0x100, 0x6, 0x3, 0x8, 0x5, 0x7, 0x8, 0x1, 0xffffffff, 0x40, 0xacd0, 0x7, 0x4, 0x3, 0x4, 0xfdf, 0x200, 0x6, 0x1, 0xeaa, 0x1, 0x2, 0x80, 0x6, 0x652b, 0x7fff, 0xffffffff, 0x3, 0x0, 0x400, 0x8000, 0x1, 0x80000000, 0xa97, 0x2, 0x0, 0xefc5, 0xa5, 0x3, 0x10001, 0x1000, 0x80, 0x20, 0x7, 0x2, 0x400, 0x7, 0x2, 0x55, 0x5, 0x7ff80, 0x7, 0xffffffe1, 0xffffff81, 0x3, 0x80000000, 0x400, 0x8, 0x5, 0x3, 0x20, 0x1, 0x0, 0x5, 0x1, 0x1, 0x60f, 0x0, 0x81, 0x2, 0x5, 0x9, 0x7, 0x6, 0xa9, 0x3f, 0x2, 0x3f, 0x7, 0x5, 0x5, 0x200, 0x5d3e6436, 0x2, 0x8, 0x7fffffff, 0xfff, 0x9278, 0x4, 0x1, 0x1, 0x1, 0x6, 0x5, 0x8, 0xffffffe0, 0x31b9, 0x3, 0x5, 0x40, 0x3f, 0x400, 0x34080000, 0x8001, 0x7, 0x6, 0x3, 0x4, 0x7, 0x8, 0x7fffffff, 0x40, 0x0, 0x5, 0xfff, 0xfffffffd, 0x4af7, 0xb4a1, 0x8000, 0x7f37ad50, 0x1000, 0x7, 0x80, 0x8000, 0x7ff, 0x0, 0xfff, 0x1, 0x505, 0x8, 0x20, 0x4d9d, 0x1f, 0x6, 0x80, 0x36, 0x3ff, 0x1c5, 0x1000, 0x101, 0x2, 0x5, 0x2, 0x3, 0x659, 0xffff, 0x2f800000, 0x13e4, 0x0, 0x2, 0x4, 0x4, 0x5d, 0xfffffffa, 0x9, 0x7, 0x85d, 0x0, 0x7, 0x6, 0x9, 0xffffd872, 0x9, 0x2, 0x7f, 0x8, 0x9, 0x8, 0x0, 0x43b, 0x50, 0x6, 0x1, 0x7f, 0x9, 0x3, 0xfffffff9, 0x2, 0x7, 0x5, 0x8]}) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ptrace$setopts(0x4200, 0xffffffffffffffff, 0x0, 0x0) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x482}]}) 16:48:30 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x620000, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x483}]}) r3 = socket$inet_sctp(0x2, 0x5, 0x84) getsockopt$SO_BINDTODEVICE(r3, 0x1, 0x19, &(0x7f0000000000), 0x10) [ 621.741403][T15619] Buffer I/O error on dev loop5, logical block 3216, lost async page write [ 621.775297][T15636] attempt to access beyond end of device [ 621.823621][T15636] loop5: rw=0, want=6434, limit=52 [ 621.842829][T15636] Buffer I/O error on dev loop5, logical block 3216, async page read 16:48:30 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2, 0xa}}}, 0xf8}}, 0x0) 16:48:30 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)) [ 621.882288][ T27] audit: type=1800 audit(1591289310.499:1280): pid=15636 uid=0 auid=0 ses=4 subj=_ op=collect_data cause=failed comm="syz-executor.5" name="/" dev="loop5" ino=1 res=0 16:48:30 executing program 5: open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) write$P9_ROPEN(r0, &(0x7f0000000280)={0x18, 0x71, 0x0, {{}, 0xf0}}, 0x18) 16:48:30 executing program 2: openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x8401, 0x0) r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r0, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) r1 = perf_event_open(&(0x7f000001d000)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={0x0, 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000200)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r1, 0x0) r2 = perf_event_open(&(0x7f0000000000)={0x2, 0x70, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r1, 0x0) r3 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') dup3(r3, r2, 0x0) ioctl$KVM_IRQ_LINE(r3, 0x4008ae61, &(0x7f0000000080)={0x2, 0xeed}) ioctl$KVM_SET_MSRS(r0, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x483}]}) [ 621.928240][ T7238] minix_free_inode: bit 1 already cleared 16:48:30 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f0000000100)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010031580000000000000000ef1267bec56b6eb1525c6eb1"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x482}]}) r3 = perf_event_open(&(0x7f000001d000)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={0x0, 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000200)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r3, 0x0) perf_event_open(&(0x7f0000000000)={0x2, 0x70, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x7}}, 0x0, 0x0, r3, 0x0) r4 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') ioctl$TUNSETPERSIST(r4, 0x400454cb, 0x0) 16:48:30 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2, 0xf}}}, 0xf8}}, 0x0) 16:48:30 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)) [ 622.076920][T15674] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 622.114864][T15674] attempt to access beyond end of device 16:48:30 executing program 4: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r1 = perf_event_open(&(0x7f000001d000)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={0x0, 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000200)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r1, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000100)='/proc/vmstat\x00', 0x0, 0x0) r2 = perf_event_open(&(0x7f0000000000)={0x2, 0x70, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r1, 0x0) r3 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') dup3(r3, r2, 0x0) ioctl$SNDRV_TIMER_IOCTL_GPARAMS(r3, 0x40485404, &(0x7f0000000040)={{0xffffffffffffffff, 0x0, 0x4, 0x0, 0x1000}, 0x9, 0x88c1}) prctl$PR_SET_NAME(0xf, &(0x7f0000000000)='ethtool\x00') r4 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000440)='ethtool\x00') sendmsg$ETHTOOL_MSG_STRSET_GET(r5, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000740)={&(0x7f00000000c0)={0x28, r6, 0x703, 0x0, 0x0, {}, [@ETHTOOL_A_STRSET_HEADER={0x4}, @ETHTOOL_A_STRSET_STRINGSETS={0x10, 0x2, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x3}]}]}]}, 0x28}}, 0x0) [ 622.137101][T15674] loop5: rw=2049, want=6434, limit=52 [ 622.191267][T15674] Buffer I/O error on dev loop5, logical block 3216, lost async page write 16:48:30 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)) [ 622.255638][T15692] attempt to access beyond end of device 16:48:30 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) write(r0, &(0x7f0000000180)="b9dbdf25a9e7eeb8cc931cfe69bfaec948087013dfe538213796c8ebc4c2241f3b9646cea404b62589a89ea5586c32da97e351a032ec2b3545062cb2502d3359886cc02db6d0d9fe2418eb349a9d0c584e3634cd8fc069d43fa4f0f459269dd9b0ca24057ce271b257d02b94c33fd17203e42e59", 0x74) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x482}]}) 16:48:30 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2, 0x60}}}, 0xf8}}, 0x0) [ 622.316431][T15692] loop5: rw=0, want=6434, limit=52 [ 622.328858][T15692] Buffer I/O error on dev loop5, logical block 3216, async page read 16:48:31 executing program 5: open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) write$P9_ROPEN(r0, &(0x7f0000000280)={0x18, 0x71, 0x0, {{}, 0x204}}, 0x18) 16:48:31 executing program 4: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000440)='ethtool\x00') setsockopt$inet6_MCAST_LEAVE_GROUP(r1, 0x29, 0x2d, &(0x7f0000000000)={0x0, {{0xa, 0x4e22, 0x8000, @private0={0xfc, 0x0, [], 0x1}, 0x69a}}}, 0x88) sendmsg$ETHTOOL_MSG_STRSET_GET(r2, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000740)={&(0x7f00000000c0)={0x28, r3, 0x703, 0x0, 0x0, {}, [@ETHTOOL_A_STRSET_HEADER={0x4}, @ETHTOOL_A_STRSET_STRINGSETS={0x10, 0x2, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x3}]}]}]}, 0x28}}, 0x0) 16:48:31 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{}]}) 16:48:31 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) ioctl$ASHMEM_PURGE_ALL_CACHES(0xffffffffffffffff, 0x770a, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r4 = fcntl$dupfd(r3, 0x0, r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x9, &(0x7f0000000140)={&(0x7f0000000000)=@newlink={0x3c, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x75747}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc, 0x1, 'macvtap\x00'}, {0x4}}}, @IFLA_LINK={0x8}]}, 0x3c}}, 0x0) ioctl$sock_inet6_SIOCSIFADDR(0xffffffffffffffff, 0x8916, &(0x7f0000000100)={@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x5b}) r5 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/autofs\x00', 0x400000, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r7 = fcntl$dupfd(r6, 0x0, r6) ioctl$PERF_EVENT_IOC_ENABLE(r7, 0x8912, 0x400200) r8 = perf_event_open(&(0x7f0000000180)={0x5, 0xc4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={0x0, 0x1}, 0x0, 0x0, 0x0, 0x0, 0x2000000000000}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000200)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x400, 0x0, 0xfffffffd, 0x0, 0x0, 0x6}, 0x0, 0x0, r8, 0x0) r9 = perf_event_open(&(0x7f0000000000)={0x2, 0x70, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r8, 0x0) r10 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') dup3(r10, r9, 0x0) ioctl$KVM_SET_CPUID(r5, 0x4008ae8a, &(0x7f0000000280)=ANY=[@ANYRES16=r7, @ANYRES64=r10, @ANYBLOB="0c4e94c905be787b900ffbbf7dabfe0490ba05d85b4b2121363697012dba862e7fd04fd8b4d1fc48e4b56875ba9f3e7f3aad777a13706586071a44d7c6ed20fbe5164883f52da3de6f2080fc3e28153d73bdd7d5bd350cc6b13d8392e9e7958a956a8ce0e41c81da98cd701a522a0ee88b136c506e1bfda89d9d6d60649e764c58ac043fa5cb2dbd4c0e18168ec8c55b5127f6976a8e46e3d292b819687a67500dfc975ff16ac319f5"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)=ANY=[@ANYBLOB="01000000000000001f0000000000"]) [ 622.424029][ T7238] minix_free_inode: bit 1 already cleared 16:48:31 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = perf_event_open(&(0x7f000001d000)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={0x0, 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000200)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r3, 0x0) r4 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000100)='/dev/vcs\x00', 0x40800, 0x0) ioctl$SIOCAX25GETINFOOLD(r4, 0x89e9, &(0x7f0000000180)) r5 = perf_event_open(&(0x7f0000000000)={0x2, 0x70, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r3, 0x0) r6 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/qat_adf_ctl\x00', 0x484402, 0x0) readahead(r6, 0x5d, 0x8) r7 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') dup3(r7, r5, 0x0) ioctl$SNDRV_CTL_IOCTL_POWER_STATE(r7, 0x800455d1, &(0x7f0000000000)) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f0006e3ffe2b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x482}]}) 16:48:31 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2, 0x2fc}}}, 0xf8}}, 0x0) 16:48:31 executing program 4: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer\x00', 0x4800, 0x0) ioctl$SNDRV_RAWMIDI_IOCTL_DRAIN(r3, 0x40045731, &(0x7f0000000040)=0xfffffffb) r4 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000440)='ethtool\x00') ioctl$DRM_IOCTL_MODE_GETCONNECTOR(r1, 0xc05064a7, &(0x7f00000001c0)={&(0x7f0000000080)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000100)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000140)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000180)=[0x0, 0x0], 0x6, 0x7, 0x4}) sendmsg$ETHTOOL_MSG_STRSET_GET(r2, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000740)={&(0x7f00000000c0)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYRES16=r4, @ANYRES64=r0], 0x28}, 0x1, 0x0, 0x0, 0x8004}, 0x0) [ 622.603229][T15732] MINIX-fs: mounting unchecked file system, running fsck is recommended 16:48:31 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{}]}) [ 622.684099][T15732] attempt to access beyond end of device 16:48:31 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2, 0x300}}}, 0xf8}}, 0x0) [ 622.727140][T15732] loop5: rw=2049, want=6434, limit=52 16:48:31 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = syz_genetlink_get_family_id$smc(&(0x7f0000000140)='SMC_PNETID\x00') sendmsg$SMC_PNETID_GET(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x20, r3, 0x2, 0x70bd2a, 0x25dfdbfc, {}, [@SMC_PNETID_NAME={0x9, 0x1, 'syz2\x00'}]}, 0x20}, 0x1, 0x0, 0x0, 0x8841}, 0x4001) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x483}]}) ioctl$SNDRV_CTL_IOCTL_TLV_COMMAND(0xffffffffffffffff, 0xc008551c, &(0x7f0000000000)={0x52e, 0x18, [0x8, 0x2, 0x9, 0x8, 0x6, 0x3]}) [ 622.773884][T15732] Buffer I/O error on dev loop5, logical block 3216, lost async page write 16:48:31 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f0000000180)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef76421ba48fd0d7217ae7fb53e05340f0db9a67a83f843fc850a0d429c4387d9d3f1c52f0c2181b0a5563f479f3b9c45c6ddb7db08d883d71f97b9cab83554fb072016f34"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x482}]}) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r4 = fcntl$dupfd(r3, 0x0, r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$KVM_GET_MSRS(r4, 0xc008ae88, &(0x7f0000000000)={0x3, 0x0, [{}, {}, {}]}) 16:48:31 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{}]}) [ 622.845825][T15768] attempt to access beyond end of device [ 622.927705][T15768] loop5: rw=0, want=6434, limit=52 [ 622.947582][T15768] Buffer I/O error on dev loop5, logical block 3216, async page read 16:48:31 executing program 5: open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) write$P9_ROPEN(r0, &(0x7f0000000280)={0x18, 0x71, 0x0, {{}, 0x300}}, 0x18) 16:48:31 executing program 4: r0 = syz_open_dev$mouse(&(0x7f0000000000)='/dev/input/mouse#\x00', 0x9, 0xa10e81) ioctl$USBDEVFS_REAPURB(r0, 0x4008550c, &(0x7f0000000040)) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r2 = perf_event_open(&(0x7f000001d000)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={0x0, 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000200)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r2, 0x0) r3 = perf_event_open(&(0x7f0000000000)={0x2, 0x70, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r2, 0x0) r4 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') sendmsg$RDMA_NLDEV_CMD_RES_GET(r4, &(0x7f0000000300)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x18, 0x1409, 0x400, 0x70bd27, 0x25dfdbff, "", [@RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x2}]}, 0x18}, 0x1, 0x0, 0x0, 0x20000000}, 0x24008081) dup3(r4, r3, 0x0) ioctl$sock_inet_udp_SIOCOUTQ(r4, 0x5411, &(0x7f0000000180)) r5 = fcntl$dupfd(r1, 0x0, r1) getsockname$tipc(r5, &(0x7f0000000080), &(0x7f0000000100)=0x10) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000440)='ethtool\x00') sendmsg$ETHTOOL_MSG_STRSET_GET(r0, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)={0x1c, r6, 0x703, 0x0, 0xfffffffc, {}, [@ETHTOOL_A_STRSET_HEADER={0x4}, @ETHTOOL_A_STRSET_STRINGSETS={0x4}]}, 0x1c}}, 0x4000) 16:48:31 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2, 0x43b}}}, 0xf8}}, 0x0) 16:48:31 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2) ioctl$KVM_GET_CPUID2(r2, 0xc008ae91, &(0x7f0000000100)={0x8, 0x0, [{}, {}, {}, {}, {}, {}, {}, {}]}) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYRES64]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x483}]}) 16:48:31 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x481}]}) [ 623.039638][ T7238] minix_free_inode: bit 1 already cleared 16:48:31 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2, 0x900}}}, 0xf8}}, 0x0) [ 623.133017][T15806] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 623.185316][T15806] attempt to access beyond end of device 16:48:31 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r4 = fcntl$dupfd(r3, 0x0, r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r6, 0x8933, &(0x7f0000000000)={'batadv0\x00', 0x0}) r8 = syz_genetlink_get_family_id$batadv(&(0x7f0000000100)='batadv\x00') sendmsg$BATADV_CMD_SET_MESH(r5, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000340)=ANY=[@ANYBLOB='d\x00\x00\x00', @ANYRES16=r8, @ANYBLOB="010001000000000000000f0000000500300001000000060028000000000008003900d709000005002f000000000005002f000000000008000b000000000008003c000002000005002f00f0ffff0005002e000100000008000300", @ANYRES32=r7], 0x64}}, 0x0) sendmsg$BATADV_CMD_GET_HARDIF(r4, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)={0x60, r8, 0x800, 0x70bd28, 0x25dfdbfc, {}, [@BATADV_ATTR_ORIG_INTERVAL={0x8, 0x39, 0x7fff}, @BATADV_ATTR_FRAGMENTATION_ENABLED={0x5}, @BATADV_ATTR_NETWORK_CODING_ENABLED={0x5}, @BATADV_ATTR_ELP_INTERVAL={0x8, 0x3a, 0x55}, @BATADV_ATTR_ORIG_ADDRESS={0xa, 0x9, @random="d0d6c321501c"}, @BATADV_ATTR_AGGREGATED_OGMS_ENABLED={0x5}, @BATADV_ATTR_AP_ISOLATION_ENABLED={0x5}, @BATADV_ATTR_THROUGHPUT_OVERRIDE={0x8, 0x3b, 0x16}, @BATADV_ATTR_ISOLATION_MASK={0x8, 0x2c, 0x9}]}, 0x60}, 0x1, 0x0, 0x0, 0x800}, 0x802) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x482}]}) 16:48:31 executing program 4: r0 = syz_genetlink_get_family_id$batadv(&(0x7f0000000040)='batadv\x00') sendmsg$BATADV_CMD_GET_BLA_BACKBONE(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x3c, r0, 0x400, 0x70bd2c, 0x25dfdbfb, {}, [@BATADV_ATTR_MULTICAST_FORCEFLOOD_ENABLED={0x5, 0x37, 0x1}, @BATADV_ATTR_GW_BANDWIDTH_DOWN={0x8, 0x31, 0x4}, @BATADV_ATTR_BONDING_ENABLED={0x5, 0x2d, 0x1}, @BATADV_ATTR_GW_BANDWIDTH_UP={0x8, 0x32, 0xfffffff8}, @BATADV_ATTR_GW_MODE={0x5, 0x33, 0x1}]}, 0x3c}, 0x1, 0x0, 0x0, 0x840}, 0xc0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) fcntl$dupfd(r1, 0x0, r1) r2 = perf_event_open(&(0x7f000001d000)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={0x0, 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000200)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r2, 0x0) r3 = perf_event_open(&(0x7f0000000000)={0x2, 0x70, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r2, 0x0) r4 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') dup3(r4, r3, 0x0) fstat(r3, &(0x7f0000000200)) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = perf_event_open(&(0x7f000001d000)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={0x0, 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000200)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r6, 0x0) r7 = perf_event_open(&(0x7f0000000000)={0x2, 0x70, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r6, 0x0) r8 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') dup3(r8, r7, 0x0) getsockopt$IP_VS_SO_GET_DAEMON(r8, 0x0, 0x487, &(0x7f0000000280), &(0x7f00000002c0)=0x30) r9 = open(&(0x7f0000000180)='./file0\x00', 0xd0001, 0x0) ioctl$HDIO_GETGEO(r9, 0x301, &(0x7f00000001c0)) sendmsg$ETHTOOL_MSG_STRSET_GET(r5, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000740)={&(0x7f00000000c0)={0x28, 0x0, 0x703, 0x70bd25, 0x0, {}, [@ETHTOOL_A_STRSET_HEADER={0x4}, @ETHTOOL_A_STRSET_STRINGSETS={0x10, 0x2, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x3}]}]}]}, 0x28}}, 0x0) [ 623.238478][T15806] loop5: rw=2049, want=6434, limit=52 16:48:31 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x481}]}) 16:48:31 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) lsetxattr(&(0x7f0000000000)='./file0\x00', &(0x7f0000000100)=@known='trusted.overlay.redirect\x00', &(0x7f0000000140)='ppp1\x00', 0x5, 0x3) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r4 = fcntl$dupfd(r3, 0x0, r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) setsockopt$bt_BT_VOICE(r4, 0x112, 0xb, &(0x7f0000000180)=0x3, 0x2) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x482}]}) [ 623.306925][T15828] attempt to access beyond end of device 16:48:31 executing program 5: open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) write$P9_ROPEN(r0, &(0x7f0000000280)={0x18, 0x71, 0x0, {{}, 0x402}}, 0x18) 16:48:32 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2, 0xa00}}}, 0xf8}}, 0x0) [ 623.351325][T15828] loop5: rw=0, want=6434, limit=52 [ 623.386373][ T7238] minix_free_inode: bit 1 already cleared 16:48:32 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x483}]}) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r4 = fcntl$dupfd(r3, 0x0, r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r6, 0x8933, &(0x7f0000000000)={'batadv0\x00', 0x0}) r8 = syz_genetlink_get_family_id$batadv(&(0x7f0000000100)='batadv\x00') sendmsg$BATADV_CMD_SET_MESH(r5, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000340)=ANY=[@ANYBLOB='d\x00\x00\x00', @ANYRES16=r8, @ANYBLOB="010001000000000000000f0000000500300001000000060028000000000008003900d709000005002f000000000005002f000000000008000b000000000008003c000002000005002f00f0ffff0005002e000100000008000300", @ANYRES32=r7], 0x64}}, 0x0) r9 = socket(0x1, 0x803, 0x0) getsockname$packet(r9, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000180)=0x14) r11 = socket(0x10, 0x3, 0x0) sendmsg$nl_route(r11, &(0x7f0000000080)={0x0, 0x9, &(0x7f0000000140)={&(0x7f0000000000)=@newlink={0x3c, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x75747}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc, 0x1, 'macvtap\x00'}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r10}]}, 0x3c}}, 0x0) sendmsg$BATADV_CMD_GET_NEIGHBORS(r4, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x2c, r8, 0x200, 0x70bd2d, 0x25dfdbfe, {}, [@BATADV_ATTR_ISOLATION_MASK={0x8, 0x2c, 0x7}, @BATADV_ATTR_HOP_PENALTY={0x5, 0x35, 0xa8}, @BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r10}]}, 0x2c}, 0x1, 0x0, 0x0, 0x800}, 0x4000c0c4) 16:48:32 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x481}]}) 16:48:32 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x4a2000, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x482}]}) r3 = add_key$user(&(0x7f0000000200)='user\x00', &(0x7f0000000440)={'syz'}, &(0x7f00000000c0), 0x14b, 0xfffffffffffffffd) r4 = add_key(&(0x7f0000000200)='user\x00', &(0x7f0000000240)={'syz', 0x0}, &(0x7f00000002c0)='4', 0xba, 0xfffffffffffffffe) keyctl$dh_compute(0x17, &(0x7f0000000100)={r4, r3, r4}, 0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)={'vmac64(aes)\x00'}}) r5 = request_key(&(0x7f0000000140)='rxrpc_s\x00', &(0x7f0000000180)={'syz', 0x1}, &(0x7f00000001c0)=')[keyring-\x00', r4) add_key$keyring(&(0x7f0000000000)='keyring\x00', &(0x7f0000000100)={'syz', 0x1}, 0x0, 0x0, r5) 16:48:32 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2, 0xf00}}}, 0xf8}}, 0x0) [ 623.558068][T15859] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 623.614992][T15859] attempt to access beyond end of device 16:48:32 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2, 0x3b04}}}, 0xf8}}, 0x0) 16:48:32 executing program 4: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000440)='ethtool\x00') sendmsg$ETHTOOL_MSG_STRSET_GET(r2, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000740)={&(0x7f00000000c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="030700000000000000000100000004000180100002800c000180a5beeb7e6b6a111e"], 0x28}}, 0x0) 16:48:32 executing program 2: r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r1, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r1, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x483}]}) 16:48:32 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x481}]}) [ 623.718285][T15859] loop5: rw=2049, want=6434, limit=52 [ 623.756534][T15886] attempt to access beyond end of device [ 623.778067][T15886] loop5: rw=0, want=6434, limit=52 16:48:32 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) syz_open_dev$audion(&(0x7f0000000000)='/dev/audio#\x00', 0x9, 0x2100) r3 = perf_event_open(&(0x7f000001d000)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={0x0, 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r5 = fcntl$dupfd(r4, 0x0, r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) write$binfmt_misc(r0, &(0x7f0000000400)={'syz1', "f73ad18547fe9660ae2e417cd055a46625e450800b1bc07259e1"}, 0x1e) sendmsg$NFQNL_MSG_VERDICT(0xffffffffffffffff, &(0x7f0000000800)={&(0x7f0000000440), 0xc, &(0x7f00000007c0)={&(0x7f0000000480)={0x320, 0x1, 0x3, 0x500, 0x0, 0x0, {0xe5d2832d0b09c0d0, 0x0, 0x9}, [@NFQA_EXP={0x124, 0xf, 0x0, 0x1, [@CTA_EXPECT_HELP_NAME={0x8, 0x6, 'RAS\x00'}, @CTA_EXPECT_NAT={0x50, 0xa, 0x0, 0x1, [@CTA_EXPECT_NAT_DIR={0x8}, @CTA_EXPECT_NAT_TUPLE={0x44, 0x2, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x3a}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @broadcast}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x0, 0x0}}}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @private=0xa010101}, {0x8, 0x2, @dev={0xac, 0x14, 0x14, 0x12}}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x3a}}]}]}, @CTA_EXPECT_HELP_NAME={0xa, 0x6, 'Q.931\x00'}, @CTA_EXPECT_NAT={0xa0, 0xa, 0x0, 0x1, [@CTA_EXPECT_NAT_DIR={0x8}, @CTA_EXPECT_NAT_TUPLE={0x18, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @initdev={0xac, 0x1e, 0x1, 0x0}}, {0x8, 0x2, @multicast2}}}]}, @CTA_EXPECT_NAT_DIR={0x8, 0x1, 0x1, 0x0, 0x1}, @CTA_EXPECT_NAT_TUPLE={0x6c, 0x2, 0x0, 0x1, [@CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x2}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x84}}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x4}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x6}}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x2}, @CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @mcast1}, {0x14, 0x4, @private1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x3a}}]}, @CTA_EXPECT_NAT_DIR={0x8}]}, @CTA_EXPECT_HELP_NAME={0x9, 0x6, 'syz1\x00'}, @CTA_EXPECT_ZONE={0x6, 0x7, 0x1, 0x0, 0x1}, @CTA_EXPECT_FN={0x8, 0xb, 'sip\x00'}]}, @NFQA_VERDICT_HDR={0xc, 0x2, {0xfffffffffffffffd, 0xfffffff8}}, @NFQA_MARK={0x8, 0x3, 0x1, 0x0, 0x7f}, @NFQA_PAYLOAD={0xe6, 0xa, "4d263d7fd51fd979fcc4c91fd79221bb3a70a6f656f2571d9b107f4ec9680c1095b57523427c77d6988d770af41d746a8e183bf5376ae0ca956a5e7936013173c16ec7d950bc373748673166e430b6adef04956b5719a69106464d8ba69f4575f85a57f29ebb7a647e36b47d326ec5f428274f5161064045a016d0f251e9fdd4dc0d55d737e6b5f49e50e7129ed086c139137486e275f6e1ac9cfde71f5d337f3fdae650fb9b6b4b83dc8aa66be00ed7b28a95cafd511fba1a44654260229d93f87727aa481cc924536af1ec59beeecc5c5c1403213a9c3f052db5f201e78f8587f2"}, @NFQA_EXP={0x2c, 0xf, 0x0, 0x1, [@CTA_EXPECT_MASTER={0x20, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @dev={0xac, 0x14, 0x14, 0x30}}, {0x8, 0x2, @multicast2}}}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x1}]}, @CTA_EXPECT_TIMEOUT={0x8, 0x4, 0x1, 0x0, 0x7fff}]}, @NFQA_VERDICT_HDR={0xc, 0x2, {0xfffffffffffffffe, 0x1f}}, @NFQA_PAYLOAD={0xb4, 0xa, "d66952acb7f4b47095ed2a497b1c33f957d88b8531db20b962aec0a7a797cb65e3138e66f6a30257ecc0df5bd656b0bc37e5bf9939cddc172721d7123fe0aa0bb9c8188b1f05c62767ad2e088f87173f00d7f852d16e4ee85904e0f1505f76fe0455897c34208aa343ea55d95f53cb1f41593dde0ed008ed802a579e05c3394f40fd47f7a0a15fea5281b913a98c1415663c85cdb4b382878c96729bdba599041f097f8952718d54c3e2f6d179dfcd88"}]}, 0x320}, 0x1, 0x0, 0x0, 0x80}, 0x4) clock_gettime(0x0, &(0x7f0000000100)={0x0, 0x0}) ioctl$VIDIOC_PREPARE_BUF(r5, 0xc058565d, &(0x7f0000000180)={0x5, 0x8, 0x4, 0x1000000, 0x8, {r6, r7/1000+10000}, {0x5, 0x8, 0x9, 0x7, 0xff, 0x5, "8d578d29"}, 0xffff, 0x4, @fd, 0xc9d, 0x0, 0xffffffffffffffff}) ioctl$KVM_GET_VCPU_EVENTS(r8, 0x8040ae9f, &(0x7f00000003c0)) perf_event_open(&(0x7f0000000200)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r3, 0x0) r9 = perf_event_open(&(0x7f0000000000)={0x2, 0x70, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r3, 0x0) r10 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') dup3(r10, r9, 0x0) ioctl$KVM_SET_MSRS(r10, 0xc008ae88, &(0x7f0000000280)=ANY=[@ANYBLOB="01000000000000008d0b00000000000097600000000000000c06a3092d8a65e40667865f82e7e21bcb455586d303b8479dc296f2244151ff0c420a986b7135b4eac252df168ad62b5ad17933755dacad4e30c69382f3ff23694d764484080d48a6b0a7366db259da1ab1074d7b67f56ddb49172836a8e34229217c61247022ced7188cb61dc7ef3f004c4b74e687b948cf76a5e7cc5110b94e48e06c3519116d9c8c76a73dd0ba5d4a53417dab975c6a041f33570d9e604c7c9e26a01ae623ea9211be4099ef3704dff8351233b0dc8c5455c4a1437d1bcf08cf5fb90aea45f7f87b7f85713b0aa6a9f155888619410f0dd2947ead0683a9cd937e9137b79121e4b7ad60394d38983be123502ce432e2102f8c"]) 16:48:32 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2, 0x6000}}}, 0xf8}}, 0x0) [ 623.807181][T15890] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'. 16:48:32 executing program 5: open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) write$P9_ROPEN(r0, &(0x7f0000000280)={0x18, 0x71, 0x0, {{}, 0x406}}, 0x18) 16:48:32 executing program 2: openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r3 = fcntl$dupfd(r2, 0x0, r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r5 = fcntl$dupfd(r4, 0x0, r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r7 = fcntl$dupfd(r6, 0x0, r6) ioctl$PERF_EVENT_IOC_ENABLE(r7, 0x8912, 0x400200) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r9 = fcntl$dupfd(r8, 0x0, r8) ioctl$PERF_EVENT_IOC_ENABLE(r9, 0x8912, 0x400200) r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0) r11 = ioctl$KVM_CREATE_VCPU(r10, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r11, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r11, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x483}]}) 16:48:32 executing program 4: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000440)='ethtool\x00') sendmsg$ETHTOOL_MSG_STRSET_GET(r2, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000740)={&(0x7f0000000000)={0xbc, r3, 0x703, 0x0, 0x3, {}, [@ETHTOOL_A_STRSET_STRINGSETS={0x98, 0x2, 0x0, 0x1, [{0x34, 0x1, 0x0, 0x1, [@ETHTOOL_A_STRINGSET_ID={0x8}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x7}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x6}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x8}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x5}, @ETHTOOL_A_STRINGSET_ID={0x8}]}, {0x34, 0x1, 0x0, 0x1, [@ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x8}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x1}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x7}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x7}, @ETHTOOL_A_STRINGSET_ID={0x8}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x2}]}, {0x2c, 0x1, 0x0, 0x1, [@ETHTOOL_A_STRINGSET_ID={0x8}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x8}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x6}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x4}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x4}]}]}, @ETHTOOL_A_STRSET_STRINGSETS={0x10, 0x2, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x3}]}]}]}, 0xbc}}, 0x0) 16:48:32 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x481}]}) [ 623.907105][ T7238] minix_free_inode: bit 1 already cleared 16:48:32 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2, 0xfc02}}}, 0xf8}}, 0x0) 16:48:32 executing program 2: openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r3, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r3, 0xc008ae88, &(0x7f0000000180)=ANY=[@ANYBLOB="010000000000000083040000000000000000000000003ddade10b8b031347945cf016f1f4ad20d551c5b212c8e3a3dec160432cb651246967ebac85faf82e67d2ef71a9da4894c3e30dbb43aada9b24042f56d9b42eeaf9dd34cade7450c6f4609e4332d7a7af6ca6781781b52d6726e079bbc34d6bceb0343baaac5f63474a5372130000efeff8202b2213bcea68da0b6f80cd7c1fc54fcee8d8c0114c5f20b5c2bd05546677437012e8ae21f4c14ecda7b7783416b7c533c155dcd7a8b80bc1dd16dfe61613ce5d1d230d9418a78bcdf28bba5367745d035670c2fba3a4a70fa9b3eb3fc4e05beaca7eb44d8a6c8c30897b0ecf3891ef84142a71fdc80a6bd021f4459beb63258ed1d7697e38fa334967d7908a4bce5d87af9da5a7e"]) 16:48:32 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r2 = fcntl$dupfd(r1, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$VIDIOC_QBUF(r2, 0xc058560f, &(0x7f0000000180)={0x1, 0x4, 0x4, 0x40000000, 0x2, {}, {0x1, 0x8, 0x0, 0x9, 0x4, 0x4c, "197dc626"}, 0x1, 0x1, @planes=&(0x7f0000000040)={0x5, 0xffffffe1, @fd, 0x6e96}, 0x9, 0x0, r0}) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r5, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) munlockall() socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r7 = fcntl$dupfd(r6, 0x0, r6) ioctl$PERF_EVENT_IOC_ENABLE(r7, 0x8912, 0x400200) ioctl$KVM_SET_MSRS(r7, 0xc008ae88, &(0x7f0000000100)=ANY=[@ANYBLOB="0100000000000000060600000000000001000000000000009481a0b3ed01c5760c3e9f5938a31e98b0d20c402473b72729cf5959cbc5d71aaebff1e210eeb948e42c94b4071d3b3944ca8f655e18db7eab7c05a43897965bdba314341bf235132e47b96c249ad9a28949a3dd6b03eb"]) openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vhost-vsock\x00', 0x2, 0x0) [ 624.098818][T15929] MINIX-fs: mounting unchecked file system, running fsck is recommended 16:48:32 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = fcntl$dupfd(r1, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) r4 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_EVENTS(r4, 0x84, 0xb, &(0x7f0000000040)={0x0, 0x3}, 0xe) shutdown(r4, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r4, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x10, &(0x7f00000002c0)=[@in={0x2, 0x0, @local}]}, &(0x7f0000000180)=0x10) r5 = socket$inet(0x2, 0x80001, 0x84) getsockopt$inet_sctp_SCTP_MAX_BURST(r5, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={0x0}, &(0x7f0000000040)=0x8) setsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r4, 0x84, 0x79, &(0x7f00000000c0)={r6}, 0x8) setsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r3, 0x84, 0x22, &(0x7f0000000140)={0x20, 0xfcdea811f48ef14, 0x6, 0x4, r6}, 0x10) openat$vcsa(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vcsa\x00', 0x260000, 0x0) r7 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x3000000, 0x20010, r2, 0xdbcda000) ioctl$KVM_SET_CPUID(r8, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r8, 0xc008ae88, &(0x7f0000000040)=ANY=[@ANYBLOB="ff7f00000000000078da6f93bbdbdbeb0000000000000000"]) set_mempolicy(0x1, &(0x7f0000000100)=0x5, 0x48c) 16:48:32 executing program 4: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000440)='ethtool\x00') sendmsg$ETHTOOL_MSG_STRSET_GET(r2, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000740)={&(0x7f00000000c0)={0x28, r3, 0x703, 0x0, 0x0, {}, [@ETHTOOL_A_STRSET_HEADER={0x4}, @ETHTOOL_A_STRSET_STRINGSETS={0x10, 0x2, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x3}]}]}]}, 0x28}}, 0x0) ioctl$VIDIOC_G_EXT_CTRLS(r1, 0xc0205647, &(0x7f0000000080)={0x9a0000, 0x9, 0xfffffffc, 0xffffffffffffffff, 0x0, &(0x7f0000000040)={0x990a7b, 0x9c4c, [], @p_u8=&(0x7f0000000000)=0x9}}) fsconfig$FSCONFIG_SET_BINARY(r4, 0x2, &(0x7f0000000100)='ethtool\x00', &(0x7f0000000140)="aedb090c4ce58c29def6688275f85083a41191aa1907ba9b9ef94f3ed3f6efb4097c21dba5682237e3737b45329e7a688b82dcfacce9d4f95c7632280efad0971a1f566095a000018a40d616b2d7b74fd9fbad1d895fee82a1db4856b861ee9180d4ed55d234315e9ef5d87a29cd323e357e", 0x72) [ 624.153221][T15929] attempt to access beyond end of device [ 624.164257][T15929] loop5: rw=2049, want=6434, limit=52 16:48:32 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x481}]}) 16:48:32 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2, 0x34000}}}, 0xf8}}, 0x0) [ 624.213521][T15938] attempt to access beyond end of device [ 624.250234][T15938] loop5: rw=0, want=6434, limit=52 16:48:32 executing program 5: open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) write$P9_ROPEN(r0, &(0x7f0000000280)={0x18, 0x71, 0x0, {{}, 0x500}}, 0x18) 16:48:32 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x481}]}) 16:48:33 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2, 0x400300}}}, 0xf8}}, 0x0) 16:48:33 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x80000, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f0000000240)=ANY=[@ANYBLOB="0300000006e4ff7e00060000e3b3dc69cfce0819ee0000010000000000000000000000ef99d8dd3965ff27eaf27210ecb642e8729b0dd480a5b5859744c28b1da407f3350552eddaf77ce05aed3a37c56a218b4d1e9edde9f924f277cb641abfba88c1aabcd9f7de0d0d41c2871ce532b16eed2c2b8c7a5c0cd2a60d0bbccc427a6ddfdaa42825673702fedc17131c3c5bd27790be2704003cc22b261b06fc4deffa8ffcee7ee808cca7f73d1ec79a7781675d1e84fd5d179d4cc968d48405f1b73a6bb2886d54d8e6eb075baaa2906189474912fc9d1c86a8ea2945d0e2c3dac4f53f82f81b884e1ee49471fb6e1360aad6e66b210dc38c87184a777090fa80f75ac1797963f6123092f49452333d938000f97b07aae11a99a20e11069f05a777b9d1cada0746ae6bf7b9251ea26e78eb6746edaecfbefd6e73dc6867228b619e5a2ab324d243df9d6c9d55894226f3a656957d6994b5844bd65aae78bae515"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x482}]}) [ 624.355017][ T7238] minix_free_inode: bit 1 already cleared 16:48:33 executing program 4: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$nl_generic(0x10, 0x3, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r4 = fcntl$dupfd(r3, 0x0, r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) r5 = pidfd_getfd(0xffffffffffffffff, r4, 0x0) r6 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r6, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}, 0x13f}}, 0x20) write$RDMA_USER_CM_CMD_BIND(r4, &(0x7f00000000c0)={0x14, 0x88, 0xfa00, {r7, 0x10, 0x0, @in6={0xa, 0x4e23, 0xfffffffd, @remote, 0x1f}}}, 0x90) write$RDMA_USER_CM_CMD_QUERY(r6, &(0x7f0000000640)={0x13, 0x10, 0xfa00, {0x0, r7, 0x2}}, 0x18) write$RDMA_USER_CM_CMD_JOIN_IP_MCAST(r5, &(0x7f0000000040)={0x10, 0x30, 0xfa00, {&(0x7f0000000000), 0x3, {0xa, 0x4e24, 0xfffff800, @private0, 0x1}, r7}}, 0x38) r8 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000440)='ethtool\x00') sendmsg$ETHTOOL_MSG_STRSET_GET(r2, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000740)={&(0x7f00000000c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r8, @ANYBLOB="03070000e900000000000100000004089e01000300"/34], 0x28}}, 0x0) 16:48:33 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = perf_event_open(&(0x7f000001d000)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={0x0, 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r4 = perf_event_open(&(0x7f000001d000)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={0x0, 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000200)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r4, 0x0) perf_event_open(&(0x7f0000000000)={0x2, 0x70, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r4, 0x0) perf_event_open(&(0x7f0000000200)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x20}, 0x0, 0xa, r4, 0x0) r5 = perf_event_open(&(0x7f0000000000)={0x2, 0x70, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r3, 0x0) r6 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') dup3(r6, r5, 0x0) r7 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$sock_cred(r7, 0x1, 0x11, &(0x7f0000000240)={0x0, 0x0}, &(0x7f0000000280)=0x5) setreuid(0x0, r8) syz_mount_image$xfs(&(0x7f0000000180)='xfs\x00', &(0x7f00000001c0)='./file0\x00', 0x6, 0x4, &(0x7f0000000500)=[{&(0x7f0000000280)="3bec9d0c92d085c62f9fdff04d9bda3bee2b0ae4db03b7378cda1de38fc33d52e2d9a638425565248c38e29e993915cc77b5a7c01427ef7bddf466c35539f2a42eac6106fcb6f8a20362dd667f76751dc3e064ed6bf68906f64950e7afe9870ab4180eabfbdd64b89e", 0x69, 0x7ff}, {&(0x7f0000000700)="41664faec50dd941bcc942b0c9c572b01c6b49b1f2426f10b2fbacd38a66c8a4ede926f83a85c3e4cf0b388debc16c0adc941ac977d64d916eeea3bb4429ff21b4912a5c6c44902ee10673c99681a9a8e738975dfc4b52f43b99a7cfbe676e9f7fb06d4428a572056deb5649d36dea385d0bb7c713f90500000000000000c075dd30f64d6a82045b5d19099614da855f65b827b38d0a7f95caffcab8dea9d081e95a336fc1bd557919c858d846132b79405925a3004171b762fec3943e1978e2ee94dbb947e71c0d038f90c86515781f643b80287ccfb062082e1f363fae671b5358aa9318e84d4db24048505d7ad20550dcb3d6dcda27b7588d8ac9ed26294db5cc7158", 0x104, 0xffffffffffffffff}, {&(0x7f0000000400)="816c1584695bf62184810a3a06dac15ea04c065fd8b6ceb82e72d13106f70ec7a84052275df773b6463538913eb9913de0954ddd6daf6a4e3e59f2fe76e6fd5bbfee552868fc975732f0612c7e0c66c64d9b0510b2bcddb776387b597977f7af1f54683e1ce775347c1d3d554857f7c7de3353eadddacbd06997dbcb0f7174da62d840649273829c318edfd0ada970d962ec0aaaec52fff2", 0x98, 0x80}, {&(0x7f00000004c0)="d6451fc57b2c3a043501f53c171e2278bc4113766548760f055ce437e17a006b3fd335b1539571f2229b6d51978bbc20b31969d527790d", 0x37, 0x3}], 0x200000, &(0x7f0000000300)={[{@usrquota='usrquota'}, {@barrier='barrier'}, {@norecovery='norecovery'}, {@noattr2='noattr2'}, {@discard='discard'}, {@gqnoenforce='gqnoenforce'}, {@gquota='gquota'}, {@prjquota='prjquota'}, {@nogrpid='nogrpid'}], [{@obj_user={'obj_user'}}, {@smackfshat={'smackfshat', 0x3d, 'obj_user'}}, {@fowner_eq={'fowner', 0x3d, r8}}]}) bpf$OBJ_PIN_PROG(0x6, &(0x7f0000000100)={&(0x7f0000000000)='./file0\x00', r6}, 0x10) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x483}]}) 16:48:33 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2, 0x1000000}}}, 0xf8}}, 0x0) 16:48:33 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x481}]}) 16:48:33 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2, 0x2000000}}}, 0xf8}}, 0x0) [ 624.525608][T15984] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.4'. [ 624.549019][ T27] kauditd_printk_skb: 10 callbacks suppressed [ 624.549027][ T27] audit: type=1800 audit(1591289313.160:1291): pid=15996 uid=0 auid=0 ses=4 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.5" name="file0" dev="sda1" ino=16292 res=0 16:48:33 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = open$dir(&(0x7f0000000100)='./file0\x00', 0x80, 0x110) symlinkat(&(0x7f0000000000)='./file0\x00', r3, &(0x7f0000000140)='./file0\x00') ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x482}]}) [ 624.594589][T15996] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 624.605507][T15998] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.4'. 16:48:33 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x481}]}) [ 624.645504][T15996] attempt to access beyond end of device [ 624.649900][T16004] xfs: Unknown parameter 'barrier' [ 624.685998][T15996] loop5: rw=2049, want=6434, limit=52 16:48:33 executing program 4: r0 = perf_event_open(&(0x7f000001d000)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={0x0, 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000200)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0) r1 = perf_event_open(&(0x7f0000000000)={0x2, 0x70, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r0, 0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') r3 = dup3(r2, r1, 0x0) recvmsg$can_bcm(r3, &(0x7f0000000700)={&(0x7f0000000300)=@alg, 0x80, &(0x7f0000000840)=[{&(0x7f0000001200)=""/4096, 0x1000}, {&(0x7f0000000380)=""/47, 0x2f}, {&(0x7f00000003c0)=""/124, 0x7c}, {&(0x7f0000000480)=""/120, 0x78}, {&(0x7f0000000500)=""/116, 0x74}, {&(0x7f0000000580)=""/89, 0x59}, {&(0x7f0000000600)=""/226, 0xe2}, {&(0x7f00000007c0)=""/127, 0x7f}], 0x8, &(0x7f0000002200)=""/4096, 0x1000}, 0x21) getpeername$netrom(r2, &(0x7f0000000040)={{}, [@netrom, @netrom, @rose, @null, @default, @default, @null]}, &(0x7f0000000100)=0x48) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r5 = fcntl$dupfd(r4, 0x0, r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) r6 = socket$nl_generic(0x10, 0x3, 0x10) r7 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000440)='ethtool\x00') sendmsg$ETHTOOL_MSG_STRSET_GET(r6, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000740)={&(0x7f00000000c0)={0x28, r7, 0x703, 0x0, 0x0, {}, [@ETHTOOL_A_STRSET_HEADER={0x4}, @ETHTOOL_A_STRSET_STRINGSETS={0x10, 0x2, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x3}]}]}]}, 0x28}}, 0x0) ioctl$UFFDIO_COPY(r5, 0xc028aa03, &(0x7f0000000000)={&(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, 0x4000, 0x1}) r8 = socket$nl_generic(0x10, 0x3, 0x10) r9 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000140)='l2tp\x00') sendmsg$L2TP_CMD_TUNNEL_CREATE(r8, &(0x7f0000000240)={0x0, 0xffffffff, &(0x7f0000000200)={&(0x7f0000001180)={0x5c, r9, 0x917, 0x0, 0x0, {}, [@L2TP_ATTR_PROTO_VERSION={0x5}, @L2TP_ATTR_CONN_ID={0x8}, @L2TP_ATTR_IP6_DADDR={0x14, 0x20, @mcast2={0xfc}}, @L2TP_ATTR_PEER_CONN_ID={0x8}, @L2TP_ATTR_ENCAP_TYPE={0x6, 0x2, 0x1}, @L2TP_ATTR_IP6_SADDR={0x14, 0x1f, @empty}]}, 0x5c}}, 0x0) sendmsg$L2TP_CMD_SESSION_DELETE(r3, &(0x7f00000002c0)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000280)={&(0x7f00000001c0)={0x1c, r9, 0x100, 0x70bd2b, 0x25dfdbff, {}, [@L2TP_ATTR_PROTO_VERSION={0x5, 0x7, 0x3}]}, 0x1c}, 0x1, 0x0, 0x0, 0x20801}, 0x40004) [ 624.731688][T16014] attempt to access beyond end of device [ 624.807520][T16014] loop5: rw=0, want=6434, limit=52 [ 624.837802][ T27] audit: type=1800 audit(1591289313.450:1292): pid=16014 uid=0 auid=0 ses=4 subj=_ op=collect_data cause=failed comm="syz-executor.5" name="/" dev="loop5" ino=1 res=0 16:48:33 executing program 5: open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) write$P9_ROPEN(r0, &(0x7f0000000280)={0x18, 0x71, 0x0, {{}, 0x600}}, 0x18) 16:48:33 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2, 0x3000000}}}, 0xf8}}, 0x0) 16:48:33 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = perf_event_open(&(0x7f000001d000)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={0x0, 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000200)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r1, 0x0) r2 = perf_event_open(&(0x7f0000000000)={0x2, 0x70, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r1, 0x0) r3 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') dup3(r3, r2, 0x0) sendmsg$nl_netfilter(r3, &(0x7f00000012c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000001280)={&(0x7f0000000100)={0x1174, 0xd, 0x2, 0x201, 0x70bd2c, 0x25dfdbfb, {0x2, 0x0, 0x8}, [@generic="7335c417253d2665a7717f4a7d074cd8d185c259f1aaed88effe072a2dcaaedad3b687607352893dbeef0ecbcd95a993e771855bc8ea7ddcbaf850b87ad7296d907351fd423fa92b59596214444b6e0c4ed3dda7c59ae9d005935a655789f92d66e6236d9fbb7ba02f0c5ef6fbfa9f42", @nested={0x1023, 0x75, 0x0, 0x1, [@generic="701b626f8d8e8ea7cf76aadcf2b9389cabb563", @typed={0x8, 0x35, 0x0, 0x0, @u32=0x1}, @typed={0x1004, 0x1f, 0x0, 0x0, @binary="6eb4d1942c216045c0fd63e98db0e47a1af316e74d813abfa7e772ccf6a9b05be4660d1d044e3fb0d6e9c22d1568a0e7189f273d365c222cfbed83b8469243ac86ee45f309cee96c1f0af2c700d6198c214c18ccdf2943e917b9b760ce7a8f0730aa44020fa9a0563c2a8609cb1a18bc9f3eafb790892973a1349af346940cac6ff8dacb4eeb923eb1b7ed12f3a2bfea1e58c59528c61a9955cf05ee9140c145606a634fbde5aae9f55aed3eb1e4ad6a465503e0bf01231cae9239d1f5d205c10da0f7eea71c9365f12d4ba27755712172dfa7b5b811e63bf23c46a0f952226ccdbd87e20aad1328a7ed8ae8d0377a9d6e557922bfad3eb5389a46862a0e4a4d979cec799d77fa9349d6834744906a9e11830f0286b5a2ff4e0cd2241a2bb24f36556b8b0dc063baaba42e774ecb48166772dc7b969f0be310e12b556a9d3fbc8059c432e169ad7131187d61363fd8de648ffb4ea74caab1f62ec70df97622d3a7bf97138b924d9a0497d609c40bdf28781ff2083968a4ca703d0641ee61becb6cba0af5d1e3b344abc24f63b665cf9d97ccc531317764e1d87436977e3a754c9f50cd3090daf24f1602df89e7db4131b9962f7b74fa0b0f9066da37bcb930863ccc175cd169eeab0cad9a64febf80e094c3285861f9a6d023e03c166f0dfe0508e364037da28fc3f5eb8dff1bd07c90fc400e85244a563f8101509e2d1ba586ec423320e75a960fbbccf4abddb30877b47ec05a1959f29bc3553479433e30ac391e7391867dd881312b74e474cf3f226b99c5f81a9b683230568121318668f3cccb1345c5c678e78e774769c35216df026b505bfe90788d242c77a8a9b31146933624277007926bae5a1754bedef03dc6bda7e594c552f5827664cdb37567c38e863df75778187bb3336b1ba98f48d76a94f84152f40faf322e7b95f6fa11568bddc0ceff1be484ecca3c366e97c79799b81cac59d4c40909cd63ad0376e372dcfe983f241451483a176fa552d575cfc4eb84a8e6fbdd90e0a6a0e0f80b6bf0d86f8f7743f438578811f32fb92ff71d5dcd798cca983be492fada1e3fdc16ddfb608fcb6ace334b996e400182da85ecdbf022f2220b7645a1f59ee97ee3751518ac6c6776acbee3c90ef8acceb55fa28be1d32ba26db8cbbe77cc6d37973c0ce0f37bcfa52dc31020ba3f5258ac24d64945eed3f3047cb181d5fd71780da0ad7beee4eed2f823c164a774bb39135223caa239aadd1206e177817e317f702d27933149b4a5f880fd99b1eeb299fb8bce356b01d397625c285cdf88d6b9e94bc8302fc7d9aa006640c7af90b1d4ced976e6872c671baacddbb3b3d836ac916a6e5630cba83ea76ec8a0e0d727b9e29e5b91ce07d2a7c9dfc28640585e0710a0e28acfe1568b9a4088532f0a5745c8a903bc9da1c1eea8d510ccbea971692e7c966d2afe0a67bce752e77183c1fa810ed0732adb04c576dec4b274a6fcbbb361c1b8f34cf45c10b782f23b599ca8ffc40ad94004cd611c7de2c4052568b9cdba6786f0e451ce3231aeb74b77e83eb327384cee78a019fc6c451170586c6dfe3210187c66d52d8a13387d7681db258185552b3c48fe47c594e6169821b7fa69c08b413d34c028b694370ceb65f301be9399c0582a634f0e2ab0541ad3203801ef589a49b1c79a0f4aeb9fa3484b29cfc84e34818bc569228e8a6d3f583965e6156cac0aaf9c6ead167b35ca0896149cce312cfd15606d909cf13f04ad8a9c20a62de2cec65f4bbf4493f5f15c02ed4fe80b768210344a9a4972b7cec50052571e35e17c6ca1ddd32dc2db08f4180930c6154f8ad758de2cc6f01f4b1f8737ddf3eace0c6aff1817bf18db211af8d1308325ad3d9b33ef39a09829931b51a814ef9c7969b748c1997405f3b734de97b0ea1735ff7daee90a16c3a8916ab6c455912399dcb9e36f4d4806b45272db47f3eb0e003b6f88e1a4cfb52d1b5fffbf9a979d0298a3bfab05a85df40f45f06c5a0c4b6c1569d72de18152afd9589c8b3dcb738d3c27d091131e4b6b936c2ccc5cd7399e881da4cb17c0cbc09d15c159ca7d443d196f5ebd8ce3f232e1fb924cb709df0fe5b58caf758e8dfcb4fc870642c3626376b1bb58ee8e35a22db7468628efdc98e4a25dc2a8e8a0727ec715eb3918183a3d5cbb34b0db112247809acf2bcd04bc0ee4884caaaee076b33ea1a9739e1c461a3215ff4df467d0f672d969d63985b9d5de11c8f8d945593480210972120df58e9326cd2fc2f4c734ea61195118ab3a1b2aa6f197aa40c39c299e0d144758423309e56bd15cfd352c536438d325044d74e07f5a4d11fa7a5a4f2d8fa8b5a4014d2fcb999927c2f087b808ff83a471dd076505dc28e86c621977ffbd27c1923c516637095e8f399e27c29750b276176105dc41ccfe5930bcc4ffda2bff6defb5045e4b2edf503e4242793b43de1fa9808617b6235273fa8b5498f5fc0c424b1d43a5dd4244ad9b7862a8fe4699db84ba8dda00c9839fe250754eef477580892549ab3d6c0c938844bbcaf0e5b3874c99c502c5ddc23b48507a81e580e498790f6cab52366225e4ab7e4a533e78a4cb195c7ba0a69b3e346c7e810ffa0f031b547f352ad10d8ccf36b5366d70f17d898f05c2ddc116a279c28d343db83887f928a7bc08791e5a8649b8b532ced32997e2198be81131c27c4855b38a412bbef311b874f9971966ed1c9553215e12ce63e19c811e053a3151550cd8611dee201eda954f279e502ddb2497f80fb0a83ff792b9004f411f2237ca08dd87ece1d60ff41be94c8f14040d822ea046ce160d6d2a258d3feffd947e59a14138d6da7c22412445c2bccbaf680ad045054f0858af60861ad3bec4975c75d1fe333b110c69c1e25d6b14e7cf0a75bda21a4b1faf1e1242ed77542dd85425597c23ba63f7c4660824c052c1b46e294b0dcd9c8ac3a85fc4f85ac8c5f02299a806509502da0741cb17d38e34d0e16223c50838e9eb9bfff6ddf7d2b9adfe4dfdcb21a6890ab8c6ebc0f68e9d27c4c143270369853c43070c2f08b227fed03a87595ea66df06fb1142f8a3505989373bb2e1c607bb078c9efca3cf1705ebf219cb65d93711fc3f174c24e4ec72ef885406df2b2359a5a39053b40bf4990f1784d350523f800812b9c9e6c219d1d58641d6c165a11e62383d49b4499a00f7f68d15c2fee84bb0ebb5af026d817bf850512aa41bc7b4b5929a72921eba438128281d0022d119a9500c6bd23324dfd358337694ee6b2296e6e9e2329696d178bcf7497cd19b80f6423708d1c56a56b1a969f95c002da0c774b7dbf4712c6bc3fc3c24009dadfd5e1eb05a23b9f7561688441a64dea718695951bcbe1562e162056b0120d7eb97311e5ab3449036642f1ba18eeb1d52ed6a47ec9b19eb9c9e5783f4228a7e701ff4bafb25f666ad80ca94f84db97d74b3909cc2cb5d526733a0511f4cb282c649605f7fe1a9b497e4095755809274e11faafc8b4528465f041f186ba7d262a3a2fc302f60db45e1acfdaa92d8004d94c8fe39bb784b09de31966ad17a8ae411905f7dcf8cd325d008e2b14bbf2bb41bce79caa3c78f56109681591de73c82fdc9926ee78cfc77219805ca97a9080ab6c092c4e0116fe435585c83d61bf5530bcc11e8958eab23e6e7a9aba6fbb66e327263a89b1b07d19eb23c5bcd8d76b9a7efc4e9c90407b13c22ec61008c89011338f356706d8610036d2d73a8374e25ff6da4777f287e0c926398cddf9cb5e2c2dd88554d3228977dbba674b373ca814ccf23cada28a04606d380fc34c10c532aba95f10a80d272b5afba55155d47099b2537ad4e3004409f6549c28d7fc041218ff96fcd4f6ec55f77c8d924079b0b059cac19b89abe0218db50334adbde6ac677d37d031fec0dc5deb0961038c2672c9bc41f8ca42b9b636768c22dc340929f291cfe7a635bfa3bcbfafc8cb18862c6080d9116d8bc7bd8f02ee55ffd126fdca36d32b29b98f11020af9a9df80b378abee34c8ed6d379c60ade9e6aa78196716e045f2259c84534eeee26b169eaaea9f35e2947ad88894d97028d7671993e6e6d825f5c5b22b204bd4b048e00bf5a2abc890fb242a0baffe6b550ea4d25b94886549e69a1cf04de1b1080175c6e5173b92fcf5e1ef792ee3f65106e0f73e8220443eb96ce99dca1cadfbd20456eba4078d9564b2e4ac9c8cc37fe6f8a2bfe12047e896a0c557722017ab4c3ae47abd8529e541301ef95297e936a580f24fde87fe488a4c2764aa0705f5455c55a5e8abb32dea2f976999e8073a8e3d9b6472abd3896ead9f682df03b8881ed05606dc0f888ce01417f3ee3513407d1f26797270f488d63f2f0b8fe8089a8d325fc602d8e38ca39de18a9e0dcb4262ae45900088f89eb4d9e0b1ab6c75b018e59b9336d0dbc3dc057fa84e17a039e5ed1df67d13be01e0d703992fdee01074b2f49707f0cc79ec58d2444a0a77e2ad860b662abd8179111236d6034c6a9b7cdfa021756a6efa1d04d5b5fc87b6b77bcdba90c3e751bada55f096451a8b22ade4b91bd7f6fe1cffae8fc5ff8e3bd039b94671f333cf49c3c13e5e36e63fe025bda01b5bb68bfda1d818e7dabadf5a4179910a8960b7db864b996d50dff346de229061cd1c3abeb155088d2e216c84256218751920ac3d6f856c3c4948d589063ad3417c526a76c6ef1a95e828c645f7ef217786d57f45dc4ed9776ba71e4758181a3c161e8abd13844137d6e01b53665bad163de645e6ac8f9ba7594ea3eb8b3505723bd4987532d0754429043e938359783acc43cf4627380fbb6439142ceb7e4fe40e7aa4d4ea9d42dc995eb4401d8712c14a75337f058549e274e99515eab8cd96250dfa105ff49c0ce0e1ead542fe76118f79c99143e54a1a94dabe6821666c64841200996862ef4e2d47a80194372317795a565a68125084833a82b9d0e903613e8c33819c648c2e34ec472a3d5b76e8a1b054e5af70dce6f2eb3ae6b6afcb04b3a92015fa7dde779cb5e06146420ac27600f7d18d5b21aa47fdde9cd9842c68fde276f76baa4f34f8814745033228e555faebc4832c663ca762ed99f43f9b09da25298247cbe3f2f5ff1176567d0602abfaa73f7f99dee1a836347118c0ba27d170b4e8d023292a27ccf787b5318c303f646b734f39634447e19c5d73d960543a44d0bf6a4f2bedf08789814c01f7b25502f38b1409a8d2c4a1f931726d4d15aa2e01d71cf70fe7f0403c07b43048de1f1d9cbeea30a637796691f3bade91acf26b4da5a6c38d88223504a4453f6cd9884213f1607bfc1f1d1d681cb488de2b1845d442a34a669a8f0b2d304fec5f3e2ebff554a3d34a8f7aaf77c409dd7cec4310aa61fa7526d97eb9a2b6a461409eec1563fa7beb04139227e89e460f6de2c9641de7700d21113883de18462ff61f9cbd2c4ac899f8761b38717d02b35d84abd1e88d9c9c0430f776bd2f13854a146a81f0bfcdd12934d2e945ff98e6eec31ee6a968848816fd0314ca59e33145d3488dae246e4c5f6272fd55fdb29882f882a9eb326269cf5b6d1e27843c9540f729b99aacfe33c687950ecee1a9663e0dd0efb0170f55318fb2eff56f9d1f838afbe014ae66a89e6936943bb74cc9a274a2b782df9f5f74cf4ba7fa255d33096df0b1b174dda67ef1c13661e01295236b543d26fe9eb348957dd15d75a3d75a18905bc4d9c7fd2ceb84242107e91d82743c18d055493fd03b616574cac28fef0c660cb1ee57349fcba42d21c42d10d5d4a0fcbec"}]}, @generic="57926e74d1fbe8609d081a45bcb4dbf015991249bd04ec8af44c83d626252aec8799bff34f0c7880e7983072c325d63deee9a0dbd8aa7fb3dac58b5fab35a8c41a3b954d406c836b3a6326efae1a193ee0faa33b5cf7519debd8157f3ba42692feb7dd8e36e6e6e5ec89676be5aa81bc3d7af2b1c533bd278d236bc86a675156eaf68ea08881f3fb0de46e9b5e7511e20574754fbb0c8e4d19fd2b6362e2bf0f8c8f9e1e91e3ad208f2a3ccb0d7f56dfebd9743b2c1711bb3f9947f795ac7adf21a47787e57b83b0837861d3"]}, 0x1174}, 0x1, 0x0, 0x0, 0x200008d1}, 0x880) r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r5, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r5, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x483}]}) 16:48:33 executing program 0: openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r0, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r0, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x481}]}) 16:48:33 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) r3 = openat$ocfs2_control(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ocfs2_control\x00', 0x80103, 0x0) ioctl$RTC_EPOCH_READ(r3, 0x8008700d, &(0x7f0000000100)) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x482}]}) 16:48:33 executing program 4: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r1 = fcntl$dupfd(r0, 0x0, r0) r2 = perf_event_open(&(0x7f0000000000)={0x2, 0x70, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r3 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') dup3(r3, r2, 0x0) fanotify_mark(r3, 0x96, 0x40000013, r1, &(0x7f0000000180)='./file0\x00') ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r4 = perf_event_open(&(0x7f000001d000)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={0x0, 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000200)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r4, 0x0) r5 = perf_event_open(&(0x7f0000000000)={0x2, 0x70, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r4, 0x0) r6 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r8 = fcntl$dupfd(r7, 0x0, r7) ioctl$PERF_EVENT_IOC_ENABLE(r8, 0x8912, 0x400200) getsockopt$inet_sctp_SCTP_INITMSG(r8, 0x84, 0x2, &(0x7f0000000080), &(0x7f0000000100)=0x8) dup3(r6, r5, 0x0) ioctl$EVIOCGUNIQ(r6, 0x80404508, &(0x7f0000000000)=""/65) r9 = socket$nl_generic(0x10, 0x3, 0x10) r10 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000440)='ethtool\x00') sendmsg$ETHTOOL_MSG_STRSET_GET(r9, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000740)={&(0x7f0000000280)=ANY=[@ANYBLOB="28000202", @ANYRES16=r10, @ANYBLOB="0307f19d03a15700000001000000040001801000a2dbaffd0120051eab0173e6226ff60758018f540ce4c1fff00f0daeb83ee6715a060000000000000a3bef536ab506ddd923915db34b3bebeba7032d95cf6df0fa7916d17f0e884692fd261bd69221b5a90ced8e3e134f5698bce4bb4bb0efae19361e29047faaa2e3d77b62533cc4c0f5ab6d0a9e41d514867afe74f533300fd68ed98e9a3d6a2a04801b252eefd5ded4dcad4f53fedd95cb4fc04a4545a75a09e2c37a4ea8c66afde49816950afeef23800fd1002bf76612533e44449e5d6ab53c97c1582b341f3802613a77c0df9e9f0f9c3d236cb2539ec404670fc63a6ae922073920bb0274e5"], 0x28}}, 0x0) [ 624.918468][ T7238] minix_free_inode: bit 1 already cleared 16:48:33 executing program 0: openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r0, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r0, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x481}]}) 16:48:33 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2, 0x4000000}}}, 0xf8}}, 0x0) [ 625.027823][ T27] audit: type=1800 audit(1591289313.640:1293): pid=16051 uid=0 auid=0 ses=4 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.5" name="file0" dev="sda1" ino=16292 res=0 16:48:33 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYRES16=r0]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000100)={0x6, 0x0, [{0x8b6}, {0x9eb, 0x0, 0x200000}, {0x3a5, 0x0, 0xd38}, {0x2c4, 0x0, 0x52}, {0x818, 0x0, 0xffffffffffffff66}, {0xa2e, 0x0, 0x1}]}) [ 625.088044][T16055] MINIX-fs: mounting unchecked file system, running fsck is recommended 16:48:33 executing program 0: openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r0, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r0, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x481}]}) 16:48:33 executing program 2: r0 = openat$mice(0xffffffffffffff9c, &(0x7f0000000000)='/dev/input/mice\x00', 0x252880) ioctl$SNDRV_PCM_IOCTL_STATUS_EXT64(r0, 0xc0984124, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r3, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r5 = fcntl$dupfd(r4, 0x0, r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) write$P9_RLOPEN(r5, &(0x7f00000001c0)={0x18, 0xd, 0x2, {{0x10, 0x3, 0x7}, 0x8}}, 0x18) ioctl$KVM_SET_MSRS(r3, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x269, 0x0, 0x9}]}) 16:48:33 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2, 0x9000000}}}, 0xf8}}, 0x0) [ 625.156586][T16051] attempt to access beyond end of device [ 625.175704][T16051] loop5: rw=2049, want=6434, limit=52 [ 625.219617][T16055] attempt to access beyond end of device [ 625.225841][T16055] loop5: rw=0, want=6434, limit=52 [ 625.259470][ T27] audit: type=1800 audit(1591289313.870:1294): pid=16055 uid=0 auid=0 ses=4 subj=_ op=collect_data cause=failed comm="syz-executor.5" name="/" dev="loop5" ino=1 res=0 16:48:33 executing program 0: r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r1, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r1, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x481}]}) 16:48:33 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2, 0xa000000}}}, 0xf8}}, 0x0) 16:48:33 executing program 5: open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) write$P9_ROPEN(r0, &(0x7f0000000280)={0x18, 0x71, 0x0, {{}, 0x604}}, 0x18) 16:48:33 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000040)='/dev/qat_adf_ctl\x00', 0x2082, 0x0) r4 = fcntl$dupfd(r3, 0x0, r3) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r6 = fcntl$dupfd(r5, 0x0, r5) ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200) ioctl$EVIOCGKEYCODE(r6, 0x80084504, &(0x7f0000000100)=""/50) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$SNDRV_RAWMIDI_IOCTL_DRAIN(r4, 0x40045731, &(0x7f0000000000)=0x8001) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000200)=ANY=[@ANYBLOB="010000e22524fb008204000000000000000000000000000004e930834ff0e404023e4dfa3a1e7f75ad7d3227da1d50544ac455b8dad89ffcb643bf4b5cfacb1d57b468ab07ed5a1ce83faf0a55b79b5a20677054f5fdb7de0170bce2f9a52b1e98b9c19dd29bcda4d6afd9f38919da514d2676a9497c3b6fe2a36d8e0f05da1190a4bfd04c6c60506b34d89d60e9cf17"]) 16:48:34 executing program 4: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r1 = fcntl$dupfd(r0, 0x0, r0) r2 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rfkill\x00', 0x101, 0x0) prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000140)={&(0x7f0000ff3000/0xa000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ff3000/0x4000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ff2000/0x3000)=nil, &(0x7f0000ff6000/0x2000)=nil, &(0x7f0000000000)="fad704a8494ca9bbf013206ab0f3c3c6eb052c01a84337d801c6c3b3624d883bfd80836ca10c01486daee3a6a2880cf97dd0b1aaa2855c5f07c727883a6559156b2399008663a7507603fece7fd237c5a802a7fc89bbb3c211ac257304449fc0f44e74951e5d07f5bbc0edabb0d86138bec8fe8fffd87419ab3b8bfaabe073912992a8acdbfe50b6", 0x88, r2}, 0x68) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000440)='ethtool\x00') sendmsg$ETHTOOL_MSG_STRSET_GET(r3, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000740)={&(0x7f00000000c0)={0x28, r4, 0x10, 0x0, 0x0, {}, [@ETHTOOL_A_STRSET_HEADER={0x4}, @ETHTOOL_A_STRSET_STRINGSETS={0x10, 0x2, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x3}]}]}]}, 0x28}}, 0x0) [ 625.356290][ T7238] minix_free_inode: bit 1 already cleared 16:48:34 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f0000000000)=ANY=[@ANYBLOB="03000000000000ff00f4e6928ab5b59f57bbe4c2a7b74940000000000600007f00060000e3b3dc69cfce0819ee0000018a10630000000000"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x483}]}) 16:48:34 executing program 0: r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r1, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r1, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x481}]}) 16:48:34 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2, 0xf000000}}}, 0xf8}}, 0x0) 16:48:34 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_open_dev$dmmidi(&(0x7f0000000000)='/dev/dmmidi#\x00', 0x0, 0x8000) ioctl$EXT4_IOC_SWAP_BOOT(r2, 0x6611) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r3, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r3, 0xc008ae88, &(0x7f0000000180)=ANY=[@ANYBLOB="010000000000000082040000002000000000000000000000f59cae89ba10022be50dba5ba90099b9e5b8fbced6dfee14938457ec17dcd927d7c27b9c22a2bd64014f746ff123dc289dac3c10dfb0a08f0a34ded9382e74ccb724208944aeff77879062e06543666100528d30f36ed3c96752ee089395fad63f735452e3fb3cc0384ed4ed73586d8dc9827b0e617e7330f52f4c6949f4e6a15185e2336f16661618d6313f8a97a4794ccd49745c55ba443133bd1e2d289ee830227f2f3616704ff6ddd7025a7ba50b514e14b30f65e33b0af805f50d3d5d7d945aa476dd380a4396f67fd14b72928910910f68ce09699f4c300b062941d2d56d7334a44b709ea75397bc998ce14dc21caf2b0c54f9d6cea3f9b271fa4d85ba5509b44d6da41cf053"]) [ 625.470852][ T27] audit: type=1800 audit(1591289314.090:1295): pid=16113 uid=0 auid=0 ses=4 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.5" name="file0" dev="sda1" ino=15862 res=0 [ 625.521403][T16113] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 625.572740][T16113] attempt to access beyond end of device [ 625.598182][T16113] loop5: rw=2049, want=6434, limit=52 16:48:34 executing program 5: open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) write$P9_ROPEN(r0, &(0x7f0000000280)={0x18, 0x71, 0x0, {{}, 0x700}}, 0x18) [ 625.629671][T16119] attempt to access beyond end of device [ 625.635448][T16119] loop5: rw=0, want=6434, limit=52 [ 625.649284][ T27] audit: type=1800 audit(1591289314.270:1296): pid=16119 uid=0 auid=0 ses=4 subj=_ op=collect_data cause=failed comm="syz-executor.5" name="/" dev="loop5" ino=1 res=0 [ 625.709175][ T7238] minix_free_inode: bit 1 already cleared 16:48:34 executing program 0: r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r1, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r1, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x481}]}) 16:48:34 executing program 4: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = perf_event_open(&(0x7f000001d000)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={0x0, 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000200)={0x1, 0x70, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r2, 0x0) r3 = perf_event_open(&(0x7f000001d000)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={0x0, 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000200)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r3, 0x0) r4 = perf_event_open(&(0x7f0000000000)={0x2, 0x70, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r3, 0x0) r5 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') dup3(r5, r4, 0x0) fcntl$getownex(r5, 0x10, &(0x7f0000000080)={0x0, 0x0}) r7 = perf_event_open(&(0x7f0000000000)={0x2, 0x70, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x2}, r6, 0x0, r2, 0x0) r8 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') dup3(r8, r7, 0x0) ioctl$PERF_EVENT_IOC_QUERY_BPF(r7, 0xc008240a, &(0x7f0000000000)={0xa, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) r9 = socket$nl_generic(0x10, 0x3, 0x10) r10 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000440)='ethtool\x00') sendmsg$ETHTOOL_MSG_STRSET_GET(r9, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000740)={&(0x7f00000000c0)={0x28, r10, 0x8, 0x0, 0x0, {}, [@ETHTOOL_A_STRSET_COUNTS_ONLY={0x4}, @ETHTOOL_A_STRSET_STRINGSETS={0x10, 0x2, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x3}]}]}]}, 0x28}}, 0x0) [ 625.856029][ T27] audit: type=1800 audit(1591289314.470:1297): pid=16150 uid=0 auid=0 ses=4 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.5" name="file0" dev="sda1" ino=15755 res=0 16:48:34 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x482}]}) r3 = perf_event_open(&(0x7f000001d000)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={0x0, 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000200)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r3, 0x0) r4 = perf_event_open(&(0x7f0000000000)={0x2, 0x70, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r3, 0x0) r5 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') dup3(r5, r4, 0x0) ioctl$VIDIOC_EXPBUF(r5, 0xc0405610, &(0x7f0000000000)={0x3, 0x2, 0x4, 0x4000}) 16:48:34 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2, 0x3b040000}}}, 0xf8}}, 0x0) [ 625.905051][T16156] MINIX-fs: mounting unchecked file system, running fsck is recommended 16:48:34 executing program 2: openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = perf_event_open(&(0x7f000001d000)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x6, 0x6}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x500a4, 0x800}, 0x0, 0x0, r2, 0x0) r3 = perf_event_open(&(0x7f0000000000)={0x2, 0x70, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r2, 0x0) r4 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') dup3(r4, r3, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r6, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc33cfce0819ee5af9fe1baefdc3f9b4e6a9ac0000019cea268b5adeeeadedbff53c80022b58c0b13adcd883d154f1bc1a0d7fac546db352029e84d3f46a1985e65752c9df720b6386742de2d8b4d719da5001813e871dcec34801a65e6260d583522cd81d4070169d67716c240be830d055b6b966eaa3267510c45e41d7cd840347292057f8e9e167607c5349e8578ec1d994302854d83142b83302ec31801093f9152ccb79440bfc3c958a0792f5c72ee4f0527f33d9a82694eca34d354afab4ecf439ce7ed45fe29eaf47577db01a24e7a0afbc3da8c278a09f9cc963fa776a2fdb8a3b440000000000", @ANYRESHEX=r5]) ioctl$KVM_SET_MSRS(r6, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x483}]}) 16:48:34 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x481}]}) 16:48:34 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r2 = fcntl$dupfd(r1, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$TIOCMSET(r2, 0x5418, &(0x7f0000000100)=0x7) r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r4, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r4, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x482}]}) 16:48:34 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2, 0x60000000}}}, 0xf8}}, 0x0) 16:48:34 executing program 5: open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) write$P9_ROPEN(r0, &(0x7f0000000280)={0x18, 0x71, 0x0, {{}, 0x900}}, 0x18) 16:48:34 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x481}]}) [ 626.097568][ T7238] minix_free_inode: bit 1 already cleared 16:48:34 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2, 0x9effffff}}}, 0xf8}}, 0x0) 16:48:34 executing program 4: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$nl_generic(0x10, 0x3, 0x10) socket$inet6_sctp(0xa, 0x1, 0x84) r3 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000440)='ethtool\x00') r4 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/expire_nodest_conn\x00', 0x2, 0x0) r5 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000400)='IPVS\x00') sendmsg$IPVS_CMD_SET_CONFIG(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000000)={0x1c, r5, 0x1, 0x0, 0x0, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP={0x8}]}, 0x1c}}, 0x0) sendmsg$IPVS_CMD_DEL_DAEMON(r4, &(0x7f00000001c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000080)={&(0x7f0000000100)={0xa8, r5, 0x300, 0x70bd25, 0x25dfdbfe, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x81}, @IPVS_CMD_ATTR_DEST={0x48, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0x800}, @IPVS_DEST_ATTR_PERSIST_CONNS={0x8}, @IPVS_DEST_ATTR_TUN_FLAGS={0x6}, @IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x4}, @IPVS_DEST_ATTR_TUN_TYPE={0x5, 0xd, 0x1}, @IPVS_DEST_ATTR_TUN_FLAGS={0x6, 0xf, 0x4}, @IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv6=@remote}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x8}, @IPVS_CMD_ATTR_SERVICE={0x34, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'rr\x00'}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv6=@private2}, @IPVS_SVC_ATTR_PROTOCOL={0x6, 0x2, 0x4}]}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8}]}, 0xa8}, 0x1, 0x0, 0x0, 0x240040c0}, 0x20004000) sendmsg$ETHTOOL_MSG_STRSET_GET(r2, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000740)={&(0x7f00000000c0)={0x28, r3, 0x703, 0x0, 0x0, {}, [@ETHTOOL_A_STRSET_HEADER={0x4}, @ETHTOOL_A_STRSET_STRINGSETS={0x10, 0x2, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x3}]}]}]}, 0x28}}, 0x0) [ 626.193338][ T27] audit: type=1800 audit(1591289314.810:1298): pid=16195 uid=0 auid=0 ses=4 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.5" name="file0" dev="sda1" ino=15826 res=0 [ 626.236763][T16195] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 626.247635][T16195] attempt to access beyond end of device [ 626.254841][T16195] loop5: rw=2049, want=6434, limit=52 [ 626.260688][T16195] buffer_io_error: 12 callbacks suppressed [ 626.260697][T16195] Buffer I/O error on dev loop5, logical block 3216, lost async page write 16:48:34 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) r3 = socket$netlink(0x10, 0x3, 0x0) r4 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x2ba) sendmsg$nl_route(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32=r5, @ANYBLOB="fe000000000000001c0012000c000100626f6e64000000000c0002000800010004"], 0x3c}}, 0x0) r6 = socket$nl_route(0x10, 0x3, 0x0) r7 = socket$packet(0x11, 0x3, 0x300) getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff}) r10 = dup2(r9, r9) ioctl$PERF_EVENT_IOC_ENABLE(r10, 0x8912, 0x400200) sendmsg$nl_route(r6, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYBLOB="adc41bf57b2192b8263c0000001000050700e5daad84ef000000004e1f06abd1b4b9000000000000000000000046c62d69bbdf3af87b11ec1473b500f146bbbb45f5b495fc634c8922a517e329c7505c6c5bfe3faa4ebbec85d4bd93475fc008974b08e0857cd25d239d95a56c27f2f0c79fbfaf0fdeba9b76dc443f4669c15f5be5859fd25cd93c8ae30483", @ANYRES32=0x0, @ANYBLOB="0000000000000000140012800b00010062726964676500000400028008000a00", @ANYRES32=r8], 0x3c}}, 0x0) r11 = socket(0x1000000010, 0x80003, 0x0) sendmmsg$alg(r11, &(0x7f0000000100), 0x492492492492711, 0x0) socket$nl_route(0x10, 0x3, 0x0) socket$packet(0x11, 0x3, 0x300) 16:48:34 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000680007f00060000e3b3dc69ff03000000000000000000000000000019fb1d62"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000340)=ANY=[@ANYBLOB="01000000000000008304000000000000000000000000ff00dbc1224976"]) r3 = getpid() sched_setscheduler(r3, 0x5, &(0x7f0000000380)) ptrace$PTRACE_SECCOMP_GET_METADATA(0x420d, r3, 0x10, &(0x7f0000000000)={0x800}) io_destroy(0x0) r4 = perf_event_open(&(0x7f000001d000)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={0x0, 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000200)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r4, 0x0) r5 = perf_event_open(&(0x7f0000000000)={0x2, 0x70, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r4, 0x0) r6 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') sendmsg$IPVS_CMD_DEL_DEST(r6, &(0x7f0000000300)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f00000002c0)={&(0x7f00000003c0)=ANY=[@ANYBLOB="fc000000", @ANYRES16=0x0, @ANYBLOB="00012bbd7000fbdbdf250700000074000380060007004e22000005000800050000001400020067656e6576653000000000000020000014000600ff010000000000ff0000000000000001140002006e72300000000000000800000000000006000400000000001400060020010000000003000000000002000002060007004e2400001800038014000200626f6e645f736c6176655f310000000008000600040000001400018008000500000000000800050003000000080006000104000014000280060002004e200000080003000000000008000600fdffffff1c000380080003000300000005000800010000000800010001000000"], 0xfc}, 0x1, 0x0, 0x0, 0x98}, 0x8800) dup3(r6, r5, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r8 = fcntl$dupfd(r7, 0x0, r7) ioctl$PERF_EVENT_IOC_ENABLE(r8, 0x8912, 0x400200) ioctl$KVM_SET_MSRS(r8, 0x4008ae89, &(0x7f0000000180)={0x7, 0x0, [{0xb26, 0x0, 0x9}, {0x34a, 0x0, 0x3}, {0x227, 0x0, 0x6}, {0x227, 0x0, 0x9}, {0x8c2, 0x0, 0x10000}, {0x85b, 0x0, 0x2}, {0x97b, 0x0, 0x3}]}) fcntl$getownex(r5, 0x10, &(0x7f0000000100)) [ 626.287119][T16203] attempt to access beyond end of device [ 626.301635][T16203] loop5: rw=0, want=6434, limit=52 16:48:35 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x481}]}) [ 626.329635][T16203] Buffer I/O error on dev loop5, logical block 3216, async page read [ 626.354920][T16208] netlink: 'syz-executor.1': attribute type 1 has an invalid length. 16:48:35 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2, 0xefffffff}}}, 0xf8}}, 0x0) 16:48:35 executing program 0: openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r1, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r1, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x481}]}) [ 626.410342][ T27] audit: type=1800 audit(1591289315.030:1299): pid=16203 uid=0 auid=0 ses=4 subj=_ op=collect_data cause=failed comm="syz-executor.5" name="/" dev="loop5" ino=1 res=0 16:48:35 executing program 5: open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) write$P9_ROPEN(r0, &(0x7f0000000280)={0x18, 0x71, 0x0, {{}, 0xa00}}, 0x18) 16:48:35 executing program 4: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000440)='ethtool\x00') sendmsg$ETHTOOL_MSG_STRSET_GET(r2, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000740)={&(0x7f0000000000)={0x38, r3, 0x300, 0x0, 0x0, {}, [@ETHTOOL_A_STRSET_HEADER={0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x5}]}, @ETHTOOL_A_STRSET_STRINGSETS={0x10, 0x2, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x3}]}]}]}, 0x38}}, 0x0) [ 626.469955][ T7238] minix_free_inode: bit 1 already cleared [ 626.501590][T16259] netlink: 'syz-executor.1': attribute type 1 has an invalid length. 16:48:35 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2, 0xf0ffffff}}}, 0xf8}}, 0x0) 16:48:35 executing program 0: openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r1, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r1, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x481}]}) 16:48:35 executing program 4: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) syz_open_dev$swradio(&(0x7f0000000100)='/dev/swradio#\x00', 0x0, 0x2) r1 = fcntl$dupfd(r0, 0x0, 0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) fsconfig$FSCONFIG_SET_FD(0xffffffffffffffff, 0x5, &(0x7f0000000200)='.$\xe0em0lomd5sum\x00', 0x0, r3) ioctl$VIDIOC_DQBUF(0xffffffffffffffff, 0xc0585611, &(0x7f0000000140)={0x7, 0xa, 0x4, 0x400000, 0x3b3, {0x0, 0xea60}, {0x1, 0x0, 0x0, 0x40, 0x3f, 0x81, "b8ebea15"}, 0x3, 0x2, @fd, 0x1, 0x0, 0xffffffffffffffff}) write$cgroup_subtree(r4, &(0x7f0000000240)=ANY=[@ANYBLOB="2bb6369654f7edba05e9398ddd7069647320"], 0x6) r5 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000440)='ethtool\x00') socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r7 = fcntl$dupfd(r6, 0x406, r6) shutdown(r1, 0x1) ioctl$PERF_EVENT_IOC_ENABLE(r7, 0x8912, 0x400200) ioctl$SNDRV_PCM_IOCTL_SYNC_PTR(r7, 0xc0884123, &(0x7f0000000000)={0x2, "a8cf89d941f40a53d596eaa51dbbc24865a2728c14a85a322036528be20d11847455e8319ddda3e032b07299b785cfdc8e6a21758dda774a78d9c52e511f88b1", {0xfff, 0x5}}) sendmsg$ETHTOOL_MSG_STRSET_GET(r2, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000740)={&(0x7f00000000c0)={0x28, r5, 0x703, 0x70bd2d, 0x0, {}, [@ETHTOOL_A_STRSET_HEADER={0x4}, @ETHTOOL_A_STRSET_STRINGSETS={0x10, 0x2, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x3}]}]}]}, 0x28}}, 0x0) [ 626.646896][ T27] audit: type=1800 audit(1591289315.260:1300): pid=16277 uid=0 auid=0 ses=4 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.5" name="file0" dev="sda1" ino=15754 res=0 [ 626.675310][T16277] MINIX-fs: mounting unchecked file system, running fsck is recommended 16:48:35 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r4 = fcntl$dupfd(r3, 0x0, r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) sendmsg$NFNL_MSG_ACCT_DEL(r4, &(0x7f0000000340)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000300)={&(0x7f0000000280)={0x74, 0x3, 0x7, 0x101, 0x0, 0x0, {0x0, 0x0, 0x9}, [@NFACCT_NAME={0x9, 0x1, 'syz0\x00'}, @NFACCT_NAME={0x9, 0x1, 'syz1\x00'}, @NFACCT_FILTER={0x3c, 0x7, 0x0, 0x1, [@NFACCT_FILTER_VALUE={0x8, 0x2, 0x1, 0x0, 0x1e}, @NFACCT_FILTER_MASK={0x8, 0x1, 0x1, 0x0, 0x2}, @NFACCT_FILTER_VALUE={0x8, 0x2, 0x1, 0x0, 0xfff}, @NFACCT_FILTER_VALUE={0x8, 0x2, 0x1, 0x0, 0x6}, @NFACCT_FILTER_VALUE={0x8, 0x2, 0x1, 0x0, 0x10000}, @NFACCT_FILTER_VALUE={0x8, 0x2, 0x1, 0x0, 0x5}, @NFACCT_FILTER_MASK={0x8, 0x1, 0x1, 0x0, 0xa37a}]}, @NFACCT_NAME={0x9, 0x1, 'syz1\x00'}]}, 0x74}}, 0x800) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x482}]}) r5 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/autofs\x00', 0x480980, 0x0) r6 = syz_genetlink_get_family_id$tipc(&(0x7f0000000140)='TIPC\x00') sendmsg$TIPC_CMD_SHOW_LINK_STATS(r5, &(0x7f0000000200)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x30, r6, 0x4, 0x70bd2b, 0x25dfdbfb, {{}, {}, {0x14, 0x14, 'broadcast-link\x00'}}, ["", "", "", ""]}, 0x30}, 0x1, 0x0, 0x0, 0x40}, 0x58000) 16:48:35 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2, 0xfc020000}}}, 0xf8}}, 0x0) [ 626.747676][T16277] attempt to access beyond end of device [ 626.815627][T16277] loop5: rw=2049, want=6434, limit=52 16:48:35 executing program 0: openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r1, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r1, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x481}]}) [ 626.862601][T16277] Buffer I/O error on dev loop5, logical block 3216, lost async page write [ 626.922999][T16309] attempt to access beyond end of device [ 626.947612][T16309] loop5: rw=0, want=6434, limit=52 16:48:35 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f0000000140)=ANY=[@ANYBLOB="0300000044e43af409fc75368d814a000000ff00000000000600007f00060000e3b3dc69cfce0819ee000000000000e4e4028600000000000000000000efe9bd5a2f81127d2899157df796257206b81fadd7432394d1568a06bb2a5ad2f73c35a0223c07f941a97faa408c99ac5887f3ac481a409e8e306b88811772cb6f8c268b395e203b08202b95b49017ee0fb6d6000d288a0eb0a82444bc3c81813d3278b6adb9fa8d3884d5ad89fe6769bca6468626707bb2838b301f32bd9e66ed627a4ed71cc69161e7bd85b6071237664fc91b4fb666cc5cca4d0b181d3b57d057759cbffe48efc49d0684176ddb323fd5492711923f8ada40fade69cb728e62e7acf0d6a801114ffbb9782c03bb676ce0a795771653947a2c769750db40f878"]) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r4 = fcntl$dupfd(r3, 0x0, r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) getsockopt$bt_l2cap_L2CAP_OPTIONS(r4, 0x6, 0x1, &(0x7f00000000c0), &(0x7f0000000100)=0xc) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x483}]}) 16:48:35 executing program 1: r0 = creat(&(0x7f0000000180)='./file0\x00', 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000000)='/dev/fuse\x00', 0x2, 0x0) r2 = dup2(r1, r0) mount$fuse(0x0, &(0x7f0000000640)='./file0\x00', &(0x7f0000000080)='fuse\x00', 0x0, &(0x7f0000000280)={{'fd', 0x3d, r2}, 0x2c, {'rootmode', 0x3d, 0x6000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}, 0x2c, {[], [{@smackfshat={'smackfshat', 0x3d, 'ppp1'}}, {@smackfsroot={'smackfsroot', 0x3d, 'fuse\x00'}}]}}) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r5, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r5, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x482}]}) r6 = perf_event_open(&(0x7f000001d000)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={0x0, 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000200)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r6, 0x0) rt_sigprocmask(0x0, &(0x7f00000001c0)={[0x100000001]}, 0x0, 0x8) r7 = perf_event_open(&(0x7f0000000000)={0x2, 0x70, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r6, 0x0) syz_init_net_socket$ax25(0x3, 0x3, 0x7) r8 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') dup3(r8, r7, 0x0) ioctl$SNDRV_PCM_IOCTL_WRITEI_FRAMES(r8, 0x40184150, &(0x7f0000000100)={0x0, &(0x7f0000000000)="cb43debdf2373bad5b2268e4cdced37bec33e4b3de", 0x15}) 16:48:35 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2, 0xffff0000}}}, 0xf8}}, 0x0) 16:48:35 executing program 4: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = perf_event_open(&(0x7f000001d000)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={0x0, 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000200)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x400}, 0x0, 0x0, r1, 0x0) r4 = perf_event_open(&(0x7f0000000000)={0x2, 0x70, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r3, 0x0) r5 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') dup3(r5, r4, 0x0) r6 = syz_genetlink_get_family_id$nl80211(&(0x7f00000005c0)='nl80211\x00') sendmsg$NL80211_CMD_SET_WIPHY(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000000)={0x14, r6, 0x1}, 0x14}}, 0x0) sendmsg$NL80211_CMD_GET_MPP(r5, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x20, r6, 0x1, 0x70bd2b, 0x25dfdbfd, {}, [@NL80211_ATTR_MAC={0xa, 0x6, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}}]}, 0x20}, 0x1, 0x0, 0x0, 0x2}, 0x4000810) r7 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000440)='ethtool\x00') sendmsg$ETHTOOL_MSG_STRSET_GET(r2, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000740)={&(0x7f00000000c0)={0x28, r7, 0x703, 0x0, 0x0, {}, [@ETHTOOL_A_STRSET_HEADER={0x4}, @ETHTOOL_A_STRSET_STRINGSETS={0x10, 0x2, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x3}]}]}]}, 0x28}}, 0x0) r8 = openat$ocfs2_control(0xffffffffffffff9c, &(0x7f0000000180)='/dev/ocfs2_control\x00', 0x14402, 0x0) r9 = perf_event_open(&(0x7f0000000000)={0x2, 0x70, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r10 = syz_open_procfs(0x0, &(0x7f00000001c0)='net/ip_vs_stats\x00') dup3(r10, r9, 0x0) ioctl$PPPIOCSCOMPRESS(r10, 0x4010744d) fcntl$getown(r8, 0x9) [ 626.979054][T16309] Buffer I/O error on dev loop5, logical block 3216, async page read 16:48:35 executing program 5: open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) write$P9_ROPEN(r0, &(0x7f0000000280)={0x18, 0x71, 0x0, {{}, 0xb00}}, 0x18) 16:48:35 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r1, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r1, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x481}]}) [ 627.071675][ T7238] minix_free_inode: bit 1 already cleared 16:48:35 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2, 0xffffff7f}}}, 0xf8}}, 0x0) 16:48:35 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000100)=ANY=[@ANYBLOB="0100000000000000830400000000000000000000000000001b69c4eaa67e433b0f406cfc7e072f5e5bb4ce427d2084701d14faf69bbd753151f9564f8421f9a26208eec37469a6d137506fd76ecd9f16eb7157d027ff2fb7b788ca911d11caf3d4376104df0f60a7712308a4578c7d5f4707"]) 16:48:35 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r1, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r1, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x481}]}) 16:48:35 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2, 0xffffff9e}}}, 0xf8}}, 0x0) [ 627.242501][T16346] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 627.263908][T16346] attempt to access beyond end of device [ 627.275429][T16346] loop5: rw=2049, want=6434, limit=52 [ 627.283060][T16346] Buffer I/O error on dev loop5, logical block 3216, lost async page write 16:48:35 executing program 5: open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) write$P9_ROPEN(r0, &(0x7f0000000280)={0x18, 0x71, 0x0, {{}, 0xc00}}, 0x18) [ 627.372971][ T7238] minix_free_inode: bit 1 already cleared 16:48:36 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) fcntl$dupfd(r1, 0x0, r1) r2 = dup(r1) read$fb(0xffffffffffffffff, &(0x7f0000000100)=""/223, 0xdf) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r3, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r3, 0xc008ae88, &(0x7f0000000040)=ANY=[@ANYBLOB="000000e8ffffff00a8000000000000000000"]) 16:48:36 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r1, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r1, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x481}]}) 16:48:36 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2, 0xffffffef}}}, 0xf8}}, 0x0) 16:48:36 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f0000000000)=ANY=[@ANYBLOB="0300000036141ca0000000ed05000011af8396a5d3d58f8977ee74f3006e554e671991ba72280000000000000000"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)=ANY=[@ANYBLOB="01000000000000008304002000"/24]) 16:48:36 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)=ANY=[@ANYBLOB="010000000000000082040000000000000000000000004bb3"]) [ 627.577527][T16385] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 627.630856][T16385] attempt to access beyond end of device [ 627.641074][T16385] loop5: rw=2049, want=6434, limit=52 [ 627.648418][T16385] Buffer I/O error on dev loop5, logical block 3216, lost async page write [ 627.663683][T16406] attempt to access beyond end of device [ 627.673981][T16406] loop5: rw=0, want=6434, limit=52 16:48:36 executing program 5: open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) write$P9_ROPEN(r0, &(0x7f0000000280)={0x18, 0x71, 0x0, {{}, 0xd00}}, 0x18) [ 627.679520][T16406] Buffer I/O error on dev loop5, logical block 3216, async page read 16:48:36 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2, 0xfffffff0}}}, 0xf8}}, 0x0) 16:48:36 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f0000000000)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee00000100000000000000cd7cb8a16700000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x482}]}) 16:48:36 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x481}]}) 16:48:36 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f02060000e36694cbb6bb7dd0ca0000010000000000000000000000ef"]) ioctl$UI_SET_FFBIT(0xffffffffffffffff, 0x4004556b, 0x45) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x483}]}) r3 = perf_event_open(&(0x7f000001d000)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={0x0, 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000200)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r3, 0x0) r4 = perf_event_open(&(0x7f0000000000)={0x2, 0x70, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r3, 0x0) r5 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') dup3(r5, r4, 0x0) setsockopt$inet_sctp_SCTP_ASSOCINFO(r5, 0x84, 0x1, &(0x7f0000000000)={0x0, 0xb6, 0x10, 0xa9, 0x0, 0x4}, 0x14) [ 627.740661][ T7238] minix_free_inode: bit 1 already cleared 16:48:36 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x481}]}) [ 627.900630][T16437] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 627.922100][T16437] attempt to access beyond end of device [ 627.934755][T16437] loop5: rw=2049, want=6434, limit=52 16:48:36 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vsock\x00', 0xc0a40, 0x0) ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x1) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r3, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r5 = fcntl$dupfd(r4, 0x0, r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r7 = fcntl$dupfd(r6, 0x0, r6) ioctl$PERF_EVENT_IOC_ENABLE(r7, 0x8912, 0x400200) ioctl$VT_ACTIVATE(r7, 0x5606, 0x4) accept$inet6(r5, &(0x7f0000002180)={0xa, 0x0, 0x0, @dev}, &(0x7f00000021c0)=0x1c) ioctl$KVM_SET_NESTED_STATE(r5, 0x4080aebf, &(0x7f0000000100)={{0x0, 0x0, 0x80, {0x3000, 0x6000, 0x1}}, "e3d626055d6a8867d2f844169a1af081e978140efca9f2d974ebbd0b9548a4a3f8cb4026d0d634d149b7dc5071d296a4e104cb95b872a01e562f3a82feb578f5042ed6bf652688b6e724a80d4b305176919bad6f48aae7b4a1d95524a6092b85c393692b21611a2e2382c02672572a22e46a0973dbaf7c0c52102f1540a1054fdf9ebfad81ad59bfc4defb31105e66c63aeb3401df9b1cbfbb9cd558651f0d68c11ca56503aeb5d59cddd96f0ecea01cdd1210fcbe02094dd22da8ddae51da3cd1d8a9a1d467ba25b314fa8d135b1412a4c72bc8ab231284184f2f9c35fa136f18a418237dc1f2bd47ca2e019827fd1b1030b6bd009a0eb57a53ded9af45ddc55f4d40a072eefe0c755910da799ea9fd494b6e3bd6382aed34bf5faf55ce1519c4fec53809cc5dd80385f31e177522506bb7a0d72ff3aa42903f99ff86298ad344915397b1cf66f2782fd7998159f5e00d1dbed28b9d1666b7a6855e146855048205c4adaea4cf4e3cf0c90ee4b36c777b5516d6f251c04ba87fdba4c27435509690889a6c5cc8e796c8ebd3805f07e99a5e7b2d97e02359a815b380b95cc611155adc5699fafe598f09d6fdcfd0fd8c46b6924ad52dc9a7229acf39373409623d1b1ebfc4db0c775e1e8d93af17cfeafd89218a8810fbefec438c5c194e5dde296d45898f42bef7c2c4d47c7c875aefcc673c59b0f1df59f3889287dbc46faca2a4e7baebaec2ba5a2739c713ced693912dfa4215f6e58e7a330e4288cbce7e0e8eb2872c327486c1c2383c93ebb03117e1e079e07ea3023cf99a225cd9e1352eb4831bd04d6c46a467f8b4637789f071663c043cb6041d38e33e2cdfd443d9b633231c3c1405e95efcbc207805ea3e7d9713c157a07e4439fafb5e5689576443bb7be7ac27220a0385d04d76591817546125410d0c7a1e16d04ae988f9540b17711ee0531f960a7e5023feb00ad257acc3c9250080af9f32e42e7d07fb56c11fb0e2b4acf05cec2ae2c142916156eecc478ffa6f40e75e888e33cd35b566ae89bc36a337e1cfbfcde8749cba7f1598ca5e6e2424ab017a93971c399b8aef1b0c72cd400865c77b36cdf7a0557be04dbfb2a0a6bdf5fc95e80304e818ed0ba76b3bcfcea9d01c98a375c1229d9cdd72453a575eaa3fb78dd5f05e6e37a65ac8d530055d3ad33bebcd6bfb324a59f4f265e47284b5de02e79a8241a7f9403ce83db106aff23bc27a7748beb7ca89d28d24246ff955670139a8bdab11ee8d1eaf3d42d01d8db57981c92d1913d479d9c21be392abda576ab24a9c855676012d5ca8a8f8d61074fff34ded6acb427ed96229d643aa7e6a864eb003ae3767060f555d717177c9cfcfeb90fbf213307373d1163586d4056c3b056c058683b6c6b1ec7e55e2fb5637277d277362b42d3c9e010d04eacd835a3b77d581692ef980912af2a6b4081f230591836a95ec0a991636d19fbca26dd10ce91606062fd45fde1e68de726581c96c5ab47597b4ffe7d808318dc557dfa4bf08dc2fd1da70fb7b07df8ac4e7a068367951aa6ddbf5919627301289b54f1a2c2f745ff2d6f7ba0697964c9f5e3278985d0ed3495476d0d3ce1538f31ca6d8c93dad858a46839907e01cd7ab9b2cc9edc3fce1fa3efc9ebf36901ebcb09b31b7b67a635075edb5ae08779eff63f8479e0e1a4250e8cefff19ec3e5ac348c149237d78b1a4aa086588f954cf380be8354e54a6c24263d52458ced7132c818481309e58c5a489c87d7b68c921c33fb28763e8a3c52fdddcfdd064da396ef07d1553e4e725cebad8248b6722ce43ded1a65b9c8f87f1939ccd83deebccbb589cec33775b2e79ce7605a35e6b3536892cabe36cbd84897902b4eab65f7d8e1a66928f4e9e843cc69669661c56831fd39af648df150cc8c5a859446654eafe993a2e2ca116de40866e5aca399fd53911b169663fc6c004852d707c64937f25c532e0d816113bb614181773f09e4069decc2716cb26ea828e3600b4d1b733656dae356c3b45b4f31e556679566967bf684d71d842176969bcfe1a713ece923b541fb2f38905be94a280be72f4fc9959f704e8f097f9543e5d472147db4054548e7bfbcfca3f67d12b45b0183cfbd8ebf7e92c9dd37ff9f2ec17649f3991f3df78b66dbc0db0f93c8ff0a2c86ae467aa66407c4a32cb83d9f6a86e4718db6d663a8746815bd7630e720482235af5f34958458ba533368c5180f5a31716b6d8859d4cdcf2a3c525cfe5e4218cc0047f32f18cee74f674b9c71090867a365af35b45775273a0e5a7ec60debaf87ec1a57ce0c98336635a65aeea17c1b7d42559fc06328ffad69029bd5a831f570a4bc9d7426bf89c1f7f8c8bb491a8aa8cdcf3ce542abcb4d9c834918245f68ebd7e05bd7bf115da86e213645c27c7d97a8ef4ccb11b00691e4144c8e55d6793e608b48552dda593d0bd9b0601afcdafd6743e53b77398b3c8f0adcc67edb53305560a07212d583b8de9d357ab1739292a18b6e2af13548444188748ce4707ec1929882363f2974f6032bf761c8f1a8ef6c5a7b07bbf63e9b2f4603de25c2167abd803795e6fc59b381e19d6e3965d50fa6e1284cde9862a0e08db061a0e710be0388a084814b0c59668e5039ce3c4866709637fb006e0c35c1c43649f351bfdacf4aed23cfbc2fef338d74b893e5299e43b8cfe09ccfcfa9181c42414efcb2013196be328b215ecb85b19a2b00f6dc5b677d9d43dd4eb472a93ac53122df7b5010fecc7694a738bc9e6810a49db8a5ce3986c9ee79a2db6e1652299d2b6e1f1795fb8167e1a81303fde45c9f655d9cc27653e89c843b5bba51c73bf1e1923ce4e26ee0d2fee8a63eab3732c02789296fa48bb67a55699937132ece1ad01909f8281d82f2010eba69bad823446e8c836aaab54ec4316e610451ec76206daf20f8b801faeb564affbe31722cd7513940ca7f03c91e55a3f9fda9fff452ca3ae9a4cd35a1a6dea776999f80bc72d8eadaaadd407f2bea5c0ce769f9574f43fac3f7acea3d9b02c41138eeff63a0d0d8c34d90a6ad969838d2ec6663749400b51bd8fd774e543956230211de35529c806d1e6ebaef92ff5a4b9a1ee1b0f96d19c3dca35bacb611c49e1cbe46acce3a8a83e10046b324ebbbe146161c2f1d8f4d3f92e99154d586ad0810147040cb1946ec626c34bce48fe1557d0698b905d05bcd417e13c70e5b0dfc52b21983850c6c3a09b31f54237ec93542c1f54f561f9074004fff62758bb21107584a7391974eb0b1e874e893a2089f9e7e0766791ae7cbe4f6f30a7b9e8aac6dde024c911c47ac883b9e3d7124e2878ec80d39aab3a56a952b2075dbf4d85cd79ade79a6c65ccc8a2f3b5f92dc27ecb822130ca0e256ab6c436076be545e530f13615b1f40ebe92f5227f2f8914060417ff1de8963e65380cdc73b9492f1eb54ce04d1adfad6c5c1b925c42ced9bf60390c240d539ad3f71a60f3e70de0cb4b2296e1a7f36b67f3373da56ac251efa60e0f48f9f20fa64522ced6a82e01aab14d48ad4c203b8eb834bb971f1a45656212d57b28fc8cc481ef82a664705eeacda2fa0c3bafbadb735be1c56a45d1080a68d774ba56487bc4b077f95e9cab685d4abd299ed0fc55fae8618eedc176721275982e79effb76546ac6adcca3bb60b9c83dba7ccd6b7aa4137de8f8eb6fa44fd341af42e23582b8ff71c713b59cb2033c5fbce6134dc150e20e19bcb448d0f700569f94abfcf54f5a8b12d61a09691a79045587b2d66c156219124a82cb663a5fc8981c8ce61e3a2314c12484391ff92b3abc930c3a3b1d38496e690378cee9553c3569be8e37a92f75bcba3d4643595844d3418bf14581db2263b28cdeaf41dac80be5d79faae2c1eb07658713657e85f44955f78e347f5f9da8302bab3071178491fd5781e91e8fa990daa48c759680062a94e1036ebb7d8e7bd66a15189cbbbe09a31d4be8a5a906ad36868fc2c3eec3946862fe769bd92baa381a4abfd9cf0daef293a4f58483fdbed7489207835989a4e01e5ec19d27a694e6cac903311353de07828a3f82954feedeb9bb34df717b89f009b5e61deae4b3fef058f0de1281552edf1a9dc640e8357277e559568ba79fa909870803d6a9145d06a40350faff7be7263f84ab8492c0dc333d82342a7481b9d107bea1f416fbd372aca20c79fed567cd52e38dcf3f972db6894638973cd691cf8b56eaacd57eda8cac01c57a990ee176f6a809b7d29e4908720fa087e08a0ff49632a005410a90899d177d7da3ecdf846cb6415bc346e16f4a607d6154af719ab3de04a0ebfc5fb463ecbea2a4037e3fc4fa791c616589c735504b239d65fd1e854f2fd35e617f887625c0d337cd96780943a95aafc3d849c50bfd227c59df3e126d2a301b1cd92cae042a68d4a2916ce2d0a12fce1b0545a596b63b2f9f8dc25dfd9b646aba34bfb1c5ada6f625d048758aa695e433409a68b63b9b4c20261b35158637dfc5f6f8e9f7defeaa218fa48fdb62da7465c818676ddb9ea56c495290e3a8297d9bac4bd77d6585c9b773ef63b0ae23bb2ab17024afde5c26e4f8a58ea3c59be8ec5b668780469f36d1729ec4daa175bfbb98e3e5b68ad9d010c1b7d30c0a22da2d11146eac5f691ffd16e602d055b4d6758ec9998642b83a36e919bf79ee8aca3c4a6a2e33b5a9a6ce5dffd26d0d7a6da62995f7cd44f375e58f7f7546d5ab7023f26876773b133f834d8cb978011aeab3f882fde4bbc51c9dc514ac789336f2efff837a461371b479b1511730fcc3c0f5b155a2448420836983a4db9e5e2f9ba4852a6e42427434d2acc9baf39692119140c48285a4714b5e98decf0153c2402c5d9b4a4275494a3eb3db00b99983f6b71e98f07d4158939a4fde661cf3196f6b20811ba8712f6cbceec3921378e8085c456770b6eee10fc9b129d581ab82d7ba2b0a7102c26fb145b4133344f4bdc16b5430cfee0bfe3eefeaf996d8a15a9a1cb23ce746a17a45b747014c8e809ce3a6504ea692d6c3fad9de1ea4b4c47cb0b9e83b7b9600319d91f44bfd4d491e21e7e2d3a066daf280489de956cd09e2f93822c5a7bd47ee02575c76178efea839c92c647816ff1b9d3f77d3cf597d42158b4d95aa7b626fb1fc1231daedc4668dd45f49e3f7b778213614753f2be1d8b020aa253260e7382401a9589f54bacf95257bca8ab965efda21e13208ead6f5038119b6fa5358ec3ed1c69222686bf396187612974764f1a3196cd6382ae9b490cfd3ccad1ad625fb350722bf173cc13474b0d617d1d3a0beea7f4cb12d87d3a24d0c072d1e5de516d00226a47c179fc6285483c0bc9e0e8fd760e928b98cd483c8544e289edcb61fbe846ad509b325b05225299ac2d556e69f09e7e4e4a80e388fe237cc1c18908b6eb931cf52d88fa7623a1cdb49f22726864782ffc2d9320a7d4e7a63e70601c3f2d752b40832c99e822c188c2297180ed41f3f8211a1d8c55aed8b10d7701f18a4258aa4151e53b7a454d72bed339ca69b05d1bbc9688ea2d83e7d7d99915e367f25e6d23c964f8ee9b691e287545d1da3712e9f64f03ae3878de241b5cca56317beaaaa19f5c1a90c1407aba618657a03f6731ab5af5ee385abf068bac9296b647a840724febaaa52158601313b698f8ee9d2c10d36d875c99f1f186a4618736bb43a4057cf9974e3019e9cd18fa943afbec137f83e67cc23c39ec63605d83d33a261a2b23d738b926144bb79f770406f9cfa77d8232280e0e340c21bf24203c5529bfb6ddcb", "762eebafd186a3c989ec37ae5b039c27cab1f9db9b37cda997ac7f470aa9d5eae1e586fd534e1aefc7e2b6552dcd650bf035f3d9cecdf45d55bbe12be857f25a9841de79b7af8f6b2da3f7891cf0dafdfc07d2c2ec13eaae7032ef4e79a7685bbeed4589c1196c4688cb3dc2f8f77a1bf5e5f2a7566a47a2998ad9e1d39f40febf5f940d159e4dafb7df4275c1b4ce6a1ce731e15da619c35d160df2c3d3332df8fe81032ea5f7fd9a9afe90dbedb447757e6e8695f7b38d789378bccdc0de18429c88e4a204a64adcd15174cc32a8ea9fbe1e5bdce8b1a31d13993fbd47032466ae63b37a8f1aa09da9c8c66ce336f5f0e6f919ff2b547924c11b4a9579731b70b12a5bcb13c831213c983417efd568514814c9003f86c633d0aeb0aabe88e563d57bd9c398addc3b23444c90462e1acc6bd3525f4e37609c187de8b132efb7a59d63484737be93dba405610e715616d6590368826d9b238822d1808393137ccbb1a7f534557762dd6c5f826e207c5001fc5ea5a50147e271c84f695be1193ca3b80e632843ac3a9abba5f66e284d19b0cdd795ffa0e1a65af93127b13bf91cdcdbba6babc75777de19ac96dcf0571b05d29897e79698566bbe646288c9891e659ef4b358702ec5776ee27b6b0538bc3c5df8523bd47f90f57d70ae8f5df4e9655a20a5b37d2718d4c96e8f2ef6a2c32af25bf54931d6c3e010f9b47112048e5603faafb2f719f2a5359589d1f113650df6568ce301ce0bd526b892cb661fee511f600e5d3a3b72d9b354942d6dfac2d1c735d95d96d3d4f667461c84496c4365830a4b5665470708199aaf11bf4023c4c75c8769848ce7529281d166b650cc45c209d5ef2536240fc0d02d8420bbde2ec58c422c02fe0f0f5cb4692c440a5d3687f9b1f4c0f00ec4271e7c37c0ec0a719691dc301da101f67be78e4e6183e65a8f468e458e0c0e4a51834d188c39f624af9ea77e9675c7a9ce67253e454b15094a5b5ab054dc2021a9805d5a03e57f0358454a1e9f13c8505050b61aab04f81cd06b0ef08983377037f331635ec711d1963b7d4bcc40852ee2bc316261239ac1acf58a9a412e715ddfa0d5a22659790dc48990a6658591851ef26249b009550295dbf8908a4caadc279b84c47451bfac707a3df60ede588673f211dc30916071347ab0697837717dbf2eb3ffbb3f5c295f9d0976abde6cc824632f2985dbb0d5ef22279a31b5ad24ebc699c03b1ea214598c091475eb6af4bd717beb0c051eb4a99e4fdbdadf3a3254a944b05a5ed7c80ada59ff2b218d27420fcfae267892a8d4dfd914eeb07da6fcdcf600a4775a3f5ef8c9fce0b195301cd107e12c0805a7cca5d3fcf6f853340851d646ba964c1167ef005bf8364ee97012db3e743f883712bc6d8ecadaad83f646bfdf68c4b4c5f4666aafd22fdd30a15fa46d5d7ba4ec8c01e744a3431f9fdb799922b97c286d5943dc2033979a2fc142299f2b44bf170178e100d52bfc0068995d67816c46b3fbe816cc101a41274cd52ae2b95db619cd152eba1e27b221f40220087ef3bc52cd2ac4e13f3b188177749fc5034a9560230f4f01909e84a15dad35213ceae8a72b7b0629683c8bd4dc7d91ffe02a70c17568e9444fe8c51d49519ee8e5cfd7e6ea83fce6aeaed6a178702e8e1d9ec45ad35530be473229a6c1f2218fef4a3c59045c485ea0d6030f27cd43ac5171bc1c4933e7ee3304c055014955279c0b37ca330fd2d6fb0508afe8727d1a5018ccd40b18e4c14b07fb7507ec499c2a7fb11fc9efed8a2fccd0296a859420624e1f440c83abf9bbe0792fb4ef7831a7539f548b33807db96aeced0601b7de6ecf8572c8b3f431fd53b843af1f9c2c84aa48175d4b9781139d7c4d511eb3096b7a89161e09d9a04f478a781a7e3889aaca2f4d544a61fafba45595dd2665822b18b5684857c50510b099f7214c16c51f7d575aeab3b5b4872223a294bff6e52b92ec7e82240c91751318b26f614206509fd7e03cb35ff822a86e38105b2dcf7a46410c609aec741d1f2c95d02c6fe9ce7ac724f7ddccdc9db3fa4e0af11ba66aa01f2b7c2bf679144efbeed5c08e7ecbf38616a852485cd99ef97ec77d34622dbbbfe06983eaacb535375c582d23d87927e0d6ae65180fe2d82e3d85d69b7014bd2786ffa203dc3bac72cc0660853998bc8e7e3cd5808baa50119501bbd0a43aacfb6cfa5f3076760c9ef53fdd477175bbe1ed62c90fec674b3c29558a5d106c0de25ad3cbd9625bc121729310fe1ccd20407d7c89b8abd02d782cd8bfeb95044eb7bb4e3c8e043d1b43310e76481eff53860fab2478f89daadf5b394beb420ade9558d2ccb48be084228b3bf12678527145e76699f01cabb73b65879a43fb6407b9a4f66a6e7d20d5ca633a3163acc336980e36257c2cb036a1a30a6ff2733364daeb3347df5d7a225557fb4012589053474aa783555fb69f22d76b67c06ea93cb5fb7e929798459ebb42cf66651a3204a1a964656a995a8bd7b0cc86bb40763e82b42cdf235f410c7fef30a6658bba51162be24800a3b33ebb9a9a490dd6aa54d9d7b124c4b38f6ba612df57e26db071762f7bcc352b7b7ebc8768bcf8978a418fec05468a5bf363c144169f27888f1e2cab4ac156092e2ceb8bf72831606aed644d002882748b495c2c1b50f192e9a4a343efcfb9486f29084932c555b7ed85c64ec39f55754c56ed8f7ad6786fed52f6f2a36a4dc8295cd173aaeffb92f3db8764f13f394064363055e3c023edc693540dee58656a22756aa88a9fb48ec5789ee165fb2b8cdd4a2dc3ef203511f18abec49fe8fc667f9dc4ea16f2253eea7dd1ca6fb314ca72cf519138ad6d100e811cf2afdd8bb940b4d7cc9dfd35e0607410024450da88b98621a7dc3c708aba3e627a91f9bbc1133c5a8ae04b4cd02bd97c9257d9c214f1ae2c915a28c8d8ca306a822af9819d5188e96e8f14b910286f52dfb26678ea61b2da15b48b9471bf6b183e521d556c3321a1461ab2103b45b6a52c4d4d9d91b5a1f9f1ec7d61c91df96ba12380b32cc59cdf5ee7ebf52b3ee4109da21f4530550e1f47277937cb72cf722918d28bbdc1887f4319d7e6e57ccfadcabd7dcca98a4acf6584a90cc9b2345904edaaea096edc630815cf56283c7e4ea34a7d5ca28565a6781fd3beb3e24b874a05ddf3c837bda5670edb623fef86e291915474dceba12900dc3d6b77af306537635fcfc081ad34d92c7ca9d118c726125d1d5bab8e0a1812fe01a9f816f9834727c07d8bbe5a2a2b17cfafa3ee952995c1705636e3699356caf3a3dd2473242416ac3878b4148597f81b9672157f2ce914c191c63c0dcbb9d4f52eec15c919b6451d00d3763863a79c70cc0bb0421f451e757d9779b310d1ed803dca8c5ce288744ef150cf713b933bf9540b1ef7d01dc5e73443986cafbfb5ca58a59db5138c69d74bc0ae119587041f11c10d02bc786fa32d7e2082cd96e3405f7603a97af78b1386fad675d6c78db50a76b617815a2c701e7553cb097e5906613fcce0c13d7204c6cccc8dafd93e748aac39a9994ae95b533f1e254c1f3d864b4f92e57986fbde1c9d38bd15d4f0d7cf5f53379456779da033f6b203189a506a6f656cd5146ac2877d21f9b2a2b2b2906e70b5dae842534d5ad5ec1d194b4ce0a12eac5ac97ebdd7d5d4a853aa49f0318e5bf53d93d72a77aa4706a5be45662ba5f33172dbc6a07ad27b14da69b609d68f6026cb5d071fa5b95997df40e30cfa874912bcb13eda3790d3d33ef11c395169a409ef3a613663e3fefb0296bb03d21e3b8979fa16468586cc81da3fd36eda8114ef95c6f3e2c2ac7389274a139990d12c25410e95c51061a0c2c8e748f37ca52da9d6c74428a53c9ccf66c344ee7e276f22b9a4dae09de3123329f06a4e32a024dd7d645db7341bdaebd5d6527640fc7babd2b21c751914c89e6866f7246bc81e3faf3704c888a6e80822997dfca08293ac3c820061a70f1059ba18e7f078a6eeb3101f92c7650ce2c772d175706572b9f8ffe0c6361b85177a532bf5ae8ccf27113eeb1df299c277fea82fe8b468e1bec02da1f3a7eaf9587cdfd23aee38446c1944cff9224b09dc9326d86a6002ec89e36df31e84aa641383c2f70f93b0e91c72a87e2294101af9672909e5c01775dcc92d05e699af17f78493fbb15275e79e67728ebca80dc294973aae35015bef4a2ea6dae3f3b538e4d731c3badfa441134c6a5f83125d8914b193b56886be090110314a16367974add762a1bd98f99c1f403f7e8c0f233550c2f3debbc3f4cf55376ae73ba878e32d6f73daf564384dff372341554af43a9695344ca6579b6f7299373b4b8bc25e1bbfcfaf4e8773569a140668f21fd7fbda19d8131f49304587b0f182235893319a91a1b046001d9f1b5343e83c1a763aaa649a91b140fe1eb5a1973aca3990d2808cd29906b813bb185216a43f94dbe1ab5b957a22a45e9db1412eaf92819f6c028f35d88afacf73a164ccb0476cdf8050319d0e43ef35de96773b273bf969e5c24d1273f9164e726b1a5c052f5e44f71d9d42d862ddf769191043392e367a88d66e01f1b80b91bc16168badfa89ad0fcfc41715d0b566ed54cffda93abba3305c53a3b0efbaef6212f04a92817919776fb06e1da590b73525983b56c51196f0b62a01c64d964409bfeafe5ec9fe54ec6d54b98673863565724045b90765ab94fc5f7d7c4023fcc91848617c63f0c75f2d8282149ecdafe37853b9e1498f03e92f030a426252e9542205144f3a58746e1d7068f42786fd994aed055f5e562e3fd813ca91b61d081d5e65d89b0252e079daa2265095a63aa76754d51706e7a3ec3b66747c6a9a4b4c51c161c176f78e82347460ab49f06d896ba14493e662f1f7faa45c92bdd0bf5cefd462591ad5bce0e36b7cfa2762f80c3399bb50ac19579c73fd6f7dc69b2163825de03c5b7940571bfc466b52baf81aa0830aaa32a5edc19392bb26a9809f8360fc4d1f3d4ad59c98865c88700730cc2b40f5312c309010fc02ab1f6f1b77559d9727f7fed2d32a88f1d936c8a8868e3765c4e2517f3639c39e18746618c749b1dda0c9cb64eec0469014e603fe2cfdd9499377b2dd64753790243fac9869ce23b7d245f16dc453ab22e2c50556213e8c8dec50f7b33ba2dd914a5d585fd3fcd16e2f5baa5290c5d40c6071e8518c7ab695a02326c5b1fb38aa5274d808fdd4bc6ebdc736dde27d05137993c59be0d3fd4343841a0a292914d525a7ab678f89dcae8a81ad5d9c9c5b94360ed3bbee75fd870e2c92aaa83c6db60483b23b1d105f493efbe488fa03f7087791222438d2a4b10d72bdfbe643e651d5d166212e997e6c33511612253ef230a1ff16de5f35fa9c238919a72f97e9aaf9569fbf7a9be68845248f7027aead3fdb0efd67849165e1d1552e795baa9889e3924159659ca5c313be6bff8e05fedbb3e82acd051b18af87da846e954b13e94004a0f2613fed23db14f0cb55d426a5aec9cf63ce8f675f0e9757875d7b7dade82f5b495fe1298aebb64e4ca0a8f79718bee48ec5463c172836c055e68d245289a094e41aa4c317110413ee24df7ebabef04187eb7628754f07573ac611811055dce5afef03d812927edc8e7947997cc94c2ea800da76e20ee8d7dc9c74af2626ec2bdbd94ddad622117f722483df9306992aede28565346144e2877435696b85e22c6e718a930572846a4c7d1ab847fc1ec2d3aa9a3bc3001ab408091fe34fc35ecfd63b4f095df5"}) ioctl$KVM_SET_MSRS(r3, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x482}]}) [ 627.945153][T16437] Buffer I/O error on dev loop5, logical block 3216, lost async page write 16:48:36 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2}}}, 0xf8}}, 0x0) [ 627.993855][T16450] attempt to access beyond end of device [ 628.023426][T16450] loop5: rw=0, want=6434, limit=52 16:48:36 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x481}]}) 16:48:36 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2, 0x0, 0x2}}}, 0xf8}}, 0x0) [ 628.051593][T16456] Unknown ioctl 44609 [ 628.054658][T16450] Buffer I/O error on dev loop5, logical block 3216, async page read 16:48:36 executing program 2: ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r0 = openat$ocfs2_control(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ocfs2_control\x00', 0x400000, 0x0) openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ubi_ctrl\x00', 0x82, 0x0) r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x3) ioctl$KVM_SET_CPUID(r1, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r3 = fcntl$dupfd(r2, 0x0, r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) setsockopt$inet_sctp6_SCTP_DISABLE_FRAGMENTS(r3, 0x84, 0x8, &(0x7f0000000000)=0x7fff, 0x4) ioctl$KVM_SET_MSRS(r1, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x483}]}) 16:48:36 executing program 5: open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) write$P9_ROPEN(r0, &(0x7f0000000280)={0x18, 0x71, 0x0, {{}, 0xe00}}, 0x18) [ 628.122709][T16470] Unknown ioctl 44609 [ 628.136864][T16474] Unknown ioctl 44609 16:48:36 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2, 0x0, 0x3}}}, 0xf8}}, 0x0) [ 628.175613][ T7238] minix_free_inode: bit 1 already cleared 16:48:36 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, 0x0) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x481}]}) 16:48:36 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r3 = fcntl$dupfd(r2, 0x0, r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) r4 = perf_event_open(&(0x7f000001d000)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={0x0, 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000200)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r4, 0x0) r5 = perf_event_open(&(0x7f0000000000)={0x2, 0x70, 0x7f, 0x1, 0x0, 0xd, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r4, 0x0) r6 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') dup3(r6, r5, 0x0) r7 = perf_event_open(&(0x7f000001d000)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={0x0, 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000200)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r7, 0x0) r8 = perf_event_open(&(0x7f0000000000)={0x2, 0x70, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xe, r7, 0x0) r9 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') dup3(r9, r8, 0x0) write$FUSE_STATFS(r9, &(0x7f0000000180)={0x60, 0x0, 0x8, {{0x0, 0x7f, 0x8001, 0x10000007f, 0x1, 0x1ee, 0xfffeffff, 0x8}}}, 0x60) ioctl$KVM_SET_CPUID(r3, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYRESHEX=r6]) ioctl$KVM_SET_MSRS(r1, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x482}]}) syz_open_dev$rtc(&(0x7f0000000100)='/dev/rtc#\x00', 0xfffffffffffffffe, 0x100) 16:48:36 executing program 2: r0 = perf_event_open(&(0x7f000001d000)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={0x0, 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000200)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0) r1 = perf_event_open(&(0x7f0000000000)={0x2, 0x70, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r0, 0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') dup3(r2, r1, 0x0) ioctl$VIDIOC_ENUMAUDIO(r2, 0xc0345641, &(0x7f0000000040)={0x0, "238892a1fdec9cabd4ff82464f5105ae753467c0727fe1530293a0144862e6f8", 0x2}) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r5, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(0xffffffffffffffff, 0x4008240b, &(0x7f0000000240)={0x3, 0x70, 0xc0, 0x3, 0x65, 0x5, 0x0, 0xbdde, 0x804, 0x6, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x1, @perf_bp={&(0x7f0000000000), 0x8}, 0x4, 0x100000000, 0x100, 0x5, 0x76, 0x956, 0x7}) openat$fb0(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/fb0\x00', 0x448401, 0x0) ioctl$KVM_SET_MSRS(r5, 0xc008ae88, &(0x7f0000000140)=ANY=[@ANYBLOB="01000000e0b5db650eabb7c9000000000000000000000000cd7ed830e431649d2d1c87b6cabb69a25056cd11c7720ccb4284ccf869c102d607d2d75b0957919afbdd4a88f7b724634f62f27a9340d860eb97474175ea24bf889c134bf22299e76104b23be2a107123e1a56656bed5d811c57ea703d0bfa7d77b960789a7d9f1c8f7ae5f47cfd74b7d56f25036ade5f83a6a345bb3f3d3d9083c989cab33f8f4f1264dccf1bc76283e4821c2e033908b86174a908d6ccee43ebda8452204c3155fbf3de000000000000000000"]) 16:48:37 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x669}]}) [ 628.386619][T16490] MINIX-fs: mounting unchecked file system, running fsck is recommended 16:48:37 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2, 0x0, 0x4}}}, 0xf8}}, 0x0) 16:48:37 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, 0x0) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x481}]}) [ 628.479673][T16490] attempt to access beyond end of device [ 628.519819][T16490] loop5: rw=2049, want=6434, limit=52 [ 628.550623][T16490] Buffer I/O error on dev loop5, logical block 3216, lost async page write 16:48:37 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0xfffffffffffffffd) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r4 = fcntl$dupfd(r3, 0x0, r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) r5 = perf_event_open(&(0x7f000001d000)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={0x0, 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000200)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r5, 0x0) r6 = perf_event_open(&(0x7f0000000000)={0x2, 0x70, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r5, 0x0) r7 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') dup3(r7, r6, 0x0) r8 = perf_event_open(&(0x7f000001d000)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={0x0, 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000200)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r8, 0x0) r9 = perf_event_open(&(0x7f0000000000)={0x2, 0x70, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r8, 0x0) r10 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') dup3(r10, r9, 0x0) ioctl$VIDIOC_DQBUF(r7, 0xc0585611, &(0x7f00000001c0)={0x8, 0x9, 0x4, 0x20000000, 0x800, {}, {0x1, 0x0, 0x9, 0x7f, 0x4, 0x4, "355cd02f"}, 0x1e8, 0x2, @planes=&(0x7f0000000180)={0x9, 0x1, @fd=r10, 0x1}, 0x0, 0x0, r2}) ioctl$USBDEVFS_CONTROL(r4, 0xc0185500, &(0x7f0000000000)={0x60, 0x3, 0xd3, 0x71, 0x5b, 0x80000001, &(0x7f0000000100)="a30461d75abfeab3e19356d6af79e1724b256a605f2ffa3bd9744f09d65596398fbd815751d9878828a471f595ca65a6fa8565b67ae8e19369542e9f153236554e7c88812a7e4c2aa27185ac1d6294fc071bdc548c697dccfda0fa"}) ioctl$KVM_SET_CPUID(r10, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYRES32]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x482}]}) 16:48:37 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2, 0x0, 0x9}}}, 0xf8}}, 0x0) [ 628.601345][T16508] attempt to access beyond end of device [ 628.607264][T16508] loop5: rw=0, want=6434, limit=52 16:48:37 executing program 4: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = perf_event_open(&(0x7f000001d000)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={0x0, 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000200)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r3, 0x0) r4 = perf_event_open(&(0x7f0000000000)={0x2, 0x70, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r3, 0x0) r5 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') dup3(r5, r4, 0x0) r6 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000100)='NLBL_CIPSOv4\x00') sendmsg$NLBL_CIPSOV4_C_LIST(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB="04000000", @ANYRES16=r6, @ANYBLOB="00082dbd7000fddbdf2503000000"], 0x14}, 0x1, 0x0, 0x0, 0x4c015}, 0x800) sendmsg$NLBL_CIPSOV4_C_LISTALL(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000100)={&(0x7f0000000040)={0xb4, r6, 0x4, 0x70bd28, 0x25dfdbfb, {}, [@NLBL_CIPSOV4_A_DOI={0x8, 0x1, 0x2}, @NLBL_CIPSOV4_A_MLSCATLST={0x98, 0xc, 0x0, 0x1, [{0x3c, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATREM={0x8}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x6823b0bf}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0xba93}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0xab74}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x12d8dc}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x82f985}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x4cd0db68}]}, {0x4c, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x2502}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x752b5446}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x46dc}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x574c}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0xd3ac}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x5537715d}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x2a23}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x5071}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x21943876}]}, {0xc, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x536c4765}]}]}]}, 0xb4}, 0x1, 0x0, 0x0, 0x200c0081}, 0x24040045) sendmsg$NLBL_CIPSOV4_C_LISTALL(r5, &(0x7f0000000080)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000040)={&(0x7f0000000100)={0x204, r6, 0x108, 0x70bd26, 0x25dfdbfd, {}, [@NLBL_CIPSOV4_A_MLSLVLLST={0x20, 0x8, 0x0, 0x1, [{0x1c, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x2f73bb08}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x1cd310a2}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0xbd}]}]}, @NLBL_CIPSOV4_A_MLSLVLLST={0x4c, 0x8, 0x0, 0x1, [{0xc, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0x4b}]}, {0x14, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x5260cad7}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0x65}]}, {0xc, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x2e20ebf2}]}, {0x1c, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0x2b}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0x1b}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x53d51690}]}]}, @NLBL_CIPSOV4_A_MTYPE={0x8, 0x2, 0x2}, @NLBL_CIPSOV4_A_TAGLST={0x24, 0x4, 0x0, 0x1, [{0x5, 0x3, 0x7}, {0x5, 0x3, 0x1}, {0x5, 0x3, 0x7}, {0x5, 0x3, 0x7}]}, @NLBL_CIPSOV4_A_MLSLVLLST={0xb8, 0x8, 0x0, 0x1, [{0x24, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x6f463cd4}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0xf0}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x1a8e6099}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x56736f99}]}, {0x34, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x6e23da0f}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0xc8}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x252197d2}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x70c1af75}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0x6d}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0xaf}]}, {0x2c, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0x96}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0x2f}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0x1b}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x5c0f7fc9}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x2d6d6f89}]}, {0x14, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0x7}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0xa1}]}, {0x1c, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x620985cc}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x11268d06}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0xe9}]}]}, @NLBL_CIPSOV4_A_TAGLST={0x44, 0x4, 0x0, 0x1, [{0x5, 0x3, 0x1}, {0x5, 0x3, 0x6}, {0x5, 0x3, 0x2}, {0x5, 0x3, 0x1}, {0x5, 0x3, 0x6}, {0x5}, {0x5}, {0x5, 0x3, 0x2}]}, @NLBL_CIPSOV4_A_MLSCATLST={0x5c, 0xc, 0x0, 0x1, [{0x34, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0xa90e}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x126199e4}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x369b}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x5c1eac45}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x3a4e}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0xfb6f}]}, {0x24, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x7446dd82}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0xcea7}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x7f433563}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x871dbfd}]}]}]}, 0x204}, 0x1, 0x0, 0x0, 0x40}, 0x4080) r7 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000440)='ethtool\x00') sendmsg$ETHTOOL_MSG_STRSET_GET(r2, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000740)={&(0x7f00000000c0)={0x28, r7, 0x703, 0x0, 0x0, {}, [@ETHTOOL_A_STRSET_HEADER={0x4}, @ETHTOOL_A_STRSET_STRINGSETS={0x10, 0x2, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x3}]}]}]}, 0x28}}, 0x0) 16:48:37 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) r3 = perf_event_open(&(0x7f000001d000)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={0x0, 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000200)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r3, 0x0) r4 = perf_event_open(&(0x7f0000000000)={0x2, 0x70, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r3, 0x0) r5 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') dup3(r5, r4, 0x0) ioctl$TIOCSWINSZ(r5, 0x5414, &(0x7f0000000000)={0x0, 0xff, 0x71e1, 0x1}) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x483}]}) 16:48:37 executing program 5: open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) write$P9_ROPEN(r0, &(0x7f0000000280)={0x18, 0x71, 0x0, {{}, 0x1100}}, 0x18) 16:48:37 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, 0x0) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x481}]}) 16:48:37 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2, 0x0, 0xa}}}, 0xf8}}, 0x0) [ 628.715707][ T7238] minix_free_inode: bit 1 already cleared 16:48:37 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x481}]}) 16:48:37 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2, 0x0, 0xf}}}, 0xf8}}, 0x0) 16:48:37 executing program 2: openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = perf_event_open(&(0x7f000001d000)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={0x0, 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000200)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r2, 0x0) r3 = perf_event_open(&(0x7f0000000000)={0x2, 0x70, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r2, 0x0) r4 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') dup3(r4, r3, 0x0) ioctl$VIDIOC_G_EXT_CTRLS(r1, 0xc0205647, &(0x7f0000000100)={0xa20000, 0x5, 0x5, r4, 0x0, &(0x7f0000000000)={0x990904, 0x80000001, [], @ptr=0x200}}) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r7, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r7, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x483}]}) [ 628.886658][T16559] MINIX-fs: mounting unchecked file system, running fsck is recommended 16:48:37 executing program 4: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r1 = fcntl$dupfd(r0, 0x406, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$nl_generic(0x10, 0x3, 0x10) faccessat(r1, &(0x7f0000000000)='./file0\x00', 0x7, 0x1200) r3 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000440)='ethtool\x00') sendmsg$ETHTOOL_MSG_STRSET_GET(r2, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000740)={&(0x7f00000000c0)={0x28, r3, 0x703, 0x0, 0x0, {}, [@ETHTOOL_A_STRSET_HEADER={0x4}, @ETHTOOL_A_STRSET_STRINGSETS={0x10, 0x2, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x3}]}]}]}, 0x28}}, 0x0) 16:48:37 executing program 1: r0 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/pfkey\x00', 0x48901, 0x0) write$UHID_INPUT2(r0, &(0x7f0000000100)={0xc, {0xc, "beb3ab724958223485c3aaa7"}}, 0x12) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r3, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r3, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x490}]}) 16:48:37 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x481}]}) [ 628.985133][T16559] attempt to access beyond end of device [ 629.011776][T16559] loop5: rw=2049, want=6434, limit=52 16:48:37 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x481}]}) [ 629.063722][T16578] attempt to access beyond end of device [ 629.078891][T16578] loop5: rw=0, want=6434, limit=52 16:48:37 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2, 0x0, 0x60}}}, 0xf8}}, 0x0) 16:48:37 executing program 4: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$nl_generic(0x10, 0x3, 0x10) getsockopt$TIPC_SRC_DROPPABLE(r0, 0x10f, 0x80, &(0x7f0000000000), &(0x7f0000000040)=0x4) r3 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000440)='ethtool\x00') sendmsg$ETHTOOL_MSG_STRSET_GET(r2, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000740)={&(0x7f00000000c0)={0x28, r3, 0x703, 0x0, 0x0, {}, [@ETHTOOL_A_STRSET_HEADER={0x4}, @ETHTOOL_A_STRSET_STRINGSETS={0x10, 0x2, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x3}]}]}]}, 0x28}}, 0x0) 16:48:37 executing program 5: open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) write$P9_ROPEN(r0, &(0x7f0000000280)={0x18, 0x71, 0x0, {{}, 0x1200}}, 0x18) 16:48:37 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r4 = fcntl$dupfd(r3, 0x0, r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$UI_DEV_CREATE(r4, 0x5501) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r6 = fcntl$dupfd(r5, 0x0, r5) ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r8 = fcntl$dupfd(r7, 0x0, r7) ioctl$PERF_EVENT_IOC_ENABLE(r8, 0x8912, 0x400200) r9 = perf_event_open(&(0x7f000001d000)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={0x0, 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000200)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r9, 0x0) perf_event_open(&(0x7f0000000000)={0x2, 0x70, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r9, 0x0) syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe7000/0x18000)=nil, &(0x7f0000000140)=[@text32={0x20, &(0x7f0000000180)="b9800000c00f3235001000000f30f30f090f21f8af001008acafaf23f8b980007a736a00c06a00c0000100000f30662e670f350f01c9b9800000c0650f3535004000000f30660f38803eb9140a00000f320f01a32e0f01c8f00fb117f3260f0d7f00", 0x62}], 0x1, 0x20, &(0x7f0000000100)=[@dstype0={0x6, 0x4}], 0x1) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f0000000000)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cf81d9f46052a7abc509dcc0c04f57dc53ce0819ee000001007401d03fca"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)=ANY=[@ANYBLOB="0100000000000000830421146ad7a644df77000000000000"]) 16:48:37 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x481}]}) [ 629.177512][ T7238] minix_free_inode: bit 1 already cleared 16:48:37 executing program 4: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000440)='ethtool\x00') sendmsg$ETHTOOL_MSG_STRSET_GET(r2, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000740)={&(0x7f0000000100)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="10000000000000000000018bbb00040001802800028024000180080001de0200000008000100070000002800080001b46251d4fa6fe96720d943b5a5ae000000b514b2fd67c23e1262b98419d1150ae8e68e7185d9dad96aea9b3cce12146d22d702d20c331620f32ef5fd7c6e0ba4cf24c65f0398155e6b325713355ac32801c72b419193a6eee534ec3addb5e5a1f5d31a2918c9d2797b6ef4816ca316e750854bcade58e2602930a965d9a312ff28e3420e8564df9aabef"], 0x40}}, 0x0) 16:48:37 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2, 0x0, 0x2fc}}}, 0xf8}}, 0x0) [ 629.334307][T16631] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 629.365947][T16631] attempt to access beyond end of device [ 629.407110][T16631] loop5: rw=2049, want=6434, limit=52 16:48:38 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x481}]}) [ 629.471464][T16648] attempt to access beyond end of device [ 629.490410][T16648] loop5: rw=0, want=6434, limit=52 16:48:38 executing program 5: open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) write$P9_ROPEN(r0, &(0x7f0000000280)={0x18, 0x71, 0x0, {{}, 0x1700}}, 0x18) [ 629.529736][ T7238] minix_free_inode: bit 1 already cleared 16:48:38 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2, 0x0, 0x300}}}, 0xf8}}, 0x0) [ 629.626695][ T27] kauditd_printk_skb: 12 callbacks suppressed [ 629.626703][ T27] audit: type=1800 audit(1591289318.240:1313): pid=16659 uid=0 auid=0 ses=4 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.5" name="file0" dev="sda1" ino=16364 res=0 16:48:38 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x481}]}) [ 629.674168][T16659] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 629.732649][T16659] attempt to access beyond end of device 16:48:38 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2, 0x0, 0x43b}}}, 0xf8}}, 0x0) [ 629.830960][T16659] loop5: rw=2049, want=6434, limit=52 [ 629.864214][T16676] attempt to access beyond end of device [ 629.874920][T16676] loop5: rw=0, want=6434, limit=52 16:48:38 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x481}]}) 16:48:38 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2, 0x0, 0x900}}}, 0xf8}}, 0x0) 16:48:38 executing program 5: open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) write$P9_ROPEN(r0, &(0x7f0000000280)={0x18, 0x71, 0x0, {{}, 0x1800}}, 0x18) [ 629.888013][ T27] audit: type=1800 audit(1591289318.500:1314): pid=16676 uid=0 auid=0 ses=4 subj=_ op=collect_data cause=failed comm="syz-executor.5" name="/" dev="loop5" ino=1 res=0 [ 629.915158][ T7238] minix_free_inode: bit 1 already cleared [ 630.050956][ T27] audit: type=1800 audit(1591289318.670:1315): pid=16689 uid=0 auid=0 ses=4 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.5" name="file0" dev="sda1" ino=16131 res=0 [ 630.065400][T16689] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 630.086946][T16689] attempt to access beyond end of device [ 630.095958][T16689] loop5: rw=2049, want=6434, limit=52 16:48:38 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2, 0x0, 0xa00}}}, 0xf8}}, 0x0) 16:48:38 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x481}]}) [ 630.112064][T16692] attempt to access beyond end of device [ 630.117868][T16692] loop5: rw=0, want=6434, limit=52 [ 630.139193][ T27] audit: type=1800 audit(1591289318.740:1316): pid=16692 uid=0 auid=0 ses=4 subj=_ op=collect_data cause=failed comm="syz-executor.5" name="/" dev="loop5" ino=1 res=0 [ 630.156633][ T7238] minix_free_inode: bit 1 already cleared 16:48:38 executing program 5: open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) write$P9_ROPEN(r0, &(0x7f0000000280)={0x18, 0x71, 0x0, {{}, 0x2000}}, 0x18) [ 630.255968][ T27] audit: type=1800 audit(1591289318.870:1317): pid=16705 uid=0 auid=0 ses=4 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.5" name="file0" dev="sda1" ino=16371 res=0 [ 630.266723][T16705] MINIX-fs: mounting unchecked file system, running fsck is recommended 16:48:38 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2, 0x0, 0xf00}}}, 0xf8}}, 0x0) 16:48:38 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x481}]}) [ 630.314736][T16705] attempt to access beyond end of device [ 630.333693][T16705] loop5: rw=2049, want=6434, limit=52 [ 630.363464][T16708] attempt to access beyond end of device [ 630.403803][T16708] loop5: rw=0, want=6434, limit=52 16:48:39 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2, 0x0, 0x3b04}}}, 0xf8}}, 0x0) [ 630.438190][ T27] audit: type=1800 audit(1591289319.050:1318): pid=16708 uid=0 auid=0 ses=4 subj=_ op=collect_data cause=failed comm="syz-executor.5" name="/" dev="loop5" ino=1 res=0 16:48:39 executing program 5: open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) write$P9_ROPEN(r0, &(0x7f0000000280)={0x18, 0x71, 0x0, {{}, 0x2500}}, 0x18) [ 630.537431][ T7238] minix_free_inode: bit 1 already cleared 16:48:39 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee00000100"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x481}]}) 16:48:39 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2, 0x0, 0x6000}}}, 0xf8}}, 0x0) [ 630.664745][ T27] audit: type=1800 audit(1591289319.280:1319): pid=16724 uid=0 auid=0 ses=4 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.5" name="file0" dev="sda1" ino=16384 res=0 [ 630.678022][T16724] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 630.798274][T16724] attempt to access beyond end of device [ 630.833073][T16724] loop5: rw=2049, want=6434, limit=52 16:48:39 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee00000100"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x481}]}) 16:48:39 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2, 0x0, 0xfc02}}}, 0xf8}}, 0x0) [ 630.860783][T16734] attempt to access beyond end of device [ 630.870038][T16734] loop5: rw=0, want=6434, limit=52 [ 630.895456][ T27] audit: type=1800 audit(1591289319.510:1320): pid=16734 uid=0 auid=0 ses=4 subj=_ op=collect_data cause=failed comm="syz-executor.5" name="/" dev="loop5" ino=1 res=0 16:48:39 executing program 5: open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) write$P9_ROPEN(r0, &(0x7f0000000280)={0x18, 0x71, 0x0, {{}, 0x3f00}}, 0x18) 16:48:39 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee00000100"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x481}]}) 16:48:39 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2}}}, 0xf8}}, 0x0) 16:48:39 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) r3 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vga_arbiter\x00', 0x1, 0x0) bind$tipc(r3, &(0x7f0000000040)=@id={0x1e, 0x3, 0x0, {0x4e23, 0x2}}, 0x10) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000100)=ANY=[@ANYBLOB="0100000000000000830400ff0f0000000000000000000000b1694a205fb9e691262d8fb14ea63a8c3808867db3c27b9c8e8d6f7a806373e53d09baceaf922e781590a378a3bfa81409c165deab50b5baf93aa48a4c6e5c9c9004e49b8752eb081adc56865ffbbd5c559cf6a5bdf5c2dd31e2e6a4d8350134024a359cc1af03a2a0667810c9b6bf5eb8be5f7b2b53b41656cb595bd57e34ba3d91cefad7530a"]) r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0x15, 0x10, 0x3}, 0x3c) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f00000002c0)={r4, 0x28, &(0x7f00000001c0)={0x0, 0x0}}, 0x34) bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000000)={r5}, 0xc) getsockopt$inet_sctp6_SCTP_EVENTS(r3, 0x84, 0xb, &(0x7f0000000200), &(0x7f0000000240)=0xe) bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f00000001c0)={r5, 0x1dd}, 0xc) [ 630.979124][ T7238] minix_free_inode: bit 1 already cleared 16:48:39 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee00000100000000000000"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x481}]}) [ 631.121261][ T27] audit: type=1800 audit(1591289319.740:1321): pid=16762 uid=0 auid=0 ses=4 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.5" name="file0" dev="sda1" ino=16377 res=0 [ 631.182350][T16762] MINIX-fs: mounting unchecked file system, running fsck is recommended 16:48:39 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2, 0x0, 0x0, 0x2}}}, 0xf8}}, 0x0) [ 631.232075][T16762] attempt to access beyond end of device 16:48:39 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee00000100000000000000"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x481}]}) [ 631.282790][T16762] loop5: rw=2049, want=6434, limit=52 [ 631.320652][T16762] buffer_io_error: 13 callbacks suppressed [ 631.320662][T16762] Buffer I/O error on dev loop5, logical block 3216, lost async page write 16:48:40 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x483}]}) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) fcntl$dupfd(r3, 0x0, r3) ioctl$sock_SIOCADDRT(r3, 0x890b, &(0x7f0000000100)={0x0, @tipc=@id={0x1e, 0x3, 0x0, {0x4e23, 0x1}}, @rc={0x1f, @none}, @llc={0x1a, 0x5, 0xff, 0x0, 0x8, 0x3, @dev={[], 0x36}}, 0x3, 0x0, 0x0, 0x0, 0x6, &(0x7f0000000000)='gretap0\x00', 0x6, 0x7fffffff, 0xf000}) 16:48:40 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2, 0x0, 0x0, 0x3}}}, 0xf8}}, 0x0) [ 631.406980][T16789] attempt to access beyond end of device 16:48:40 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee00000100000000000000"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x481}]}) 16:48:40 executing program 4: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = perf_event_open(&(0x7f000001d000)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={0x0, 0x9}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0x9, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000200)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0x1}, 0x0, 0x0, 0x0, 0x4}, 0x0, 0x0, r3, 0x0) r4 = perf_event_open(&(0x7f0000000000)={0x5, 0x70, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, r3, 0x0) r5 = shmget$private(0x0, 0x2000, 0x0, &(0x7f0000011000/0x2000)=nil) shmat(r5, &(0x7f0000000000/0x13000)=nil, 0x4000) shmctl$SHM_LOCK(r5, 0xb) shmctl$SHM_UNLOCK(r5, 0xc) shmctl$SHM_LOCK(r5, 0xb) r6 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') clock_gettime(0x0, &(0x7f0000000080)={0x0, 0x0}) ioctl$VIDIOC_PREPARE_BUF(r2, 0xc058565d, &(0x7f0000000180)={0x1ff, 0x4, 0x4, 0x400, 0x0, {r7, r8/1000+60000}, {0x5, 0x2, 0x3, 0x1, 0xb6, 0x7f, "8ff90ae1"}, 0x7, 0x3, @fd, 0x3ff, 0x0, r3}) ioctl$BINDER_GET_NODE_INFO_FOR_REF(r9, 0xc018620c, &(0x7f0000000100)) dup3(r6, r4, 0x0) ioctl$SOUND_MIXER_WRITE_RECSRC(r6, 0xc0044dff, &(0x7f0000000000)=0x5) r10 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000440)='ethtool\x00') sendmsg$ETHTOOL_MSG_STRSET_GET(r2, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000740)={&(0x7f0000000280)=ANY=[@ANYBLOB="0600000027c377497c0f055617bcd640bb0c73c222e16f9cc2cffdf5c08ba1e053c9be3d098d8a6e6ccedf0b976fe9d6343c31a0dfda27daee169a43b99dc36cb937d537d3dc8194c71cf1193ce668542ee9fc8c710f270801c4957debb5233db5c2279f58e407c0009d85da91e09c28da1ce3f18a7611cbab8ccc31529e1a8c2bf9fcb2af5d", @ANYRES16=r10, @ANYBLOB="030700000000000000000100000004000180100002800c0001800800010003000000"], 0x28}}, 0x0) [ 631.406994][T16789] loop5: rw=0, want=6434, limit=52 [ 631.407009][T16789] Buffer I/O error on dev loop5, logical block 3216, async page read 16:48:40 executing program 5: open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) write$P9_ROPEN(r0, &(0x7f0000000280)={0x18, 0x71, 0x0, {{}, 0x4800}}, 0x18) 16:48:40 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2, 0x0, 0x0, 0x4}}}, 0xf8}}, 0x0) [ 631.407209][ T27] audit: type=1800 audit(1591289320.020:1322): pid=16789 uid=0 auid=0 ses=4 subj=_ op=collect_data cause=failed comm="syz-executor.5" name="/" dev="loop5" ino=1 res=0 [ 631.489043][ T7238] minix_free_inode: bit 1 already cleared 16:48:40 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee00000100"/43]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x481}]}) [ 631.657318][T16815] MINIX-fs: mounting unchecked file system, running fsck is recommended 16:48:40 executing program 4: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000440)='ethtool\x00') getsockopt$sock_timeval(r1, 0x1, 0x15, &(0x7f0000000000), &(0x7f0000000040)=0x10) sendmsg$ETHTOOL_MSG_STRSET_GET(r3, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000740)={&(0x7f00000000c0)={0x28, r4, 0x703, 0x0, 0x0, {}, [@ETHTOOL_A_STRSET_HEADER={0x4}, @ETHTOOL_A_STRSET_STRINGSETS={0x10, 0x2, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x3}]}]}]}, 0x28}}, 0x0) 16:48:40 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee00000100"/43]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x481}]}) 16:48:40 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2, 0x0, 0x0, 0x9}}}, 0xf8}}, 0x0) 16:48:40 executing program 4: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) mkdir(&(0x7f0000000380)='./file0\x00', 0x0) lsetxattr$security_capability(&(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='security.capability\x00', &(0x7f0000000100)=@v2, 0x14, 0x0) lsetxattr(&(0x7f0000000340)='./file0\x00', &(0x7f0000000040)=@known='user.syz\x00', 0x0, 0x0, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000440)='ethtool\x00') sendmsg$ETHTOOL_MSG_STRSET_GET(r2, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000740)={&(0x7f00000000c0)={0x28, r3, 0x703, 0x0, 0x0, {}, [@ETHTOOL_A_STRSET_HEADER={0x4}, @ETHTOOL_A_STRSET_STRINGSETS={0x10, 0x2, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x3}]}]}]}, 0x28}}, 0x0) 16:48:40 executing program 5: open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) write$P9_ROPEN(r0, &(0x7f0000000280)={0x18, 0x71, 0x0, {{}, 0x4c00}}, 0x18) [ 631.900060][ T7238] minix_free_inode: bit 1 already cleared 16:48:40 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2, 0x0, 0x0, 0xa}}}, 0xf8}}, 0x0) [ 632.043222][T16850] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 632.079500][T16850] attempt to access beyond end of device 16:48:40 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee00000100"/43]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x481}]}) [ 632.098546][T16850] loop5: rw=2049, want=6434, limit=52 [ 632.122519][T16850] Buffer I/O error on dev loop5, logical block 3216, lost async page write [ 632.155874][T16858] attempt to access beyond end of device 16:48:40 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2, 0x0, 0x0, 0xf}}}, 0xf8}}, 0x0) [ 632.188730][T16858] loop5: rw=0, want=6434, limit=52 [ 632.226559][T16858] Buffer I/O error on dev loop5, logical block 3216, async page read 16:48:40 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee00000100"/44]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x481}]}) 16:48:40 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2, 0x0, 0x0, 0x60}}}, 0xf8}}, 0x0) 16:48:40 executing program 5: open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) write$P9_ROPEN(r0, &(0x7f0000000280)={0x18, 0x71, 0x0, {{}, 0x6000}}, 0x18) [ 632.335530][ T7238] minix_free_inode: bit 1 already cleared 16:48:41 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2}}}, 0xf8}}, 0x0) 16:48:41 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee00000100"/44]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x481}]}) [ 632.471271][T16883] MINIX-fs: mounting unchecked file system, running fsck is recommended 16:48:41 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = perf_event_open(&(0x7f000001d000)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={0x0, 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000200)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r2, 0x0) r3 = perf_event_open(&(0x7f0000000000)={0x2, 0x70, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r2, 0x0) r4 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') dup3(r4, r3, 0x0) getsockopt$PNPIPE_IFINDEX(r4, 0x113, 0x2, &(0x7f0000000240)=0x0, &(0x7f0000000280)=0x4) r6 = socket(0x1, 0x803, 0x0) getsockname$packet(r6, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000180)=0x14) r8 = socket(0x10, 0x3, 0x0) sendmsg$nl_route(r8, &(0x7f0000000080)={0x0, 0x9, &(0x7f0000000140)={&(0x7f0000000000)=@newlink={0x3c, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x75747}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc, 0x1, 'macvtap\x00'}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r7}]}, 0x3c}}, 0x0) r9 = socket(0x1, 0x803, 0x0) getsockname$packet(r9, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000180)=0x14) r11 = socket(0x10, 0x3, 0x0) sendmsg$nl_route(r11, &(0x7f0000000080)={0x0, 0x9, &(0x7f0000000140)={&(0x7f0000000000)=@newlink={0x3c, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x75747}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc, 0x1, 'macvtap\x00'}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r10}]}, 0x3c}}, 0x0) sendmsg$TEAM_CMD_OPTIONS_SET(0xffffffffffffffff, &(0x7f0000000680)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000640)={&(0x7f00000002c0)={0x380, 0x0, 0x10, 0x70bd2b, 0x25dfdbfc, {}, [{{0x8}, {0x1b0, 0x2, 0x0, 0x1, [{0x40, 0x1, @queue_id={{{0x24, 0x1, 'queue_id\x00'}, {0x5}, {0x8, 0x4, 0x5}}, {0x8}}}, {0x3c, 0x1, @user_linkup_enabled={{{0x24, 0x1, 'user_linkup_enabled\x00'}, {0x5}, {0x4}}, {0x8}}}, {0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24, 0x1, 'lb_tx_hash_to_port_mapping\x00'}, {0x5}, {0x8}}, {0x8}}}, {0x40, 0x1, @lb_hash_stats={{{0x24, 0x1, 'lb_hash_stats\x00'}, {0x5}, {0x8, 0x4, 0x3}}, {0x8}}}, {0x38, 0x1, @mcast_rejoin_count={{0x24, 0x1, 'mcast_rejoin_count\x00'}, {0x5}, {0x8, 0x4, 0x8}}}, {0x40, 0x1, @queue_id={{{0x24, 0x1, 'queue_id\x00'}, {0x5}, {0x8, 0x4, 0x10000}}, {0x8}}}, {0x38, 0x1, @activeport={{0x24, 0x1, 'activeport\x00'}, {0x5}, {0x8}}}]}}, {{0x8}, {0x1ac, 0x2, 0x0, 0x1, [{0x40, 0x1, @queue_id={{{0x24, 0x1, 'queue_id\x00'}, {0x5}, {0x8, 0x4, 0x2}}, {0x8, 0x6, r5}}}, {0x38, 0x1, @lb_stats_refresh_interval={{0x24, 0x1, 'lb_stats_refresh_interval\x00'}, {0x5}, {0x8, 0x4, 0x9}}}, {0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24, 0x1, 'lb_tx_hash_to_port_mapping\x00'}, {0x5}, {0x8}}, {0x8}}}, {0x40, 0x1, @queue_id={{{0x24, 0x1, 'queue_id\x00'}, {0x5}, {0x8, 0x4, 0xffffff42}}, {0x8, 0x6, r7}}}, {0x38, 0x1, @notify_peers_count={{0x24, 0x1, 'notify_peers_count\x00'}, {0x5}, {0x8, 0x4, 0x7fffffff}}}, {0x40, 0x1, @name={{0x24, 0x1, 'mode\x00'}, {0x5}, {0xe, 0x4, 'broadcast\x00'}}}, {0x38, 0x1, @activeport={{0x24, 0x1, 'activeport\x00'}, {0x5}, {0x8, 0x4, r10}}}]}}]}, 0x380}}, 0x4000000) r12 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r12, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r12, 0xc008ae88, &(0x7f0000000040)) 16:48:41 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2, 0x0, 0x0, 0x0, 0x2}}}, 0xf8}}, 0x0) 16:48:41 executing program 4: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_EVENTS(r3, 0x84, 0xb, &(0x7f0000000040)={0x0, 0x3}, 0xe) shutdown(r3, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r3, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x10, &(0x7f00000002c0)=[@in={0x2, 0x0, @local}]}, &(0x7f0000000180)=0x10) r4 = socket$inet(0x2, 0x80001, 0x84) getsockopt$inet_sctp_SCTP_MAX_BURST(r4, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={0x0}, &(0x7f0000000040)=0x8) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) fcntl$dupfd(r6, 0x0, r6) ioctl$sock_SIOCSIFVLAN_SET_VLAN_INGRESS_PRIORITY_CMD(r6, 0x8983, &(0x7f00000001c0)={0x2, 'virt_wifi0\x00', {0x200}, 0x9}) setsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r3, 0x84, 0x79, &(0x7f00000000c0)={r5}, 0x8) getsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, &(0x7f0000000000)={r5, @in={{0x2, 0x4e23, @multicast2}}, 0x5, 0x3, 0x10000, 0x2, 0x80, 0x402, 0x1}, &(0x7f0000000300)=0x9c) setsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(r1, 0x84, 0x22, &(0x7f0000000140)={0x401, 0x1, 0x8001, 0x401, r7}, 0x10) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) getpeername$ax25(0xffffffffffffffff, &(0x7f0000000200)={{0x3, @netrom}, [@netrom, @bcast, @remote, @null, @rose, @bcast, @null, @bcast]}, &(0x7f0000000280)=0x48) r8 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000440)='ethtool\x00') sendmsg$ETHTOOL_MSG_STRSET_GET(r2, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000740)={&(0x7f0000000340)={0x44, r8, 0x1, 0x0, 0x0, {}, [@ETHTOOL_A_STRSET_HEADER={0x4}, @ETHTOOL_A_STRSET_HEADER={0x2c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'nr0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ip6gre0\x00'}]}]}, 0x44}}, 0x0) 16:48:41 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee00000100"/44]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x481}]}) [ 632.525571][T16883] attempt to access beyond end of device [ 632.595622][T16883] loop5: rw=2049, want=6434, limit=52 16:48:41 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x481}]}) [ 632.637454][T16883] Buffer I/O error on dev loop5, logical block 3216, lost async page write 16:48:41 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2, 0x0, 0x0, 0x0, 0x3}}}, 0xf8}}, 0x0) [ 632.737700][T16915] attempt to access beyond end of device 16:48:41 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x481}]}) [ 632.782896][T16915] loop5: rw=0, want=6434, limit=52 [ 632.788047][T16915] Buffer I/O error on dev loop5, logical block 3216, async page read 16:48:41 executing program 4: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000440)='ethtool\x00') sendmsg$ETHTOOL_MSG_STRSET_GET(r2, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000740)={&(0x7f00000000c0)=ANY=[@ANYBLOB="01000000", @ANYRES16=r3, @ANYBLOB="030700000000000000000100000004000180100002800c0001800800010003000000"], 0x28}}, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) sendmsg$NFT_MSG_GETFLOWTABLE(r1, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x28, 0x17, 0xa, 0x201, 0x0, 0x0, {0x3, 0x0, 0xa}, [@NFTA_FLOWTABLE_HANDLE={0xc, 0x5, 0x1, 0x0, 0x5}, @NFTA_FLOWTABLE_FLAGS={0x8}]}, 0x28}, 0x1, 0x0, 0x0, 0x84}, 0x4040800) r5 = fcntl$dupfd(r4, 0x0, r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) io_uring_register$IORING_UNREGISTER_BUFFERS(r5, 0x1, 0x0, 0x0) 16:48:41 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x481}]}) 16:48:41 executing program 5: open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) write$P9_ROPEN(r0, &(0x7f0000000280)={0x18, 0x71, 0x0, {{}, 0x6800}}, 0x18) 16:48:41 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x483}]}) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r4 = fcntl$dupfd(r3, 0x0, r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$UI_SET_FFBIT(r4, 0x4004556b, 0x3d) 16:48:41 executing program 4: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000440)='ethtool\x00') sendmsg$ETHTOOL_MSG_STRSET_GET(r2, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000740)={&(0x7f00000000c0)={0x1c, r3, 0x703, 0x0, 0x0, {}, [@ETHTOOL_A_STRSET_HEADER={0x4}, @ETHTOOL_A_STRSET_STRINGSETS={0x4}]}, 0x1c}}, 0x24000000) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r5 = fcntl$dupfd(r4, 0x0, r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) setsockopt$bt_BT_VOICE(r5, 0x112, 0xb, &(0x7f0000000000)=0x63, 0x2) 16:48:41 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2, 0x0, 0x0, 0x0, 0x4}}}, 0xf8}}, 0x0) [ 632.910174][ T7238] minix_free_inode: bit 1 already cleared 16:48:41 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, 0x0) [ 633.097038][T16954] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 633.123329][T16954] attempt to access beyond end of device [ 633.136037][T16954] loop5: rw=2049, want=6434, limit=52 16:48:41 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2, 0x0, 0x0, 0x0, 0x9}}}, 0xf8}}, 0x0) 16:48:41 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x200800, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000021000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x483}]}) [ 633.150531][T16954] Buffer I/O error on dev loop5, logical block 3216, lost async page write 16:48:41 executing program 4: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r3 = fcntl$dupfd(r2, 0x0, r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$tipc2(&(0x7f00000007c0)='TIPCv2\x00') sendmsg$TIPC_NL_LINK_GET(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)={0x14, r5, 0x1, 0x0, 0x0, {0x18}}, 0x33fe0}, 0x1, 0x4800}, 0x0) sendmsg$TIPC_NL_LINK_GET(r3, &(0x7f0000000080)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000040)={&(0x7f0000000100)={0xd8, r5, 0x10, 0x70bd25, 0x25dfdbfc, {}, [@TIPC_NLA_SOCK={0x10, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_CON={0xc, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_NODE={0x8, 0x2, 0x3}]}]}, @TIPC_NLA_LINK={0xb4, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_PROP={0x54, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x1a}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xb}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xd}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x2}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x17}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x19}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x1}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x80}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x1}]}, @TIPC_NLA_LINK_NAME={0x13, 0x1, 'broadcast-link\x00'}, @TIPC_NLA_LINK_PROP={0x24, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x1ff}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x4}, @TIPC_NLA_PROP_MTU={0x8}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x8}]}, @TIPC_NLA_LINK_PROP={0x24, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0xffffffff}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x5}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x1}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x46b}]}]}]}, 0xd8}, 0x1, 0x0, 0x0, 0x4000}, 0x40020) r6 = socket$nl_generic(0x10, 0x3, 0x10) r7 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000440)='ethtool\x00') sendmsg$ETHTOOL_MSG_STRSET_GET(r6, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000740)={&(0x7f00000000c0)={0x28, r7, 0x703, 0x0, 0x0, {}, [@ETHTOOL_A_STRSET_HEADER={0x4}, @ETHTOOL_A_STRSET_STRINGSETS={0x10, 0x2, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x3}]}]}]}, 0x28}}, 0x0) [ 633.205858][T16965] attempt to access beyond end of device 16:48:41 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r3 = fcntl$dupfd(r2, 0x0, r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) connect$pptp(r3, &(0x7f0000000000)={0x18, 0x2, {0x0, @initdev={0xac, 0x1e, 0x1, 0x0}}}, 0x1e) r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$TIOCCONS(r0, 0x541d) ioctl$KVM_SET_CPUID(r4, 0x4008ae8a, &(0x7f00000000c0)=ANY=[]) ioctl$KVM_SET_MSRS(r4, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x483}]}) [ 633.256534][T16965] loop5: rw=0, want=6434, limit=52 16:48:41 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2, 0x0, 0x0, 0x0, 0xa}}}, 0xf8}}, 0x0) 16:48:41 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, 0x0) [ 633.300213][T16965] Buffer I/O error on dev loop5, logical block 3216, async page read [ 633.319984][T16977] tipc: All keys are flushed! 16:48:42 executing program 5: open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) write$P9_ROPEN(r0, &(0x7f0000000280)={0x18, 0x71, 0x0, {{}, 0x6c00}}, 0x18) [ 633.374267][T16986] tipc: All keys are flushed! 16:48:42 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYRESHEX=r0]) r3 = openat$cachefiles(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/cachefiles\x00', 0x380, 0x0) ioctl$VIDIOC_S_JPEGCOMP(r3, 0x408c563e, &(0x7f0000000200)={0x9, 0xa, 0x12, "aab8f9e9beb8f3a2740b3f67af14b48d1ca2d4756f81c0f221fc35cf0d8fa166ba3b18cb3a1d7201ab30dd0254379a571c9adb0bee553c69bbc8eea6", 0x25, "d896ce2ae51f562e671209c41cc56c5ca7ef048d635a91d21ab2862473555b1e045307c13bc2c0ca85cabfa320b1b7ba46fb979b6fb70b7bb0596948", 0x8}) r4 = socket$netlink(0x10, 0x3, 0x8) sendmsg$NFULNL_MSG_CONFIG(r4, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x34, 0x1, 0x4, 0x401, 0x0, 0x0, {0x3, 0x0, 0xa}, [@NFULA_CFG_CMD={0x5, 0x1, 0x3}, @NFULA_CFG_NLBUFSIZ={0x8}, @NFULA_CFG_NLBUFSIZ={0x8, 0x3, 0x1, 0x0, 0x5}, @NFULA_CFG_NLBUFSIZ={0x8, 0x3, 0x1, 0x0, 0x5058}]}, 0x34}, 0x1, 0x0, 0x0, 0x20000000}, 0x0) ioctl$VHOST_SET_VRING_NUM(r0, 0x4008af10, &(0x7f0000000000)={0x2, 0x401}) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)=ANY=[]) [ 633.404061][ T7238] minix_free_inode: bit 1 already cleared 16:48:42 executing program 4: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = perf_event_open(&(0x7f000001d000)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={0x0, 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000200)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r3, 0x0) r4 = perf_event_open(&(0x7f0000000000)={0x2, 0x70, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r3, 0x0) r5 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') dup3(r5, r4, 0x0) ioctl$FS_IOC_GETFSLABEL(r5, 0x81009431, &(0x7f0000000100)) r6 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000440)='ethtool\x00') sendmsg$ETHTOOL_MSG_STRSET_GET(r2, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000740)={&(0x7f00000000c0)={0x28, r6, 0x703, 0x0, 0x0, {}, [@ETHTOOL_A_STRSET_HEADER={0x4}, @ETHTOOL_A_STRSET_STRINGSETS={0x10, 0x2, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x3}]}]}]}, 0x28}}, 0x0) 16:48:42 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2, 0x0, 0x0, 0x0, 0xf}}}, 0xf8}}, 0x0) 16:48:42 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, 0x0) [ 633.538688][T17005] MINIX-fs: mounting unchecked file system, running fsck is recommended 16:48:42 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)) 16:48:42 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r4 = fcntl$dupfd(r3, 0x0, r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) getsockopt$bt_BT_SECURITY(r4, 0x112, 0x4, &(0x7f0000000000), 0x2) r5 = perf_event_open(&(0x7f000001d000)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={0x0, 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000200)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r5, 0x0) r6 = perf_event_open(&(0x7f0000000000)={0x2, 0x70, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r5, 0x0) r7 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') dup3(r7, r6, 0x0) ioctl$DRM_IOCTL_GET_CAP(r7, 0xc010640c, &(0x7f0000000100)={0x12}) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x483}]}) 16:48:42 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2, 0x0, 0x0, 0x0, 0x60}}}, 0xf8}}, 0x0) 16:48:42 executing program 4: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000000000)='/dev/input/mice\x00', 0x10200) getsockopt$inet_mtu(r1, 0x0, 0xa, &(0x7f0000000040), &(0x7f0000000080)=0x4) sendmsg$AUDIT_TTY_SET(r1, &(0x7f0000000340)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)={0x18, 0x3f9, 0x20, 0x70bd2c, 0x25dfdbfb, {0x0, 0x1}, ["", "", "", "", "", "", ""]}, 0x18}, 0x1, 0x0, 0x0, 0x24004003}, 0x800) r2 = fcntl$dupfd(r0, 0x0, r0) r3 = syz_genetlink_get_family_id$SEG6(&(0x7f0000000140)='SEG6\x00') mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0) r4 = syz_open_procfs(0x0, &(0x7f0000000240)='clear_refs\x00') writev(r4, &(0x7f0000000140)=[{&(0x7f0000000080)='4', 0x1}], 0x1) r5 = gettid() r6 = socket$inet6_tcp(0xa, 0x1, 0x0) r7 = fcntl$dupfd(r6, 0x0, r6) ioctl$PERF_EVENT_IOC_ENABLE(r7, 0x8912, 0x400200) process_vm_writev(r5, &(0x7f0000c22000)=[{&(0x7f000034afa4)=""/1, 0x1f80}], 0x1, &(0x7f0000c22fa0)=[{&(0x7f0000000080)=""/1, 0x2034afa5}], 0x1, 0x0) sendmsg$SEG6_CMD_DUMPHMAC(r2, &(0x7f0000000200)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x80545120}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x2c, r3, 0x8, 0x70bd27, 0x25dfdbfc, {}, [@SEG6_ATTR_SECRET={0x18, 0x4, [0x1000, 0x0, 0x9, 0x9, 0xfffffffe]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x94}, 0x8080) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r8 = socket$nl_generic(0x10, 0x3, 0x10) r9 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000440)='ethtool\x00') sendmsg$ETHTOOL_MSG_STRSET_GET(r8, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000740)={&(0x7f00000000c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r9, @ANYBLOB="0307000000000004000180100002800c000180080001000300"/34], 0x28}}, 0x0) 16:48:42 executing program 5: open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) write$P9_ROPEN(r0, &(0x7f0000000280)={0x18, 0x71, 0x0, {{}, 0x7400}}, 0x18) [ 633.769135][ T7238] minix_free_inode: bit 1 already cleared 16:48:42 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)) 16:48:42 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2}}}, 0xf8}}, 0x0) [ 633.933856][T17055] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 633.965099][T17055] attempt to access beyond end of device [ 634.016709][T17055] loop5: rw=2049, want=6434, limit=52 16:48:42 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = perf_event_open(&(0x7f000001d000)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={0x0, 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000200)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r3, 0x0) r4 = perf_event_open(&(0x7f0000000000)={0x2, 0x70, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r3, 0x0) r5 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') dup3(r5, r4, 0x0) getsockopt$IP6T_SO_GET_REVISION_MATCH(r5, 0x29, 0x44, &(0x7f0000000000)={'icmp\x00'}, &(0x7f0000000100)=0x1e) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x483}]}) 16:48:42 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xf8}}, 0x0) [ 634.064715][T17055] Buffer I/O error on dev loop5, logical block 3216, lost async page write 16:48:42 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)) [ 634.163276][T17075] attempt to access beyond end of device [ 634.175316][T17075] loop5: rw=0, want=6434, limit=52 [ 634.185442][T17075] Buffer I/O error on dev loop5, logical block 3216, async page read 16:48:42 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r4 = fcntl$dupfd(r3, 0x0, r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$KVM_SET_MSRS(r4, 0xc008ae88, &(0x7f0000000040)={0x2, 0x0, [{0x23d, 0x0, 0x5}, {0x93c, 0x0, 0x1fff}]}) 16:48:42 executing program 5: open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) write$P9_ROPEN(r0, &(0x7f0000000280)={0x18, 0x71, 0x0, {{}, 0x7a00}}, 0x18) 16:48:42 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{}]}) 16:48:42 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2, 0x0, 0x0, 0x0, 0x0, 0x3}}}, 0xf8}}, 0x0) [ 634.318380][ T7238] minix_free_inode: bit 1 already cleared 16:48:43 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{}]}) [ 634.526333][T17118] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 634.566802][T17118] attempt to access beyond end of device [ 634.605977][T17118] loop5: rw=2049, want=6434, limit=52 [ 634.659622][T17126] attempt to access beyond end of device [ 634.674155][T17126] loop5: rw=0, want=6434, limit=52 [ 634.686584][ T27] kauditd_printk_skb: 11 callbacks suppressed [ 634.686592][ T27] audit: type=1800 audit(1591289323.300:1334): pid=17126 uid=0 auid=0 ses=4 subj=_ op=collect_data cause=failed comm="syz-executor.5" name="/" dev="loop5" ino=1 res=0 [ 634.761057][ T7238] minix_free_inode: bit 1 already cleared 16:48:43 executing program 5: open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) write$P9_ROPEN(r0, &(0x7f0000000280)={0x18, 0x71, 0x0, {{}, 0x8008}}, 0x18) 16:48:43 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2, 0x0, 0x0, 0x0, 0x0, 0x4}}}, 0xf8}}, 0x0) 16:48:43 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x483}]}) r3 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x40, 0x0) getsockopt$inet6_int(r3, 0x29, 0x11, &(0x7f0000000100), &(0x7f0000000140)=0x4) r4 = openat$nvram(0xffffffffffffff9c, &(0x7f0000000180)='/dev/nvram\x00', 0x46a00, 0x0) setsockopt$inet6_IPV6_HOPOPTS(r4, 0x29, 0x36, &(0x7f00000001c0)={0xc, 0x1a, [], [@pad1, @jumbo={0xc2, 0x4, 0x4}, @hao={0xc9, 0x10, @mcast1}, @hao={0xc9, 0x10, @rand_addr=' \x01\x00'}, @calipso={0x7, 0x48, {0x0, 0x10, 0x0, 0x3ff, [0xd2, 0x3, 0x9, 0x8, 0x8, 0x2, 0x1, 0xffffffff]}}, @pad1, @calipso={0x7, 0x30, {0x1, 0xa, 0x0, 0xe8, [0x8, 0x8001, 0xffffffffffff8411, 0x8, 0x7f]}}, @hao={0xc9, 0x10, @loopback}, @hao={0xc9, 0x10, @dev={0xfe, 0x80, [], 0x10}}]}, 0xd8) 16:48:43 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{}]}) 16:48:43 executing program 4: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000440)='ethtool\x00') socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff}) setsockopt$sock_linger(r4, 0x1, 0xd, &(0x7f0000000140)={0x0, 0x4}, 0x8) r5 = perf_event_open(&(0x7f000001d000)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={0x0, 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000200)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r5, 0x0) r6 = perf_event_open(&(0x7f000001d000)={0x5, 0x70, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x808, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={0x0, 0x1}, 0x0, 0x7}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000200)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r6, 0x0) r7 = perf_event_open(&(0x7f0000000000)={0x2, 0x70, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r6, 0x0) r8 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') dup3(r8, r7, 0x0) r9 = perf_event_open(&(0x7f000001d000)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={0x0, 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000200)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r9, 0x0) r10 = perf_event_open(&(0x7f0000000000)={0x2, 0x70, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r9, 0x0) r11 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') dup3(r11, r10, 0x0) sendmsg$ETHTOOL_MSG_STRSET_GET(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000740)={&(0x7f0000000080)=ANY=[@ANYBLOB="4c010000", @ANYRES16=r3, @ANYRESOCT=r11], 0x14c}, 0x1, 0x0, 0x0, 0x4c000}, 0x0) [ 635.024285][ T27] audit: type=1800 audit(1591289323.640:1335): pid=17138 uid=0 auid=0 ses=4 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.5" name="file0" dev="sda1" ino=16371 res=0 [ 635.051019][T17138] MINIX-fs: mounting unchecked file system, running fsck is recommended 16:48:43 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2, 0x0, 0x0, 0x0, 0x0, 0x9}}}, 0xf8}}, 0x0) [ 635.073121][T17138] attempt to access beyond end of device [ 635.078823][T17138] loop5: rw=2049, want=6434, limit=52 [ 635.096957][T17146] attempt to access beyond end of device [ 635.103207][T17146] loop5: rw=0, want=6434, limit=52 [ 635.111924][ T27] audit: type=1800 audit(1591289323.730:1336): pid=17146 uid=0 auid=0 ses=4 subj=_ op=collect_data cause=failed comm="syz-executor.5" name="/" dev="loop5" ino=1 res=0 16:48:43 executing program 5: open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) write$P9_ROPEN(r0, &(0x7f0000000280)={0x18, 0x71, 0x0, {{}, 0xf0ff}}, 0x18) 16:48:43 executing program 0: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = perf_event_open(&(0x7f000001d000)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={0x0, 0x9}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0x9, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000200)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0x1}, 0x0, 0x0, 0x0, 0x4}, 0x0, 0x0, r3, 0x0) r4 = perf_event_open(&(0x7f0000000000)={0x5, 0x70, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, r3, 0x0) r5 = shmget$private(0x0, 0x2000, 0x0, &(0x7f0000011000/0x2000)=nil) shmat(r5, &(0x7f0000000000/0x13000)=nil, 0x4000) shmctl$SHM_LOCK(r5, 0xb) shmctl$SHM_UNLOCK(r5, 0xc) shmctl$SHM_LOCK(r5, 0xb) r6 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') clock_gettime(0x0, &(0x7f0000000080)={0x0, 0x0}) ioctl$VIDIOC_PREPARE_BUF(r2, 0xc058565d, &(0x7f0000000180)={0x1ff, 0x4, 0x4, 0x400, 0x0, {r7, r8/1000+60000}, {0x5, 0x2, 0x3, 0x1, 0xb6, 0x7f, "8ff90ae1"}, 0x7, 0x3, @fd, 0x3ff, 0x0, r3}) ioctl$BINDER_GET_NODE_INFO_FOR_REF(r9, 0xc018620c, &(0x7f0000000100)) dup3(r6, r4, 0x0) ioctl$SOUND_MIXER_WRITE_RECSRC(r6, 0xc0044dff, &(0x7f0000000000)=0x5) r10 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000440)='ethtool\x00') sendmsg$ETHTOOL_MSG_STRSET_GET(r2, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000740)={&(0x7f0000000280)=ANY=[@ANYBLOB="0600000027c377497c0f055617bcd640bb0c73c222e16f9cc2cffdf5c08ba1e053c9be3d098d8a6e6ccedf0b976fe9d6343c31a0dfda27daee169a43b99dc36cb937d537d3dc8194c71cf1193ce668542ee9fc8c710f270801c4957debb5233db5c2279f58e407c0009d85da91e09c28da1ce3f18a7611cbab8ccc31529e1a8c2bf9fcb2af5d", @ANYRES16=r10, @ANYBLOB="030700000000000000000100000004000180100002800c0001800800010003000000"], 0x28}}, 0x0) [ 635.238567][ T7238] minix_free_inode: bit 1 already cleared 16:48:43 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2, 0x0, 0x0, 0x0, 0x0, 0xa}}}, 0xf8}}, 0x0) 16:48:43 executing program 0: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = perf_event_open(&(0x7f000001d000)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={0x0, 0x9}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0x9, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000200)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0x1}, 0x0, 0x0, 0x0, 0x4}, 0x0, 0x0, r3, 0x0) r4 = perf_event_open(&(0x7f0000000000)={0x5, 0x70, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, r3, 0x0) r5 = shmget$private(0x0, 0x2000, 0x0, &(0x7f0000011000/0x2000)=nil) shmat(r5, &(0x7f0000000000/0x13000)=nil, 0x4000) shmctl$SHM_LOCK(r5, 0xb) shmctl$SHM_UNLOCK(r5, 0xc) shmctl$SHM_LOCK(r5, 0xb) r6 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') clock_gettime(0x0, &(0x7f0000000080)={0x0, 0x0}) ioctl$VIDIOC_PREPARE_BUF(r2, 0xc058565d, &(0x7f0000000180)={0x1ff, 0x4, 0x4, 0x400, 0x0, {r7, r8/1000+60000}, {0x5, 0x2, 0x3, 0x1, 0xb6, 0x7f, "8ff90ae1"}, 0x7, 0x3, @fd, 0x3ff, 0x0, r3}) ioctl$BINDER_GET_NODE_INFO_FOR_REF(r9, 0xc018620c, &(0x7f0000000100)) dup3(r6, r4, 0x0) ioctl$SOUND_MIXER_WRITE_RECSRC(r6, 0xc0044dff, &(0x7f0000000000)=0x5) r10 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000440)='ethtool\x00') sendmsg$ETHTOOL_MSG_STRSET_GET(r2, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000740)={&(0x7f0000000280)=ANY=[@ANYBLOB="0600000027c377497c0f055617bcd640bb0c73c222e16f9cc2cffdf5c08ba1e053c9be3d098d8a6e6ccedf0b976fe9d6343c31a0dfda27daee169a43b99dc36cb937d537d3dc8194c71cf1193ce668542ee9fc8c710f270801c4957debb5233db5c2279f58e407c0009d85da91e09c28da1ce3f18a7611cbab8ccc31529e1a8c2bf9fcb2af5d", @ANYRES16=r10, @ANYBLOB="030700000000000000000100000004000180100002800c0001800800010003000000"], 0x28}}, 0x0) 16:48:44 executing program 4: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) pwritev(r1, &(0x7f0000000080)=[{&(0x7f0000000000)="a345fcb54fe4f0c8950a242bbdcdac12b9683d5c968dea2998b6128088061c1e958f24f74d9341", 0x27}, {&(0x7f0000000040)}, {&(0x7f00000007c0)="2887695496adf8fd70428f1dcafa8c356851ec08478c7fb3986c88fba95b7da75c168ba161c80dd75f550aa322ff2bf003634a82b7edbdfed3fe2288b30e3883bc1b6cfe9eb00a428f9bff3961497b6f5391e675f2a2bd3868218be2a5fbd05b00172b0f77369399efe6637754504f5d94afe93c70be51b0b79cc7e026d398ca0d37b2dcf218794aee30ad897d83d3171d79587ca5f99bf6a837618d2c651bb05c22938e23baead628771b6d587668acfd96750879358924cd617f0fe469f630e274c99bd557b946af53053ac580965b2a1acd12f5d91d4174c5d1ec53c0bf62756c8b23b8bebcaa1073e11cf0838a8c07456fab3693667d9b5c82443f6d7560a094e90037a7e77f8c629346f13e949a51ff0559efe6610b03983c3b2301aff5ea0ddf16103b5eb318637f31f823584bb1d9cf712472759a5a0ced3acd2a7b8d45e229855b6f6870056f103cac5e2a873faa9a3469f594ab9b13011eb637506c512ef72a6a8216b89179c2b3b3d9c008b1711ff96dda753a3cf8121d423f1cea404799a6fdd86739a897a8f2356fa6db0bc7f5ffc692c3375e275ed2293e632c8bf8304aa5e673df5ba7d47ea9b364ff133dbea870782c37bdbfcb4fb6cefa3da8473fdcf1bb029dc2bf1c7b3f3d04d9716033c966614114ddefd10d229b7271227d673478f430ac3d8a41f778b134df7839737dfde965e9675200f096f7e4dc74fbf811c3ed0fc3a52f11806487003127edccbf0268ae6a0a35de1c87b3ae71d50c9f460b8dd27f3538fe404bfeb76e7d11b12413c58a42a3e0f8895624e025f7c49237af8008038484a4a44c4db281aa6477b8aa52bdfcb2b97563396245520fa9fe31e262f305ee2a30cc19426cb9bd3d373eb7e935af2419756c0e30801d1e3c1380c17bb1d490479c341c6e301f4d8bc95094bad63a37cb1f5c016ef262f678c594afd0d453d25d60bf1ba4adb7bd716d23ed631fdb00e7897a7a790e65163e4c36df03121c1e2036209f062b8eed9184af9a426bb93989a0434fd8071211243d26e1dfac2f458b794f90f6b28feb7bfa0d2e14ead9e49f176e5d946190020cc89638e8bf8d6182c05967ffa4e272e90472474d11dd25253ff5ea5bb8e3a5f189a217bcaf5dbe1070a49c1e0fd98ba31f952028cf4744072451010a612dda093469e3cf709ab585fce90de1b0e86b676fc9cb15fea45f07c9e412c2ae52169365af6091d14a5e45ff67a2cdfc96521402ee18436ef69d2a6554cdc83756c69d544779159c4d12a44b6e90667b32f7eead37f337150ce07e81695f98fb7602771025c0fd2bdba94707ccba2bf6320c91ac2f89437c7067d47c16f76c10fee6b49bd7a5031bb054c39a3c533b82bfd63638ba10543e4e14303e795fbcf16cd586388187027c1450e27cd6b2f5b313d9062303b8a5170a56a45da28ef3223d871cc59ff4a1f44681b81ec121c29374cdc0b5390f64207c4d2cd17627613c4c2ab2c5f52e4aead49d42a17e32ef352a43d8baef0458d18d4d901d923f0e903156f3d7978951d50cd186ff9d0235ead9674d86325248b9d7edb67593e1f1bd24e3647932b7dbd8a3d470872d6c12f3d640e25267180efbdc7f3d61861b513ed2a2f15b0d7beac2a32f9b6bb1528537b56877c2670d04583f2e0b2da192708c73f68a265cb8fb3a9a918523ceb71119a5da792fba787df9dd941fab412eff7d05db0bc28e927c496a9a98a195596325ce3c1df353c0dbb340c9ca30a96dd459a1fceab7fa35c229cf95b0655be790db3ff79fd6cc3b5e3db4e0703e7d45a558aa8b9f9ad2d48df9e968b76479463babdfaef53fb203137cf52d0a32993b2f28aab31af6953d21813e9d834c717d53ef29deae6160389a04245d3e85f0573a01464e80fe9ccfb0881618c6dfad89f29d7bac500006ac742ab9abe9f45d3163c5ece630e4be1a12d61a59ad10dc9385d4300ee7d6c17fc8b8fec91365728924f599c8c9846923c76cbaecefe1fda52a2aca75c1867c364a3107ab54ec6cbbb3b311be9ce1a5377d9f0ec52af43a824258f7da6653f172b7a09aa15a6a359165642f393f29904c49c7582293874e0f2b96d01adef9dad10173e69500ec6f5e91baec6b90656d695d29c6e51438c00fe806508faa21aa324acf0a4e171ac4f3e306deb608c497ca6639e7fce73cf9a93cd7653b38cf241650fd60bee4cd5be6573a91944acde5b61fc3d1b8c84786d5beeffee0ecd507ea7c6f966edbfdac2d6ec0c5b0162fe963b4af5407da1438e60b4dda4d7184b641e6bbdebb76686da1ab2f259772f0f4a7a1baac72caab151fc4d893ac9b69f3233a8e23472b24383ecfd2ffe2d3dd050b6a9d56406a929761be4f397283b888c2f455b94a0982200c365c81bd4d5910cd0b57038daaf1efa1a58d1a5f45cf34eef1548cc43bbed52c3f663c5b53980bcd4b5b740a2988d647853ca4128ba7419f48264795841aa29f4dfe39c176ec75c593a5a28201b23ef4954722642df77271c19d57d112b6cb319c5bfcdab607daa56ce4609071e6d1d60d88e058e6c33c14c344ce07a7296bf92741b270fec661a15fbb97f8607927bf0b2577af879d8dc069608d9ce971b55a2e5fece997e60ac9134c0547d436e53c09adb76587e36b47a0688fc546585add3fb5d97ae84358433ad024951ff0afa94c8bde1bd724f4082496e8b6a563e645476e8caea230a714a4782ca7949ca18b2ef9b1ad4334159f0f8efa94c65be9d162059db9711f88394a0b6d7f2ab60c12a9b109d1be540684f8c502ed820722536791734a4303ea46c50cae39d417515b016f7424321518d386492488709b11fb3d1e046e97f5ca090b0212377682c0cdc91874fa48f222bff79b50f76f6d6df2a8a706bf46d32ff010cf6282c64d380d899336622ea77992460685bafaa777373a3cc12081760f86dc1b66628ef638968ff75c906ad9986214455098e4cfd8b979f8900714f406ebe92f45a1d5a9819d617fef960a411855991d9a1d61982ac842e764c0291eadd281886477023f0196b5a4f112490c59a8419a8f08637ad607e4de2029e8bcdb13cbf64fb0fe2b38a534464f7883aa1a23843be707a440ca104bf3aac7dd2d97c94e6496d5a9fe42f41f3d530e3e28616ef529c7e4e89858b742cf497cc2b3fca73fa437cd989727e62bfa3e0fb4372624d5e953da5e0d56212d0052480137208270dc8a8f1a07fcd04a7690872620b8bf5ec44c1bb9978ef62a4ad6c15459bf2e16fa28fae85e0e1380c2064b8e7ac220459d949d409b7a7874c6ee8afb3975c5edbb11ae42d1effc73df4e4dc7c31557ac24b1eb7d31958694c8b9d27ddf9e2c07b7c8514b23c46d009c5cbeff8666c88841015858a0da1df95e5aa59ee5e7853af9ae0b03336e375123404a83663371164f8f0ca06d3829d86714f0d8aaadb964d993ef828b3ae22c5b8da8c7767d447358923822b4866704202fe65f8d742e6f8a82bb3e8a7cd4be035831ab48743832de29dc2d03dc81aaf9b73b52976c9b3f19bfe6d49842a54321ea20a1b6bb203d275bdc307fdc6e55b8a8e1405b4bcb9d0190e7770098841bdfad957c16d630116b7050ea03d95fd5e73001a7af5902cbcc4477d2c5aa38a8341c94165bddb8f419e7ab020ab176a5f30d4a4e78c1872cf3d769b591f67ce8e9ea219f140dfb0f1143814a54cc2c1b774de64392cc2159bf5b286d3dfe5e9e08c302c49f9f96c757ae37bfb8156c14065ba2912e777698eac3c7a591ad64b02fc1894d18772d8cc0b4a8b37b6aa9741344c1c093ec108d7db11d02d803c72134f87ec9710dc2ffb57177be5b44b3dabd62a19cce616674b8fa68e1a351e7e6f4b73a2877e30d4c09a7e4546952bfbb22c4824f581af5c096552c1b2f9a91259c0b0147ac3fad36ce222361aa9f2683644bd2dd7cc987168dd85a08692411b5a4302c8b5a7fd007850935284111e477c5a68bc314df2594a7411a4f2cf8f99c28f66e29081e4e2c92b02c0f2b7ded07f1b0df4812021d5d2be6804229f1dd70e303c281759d977080ce35760bb3247c3a32ec58bf977ed799a05d89462416a2abff7406fb522ae5a6db15bffb3429a974ca185b84ceb591f0529695cecc962e1b51ea1d544fbc132c8804622009222a9fbabcc2c2dd65e89d6ff779a278de88c2610c84d6ea99343e682f4e985e9890da07755e689d1579c707bc9a82c8444f377c62280296e9a875105208bcc04b45419955200ffc1d07fa15ab18c2a0a4e3fb6c47e883c931454fa3f699545872f9398ce4abf565a486c9bea5ae9b8dcb81100c12485ac03de0a9c5fa0e8fd02932e58b8fbaff88ef5a8a4148bfa415cfe8d0f651d3374c1103be836e1d2cada2f35463490595a45d68eb7984c451d0c10ff212519504324045b80817ff1f98469519c5431dcd413b99016845350f90ce042ad0af022fefa8ea48ea8b6162a6f9fed2ada7235ffe1ef72a1eaedb6a33dc5dc609e073393dc2cf799b54a0474471893c66a063dedb7bb0ea963d96599cf20b15c059d1d0bdec762b1eb94b46ce9356d5a9a49e50f744589066d56c4df7fca053ddcb15fdfe656c28fec675b0efdd4babd90e909f792ed46c3cb6e3b620717b06cae66e983d88ddbba3c926826b14b728bd2ddbd59357aef76ca6ce9c1b79a6f2b85655b9b76559f7417c00f24f6789e4b2a9e0aac135f6da12a79e6076b71dea1fb3079d0cd5f8026e95b11264d1f2ad5346aaee2d0da859ea9f9eb7bed33efe55abf64542db2c8a0edb2f647853265ac4efcd5f8b49cd1d13118024304deac646509e9d9d48c1a237908646f40893aab593c3e25484502b6239b7595c4222f541d6b041ae2bb0a7572ed959573bcd0ea552f376569aeeb6f9de7d9224b5558dfee81501754cfc7e200d49497e192d3d011919684f95861789a800705c703e5549afa0f17bddeb34a626d1a076a0716b6b3850e4b39055bfbf949442461ef99d95f662df5b8d5b5d709fd7edd84b1135c38da94bfd26264cb31c6b9f61f4d718344203c56ec8961626bb3e2c34ab54ae6817bef3ce312c60b4dcffc9379e9e0546daac779469aa072d1a635fabbcf8b73f40c304ba13cf0ead875751b648cd5ff53bc9741f735c4c4f83f3f72ab70ccbe301a05ce9c8a5ea2fbd76bc30fa64326c0d498e9d6bf3931822a0514d633276550050278cf8d202eaf7359c16ddd88afc89cb10f45843d499806665fc4f97863e476c549e16162a2c1c80a91b662ddf5f3b5626b79c53f6cef9fd15d8b9ce1ad01cb5563c0e4e64c3551cd9178243fdec0448091139dd70a2ea0ba66a5b43ebfd6d0f9f0f720709e28190047dd4677b4cde728ea68309f11360dbd9b3d05a5f3df8d53e5b0c78f29b06f973dfe461d28e945d663874524505ff623932b7c980bdd393fb0ac759fcec93093529d5ff317a7d14bd583b592b262a8deea7834a7814d77925a668d5e7be10d184d126c3c39daed8018c98cf72d8d40ac3666e708b8cd0115dcbcd6ac9f31e200f70d1aac52139ba57c143c0e66630b0c524b9de16db4cb70ac39346053ab78217096a4d52295d9d5dfc85fa41979b099a6e088a2bd0a677f91d9cb22d73383724383b4eec31358cae30caa125055c80f8fd41c0f1ce2d9ae17084ba67074e1d2e63c37f146b6eb9539ffdb185f54a9c10e1ab2df991b0e69d8d61643faa5a4467e98c5184c2adaebdcabf1a5f37bbdbe7404ae20ccd3f55c928943902d091f2ff8e095e584853f94b8a588a98ffe450788c0d2163eb", 0x1000}], 0x3, 0x9) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000440)='ethtool\x00') sendmsg$ETHTOOL_MSG_STRSET_GET(r3, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000740)={&(0x7f00000000c0)={0x28, r4, 0x703, 0x0, 0x0, {}, [@ETHTOOL_A_STRSET_HEADER={0x4}, @ETHTOOL_A_STRSET_STRINGSETS={0x10, 0x2, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x3}]}]}]}, 0x28}}, 0x0) r5 = perf_event_open(&(0x7f000001d000)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={0x0, 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000200)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r5, 0x0) r6 = perf_event_open(&(0x7f0000000000)={0x2, 0x70, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r5, 0x0) r7 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') dup3(r7, r6, 0x0) ioctl$EXT4_IOC_MOVE_EXT(r3, 0xc028660f, &(0x7f0000000040)={0x0, r7, 0x7, 0x4, 0x4}) [ 635.391969][ T27] audit: type=1800 audit(1591289324.010:1337): pid=17174 uid=0 auid=0 ses=4 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.5" name="file0" dev="sda1" ino=16382 res=0 [ 635.434836][T17174] MINIX-fs: mounting unchecked file system, running fsck is recommended 16:48:44 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2, 0x0, 0x0, 0x0, 0x0, 0xf}}}, 0xf8}}, 0x0) 16:48:44 executing program 0: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = perf_event_open(&(0x7f000001d000)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={0x0, 0x9}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0x9, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000200)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0x1}, 0x0, 0x0, 0x0, 0x4}, 0x0, 0x0, r3, 0x0) r4 = perf_event_open(&(0x7f0000000000)={0x5, 0x70, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, r3, 0x0) r5 = shmget$private(0x0, 0x2000, 0x0, &(0x7f0000011000/0x2000)=nil) shmat(r5, &(0x7f0000000000/0x13000)=nil, 0x4000) shmctl$SHM_LOCK(r5, 0xb) shmctl$SHM_UNLOCK(r5, 0xc) shmctl$SHM_LOCK(r5, 0xb) r6 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') clock_gettime(0x0, &(0x7f0000000080)={0x0, 0x0}) ioctl$VIDIOC_PREPARE_BUF(r2, 0xc058565d, &(0x7f0000000180)={0x1ff, 0x4, 0x4, 0x400, 0x0, {r7, r8/1000+60000}, {0x5, 0x2, 0x3, 0x1, 0xb6, 0x7f, "8ff90ae1"}, 0x7, 0x3, @fd, 0x3ff, 0x0, r3}) ioctl$BINDER_GET_NODE_INFO_FOR_REF(r9, 0xc018620c, &(0x7f0000000100)) dup3(r6, r4, 0x0) ioctl$SOUND_MIXER_WRITE_RECSRC(r6, 0xc0044dff, &(0x7f0000000000)=0x5) r10 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000440)='ethtool\x00') sendmsg$ETHTOOL_MSG_STRSET_GET(r2, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000740)={&(0x7f0000000280)=ANY=[@ANYBLOB="0600000027c377497c0f055617bcd640bb0c73c222e16f9cc2cffdf5c08ba1e053c9be3d098d8a6e6ccedf0b976fe9d6343c31a0dfda27daee169a43b99dc36cb937d537d3dc8194c71cf1193ce668542ee9fc8c710f270801c4957debb5233db5c2279f58e407c0009d85da91e09c28da1ce3f18a7611cbab8ccc31529e1a8c2bf9fcb2af5d", @ANYRES16=r10, @ANYBLOB="030700000000000000000100000004000180100002800c0001800800010003000000"], 0x28}}, 0x0) [ 635.519576][T17174] attempt to access beyond end of device 16:48:44 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0x9000aea4, &(0x7f0000000040)={0x1, 0x0, [{0x482}]}) [ 635.560667][T17174] loop5: rw=2049, want=6434, limit=52 [ 635.591135][T17181] attempt to access beyond end of device [ 635.596798][T17181] loop5: rw=0, want=6434, limit=52 [ 635.645784][ T27] audit: type=1800 audit(1591289324.260:1338): pid=17181 uid=0 auid=0 ses=4 subj=_ op=collect_data cause=failed comm="syz-executor.5" name="/" dev="loop5" ino=1 res=0 16:48:44 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2, 0x0, 0x0, 0x0, 0x0, 0x60}}}, 0xf8}}, 0x0) 16:48:44 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000efaa"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0xc1, 0x0, 0xa000000}]}) 16:48:44 executing program 5: open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) write$P9_ROPEN(r0, &(0x7f0000000280)={0x18, 0x71, 0x0, {{}, 0xff0f}}, 0x18) [ 635.730760][ T7238] minix_free_inode: bit 1 already cleared 16:48:44 executing program 4 (fault-call:4 fault-nth:0): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x481}]}) 16:48:44 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2}}}, 0xf8}}, 0x0) [ 635.891198][ T27] audit: type=1800 audit(1591289324.510:1339): pid=17210 uid=0 auid=0 ses=4 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.5" name="file0" dev="sda1" ino=15801 res=0 [ 635.928011][T17210] MINIX-fs: mounting unchecked file system, running fsck is recommended 16:48:44 executing program 0 (fault-call:4 fault-nth:0): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x488}]}) 16:48:44 executing program 2: r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$fou(&(0x7f0000000200)='fou\x00') sendmsg$FOU_CMD_GET(r2, &(0x7f0000001200)={0x0, 0x0, &(0x7f00000011c0)={&(0x7f0000001140)={0x34, r3, 0x1, 0x0, 0x0, {}, [@FOU_ATTR_IFINDEX={0x8}, @FOU_ATTR_LOCAL_V4={0x8, 0x6, @dev}, @FOU_ATTR_PEER_PORT={0x6}, @FOU_ATTR_PORT={0x6, 0x1, 0x4e23}]}, 0x34}}, 0x0) sendmsg$FOU_CMD_ADD(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)={0x68, r3, 0x100, 0x70bd25, 0x25dfdbff, {}, [@FOU_ATTR_IPPROTO={0x5, 0x3, 0x6c}, @FOU_ATTR_PEER_V4={0x8, 0x8, @multicast1}, @FOU_ATTR_LOCAL_V4={0x8, 0x6, @empty}, @FOU_ATTR_PEER_PORT={0x6, 0xa, 0x4e22}, @FOU_ATTR_PORT={0x6, 0x1, 0x4e22}, @FOU_ATTR_PEER_V6={0x14, 0x9, @empty}, @FOU_ATTR_PORT={0x6, 0x1, 0x4e21}, @FOU_ATTR_PORT={0x6, 0x1, 0x4e22}, @FOU_ATTR_IFINDEX={0x8}]}, 0x68}, 0x1, 0x0, 0x0, 0x2000488c}, 0x8000000) ioctl$KVM_SET_CPUID(r1, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r1, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x483}]}) [ 635.939993][T17209] FAULT_INJECTION: forcing a failure. [ 635.939993][T17209] name failslab, interval 1, probability 0, space 0, times 0 16:48:44 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2}, 0x2}}, 0xf8}}, 0x0) [ 636.039391][T17222] FAULT_INJECTION: forcing a failure. [ 636.039391][T17222] name failslab, interval 1, probability 0, space 0, times 0 [ 636.068987][T17209] CPU: 1 PID: 17209 Comm: syz-executor.4 Not tainted 5.7.0-syzkaller #0 [ 636.077329][T17209] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 636.087381][T17209] Call Trace: [ 636.090680][T17209] dump_stack+0x1e9/0x30e [ 636.095014][T17209] should_fail+0x433/0x5b0 [ 636.099436][T17209] ? tomoyo_realpath_from_path+0xd8/0x630 [ 636.105156][T17209] should_failslab+0x5/0x20 [ 636.109657][T17209] __kmalloc+0x74/0x330 [ 636.113811][T17209] ? tomoyo_realpath_from_path+0xcb/0x630 [ 636.119531][T17209] tomoyo_realpath_from_path+0xd8/0x630 [ 636.125077][T17209] tomoyo_path_number_perm+0x18f/0x690 [ 636.130569][T17209] security_file_ioctl+0x55/0xb0 [ 636.135505][T17209] __se_sys_ioctl+0x48/0x160 [ 636.140098][T17209] do_syscall_64+0xf3/0x1b0 [ 636.144597][T17209] entry_SYSCALL_64_after_hwframe+0x49/0xb3 [ 636.150485][T17209] RIP: 0033:0x45ca69 [ 636.154371][T17209] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 636.174143][T17209] RSP: 002b:00007f36a9156c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 16:48:44 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2}, 0x3}}, 0xf8}}, 0x0) 16:48:44 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2}, 0x4}}, 0xf8}}, 0x0) [ 636.182549][T17209] RAX: ffffffffffffffda RBX: 00000000004e8480 RCX: 000000000045ca69 [ 636.190516][T17209] RDX: 0000000020000040 RSI: 00000000c008ae88 RDI: 0000000000000005 [ 636.198482][T17209] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 636.206457][T17209] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000006 [ 636.214421][T17209] R13: 00000000000003d8 R14: 00000000004c68ca R15: 00007f36a91576d4 [ 636.286444][T17222] CPU: 0 PID: 17222 Comm: syz-executor.0 Not tainted 5.7.0-syzkaller #0 [ 636.286488][ T7238] minix_free_inode: bit 1 already cleared [ 636.294775][T17222] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 636.294781][T17222] Call Trace: [ 636.294800][T17222] dump_stack+0x1e9/0x30e [ 636.294815][T17222] should_fail+0x433/0x5b0 [ 636.294833][T17222] ? tomoyo_realpath_from_path+0xd8/0x630 [ 636.294844][T17222] should_failslab+0x5/0x20 16:48:44 executing program 5: open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) write$P9_ROPEN(r0, &(0x7f0000000280)={0x18, 0x71, 0x0, {{}, 0xfff0}}, 0x18) [ 636.294853][T17222] __kmalloc+0x74/0x330 [ 636.294865][T17222] ? tomoyo_realpath_from_path+0xcb/0x630 [ 636.294878][T17222] tomoyo_realpath_from_path+0xd8/0x630 [ 636.294899][T17222] tomoyo_path_number_perm+0x18f/0x690 [ 636.294962][T17222] security_file_ioctl+0x55/0xb0 [ 636.294977][T17222] __se_sys_ioctl+0x48/0x160 [ 636.294994][T17222] do_syscall_64+0xf3/0x1b0 [ 636.295008][T17222] entry_SYSCALL_64_after_hwframe+0x49/0xb3 [ 636.295018][T17222] RIP: 0033:0x45ca69 [ 636.295028][T17222] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 636.295034][T17222] RSP: 002b:00007f3a1d1c5c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 636.295045][T17222] RAX: ffffffffffffffda RBX: 00000000004e8480 RCX: 000000000045ca69 [ 636.295051][T17222] RDX: 0000000020000040 RSI: 00000000c008ae88 RDI: 0000000000000005 [ 636.295058][T17222] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 636.295063][T17222] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000006 [ 636.295069][T17222] R13: 00000000000003d8 R14: 00000000004c68ca R15: 00007f3a1d1c66d4 [ 636.335055][T17222] ERROR: Out of memory at tomoyo_realpath_from_path. 16:48:45 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2}, 0x9}}, 0xf8}}, 0x0) 16:48:45 executing program 2: r0 = perf_event_open(&(0x7f000001d000)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={0x0, 0x1}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000200)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0) r1 = perf_event_open(&(0x7f0000000000)={0x2, 0x70, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xfffffffffffffffe, r0, 0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') dup3(r2, r1, 0x0) ioctl$VIDIOC_ENUM_FRAMEINTERVALS(r2, 0xc034564b, &(0x7f0000000100)={0x5, 0x50313459, 0x0, 0x1, 0x2, @stepwise={{0x1, 0xfffffbff}, {0xffffffff, 0x40}, {0x9, 0x1f}}}) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r2, 0x84, 0x64, &(0x7f0000000180)=[@in={0x2, 0x4e23, @local}], 0x10) r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0) openat$smackfs_syslog(0xffffffffffffff9c, &(0x7f0000000000)='/sys/fs/smackfs/syslog\x00', 0x2, 0x0) r6 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') dup3(r6, 0xffffffffffffffff, 0x0) ioctl$SNDCTL_DSP_GETFMTS(r6, 0x8004500b, &(0x7f0000000280)=0x56ec) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r8 = fcntl$dupfd(r7, 0x0, r7) ioctl$PERF_EVENT_IOC_ENABLE(r8, 0x8912, 0x400200) ioctl$VIDIOC_DBG_S_REGISTER(r8, 0x4038564f, &(0x7f00000001c0)={{0x6, @addr=0x7}, 0x8, 0x1f, 0xe5e}) ioctl$KVM_SET_CPUID(r5, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r5, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x483}]}) [ 636.486104][T17209] ERROR: Out of memory at tomoyo_realpath_from_path. 16:48:45 executing program 0 (fault-call:4 fault-nth:1): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x488}]}) 16:48:45 executing program 4 (fault-call:4 fault-nth:1): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x481}]}) 16:48:45 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2}, 0xa}}, 0xf8}}, 0x0) [ 636.621085][ T27] audit: type=1800 audit(1591289325.240:1340): pid=17250 uid=0 auid=0 ses=4 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.5" name="file0" dev="sda1" ino=16384 res=0 [ 636.633427][T17250] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 636.694596][T17254] FAULT_INJECTION: forcing a failure. [ 636.694596][T17254] name failslab, interval 1, probability 0, space 0, times 0 [ 636.706825][T17250] attempt to access beyond end of device [ 636.713023][T17250] loop5: rw=2049, want=6434, limit=52 [ 636.719043][T17250] buffer_io_error: 6 callbacks suppressed [ 636.719052][T17250] Buffer I/O error on dev loop5, logical block 3216, lost async page write [ 636.736709][T17265] attempt to access beyond end of device [ 636.742925][T17265] loop5: rw=0, want=6434, limit=52 [ 636.748524][T17265] Buffer I/O error on dev loop5, logical block 3216, async page read 16:48:45 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2}, 0xf}}, 0xf8}}, 0x0) 16:48:45 executing program 5: open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) write$P9_ROPEN(r0, &(0x7f0000000280)={0x18, 0x71, 0x0, {{}, 0x40000}}, 0x18) [ 636.792647][ T7238] minix_free_inode: bit 1 already cleared [ 636.795232][ T27] audit: type=1800 audit(1591289325.370:1341): pid=17265 uid=0 auid=0 ses=4 subj=_ op=collect_data cause=failed comm="syz-executor.5" name="/" dev="loop5" ino=1 res=0 [ 636.831954][T17254] CPU: 0 PID: 17254 Comm: syz-executor.0 Not tainted 5.7.0-syzkaller #0 16:48:45 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x481}]}) [ 636.840305][T17254] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 636.850385][T17254] Call Trace: [ 636.853683][T17254] dump_stack+0x1e9/0x30e [ 636.858019][T17254] should_fail+0x433/0x5b0 [ 636.862445][T17254] ? tomoyo_encode2+0x25a/0x560 [ 636.867309][T17254] should_failslab+0x5/0x20 [ 636.871810][T17254] __kmalloc+0x74/0x330 [ 636.875975][T17254] tomoyo_encode2+0x25a/0x560 [ 636.880654][T17254] ? anon_inodefs_init_fs_context+0x60/0x60 [ 636.886546][T17254] tomoyo_realpath_from_path+0x5d6/0x630 [ 636.892253][T17254] tomoyo_path_number_perm+0x18f/0x690 [ 636.897744][T17254] security_file_ioctl+0x55/0xb0 [ 636.902685][T17254] __se_sys_ioctl+0x48/0x160 [ 636.907279][T17254] do_syscall_64+0xf3/0x1b0 [ 636.911778][T17254] entry_SYSCALL_64_after_hwframe+0x49/0xb3 [ 636.917676][T17254] RIP: 0033:0x45ca69 [ 636.921566][T17254] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 16:48:45 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="030000000000096500000000000600006300060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x483}]}) [ 636.941169][T17254] RSP: 002b:00007f3a1d1c5c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 636.949579][T17254] RAX: ffffffffffffffda RBX: 00000000004e8480 RCX: 000000000045ca69 [ 636.957553][T17254] RDX: 0000000020000040 RSI: 00000000c008ae88 RDI: 0000000000000005 [ 636.965524][T17254] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 636.973495][T17254] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000006 [ 636.981476][T17254] R13: 00000000000003d8 R14: 00000000004c68ca R15: 00007f3a1d1c66d4 [ 637.083447][ T27] audit: type=1800 audit(1591289325.700:1342): pid=17279 uid=0 auid=0 ses=4 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.5" name="file0" dev="sda1" ino=16384 res=0 16:48:45 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2}, 0x60}}, 0xf8}}, 0x0) 16:48:45 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0x2, &(0x7f0000000040)={0x1, 0x0, [{0x481}]}) [ 637.125100][T17288] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 637.155986][T17254] ERROR: Out of memory at tomoyo_realpath_from_path. 16:48:45 executing program 0 (fault-call:4 fault-nth:2): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x488}]}) 16:48:45 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x483}]}) 16:48:45 executing program 5: open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) write$P9_ROPEN(r0, &(0x7f0000000280)={0x18, 0x71, 0x0, {{}, 0x80000}}, 0x18) 16:48:45 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2}, 0x2fc}}, 0xf8}}, 0x0) [ 637.326276][ T7238] minix_free_inode: bit 1 already cleared [ 637.367002][T17305] FAULT_INJECTION: forcing a failure. [ 637.367002][T17305] name failslab, interval 1, probability 0, space 0, times 0 [ 637.435591][T17305] CPU: 0 PID: 17305 Comm: syz-executor.0 Not tainted 5.7.0-syzkaller #0 [ 637.443931][T17305] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 637.454855][T17305] Call Trace: [ 637.458150][T17305] dump_stack+0x1e9/0x30e [ 637.462486][T17305] should_fail+0x433/0x5b0 [ 637.466915][T17305] ? kvm_arch_vcpu_ioctl+0x1944/0x4040 [ 637.472378][T17305] should_failslab+0x5/0x20 [ 637.476879][T17305] __kmalloc_track_caller+0x72/0x320 [ 637.482167][T17305] memdup_user+0x22/0xb0 [ 637.486412][T17305] kvm_arch_vcpu_ioctl+0x1944/0x4040 [ 637.491703][T17305] ? kvm_vcpu_ioctl+0xff/0xa60 [ 637.496475][T17305] kvm_vcpu_ioctl+0x550/0xa60 [ 637.501161][T17305] ? kvm_vm_ioctl_get_dirty_log+0x650/0x650 [ 637.507045][T17305] __se_sys_ioctl+0xf9/0x160 [ 637.511636][T17305] do_syscall_64+0xf3/0x1b0 [ 637.516147][T17305] entry_SYSCALL_64_after_hwframe+0x49/0xb3 [ 637.522037][T17305] RIP: 0033:0x45ca69 [ 637.525933][T17305] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 637.545569][T17305] RSP: 002b:00007f3a1d1c5c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 637.554113][T17305] RAX: ffffffffffffffda RBX: 00000000004e8480 RCX: 000000000045ca69 [ 637.562088][T17305] RDX: 0000000020000040 RSI: 00000000c008ae88 RDI: 0000000000000005 [ 637.570061][T17305] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 637.578032][T17305] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000006 [ 637.586000][T17305] R13: 00000000000003d8 R14: 00000000004c68ca R15: 00007f3a1d1c66d4 [ 637.598328][ T27] audit: type=1800 audit(1591289326.120:1343): pid=17329 uid=0 auid=0 ses=4 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.5" name="file0" dev="sda1" ino=16364 res=0 [ 637.627091][T17329] MINIX-fs: mounting unchecked file system, running fsck is recommended 16:48:46 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0x10, &(0x7f0000000040)={0x1, 0x0, [{0x481}]}) 16:48:46 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2}, 0x300}}, 0xf8}}, 0x0) 16:48:46 executing program 5: open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) write$P9_ROPEN(r0, &(0x7f0000000280)={0x18, 0x71, 0x0, {{}, 0xc0000}}, 0x18) [ 637.779673][ T7238] minix_free_inode: bit 1 already cleared 16:48:46 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2}, 0x43b}}, 0xf8}}, 0x0) 16:48:46 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = perf_event_open(&(0x7f000001d000)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={0x0, 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000200)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r3, 0x0) r4 = perf_event_open(&(0x7f0000000000)={0x2, 0x70, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r3, 0x0) r5 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') dup3(r5, r4, 0x0) r6 = perf_event_open(&(0x7f000001d000)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={0x0, 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000200)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r6, 0x0) r7 = perf_event_open(&(0x7f0000000000)={0x2, 0x70, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r6, 0x0) r8 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') dup3(r8, r7, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r10 = fcntl$dupfd(r9, 0x0, r9) ioctl$PERF_EVENT_IOC_ENABLE(r10, 0x8912, 0x400200) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000004c0)=ANY=[@ANYRES16=r1, @ANYBLOB="570fd4dc4c55d18c88c00de0fe76ed97e85dc96c1318aa610bd9a45ade767c8949aeca46475d289edea71c05b0cd121528c3163ff3150728b0d8dc72a150a83c5f49aa0c45112cc758431ffb84fd5d1fe3e2746a388fc3e588430468e14734e6369e558f33844ec8915636351424e129e664b0ebc6607424d2b79d12f26d88c2c99ae50f8e32d12b7569329cc5c060216453020a95e7160ad07b1f780240f56ce16ca79e82aa1b24f1c059f665f5b711adad5c8dfd605c1d1b8cde3a8f7e1b3856f4e1760704f5cf92a715d66cb646", @ANYRESOCT=r7, @ANYBLOB="9dd84be5bc43a0c9cc79f659e1240d3d05858680993e09df5f89980e4462eb44b0b17bad334115c29f8af26c64534c62192341a8a0877040aad250db12fbe0793f66b4b9512dcff73d7dfa51283dcc76bd3c8b65996063179fdeff35", @ANYRES16=r10, @ANYRESHEX=r5, @ANYRESOCT=r1, @ANYRES16=r5]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x483}]}) 16:48:46 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0x4c01, &(0x7f0000000040)={0x1, 0x0, [{0x481}]}) 16:48:46 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2}, 0x900}}, 0xf8}}, 0x0) [ 637.984517][T17359] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 638.069108][T17359] attempt to access beyond end of device [ 638.118539][T17359] loop5: rw=2049, want=6434, limit=52 16:48:46 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2}, 0xa00}}, 0xf8}}, 0x0) [ 638.165389][T17359] Buffer I/O error on dev loop5, logical block 3216, lost async page write [ 638.217979][T17377] attempt to access beyond end of device [ 638.228309][T17377] loop5: rw=0, want=6434, limit=52 [ 638.245458][T17377] Buffer I/O error on dev loop5, logical block 3216, async page read [ 638.326519][ T7238] minix_free_inode: bit 1 already cleared 16:48:47 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x488}]}) 16:48:47 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2}, 0xf00}}, 0xf8}}, 0x0) 16:48:47 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0x541b, &(0x7f0000000040)={0x1, 0x0, [{0x481}]}) 16:48:47 executing program 5: open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) write$P9_ROPEN(r0, &(0x7f0000000280)={0x18, 0x71, 0x0, {{}, 0x100000}}, 0x18) 16:48:47 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f0000000000)=ANY=[@ANYBLOB="0300ff00723bf7c8fa215a809f2b820700007f00060000e3b3dc69cfce0819ee000070000000001e000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f00000000c0)=ANY=[@ANYBLOB="01000900000000008304000000c4bab899950000000000f8ea0000a5e8"]) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r4 = fcntl$dupfd(r3, 0x0, r3) setsockopt$inet_sctp6_SCTP_EVENTS(0xffffffffffffffff, 0x84, 0xb, &(0x7f0000000040)={0x0, 0x3}, 0xe) shutdown(0xffffffffffffffff, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r4, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x1c, &(0x7f0000000140)=[@in6={0xa, 0x4e20, 0xffffffff, @mcast1, 0x7}]}, &(0x7f0000000180)=0x10) r5 = socket$inet(0x2, 0x80001, 0x84) getsockopt$inet_sctp_SCTP_MAX_BURST(r5, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={0x0}, &(0x7f0000000040)=0x8) setsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(0xffffffffffffffff, 0x84, 0x79, &(0x7f00000000c0)={r6}, 0x8) setsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000180)={r6, @in6={{0xa, 0x4e23, 0x1, @loopback, 0x9}}}, 0xfffffeb1) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$HIDIOCGUCODE(r4, 0xc018480d, &(0x7f0000000100)={0x2, 0x1, 0x2, 0xbba, 0x3, 0x8}) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r8 = fcntl$dupfd(r7, 0x0, r7) ioctl$PERF_EVENT_IOC_ENABLE(r8, 0x8912, 0x400200) setsockopt$netlink_NETLINK_LISTEN_ALL_NSID(r8, 0x10e, 0x8, &(0x7f0000000040)=0x401, 0x4) 16:48:47 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0x2, &(0x7f0000000040)={0x1, 0x0, [{0x488}]}) 16:48:47 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2}, 0x3b04}}, 0xf8}}, 0x0) [ 638.523276][T17404] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 638.603074][T17404] attempt to access beyond end of device 16:48:47 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0x5421, &(0x7f0000000040)={0x1, 0x0, [{0x481}]}) [ 638.670193][T17404] loop5: rw=2049, want=6434, limit=52 [ 638.706416][T17404] Buffer I/O error on dev loop5, logical block 3216, lost async page write 16:48:47 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2}, 0x6000}}, 0xf8}}, 0x0) 16:48:47 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0x10, &(0x7f0000000040)={0x1, 0x0, [{0x488}]}) 16:48:47 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r4 = fcntl$dupfd(r3, 0x0, r3) fchmod(r3, 0x96) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) fcntl$dupfd(r5, 0x0, r5) ioctl$FS_IOC_GETFLAGS(r5, 0x80086601, &(0x7f0000000000)) ioctl$EVIOCGKEYCODE_V2(r4, 0x80284504, &(0x7f0000000100)=""/35) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r7 = fcntl$dupfd(r6, 0x0, r6) ioctl$PERF_EVENT_IOC_ENABLE(r7, 0x8912, 0x400200) getsockopt$inet6_dccp_buf(r7, 0x21, 0x6fded15b06adfbc3, &(0x7f0000000140)=""/201, &(0x7f0000000240)=0xc9) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x483}]}) [ 638.753059][T17425] attempt to access beyond end of device [ 638.766712][T17425] loop5: rw=0, want=6434, limit=52 [ 638.800595][T17425] Buffer I/O error on dev loop5, logical block 3216, async page read 16:48:47 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2}, 0xfc02}}, 0xf8}}, 0x0) 16:48:47 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0x5450, &(0x7f0000000040)={0x1, 0x0, [{0x481}]}) 16:48:47 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0x4c01, &(0x7f0000000040)={0x1, 0x0, [{0x488}]}) 16:48:47 executing program 5: open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) write$P9_ROPEN(r0, &(0x7f0000000280)={0x18, 0x71, 0x0, {{}, 0x327546}}, 0x18) [ 638.997150][ T7238] minix_free_inode: bit 1 already cleared 16:48:47 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2}, 0x34000}}, 0xf8}}, 0x0) 16:48:47 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0x541b, &(0x7f0000000040)={0x1, 0x0, [{0x488}]}) 16:48:47 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) sendmsg$IPSET_CMD_LIST(0xffffffffffffffff, &(0x7f0000000340)={&(0x7f0000000280), 0xc, &(0x7f0000000300)={&(0x7f00000002c0)={0x1c, 0x7, 0x6, 0x201, 0x0, 0x0, {0x301c8dca1dfd835e, 0x0, 0x4}, [@IPSET_ATTR_FLAGS={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x80}, 0x4000084) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000601007f00060000e3b3dc69cfce0819ee000001000044acd0ce3244e1000000"]) perf_event_open(&(0x7f000001d000)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={0x0, 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000480)=ANY=[@ANYRESDEC=0x0]) r3 = perf_event_open(&(0x7f000001d000)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={0x0, 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000200)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x3}, 0x0, 0x0, r3, 0x0) r4 = perf_event_open(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x1, 0x0, 0xfe, 0x0, 0x0, 0x11014, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x1, @perf_bp={&(0x7f0000000400), 0xc}, 0x8000, 0x20, 0x1, 0x0, 0x0, 0x7f, 0x200}, 0xffffffffffffffff, 0x0, r3, 0x0) r5 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') r6 = getpid() socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) getsockopt$SO_BINDTODEVICE(0xffffffffffffffff, 0x1, 0x19, &(0x7f0000000440), 0x10) sched_setscheduler(r6, 0x5, &(0x7f0000000380)) perf_event_open(&(0x7f0000000380)={0x1, 0x70, 0x1, 0x4, 0x0, 0x7, 0x0, 0x8, 0x20, 0x2, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x3, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x2, @perf_config_ext={0x1, 0xff}, 0x0, 0x4, 0x2, 0x9, 0x1, 0x8f, 0x1}, r6, 0x5, r4, 0x8) dup3(r5, r4, 0x0) getsockopt$inet_udp_int(r5, 0x11, 0x66, &(0x7f0000000000), &(0x7f0000000240)=0x4) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000100)={{0xf000, 0xf000, 0x8, 0xfe, 0x0, 0x5, 0x1, 0x81, 0xff, 0x1, 0x9, 0xfa}, {0xf000, 0xf000, 0xb, 0x6, 0x5, 0x40, 0x2, 0x81, 0x1, 0xbe, 0x1, 0x7f}, {0x0, 0x5000, 0xb, 0x9, 0x8, 0x81, 0xc5, 0x5, 0x2, 0x2, 0x3, 0x3}, {0x5000, 0x4000, 0xa, 0x2, 0x30, 0x1f, 0x4, 0x40, 0x3, 0x20, 0xff, 0xc2}, {0x6000, 0x3000, 0x8, 0x3, 0x6, 0x20, 0x3, 0xa6, 0x8, 0x9, 0x0, 0x40}, {0x1000, 0x2c00a, 0x0, 0xcb, 0x4, 0x65, 0x80, 0xff, 0x5, 0x91, 0x7, 0x8}, {0x4000, 0x0, 0xa, 0x80, 0x3f, 0x60, 0x1, 0x80, 0x2, 0x80, 0x5, 0x4e}, {0x4, 0x10000, 0x0, 0x0, 0x0, 0x1f, 0x5, 0x5d, 0x8, 0x80, 0xf9, 0x20}, {0x1, 0x9}, {0x10000, 0x3}, 0xc0010014, 0x0, 0x1000, 0x112, 0xb, 0x200, 0x1000, [0x7fff, 0xfffffffffffffff8, 0x2, 0x10001]}) [ 639.196705][T17496] MINIX-fs: mounting unchecked file system, running fsck is recommended 16:48:47 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0x5451, &(0x7f0000000040)={0x1, 0x0, [{0x481}]}) [ 639.249981][T17496] attempt to access beyond end of device 16:48:47 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2}, 0x400300}}, 0xf8}}, 0x0) [ 639.298060][T17496] loop5: rw=2049, want=6434, limit=52 [ 639.352690][T17496] Buffer I/O error on dev loop5, logical block 3216, lost async page write 16:48:48 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0x5421, &(0x7f0000000040)={0x1, 0x0, [{0x488}]}) 16:48:48 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2}, 0x1000000}}, 0xf8}}, 0x0) [ 639.450307][T17529] attempt to access beyond end of device [ 639.474754][T17529] loop5: rw=0, want=6434, limit=52 16:48:48 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0x5452, &(0x7f0000000040)={0x1, 0x0, [{0x481}]}) [ 639.521684][T17529] Buffer I/O error on dev loop5, logical block 3216, async page read 16:48:48 executing program 5: open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) write$P9_ROPEN(r0, &(0x7f0000000280)={0x18, 0x71, 0x0, {{}, 0x1000000}}, 0x18) [ 639.621394][ T7238] minix_free_inode: bit 1 already cleared 16:48:48 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2}, 0x2000000}}, 0xf8}}, 0x0) 16:48:48 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0x5450, &(0x7f0000000040)={0x1, 0x0, [{0x488}]}) 16:48:48 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0x5460, &(0x7f0000000040)={0x1, 0x0, [{0x481}]}) [ 639.772184][ T27] kauditd_printk_skb: 6 callbacks suppressed [ 639.772193][ T27] audit: type=1800 audit(1591289328.391:1350): pid=17562 uid=0 auid=0 ses=4 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.5" name="file0" dev="sda1" ino=16383 res=0 16:48:48 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2}, 0x3000000}}, 0xf8}}, 0x0) [ 639.814097][T17567] MINIX-fs: mounting unchecked file system, running fsck is recommended 16:48:48 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2}, 0x4000000}}, 0xf8}}, 0x0) [ 640.006449][ T7238] minix_free_inode: bit 1 already cleared 16:48:49 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)) 16:48:49 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0x5451, &(0x7f0000000040)={0x1, 0x0, [{0x488}]}) 16:48:49 executing program 5: open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) write$P9_ROPEN(r0, &(0x7f0000000280)={0x18, 0x71, 0x0, {{}, 0x2000000}}, 0x18) 16:48:49 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2}, 0x9000000}}, 0xf8}}, 0x0) 16:48:49 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0x6364, &(0x7f0000000040)={0x1, 0x0, [{0x481}]}) [ 641.010310][ T27] audit: type=1800 audit(1591289329.631:1351): pid=17624 uid=0 auid=0 ses=4 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.5" name="file0" dev="sda1" ino=16348 res=0 16:48:49 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = perf_event_open(&(0x7f000001d000)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={0x0, 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000200)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r2, 0x0) r3 = perf_event_open(&(0x7f0000000000)={0x2, 0x70, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r2, 0x0) r4 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') dup3(r4, r3, 0x0) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r4, 0xc02064b2, &(0x7f0000000000)={0xc4, 0x31, 0xffffffff, 0x9}) r5 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r5, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r5, 0xc008ae88, &(0x7f0000000040)=ANY=[@ANYBLOB="010000000000020082046d1f9a406c670000000000000004"]) r6 = perf_event_open(&(0x7f000001d000)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={0x0, 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000200)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r6, 0x0) r7 = perf_event_open(&(0x7f0000000000)={0x2, 0x70, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r6, 0x0) r8 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') dup3(r8, r7, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_POLICY_EX(r8, 0xc0096616, &(0x7f0000000100)={0x2, [0x0, 0x0]}) [ 641.056674][T17624] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 641.082088][T17624] attempt to access beyond end of device [ 641.094609][T17624] loop5: rw=2049, want=6434, limit=52 16:48:49 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2}, 0xa000000}}, 0xf8}}, 0x0) [ 641.104319][T17624] Buffer I/O error on dev loop5, logical block 3216, lost async page write [ 641.138223][T17649] attempt to access beyond end of device [ 641.143877][T17649] loop5: rw=0, want=6434, limit=52 16:48:49 executing program 5: open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) write$P9_ROPEN(r0, &(0x7f0000000280)={0x18, 0x71, 0x0, {{}, 0x2040000}}, 0x18) 16:48:49 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0x5452, &(0x7f0000000040)={0x1, 0x0, [{0x488}]}) [ 641.150706][T17649] Buffer I/O error on dev loop5, logical block 3216, async page read [ 641.160537][ T27] audit: type=1800 audit(1591289329.781:1352): pid=17649 uid=0 auid=0 ses=4 subj=_ op=collect_data cause=failed comm="syz-executor.5" name="/" dev="loop5" ino=1 res=0 16:48:49 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = perf_event_open(&(0x7f000001d000)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={0x0, 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000200)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r3, 0x0) r4 = perf_event_open(&(0x7f0000000000)={0x2, 0x70, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r3, 0x0) r5 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') dup3(r5, r4, 0x0) setsockopt$llc_int(r5, 0x10c, 0x6, &(0x7f0000000000)=0x9, 0x4) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x483}]}) 16:48:49 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0x8933, &(0x7f0000000040)={0x1, 0x0, [{0x481}]}) [ 641.216804][ T7238] minix_free_inode: bit 1 already cleared 16:48:49 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2}, 0xf000000}}, 0xf8}}, 0x0) 16:48:50 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2}, 0x3b040000}}, 0xf8}}, 0x0) 16:48:50 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0x5460, &(0x7f0000000040)={0x1, 0x0, [{0x488}]}) [ 641.374137][ T27] audit: type=1800 audit(1591289329.991:1353): pid=17692 uid=0 auid=0 ses=4 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.5" name="file0" dev="sda1" ino=16384 res=0 [ 641.412793][T17692] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 641.436651][T17692] attempt to access beyond end of device [ 641.443074][T17692] loop5: rw=2049, want=6434, limit=52 [ 641.456567][T17701] attempt to access beyond end of device [ 641.462475][T17701] loop5: rw=0, want=6434, limit=52 [ 641.468114][ T27] audit: type=1800 audit(1591289330.081:1354): pid=17701 uid=0 auid=0 ses=4 subj=_ op=collect_data cause=failed comm="syz-executor.5" name="/" dev="loop5" ino=1 res=0 16:48:50 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r3 = fcntl$dupfd(r2, 0x0, r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) r4 = socket(0x1, 0x803, 0x0) getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000180)=0x14) r6 = socket(0x10, 0x3, 0x0) sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x9, &(0x7f0000000140)={&(0x7f0000000000)=@newlink={0x3c, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x75747}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc, 0x1, 'macvtap\x00'}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r5}]}, 0x3c}}, 0x0) connect$can_j1939(r3, &(0x7f0000000000)={0x1d, r5, 0x0, {0x0, 0x0, 0x4c2652336fc3e3e0}, 0xfe}, 0x18) r7 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r7, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r7, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x482}]}) 16:48:50 executing program 5: open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) write$P9_ROPEN(r0, &(0x7f0000000280)={0x18, 0x71, 0x0, {{}, 0x3000000}}, 0x18) 16:48:50 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xae01, &(0x7f0000000040)={0x1, 0x0, [{0x481}]}) 16:48:50 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2}, 0x60000000}}, 0xf8}}, 0x0) [ 641.609425][ T7238] minix_free_inode: bit 1 already cleared 16:48:50 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) getsockopt$TIPC_SOCK_RECVQ_DEPTH(r2, 0x10f, 0x84, &(0x7f0000000000), &(0x7f0000000100)=0x4) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000011400000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x483}]}) 16:48:50 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2}, 0x9effffff}}, 0xf8}}, 0x0) 16:48:50 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0x6364, &(0x7f0000000040)={0x1, 0x0, [{0x488}]}) [ 641.757635][ T27] audit: type=1800 audit(1591289330.371:1355): pid=17738 uid=0 auid=0 ses=4 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.5" name="file0" dev="sda1" ino=16381 res=0 [ 641.785478][T17738] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 641.850899][T17738] attempt to access beyond end of device 16:48:50 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2}, 0xefffffff}}, 0xf8}}, 0x0) [ 641.940092][T17738] loop5: rw=2049, want=6434, limit=52 16:48:50 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xae41, &(0x7f0000000040)={0x1, 0x0, [{0x481}]}) [ 642.003505][T17738] buffer_io_error: 2 callbacks suppressed [ 642.003514][T17738] Buffer I/O error on dev loop5, logical block 3216, lost async page write 16:48:50 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r5 = fcntl$dupfd(r4, 0x0, r4) r6 = perf_event_open(&(0x7f000001d000)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={0x0, 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000200)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r6, 0x0) r7 = perf_event_open(&(0x7f0000000000)={0x2, 0x70, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r6, 0x0) r8 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') dup3(r8, r7, 0x0) fchmod(r8, 0x101) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) write$P9_RMKNOD(r5, &(0x7f00000001c0)={0x14, 0x13, 0x2, {0x4, 0x0, 0x4}}, 0x14) r9 = fcntl$dupfd(r3, 0x0, r3) ioctl$PERF_EVENT_IOC_ENABLE(r9, 0x8912, 0x400200) sendmsg$RDMA_NLDEV_CMD_STAT_DEL(r9, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x28, 0x1412, 0x2, 0x70bd26, 0x25dfdbfc, "", [@RDMA_NLDEV_ATTR_STAT_COUNTER_ID={0x8}, @RDMA_NLDEV_ATTR_STAT_COUNTER_ID={0x8}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8}]}, 0x28}, 0x1, 0x0, 0x0, 0x24008000}, 0x448c0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)) 16:48:50 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2}, 0xf0ffffff}}, 0xf8}}, 0x0) [ 642.111931][T17785] attempt to access beyond end of device [ 642.146835][T17785] loop5: rw=0, want=6434, limit=52 16:48:50 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0x8933, &(0x7f0000000040)={0x1, 0x0, [{0x488}]}) 16:48:50 executing program 1: openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r0 = perf_event_open(&(0x7f000001d000)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={0x0, 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000200)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0) r1 = perf_event_open(&(0x7f0000000000)={0x2, 0x70, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r0, 0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') dup3(r2, r1, 0x0) r3 = perf_event_open(&(0x7f000001d000)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={0x0, 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000200)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r3, 0x0) r4 = perf_event_open(&(0x7f0000000000)={0x2, 0x70, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r3, 0x0) r5 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') dup3(r5, r4, 0x0) r6 = perf_event_open(&(0x7f000001d000)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={0x0, 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000200)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x46010, 0x7f773fbc9aeef492, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext={0x8, 0xc77a}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r7 = perf_event_open(&(0x7f0000000000)={0x2, 0x70, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r6, 0x0) r8 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') dup3(r8, r7, 0x0) perf_event_open(&(0x7f000001d000)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={0x0, 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r9 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r10 = ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0x0) ioctl$KVM_SET_MSRS(r10, 0xc008ae88, &(0x7f0000000040)=ANY=[@ANYBLOB="0100000000000000824c47009700000c0000e90701006b0e"]) [ 642.164178][T17785] Buffer I/O error on dev loop5, logical block 3216, async page read [ 642.193879][ T27] audit: type=1800 audit(1591289330.811:1356): pid=17785 uid=0 auid=0 ses=4 subj=_ op=collect_data cause=failed comm="syz-executor.5" name="/" dev="loop5" ino=1 res=0 16:48:50 executing program 5: open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) write$P9_ROPEN(r0, &(0x7f0000000280)={0x18, 0x71, 0x0, {{}, 0x4000000}}, 0x18) 16:48:50 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xae80, &(0x7f0000000040)={0x1, 0x0, [{0x481}]}) 16:48:50 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2}, 0xfc020000}}, 0xf8}}, 0x0) [ 642.317760][ T7238] minix_free_inode: bit 1 already cleared 16:48:51 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xae01, &(0x7f0000000040)={0x1, 0x0, [{0x488}]}) 16:48:51 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2}, 0xffff0000}}, 0xf8}}, 0x0) 16:48:51 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = perf_event_open(&(0x7f000001d000)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={0x0, 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000200)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r2, 0x0) r3 = perf_event_open(&(0x7f0000000000)={0x2, 0x70, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r2, 0x0) r4 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') dup3(r4, r3, 0x0) getsockopt$inet6_IPV6_FLOWLABEL_MGR(r4, 0x29, 0x20, &(0x7f0000000000)={@empty, 0x6, 0x1, 0x1, 0x9, 0x9, 0xfffb}, &(0x7f0000000100)=0x20) r5 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r5, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r5, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x483}]}) [ 642.420797][ T27] audit: type=1800 audit(1591289331.041:1357): pid=17827 uid=0 auid=0 ses=4 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.5" name="file0" dev="sda1" ino=15743 res=0 [ 642.431214][T17827] MINIX-fs: mounting unchecked file system, running fsck is recommended 16:48:51 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xae41, &(0x7f0000000040)={0x1, 0x0, [{0x488}]}) [ 642.509570][T17827] attempt to access beyond end of device [ 642.515421][T17827] loop5: rw=2049, want=6434, limit=52 [ 642.526907][T17827] Buffer I/O error on dev loop5, logical block 3216, lost async page write 16:48:51 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xae9a, &(0x7f0000000040)={0x1, 0x0, [{0x481}]}) 16:48:51 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2}, 0xffffff7f}}, 0xf8}}, 0x0) [ 642.573235][T17851] attempt to access beyond end of device [ 642.619705][T17851] loop5: rw=0, want=6434, limit=52 16:48:51 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x482}]}) r3 = openat$mice(0xffffffffffffff9c, &(0x7f0000000000)='/dev/input/mice\x00', 0x240600) getsockopt$inet_sctp_SCTP_SOCKOPT_PEELOFF(r3, 0x84, 0x66, &(0x7f0000000100)={0x0, 0x3}, &(0x7f0000000140)=0x8) [ 642.662099][T17851] Buffer I/O error on dev loop5, logical block 3216, async page read 16:48:51 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xae80, &(0x7f0000000040)={0x1, 0x0, [{0x488}]}) 16:48:51 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xaea2, &(0x7f0000000040)={0x1, 0x0, [{0x481}]}) [ 642.702131][ T27] audit: type=1800 audit(1591289331.321:1358): pid=17851 uid=0 auid=0 ses=4 subj=_ op=collect_data cause=failed comm="syz-executor.5" name="/" dev="loop5" ino=1 res=0 16:48:51 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2}, 0xffffff9e}}, 0xf8}}, 0x0) 16:48:51 executing program 5: open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) write$P9_ROPEN(r0, &(0x7f0000000280)={0x18, 0x71, 0x0, {{}, 0x5000000}}, 0x18) 16:48:51 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2}, 0xffffffef}}, 0xf8}}, 0x0) [ 642.811509][ T7238] minix_free_inode: bit 1 already cleared 16:48:51 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000000)={0x2, 0x0, [{0x482}, {0x9d5}]}) 16:48:51 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xae9a, &(0x7f0000000040)={0x1, 0x0, [{0x488}]}) 16:48:51 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_EVENTS(r2, 0x84, 0xb, &(0x7f0000000040)={0x0, 0x3}, 0xe) shutdown(r2, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x10, &(0x7f00000002c0)=[@in={0x2, 0x0, @local}]}, &(0x7f0000000180)=0x10) r3 = socket$inet(0x2, 0x80001, 0x84) getsockopt$inet_sctp_SCTP_MAX_BURST(r3, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={0x0}, &(0x7f0000000040)=0x8) setsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r2, 0x84, 0x79, &(0x7f00000000c0)={r4}, 0x8) getsockopt$inet_sctp_SCTP_GET_ASSOC_STATS(0xffffffffffffffff, 0x84, 0x70, &(0x7f0000000100)={r4, @in={{0x2, 0x4e24, @remote}}, [0x2, 0x4, 0x5, 0x5, 0x2, 0x9, 0x7, 0x4000000000000000, 0x7fffffff, 0x2, 0x100000000000000, 0x0, 0x78, 0x100000000, 0xfffffffffffff801]}, &(0x7f0000000200)=0x100) r5 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r5, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) unshare(0x24020400) r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0) r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r7, 0x4040ae79) ioctl$KVM_SET_MSRS(r5, 0xc008ae88, &(0x7f0000000240)=ANY=[@ANYBLOB="0100000000000000e50b00000000000000000000000000009ac58974f397075cd6c14393b22504f4842e4d518bb1bb65f0bf59cdb5bc9daa0621b07a664534c6c4dc44d2a146167e6cb7df7546f5ed1aa5580c7333164505965743bbc24b80e44bf71a"]) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) ioctl$VT_RESIZEX(0xffffffffffffffff, 0x560a, &(0x7f0000000000)={0x100, 0x9, 0x1, 0x5, 0xfffb}) fcntl$dupfd(r8, 0x0, r8) 16:48:51 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xaea3, &(0x7f0000000040)={0x1, 0x0, [{0x481}]}) [ 642.938365][ T27] audit: type=1800 audit(1591289331.561:1359): pid=17920 uid=0 auid=0 ses=4 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.5" name="file0" dev="sda1" ino=15768 res=0 [ 642.971417][T17920] MINIX-fs: mounting unchecked file system, running fsck is recommended 16:48:51 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2}, 0xfffffff0}}, 0xf8}}, 0x0) [ 643.015665][T17920] attempt to access beyond end of device 16:48:51 executing program 1: ioctl$VIDIOC_STREAMON(0xffffffffffffffff, 0x40045612, &(0x7f0000000000)=0x8) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0xb00, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x482}]}) [ 643.075886][T17920] loop5: rw=2049, want=6434, limit=52 [ 643.104364][T17920] Buffer I/O error on dev loop5, logical block 3216, lost async page write [ 643.152755][T17936] attempt to access beyond end of device [ 643.165255][T17936] loop5: rw=0, want=6434, limit=52 [ 643.177375][T17936] Buffer I/O error on dev loop5, logical block 3216, async page read 16:48:51 executing program 5: open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) write$P9_ROPEN(r0, &(0x7f0000000280)={0x18, 0x71, 0x0, {{}, 0x6000000}}, 0x18) [ 643.248449][ T7238] minix_free_inode: bit 1 already cleared 16:48:51 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2}}}, 0xf8}}, 0x0) 16:48:52 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xaead, &(0x7f0000000040)={0x1, 0x0, [{0x481}]}) 16:48:52 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2}, 0x0, 0x2}}, 0xf8}}, 0x0) [ 643.414891][T17972] MINIX-fs: mounting unchecked file system, running fsck is recommended 16:48:52 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xaea2, &(0x7f0000000040)={0x1, 0x0, [{0x488}]}) 16:48:52 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = perf_event_open(&(0x7f000001d000)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={0x0, 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000200)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffa, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r3, 0x0) r4 = perf_event_open(&(0x7f0000000000)={0x2, 0x70, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r3, 0x0) r5 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') dup3(r5, r4, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000000)={0x0, 0x0}) r7 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$sock_cred(r7, 0x1, 0x11, &(0x7f0000000240)={0x0, 0x0}, &(0x7f0000000280)=0x5) setreuid(0x0, r8) getresgid(&(0x7f00000001c0)=0x0, &(0x7f0000000200), &(0x7f0000000240)) setsockopt$sock_cred(r5, 0x1, 0x11, &(0x7f0000000280)={r6, r8, r9}, 0xc) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f00000002c0)=ANY=[@ANYBLOB="01000000000000008244000000000000080000000000000045ac84e9e3d10862112160e354df91cb808b479949721c12cc20ffb91a2407ce96452de37914730ff8a5942f7764989af232b176ecefa0c79ba8b906b6ce7eac5443d123ca3b106b3598181973113bb8df958d42448e862af53214941a8a965293d0a70deb4ffd20b54738d40b93077015256de05ebae1ad1860fa09186ba9e6db615313248577343a13ed3cd475d1ac94c63392ea37da46c7d29ba46a5b466eab731bb18ed20609dd6feb57219442e681a1dc0d"]) [ 643.479867][T17972] attempt to access beyond end of device [ 643.501577][T17972] loop5: rw=2049, want=6434, limit=52 16:48:52 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2}, 0x0, 0x3}}, 0xf8}}, 0x0) 16:48:52 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xaeb7, &(0x7f0000000040)={0x1, 0x0, [{0x481}]}) [ 643.571730][T17972] Buffer I/O error on dev loop5, logical block 3216, lost async page write 16:48:52 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r4 = fcntl$dupfd(r3, 0x0, r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYRES64=r4]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x483}]}) ioctl$KVM_SET_MP_STATE(r2, 0x4004ae99, &(0x7f0000000000)=0x1) 16:48:52 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2}, 0x0, 0x4}}, 0xf8}}, 0x0) [ 643.653049][T18013] attempt to access beyond end of device [ 643.674131][T18013] loop5: rw=0, want=6434, limit=52 16:48:52 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xaea3, &(0x7f0000000040)={0x1, 0x0, [{0x488}]}) [ 643.725593][T18013] Buffer I/O error on dev loop5, logical block 3216, async page read 16:48:52 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f00000001c0)={0xa, 0x0, [{0xad5, 0x0, 0x2}, {0x920, 0x0, 0x100}, {0x9a9, 0x0, 0x1}, {0x642, 0x0, 0x7fff}, {0x9c4, 0x0, 0x8000000008001}, {0xa19, 0x0, 0x9}, {0x82c, 0x0, 0x9}, {0x1f2, 0x0, 0xc000000}, {0x9a9, 0x0, 0xb33b}, {0xa9f, 0x0, 0x34a27806}]}) 16:48:52 executing program 5: open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) write$P9_ROPEN(r0, &(0x7f0000000280)={0x18, 0x71, 0x0, {{}, 0x6040000}}, 0x18) 16:48:52 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0x40045402, &(0x7f0000000040)={0x1, 0x0, [{0x481}]}) 16:48:52 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2}, 0x0, 0x9}}, 0xf8}}, 0x0) [ 643.849381][ T7238] minix_free_inode: bit 1 already cleared 16:48:52 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x483}]}) r3 = perf_event_open(&(0x7f000001d000)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={0x0, 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000200)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r3, 0x0) r4 = perf_event_open(&(0x7f0000000000)={0x2, 0x70, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_bp={&(0x7f0000000180), 0x5}, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd}, 0x0, 0x0, r3, 0x0) r5 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') dup3(r5, r4, 0x0) ioctl$SIOCPNGETOBJECT(r5, 0x89e0, &(0x7f0000000100)=0x3) openat$vnet(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vhost-net\x00', 0x2, 0x0) 16:48:52 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x482}]}) 16:48:52 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0x400454ca, &(0x7f0000000040)={0x1, 0x0, [{0x481}]}) 16:48:52 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xaead, &(0x7f0000000040)={0x1, 0x0, [{0x488}]}) [ 643.992351][T18080] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 644.028779][T18080] attempt to access beyond end of device [ 644.071502][T18080] loop5: rw=2049, want=6434, limit=52 16:48:52 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2}, 0x0, 0xa}}, 0xf8}}, 0x0) [ 644.130914][T18080] Buffer I/O error on dev loop5, logical block 3216, lost async page write 16:48:52 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) fcntl$dupfd(r1, 0x0, r1) getsockopt$IP_VS_SO_GET_SERVICES(r1, 0x0, 0x482, &(0x7f0000000100)=""/120, &(0x7f0000000000)=0x78) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r3, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r3, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x482}]}) 16:48:52 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2}, 0x0, 0xf}}, 0xf8}}, 0x0) 16:48:52 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f0000000100)=ANY=[@ANYBLOB="03000000000000ef00000000000600007f00060000e3b3dc690000ef00000000000000000000000000435d1b707d604da1cebca1cdc83cc52cdb14930eb5f57960210000a7f99fa50ad9ba88e50b68b292b8271176178e341a0a631987634a36a7392fed4ef8a2a1206794d8b9bcc4ca7a011c2bf9fb57414e1043ac909067416ad7e4b4fe2b723af16f92d9a466d733fd1bd3e4a5a359b0eb80b4c2cf4eb5a599f7f90ecd6937423ad3134d1395b64a0ce8bfb2bc7a2e7d1c7822fa7e3cc86bd693a219bd990678ac5a7913c45a8d30c0c90dc9a2c49a4606269018e616042f21e644961cc4d8853bfb9b6a002f3805000000ddbc95e52710271e027a3e2c39b8c963ad360da84bebefc2bbd9ad4db7a77d6d601ffe5fed23e019a8c3cb8bcdf9e2c6d7b486e7ca1d025caa6dd55cabf0e3e8f27669aab5eaf09c980fd6791e5f5adc3e3d03b23a573f08c0863b7844619b4e5d6fe12b4f856a88f6e52e6a9e8d4061885faefcd7b827ac5454dfd5ea771c4bc0"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x483}]}) [ 644.239739][T18124] attempt to access beyond end of device [ 644.272004][T18124] loop5: rw=0, want=6434, limit=52 16:48:52 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0x40049409, &(0x7f0000000040)={0x1, 0x0, [{0x481}]}) [ 644.292734][T18124] Buffer I/O error on dev loop5, logical block 3216, async page read 16:48:53 executing program 5: open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) write$P9_ROPEN(r0, &(0x7f0000000280)={0x18, 0x71, 0x0, {{}, 0x7000000}}, 0x18) 16:48:53 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xaeb7, &(0x7f0000000040)={0x1, 0x0, [{0x488}]}) 16:48:53 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2}, 0x0, 0x60}}, 0xf8}}, 0x0) [ 644.399107][ T7238] minix_free_inode: bit 1 already cleared 16:48:53 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x60001, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = syz_open_dev$vcsu(&(0x7f0000000000)='/dev/vcsu#\x00', 0xfffffffffffff51d, 0x2042) r4 = perf_event_open(&(0x7f000001d000)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={0x0, 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000200)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r4, 0x0) ioctl$NS_GET_USERNS(r3, 0xb701, 0x0) r5 = perf_event_open(&(0x7f0000000000)={0x2, 0x70, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r4, 0x0) r6 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') dup3(r6, r5, 0x0) ioctl$sock_TIOCOUTQ(r6, 0x5411, &(0x7f0000000180)) r7 = perf_event_open(&(0x7f000001d000)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={0x0, 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000200)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r7, 0x0) r8 = perf_event_open(&(0x7f0000000000)={0x2, 0x70, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r7, 0x0) r9 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') dup3(r9, r8, 0x0) fsconfig$FSCONFIG_SET_PATH(r3, 0x3, &(0x7f0000000100)='posix_acl_access\x00', &(0x7f0000000140)='./file0\x00', r9) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f0000000280)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819020000000000000000000000000000efff29f6ae6d805eb7f9a3636e3e151dbed38aa4538e9c48fd5ca1e6a99cc8447c791e5475ed43e9c4acab2ef63461fe8a86ea9fdc5578fc21ea7aec36c0ee152719c7e2d784e29141550f4e7b7c4fb5d0f92cd9b66ea457fd622ad251434b59c94ebe3f06990377c7578ccfd0ca499b0ee7ec62c0b27c7482b239bd1e1db950ae64c0b153a3cd075226dfb61a40a78feb2f79bbd000"/204]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x482}]}) 16:48:53 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = syz_init_net_socket$netrom(0x6, 0x5, 0x0) listen(r3, 0x20) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff007f000600e300dc69cfce0819ee00000100000000009c1f00ef000000"]) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000000)=0x0) r5 = getpid() sched_setscheduler(r5, 0x5, &(0x7f0000000380)) r6 = perf_event_open(&(0x7f000001d000)={0x2, 0x70, 0x0, 0x3, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_config_ext={0xfffffffffffffffa, 0xffffffffffff0000}, 0x840, 0x0, 0x0, 0x0, 0xffffffffffff0000}, 0x0, 0x100000000000000, 0xffffffffffffffff, 0xa) perf_event_open(&(0x7f0000000200)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r6, 0x0) r7 = perf_event_open(&(0x7f0000000000)={0x2, 0x70, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r6, 0x0) socket$caif_stream(0x25, 0x1, 0x2) r8 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') dup3(r8, r7, 0x0) getsockopt$inet_sctp6_SCTP_ADAPTATION_LAYER(r8, 0x84, 0x7, &(0x7f00000001c0), &(0x7f0000000280)=0x4) r9 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000200)={&(0x7f00000003c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xac, 0xac, 0x2, [@enum={0xf, 0x8, 0x0, 0x6, 0x4, [{}, {0xc, 0x3}, {0xa, 0x200}, {0xd}, {0x7, 0x4e}, {0x4, 0x5}, {0x8, 0xfffffffa}, {0x1}]}, @typedef={0x0, 0x0, 0x0, 0x8, 0x3}, @union={0x5, 0x5, 0x0, 0x5, 0x1, 0x8001, [{0xe, 0x2, 0x430f}, {0x10, 0x5, 0xff}, {0xb, 0x3, 0x81}, {0x0, 0x2}, {0x8, 0x0, 0x1}]}, @typedef={0x2, 0x0, 0x0, 0x8, 0x1}]}}, &(0x7f00000001c0), 0xc6, 0x0, 0x1}, 0x20) r10 = openat$smack_thread_current(0xffffffffffffff9c, &(0x7f0000000240)='/proc/thread-self/attr/current\x00', 0x2, 0x0) kcmp(r4, r5, 0x2, r9, r10) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)=ANY=[@ANYBLOB="0100afffa599435f000000000000221001c0000000000000"]) 16:48:53 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2}, 0x0, 0x2fc}}, 0xf8}}, 0x0) 16:48:53 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0x4004ae86, &(0x7f0000000040)={0x1, 0x0, [{0x481}]}) 16:48:53 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0x400454ca, &(0x7f0000000040)={0x1, 0x0, [{0x488}]}) 16:48:53 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2}, 0x0, 0x300}}, 0xf8}}, 0x0) [ 644.589250][T18172] MINIX-fs: mounting unchecked file system, running fsck is recommended 16:48:53 executing program 5: open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) write$P9_ROPEN(r0, &(0x7f0000000280)={0x18, 0x71, 0x0, {{}, 0x8000000}}, 0x18) 16:48:53 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0x4004ae8b, &(0x7f0000000040)={0x1, 0x0, [{0x481}]}) 16:48:53 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2}, 0x0, 0x43b}}, 0xf8}}, 0x0) 16:48:53 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0x40049409, &(0x7f0000000040)={0x1, 0x0, [{0x488}]}) [ 644.775008][ T7238] minix_free_inode: bit 1 already cleared 16:48:53 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r2 = fcntl$dupfd(r1, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r4 = fcntl$dupfd(r3, 0x0, r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) r5 = perf_event_open(&(0x7f000001d000)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={0x0, 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000200)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r5, 0x0) r6 = perf_event_open(&(0x7f0000000000)={0x2, 0x70, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r5, 0x0) r7 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') dup3(r7, r6, 0x0) r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x1) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r10 = fcntl$dupfd(r9, 0x0, r9) ioctl$PERF_EVENT_IOC_ENABLE(r10, 0x8912, 0x400200) ioctl$KVM_SET_CPUID(r8, 0x4008ae8a, &(0x7f0000000040)=ANY=[@ANYRES64=r10, @ANYRESOCT]) 16:48:53 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2}, 0x0, 0x900}}, 0xf8}}, 0x0) 16:48:53 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0x4004ae99, &(0x7f0000000040)={0x1, 0x0, [{0x481}]}) [ 644.960220][ T27] kauditd_printk_skb: 6 callbacks suppressed [ 644.960228][ T27] audit: type=1800 audit(1591289333.581:1366): pid=18241 uid=0 auid=0 ses=4 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.5" name="file0" dev="sda1" ino=16129 res=0 [ 644.996233][T18241] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 645.020955][T18241] attempt to access beyond end of device [ 645.044629][T18241] loop5: rw=2049, want=6434, limit=52 16:48:53 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2}, 0x0, 0xa00}}, 0xf8}}, 0x0) 16:48:53 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = perf_event_open(&(0x7f000001d000)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={0x0, 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000200)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r3, 0x0) r4 = perf_event_open(&(0x7f0000000000)={0x2, 0x70, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r3, 0x0) r5 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') r6 = dup3(r5, r4, 0x0) r7 = perf_event_open(&(0x7f000001d000)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={0x0, 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000200)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r7, 0x0) r8 = perf_event_open(&(0x7f0000000000)={0x2, 0x70, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r7, 0x0) r9 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') dup3(r9, r8, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) fcntl$dupfd(r10, 0x0, r10) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f0000000280)=ANY=[@ANYRES16=r0, @ANYRESHEX=r4, @ANYRES32=r6, @ANYRESDEC=r8, @ANYRES16=r10, @ANYBLOB="2960858a5e6d4f3bf5096eaf8fdd0a21f0d13fc31ce0f264413bae3eb782cfc65ced02b057d116e9cb57128a3b0b7058705f6cfe2b2bf3ad8742447ec559f5e0bdbf93ee61501f611877810350f90368ee02b6425485b9113c64d245cd3f774a365cb3ee15fec48de282be8265374b14c03c797f38f35010693d7e05f21d62bd28afd4d779152d6fbb0f523b769e672cd81b0cae053a3253ce6b973464c7796ab902874d7789dd77fecc7a7f4aaa2177faf5ea3aa364b7ad9cb2dc87def713431ce17910ef1e"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x483}]}) 16:48:53 executing program 5: open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) write$P9_ROPEN(r0, &(0x7f0000000280)={0x18, 0x71, 0x0, {{}, 0x8800000}}, 0x18) [ 645.087433][T18262] attempt to access beyond end of device [ 645.093746][T18262] loop5: rw=0, want=6434, limit=52 [ 645.100949][ T27] audit: type=1800 audit(1591289333.721:1367): pid=18262 uid=0 auid=0 ses=4 subj=_ op=collect_data cause=failed comm="syz-executor.5" name="/" dev="loop5" ino=1 res=0 16:48:53 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0x4004ae86, &(0x7f0000000040)={0x1, 0x0, [{0x488}]}) [ 645.154769][ T7238] minix_free_inode: bit 1 already cleared 16:48:53 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2}, 0x0, 0xf00}}, 0xf8}}, 0x0) 16:48:53 executing program 1: openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r3, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r3, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x482}]}) 16:48:53 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000040)={0x1, 0x0, [{0x481}]}) [ 645.234906][ T27] audit: type=1800 audit(1591289333.851:1368): pid=18286 uid=0 auid=0 ses=4 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.5" name="file0" dev="sda1" ino=15891 res=0 [ 645.289286][T18286] MINIX-fs: mounting unchecked file system, running fsck is recommended 16:48:53 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2}, 0x0, 0x3b04}}, 0xf8}}, 0x0) 16:48:54 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0x4004ae8b, &(0x7f0000000040)={0x1, 0x0, [{0x488}]}) 16:48:54 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0x4008ae8a, &(0x7f0000000040)={0x1, 0x0, [{0x481}]}) [ 645.374071][T18286] attempt to access beyond end of device [ 645.406322][T18286] loop5: rw=2049, want=6434, limit=52 16:48:54 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r4 = fcntl$dupfd(r3, 0x0, r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$KVM_SET_MSRS(r4, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0xbff}]}) 16:48:54 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2}, 0x0, 0x6000}}, 0xf8}}, 0x0) [ 645.453035][T18304] attempt to access beyond end of device [ 645.460675][T18304] loop5: rw=0, want=6434, limit=52 [ 645.482086][ T27] audit: type=1800 audit(1591289334.101:1369): pid=18304 uid=0 auid=0 ses=4 subj=_ op=collect_data cause=failed comm="syz-executor.5" name="/" dev="loop5" ino=1 res=0 16:48:54 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0x4008ae90, &(0x7f0000000040)={0x1, 0x0, [{0x481}]}) [ 645.579776][ T7238] minix_free_inode: bit 1 already cleared 16:48:54 executing program 5: open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) write$P9_ROPEN(r0, &(0x7f0000000280)={0x18, 0x71, 0x0, {{}, 0x9000000}}, 0x18) 16:48:54 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0x4004ae99, &(0x7f0000000040)={0x1, 0x0, [{0x488}]}) 16:48:54 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2}, 0x0, 0xfc02}}, 0xf8}}, 0x0) 16:48:54 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f0006c16414b87ba9997f0819ee0000010000000000000000000000ef"]) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r4 = fcntl$dupfd(r3, 0x0, r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$RTC_PLL_GET(r4, 0x80207011, &(0x7f00000001c0)) getsockname$ax25(0xffffffffffffffff, &(0x7f0000000100)={{0x3, @netrom}, [@default, @null, @bcast, @default, @default, @bcast, @remote, @rose]}, &(0x7f0000000000)=0x48) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r6 = fcntl$dupfd(r5, 0x0, r5) ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200) ioctl$VIDIOC_SUBSCRIBE_EVENT(r6, 0x4020565a, &(0x7f0000000180)={0x8000000, 0x7, 0x1}) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x483}]}) 16:48:54 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000001c0)=ANY=[@ANYBLOB="03000090000000ff00000000000600007f00060000e3b3dc69cfce0851550000010000000000000000000000ef9da0da4ea1139759a4ee2792eec1bf5b9296bf9fa890711b6ab636710469a7d7baf0551cfe6a4c17fad79d143997a969f7974dd75f3a73adb2bfca993f3feb2fc835399f246ad969c1de63784e62b0bb1d6bdb3006bcda019d1f571d79dfc1f306efe57eed26af75dd497c5248e95869fcfc36607050ef07db56535e6a373ebfd66982cdba2613c55c05f0b482390bf96d8d1305a02bcce1c321388f0cd0358c9caaa41ffde34dfee50be535cc1048bdc4dc14f3733fda3a3d27873cc82944fa5649fdd2f02f6dc6aaed6841c829eff4c69fb0"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x482}]}) r3 = socket$inet(0x2, 0x2, 0x0) setsockopt$inet_MCAST_LEAVE_GROUP(r3, 0x0, 0x2d, &(0x7f0000000100)={0x5, {{0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x2b}}}}, 0x88) [ 645.696303][ T27] audit: type=1800 audit(1591289334.311:1370): pid=18363 uid=0 auid=0 ses=4 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.5" name="file0" dev="sda1" ino=15985 res=0 16:48:54 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2}, 0x0, 0x34000}}, 0xf8}}, 0x0) 16:48:54 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0x4008ae93, &(0x7f0000000040)={0x1, 0x0, [{0x481}]}) [ 645.746277][T18363] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 645.780742][T18363] attempt to access beyond end of device [ 645.786406][T18363] loop5: rw=2049, want=6434, limit=52 [ 645.836315][T18386] attempt to access beyond end of device 16:48:54 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2}, 0x0, 0x400300}}, 0xf8}}, 0x0) 16:48:54 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)=ANY=[@ANYBLOB="010000000000000000"]) 16:48:54 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000040)={0x1, 0x0, [{0x488}]}) [ 645.893563][T18386] loop5: rw=0, want=6434, limit=52 16:48:54 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2}, 0x0, 0x1000000}}, 0xf8}}, 0x0) [ 645.940425][ T27] audit: type=1800 audit(1591289334.561:1371): pid=18386 uid=0 auid=0 ses=4 subj=_ op=collect_data cause=failed comm="syz-executor.5" name="/" dev="loop5" ino=1 res=0 16:48:54 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0xc10000, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x482}]}) 16:48:54 executing program 5: open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) write$P9_ROPEN(r0, &(0x7f0000000280)={0x18, 0x71, 0x0, {{}, 0xa000000}}, 0x18) 16:48:54 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0x4008ae9c, &(0x7f0000000040)={0x1, 0x0, [{0x481}]}) [ 646.029437][ T7238] minix_free_inode: bit 1 already cleared 16:48:54 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2}, 0x0, 0x2000000}}, 0xf8}}, 0x0) 16:48:54 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0x4008ae8a, &(0x7f0000000040)={0x1, 0x0, [{0x488}]}) [ 646.130224][ T27] audit: type=1800 audit(1591289334.751:1372): pid=18447 uid=0 auid=0 ses=4 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.5" name="file0" dev="sda1" ino=16115 res=0 16:48:54 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x301100, 0x0) r1 = perf_event_open(&(0x7f000001d000)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={0x0, 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000200)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r1, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r3 = fcntl$dupfd(r2, 0x0, r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) clock_gettime(0x0, &(0x7f0000000180)={0x0, 0x0}) ioctl$VIDIOC_QBUF(r3, 0xc058560f, &(0x7f0000000280)={0x100000, 0x6, 0x4, 0x0, 0x7, {r4, r5/1000+10000}, {0x3, 0x3, 0x81, 0x2, 0x80, 0xfb, "b72cd7d4"}, 0x5, 0x2, @offset=0xfffffbff, 0x5, 0x0, r0}) bind$tipc(r6, &(0x7f00000001c0)=@nameseq={0x1e, 0x1, 0x1, {0x42, 0x0, 0x3}}, 0x10) r7 = perf_event_open(&(0x7f0000000000)={0x2, 0x70, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r1, 0x0) r8 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') dup3(r8, r7, 0x0) r9 = openat(r8, &(0x7f0000000100)='./file0\x00', 0x840, 0x1b3) r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0) r11 = ioctl$KVM_CREATE_VCPU(r10, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r11, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r11, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x483}]}) [ 646.177003][T18447] MINIX-fs: mounting unchecked file system, running fsck is recommended 16:48:54 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="00000b0c49df514100000000000600007f000600000080dc69cfce0819ee00000100000000000080c0f2987d1b"]) ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x482}]}) r1 = perf_event_open(&(0x7f000001d000)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={0x0, 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000200)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r1, 0x0) r2 = perf_event_open(&(0x7f0000000000)={0x2, 0x70, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r1, 0x0) r3 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') dup3(r3, r2, 0x0) ioctl$sock_SIOCGPGRP(r3, 0x8904, &(0x7f0000000100)=0x0) r5 = perf_event_open(&(0x7f000001d000)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={0x0, 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000200)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r5, 0x0) perf_event_open(&(0x7f0000000000)={0x2, 0x70, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r5, 0x0) r6 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') r7 = perf_event_open(&(0x7f000001d000)={0x5, 0x70, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x1}, 0x0, 0x0, 0x0, 0x1}, r4, 0x0, r6, 0x0) perf_event_open(&(0x7f0000000200)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r7, 0x0) r8 = perf_event_open(&(0x7f0000000000)={0x2, 0x70, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r7, 0x0) r9 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') dup3(r9, r8, 0x0) ioctl$SG_GET_COMMAND_Q(r9, 0x2270, &(0x7f0000000000)) 16:48:54 executing program 5: open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) write$P9_ROPEN(r0, &(0x7f0000000280)={0x18, 0x71, 0x0, {{}, 0xb000000}}, 0x18) 16:48:54 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2}, 0x0, 0x3000000}}, 0xf8}}, 0x0) [ 646.301966][ T7238] minix_free_inode: bit 1 already cleared 16:48:54 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0x40186366, &(0x7f0000000040)={0x1, 0x0, [{0x481}]}) 16:48:55 executing program 2: openat$smackfs_cipso(0xffffffffffffff9c, &(0x7f0000000000)='/sys/fs/smackfs/cipso2\x00', 0x2, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x483}]}) 16:48:55 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0x4008ae90, &(0x7f0000000040)={0x1, 0x0, [{0x488}]}) 16:48:55 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2}, 0x0, 0x4000000}}, 0xf8}}, 0x0) [ 646.440719][ T27] audit: type=1800 audit(1591289335.061:1373): pid=18485 uid=0 auid=0 ses=4 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.5" name="file0" dev="sda1" ino=15843 res=0 [ 646.488043][T18485] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 646.553235][T18485] attempt to access beyond end of device 16:48:55 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0x4020940d, &(0x7f0000000040)={0x1, 0x0, [{0x481}]}) 16:48:55 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2}, 0x0, 0x9000000}}, 0xf8}}, 0x0) 16:48:55 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r3 = fcntl$dupfd(r2, 0x0, r2) r4 = socket$inet6_udp(0xa, 0x2, 0x0) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x4000009) socket$can_raw(0x1d, 0x3, 0x1) socket$inet6(0xa, 0x2, 0x0) syz_mount_image$ntfs(&(0x7f0000000000)='ntfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000019c0)={[{@gid={'gid'}}]}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$UI_BEGIN_FF_UPLOAD(r3, 0xc06855c8, &(0x7f0000000100)={0x5, 0xfffffc00, {0x53, 0x2, 0x0, {0xf801, 0xc3d9}, {0x5, 0x1}, @const={0x1f, {0x0, 0x401, 0x800, 0x100}}}, {0x55, 0x80, 0xa9cb, {0x9, 0x3f}, {0x7, 0x1ff}, @cond=[{0x2, 0x2, 0x4926, 0x1, 0x7fff}, {0xff, 0x7, 0xc000, 0xfffa, 0x6da, 0xcb5}]}}) r6 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r6, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r6, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x483}]}) [ 646.638563][T18485] loop5: rw=2049, want=6434, limit=52 16:48:55 executing program 5: open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) write$P9_ROPEN(r0, &(0x7f0000000280)={0x18, 0x71, 0x0, {{}, 0xc000000}}, 0x18) [ 646.698238][T18521] attempt to access beyond end of device [ 646.704804][T18521] loop5: rw=0, want=6434, limit=52 [ 646.718423][ T27] audit: type=1800 audit(1591289335.341:1374): pid=18521 uid=0 auid=0 ses=4 subj=_ op=collect_data cause=failed comm="syz-executor.5" name="/" dev="loop5" ino=1 res=0 16:48:55 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2}, 0x0, 0xa000000}}, 0xf8}}, 0x0) 16:48:55 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x2000, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = perf_event_open(&(0x7f0000000000)={0x2, 0x70, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r3 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') dup3(r3, r2, 0x0) r4 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_EVENTS(r4, 0x84, 0xb, &(0x7f0000000040)={0x0, 0x3}, 0xe) shutdown(r4, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r4, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x10, &(0x7f00000002c0)=[@in={0x2, 0x0, @local}]}, &(0x7f0000000180)=0x10) r5 = socket$inet(0x2, 0x80001, 0x84) getsockopt$inet_sctp_SCTP_MAX_BURST(r5, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={0x0}, &(0x7f0000000040)=0x8) setsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r4, 0x84, 0x79, &(0x7f00000000c0)={r6}, 0x8) setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r3, 0x84, 0x7c, &(0x7f00000001c0)={r6, 0x61ad, 0x3c7}, 0x8) r7 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r9 = fcntl$dupfd(r8, 0x0, r8) ioctl$PERF_EVENT_IOC_ENABLE(r9, 0x8912, 0x400200) ioctl$FBIOPAN_DISPLAY(r9, 0x4606, &(0x7f0000000100)={0x30, 0x80, 0x356, 0x1000, 0x0, 0x3, 0x18, 0x2, {0xffff7ffe, 0x6}, {0x7, 0x7, 0x1}, {0x7e, 0xb5, 0x400001}, {0xfffffffb, 0x8, 0x1}, 0x2, 0x1, 0x9, 0x5, 0x1, 0x10001, 0x1f, 0x7fffffff, 0x2, 0xfffffffc, 0x7, 0x2, 0x4, 0x200, 0x1, 0x5}) ioctl$KVM_SET_CPUID(r7, 0x4008ae8a, &(0x7f0000000000)=ANY=[@ANYBLOB="03010000000000ff000000000081daf4fc5cb01ffadf8f7df70600007f00060000e3b3dc6901000819dd0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r7, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x482}]}) 16:48:55 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0x4008ae93, &(0x7f0000000040)={0x1, 0x0, [{0x488}]}) [ 646.786359][ T7238] minix_free_inode: bit 1 already cleared [ 646.871103][T18533] ntfs: (device loop2): parse_options(): Unrecognized mount option . 16:48:55 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0x4040ae9e, &(0x7f0000000040)={0x1, 0x0, [{0x481}]}) 16:48:55 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0x4008ae9c, &(0x7f0000000040)={0x1, 0x0, [{0x488}]}) 16:48:55 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r3 = fcntl$dupfd(r2, 0x0, r2) bind$unix(r2, &(0x7f0000000100)=@file={0x1, './file0\x00'}, 0x6e) ioctl$PERF_EVENT_IOC_ID(r3, 0x80082407, &(0x7f0000000000)) r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r4, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r4, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x483}]}) socket$inet6_udplite(0xa, 0x2, 0x88) 16:48:55 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2}, 0x0, 0xf000000}}, 0xf8}}, 0x0) [ 646.991234][T18558] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 647.022677][T18558] attempt to access beyond end of device [ 647.077831][T18558] loop5: rw=2049, want=6434, limit=52 [ 647.084110][T18558] buffer_io_error: 8 callbacks suppressed [ 647.084119][T18558] Buffer I/O error on dev loop5, logical block 3216, lost async page write 16:48:55 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0x40186366, &(0x7f0000000040)={0x1, 0x0, [{0x488}]}) [ 647.119546][T18592] attempt to access beyond end of device [ 647.125555][T18592] loop5: rw=0, want=6434, limit=52 [ 647.138844][T18592] Buffer I/O error on dev loop5, logical block 3216, async page read 16:48:55 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0x4040aea0, &(0x7f0000000040)={0x1, 0x0, [{0x481}]}) 16:48:55 executing program 5: open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) write$P9_ROPEN(r0, &(0x7f0000000280)={0x18, 0x71, 0x0, {{}, 0xd000000}}, 0x18) 16:48:55 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = perf_event_open(&(0x7f000001d000)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={0x0, 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000200)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r1, 0x0) r2 = perf_event_open(0x0, 0x0, 0x10000000000, r1, 0x0) r3 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') dup3(r3, r2, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r5 = fcntl$dupfd(r4, 0x0, r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) r6 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r7, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r7, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x482}]}) 16:48:55 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2}, 0x0, 0x3b040000}}, 0xf8}}, 0x0) 16:48:55 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) ioctl$PIO_CMAP(0xffffffffffffffff, 0x4b71, &(0x7f0000000000)={0x8000, 0x80000001, 0x1efa, 0xff, 0x14, 0xdb2}) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r0, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYRES16]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x483}]}) [ 647.271973][ T7238] minix_free_inode: bit 1 already cleared 16:48:55 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2}, 0x0, 0x60000000}}, 0xf8}}, 0x0) 16:48:55 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0x4020940d, &(0x7f0000000040)={0x1, 0x0, [{0x488}]}) 16:48:56 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0x4048ae9b, &(0x7f0000000040)={0x1, 0x0, [{0x481}]}) 16:48:56 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r4 = fcntl$dupfd(r3, 0x0, r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) r5 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_EVENTS(r5, 0x84, 0xb, &(0x7f0000000040)={0x0, 0x3}, 0xe) shutdown(r5, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r5, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x10, &(0x7f0000000240)=[@in={0x2, 0x0, @local}]}, &(0x7f0000000180)=0x10) r6 = socket$inet(0x2, 0x80001, 0x84) getsockopt$inet_sctp_SCTP_MAX_BURST(r6, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={0x0}, &(0x7f0000000040)=0x8) setsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r5, 0x84, 0x79, &(0x7f00000000c0)={r7}, 0x8) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(0xffffffffffffffff, 0x84, 0x66, &(0x7f0000000000)={r7, 0x4}, &(0x7f0000000100)=0x8) getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r4, 0x84, 0x6, &(0x7f0000000140)={r8, @in6={{0xa, 0x4e20, 0xd3, @private1={0xfc, 0x1, [], 0x1}, 0x3f}}}, &(0x7f0000000200)=0x84) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x482}]}) 16:48:56 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2}, 0x0, 0x9effffff}}, 0xf8}}, 0x0) [ 647.462204][T18648] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 647.509007][T18648] attempt to access beyond end of device [ 647.525045][T18648] loop5: rw=2049, want=6434, limit=52 16:48:56 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0x4040ae9e, &(0x7f0000000040)={0x1, 0x0, [{0x488}]}) [ 647.607651][T18648] Buffer I/O error on dev loop5, logical block 3216, lost async page write [ 647.641306][T18685] attempt to access beyond end of device [ 647.651496][T18685] loop5: rw=0, want=6434, limit=52 16:48:56 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2}, 0x0, 0xefffffff}}, 0xf8}}, 0x0) 16:48:56 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0x4068aea3, &(0x7f0000000040)={0x1, 0x0, [{0x481}]}) [ 647.656636][T18685] Buffer I/O error on dev loop5, logical block 3216, async page read 16:48:56 executing program 5: open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) write$P9_ROPEN(r0, &(0x7f0000000280)={0x18, 0x71, 0x0, {{}, 0xe000000}}, 0x18) 16:48:56 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) r3 = perf_event_open(&(0x7f000001d000)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={0x0, 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mmap$xdp(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x2, 0x810, r0, 0x180000000) perf_event_open(&(0x7f0000000200)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r3, 0x0) r4 = perf_event_open(&(0x7f0000000000)={0x2, 0x70, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r3, 0x0) r5 = perf_event_open(&(0x7f000001d000)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={0x0, 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000200)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r5, 0x0) r6 = perf_event_open(&(0x7f0000000000)={0x2, 0x70, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r5, 0x0) r7 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') dup3(r7, r6, 0x0) getsockopt$inet_pktinfo(r7, 0x0, 0x8, &(0x7f00000006c0)={0x0, @initdev, @remote}, &(0x7f0000000700)=0xc) r8 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') dup3(r8, r4, 0x0) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f0000000240)={{{@in=@initdev, @in=@remote, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@private0}, 0x0, @in=@empty}}, &(0x7f0000000000)=0xe8) sendmsg$xdp(r8, &(0x7f0000000680)={&(0x7f0000000040)={0x2c, 0x2, r9, 0x39}, 0x10, &(0x7f0000000600)=[{&(0x7f0000000340)="6ba150bbf96f2cb57fa755d4c4b3e024532e4f8219aa883f3ad183748afc4f3b53ffe026cac5dd14b2f810f18aa3228180d1f988af759d31dfb36f49b68896cb235a700fb1ab8b3d1f155f059095039ad44360fb9f69d6b45682b144b68ecb6a2d2182d1af8b7d066ed09bc057ddcdfad73816e456dc15e8", 0x78}, {&(0x7f00000003c0)="8dce9102962c13dec383894526e1ee5603e5f36da8df4e45eb624f41e962e27d7e1ce2daf102b7acd5af9208e4c39497f5a44350b273c8edbdd468ed11124173f365c6cbed402cd80687c18f21f136d479cbe47e619d28a8a14551d4ad348d37a9b58ba1c61597bccb2d061556b2e5f5d37b83b54fdefa", 0x77}, {&(0x7f0000000100)="a27111e12b4190f023e1660bc02ee6fc9d0c89f7f8467bee9442da", 0x1b}, {&(0x7f0000000440)="f5ccfe5a4ff67effc1f6f1a1db823e82ca1752e2db6ee53de412137ecc200d33d2a54444b8b1c8a2cc43cece96426b2f528fa451b7b3a1331e2b412f96a31db794c083eb12901b5dbc6fec14fd", 0x4d}, {&(0x7f00000004c0)="6e57adfa1bdb31a62f811cc011cadde804f9623b9ed4a1a19581714fe9b25eb8e4fdbc4d2ecd98335ffdcb15e591d65ffd6b6eb378d69d031af90c4b447d30778d8d7bea47902f6670c2f407f3440962a5cb17e71a7deef6d2f95580d283af5304bb3b3dcc40261d698c6d829ceefd72b0", 0x71}, {&(0x7f0000000540)="e03489c12efc19e6732121f8bf5257c9ebcdce78dc9ecc64c5820e6a9b074c997b063641a38c4838d4a255", 0x2b}, {&(0x7f0000000580)="17517a740b5af47fbd1ab1a0e46f043ffa5ee371cd168fd5cdc647e971053e7b5fe5cd03a169a1c31acc4200f1f2329d1d49aeec13d89789d4f4d486ceebcf152021cf16a297b4c912ed75b3c95214aebff20facc8bf81a8bcba9a37f4d9b003ed386abae6f022705010672c", 0x6c}], 0x7, 0x0, 0x0, 0x40}, 0x804) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000140)=ANY=[@ANYBLOB="010000000000000083040000000000000000000000000000936917a029e74553e704e9654b1410c0e834556f417b09501590307cac8208b870fa70533910ec38cbd434b57d364ce324141ff89b682f45036944c6da9f41eab3d030002129ef7fd508e711904b4bf73d0288c0b69c05904c6ed9c8e4385e07ab660dabb3d3be15b99c996d9a57a0492d0dd3874c28fee5054e6a546c342deb571240e26a5e9c7fc4a1ebaa2169a632d08ebf29b26434c3c44fbbed8b888c00"/199]) 16:48:56 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff000400060000e3b3dc69cfce0819ee0000010008000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x482}]}) [ 647.779566][ T7238] minix_free_inode: bit 1 already cleared 16:48:56 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0x4040aea0, &(0x7f0000000040)={0x1, 0x0, [{0x488}]}) 16:48:56 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2}, 0x0, 0xf0ffffff}}, 0xf8}}, 0x0) 16:48:56 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0x4080aea2, &(0x7f0000000040)={0x1, 0x0, [{0x481}]}) [ 647.902615][T18720] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 647.935351][T18720] attempt to access beyond end of device [ 648.012555][T18720] loop5: rw=2049, want=6434, limit=52 [ 648.072750][T18720] Buffer I/O error on dev loop5, logical block 3216, lost async page write 16:48:56 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2}, 0x0, 0xfc020000}}, 0xf8}}, 0x0) 16:48:56 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) fcntl$dupfd(r3, 0x0, r3) r4 = pidfd_getfd(0xffffffffffffffff, r3, 0x0) bind$llc(r4, &(0x7f0000000000)={0x1a, 0x339, 0x8, 0x5, 0x14, 0x8, @remote}, 0x10) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x482}]}) 16:48:56 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x483}]}) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r4 = fcntl$dupfd(r3, 0x0, r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff}) r6 = fcntl$dupfd(r5, 0x0, r5) ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200) r7 = socket$kcm(0x10, 0x2, 0x10) r8 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0)='TIPC\x00') sendmsg$TIPC_CMD_SET_LINK_PRI(r7, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)={0x68, r8, 0x8b8e0eb13081c495, 0x0, 0x0, {{}, {0x0, 0x4109}, {0x3, 0x18, {0x0, @link='broadcast-link\x00'}}}}, 0x68}}, 0x0) sendmsg$TIPC_CMD_SHOW_PORTS(r6, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f00000000c0)={&(0x7f0000000040)={0x1c, r8, 0x800, 0x70bd27, 0x25dfdbfc, {}, ["", "", "", "", "", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x40000}, 0x40008c1) sendmsg$TIPC_CMD_DISABLE_BEARER(r4, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000140)={&(0x7f00000001c0)={0x2c, r8, 0x8, 0x70bd2a, 0x25dfdbfe, {{}, {}, {0x10, 0x13, @udp='udp:syz0\x00'}}, ["", "", "", "", "", "", ""]}, 0x2c}, 0x1, 0x0, 0x0, 0xc044001}, 0x4008080) [ 648.144895][T18760] attempt to access beyond end of device [ 648.175138][T18760] loop5: rw=0, want=6434, limit=52 16:48:56 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0x4048ae9b, &(0x7f0000000040)={0x1, 0x0, [{0x488}]}) [ 648.189591][T18760] Buffer I/O error on dev loop5, logical block 3216, async page read 16:48:56 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0x4080aebf, &(0x7f0000000040)={0x1, 0x0, [{0x481}]}) 16:48:56 executing program 5: open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) write$P9_ROPEN(r0, &(0x7f0000000280)={0x18, 0x71, 0x0, {{}, 0x10000000}}, 0x18) 16:48:56 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2}, 0x0, 0xffff0000}}, 0xf8}}, 0x0) [ 648.298828][ T7238] minix_free_inode: bit 1 already cleared 16:48:57 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cachefiles\x00', 0x900, 0x0) r1 = perf_event_open(&(0x7f000001d000)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={0x0, 0x1}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000200)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r1, 0x0) r2 = perf_event_open(&(0x7f0000000000)={0x2, 0x70, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r1, 0x0) r3 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') dup3(r3, r2, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x1) ioctl$KVM_SET_CPUID(r4, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r4, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x482}]}) ioctl$SOUND_PCM_READ_BITS(r3, 0x80045005, &(0x7f0000000100)) syz_init_net_socket$x25(0x9, 0x5, 0x0) [ 648.391905][T18806] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 648.412479][T18806] attempt to access beyond end of device [ 648.426667][T18806] loop5: rw=2049, want=6434, limit=52 16:48:57 executing program 5: open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) write$P9_ROPEN(r0, &(0x7f0000000280)={0x18, 0x71, 0x0, {{}, 0x11000000}}, 0x18) [ 648.436506][T18806] Buffer I/O error on dev loop5, logical block 3216, lost async page write [ 648.459022][T18815] attempt to access beyond end of device [ 648.464792][T18815] loop5: rw=0, want=6434, limit=52 [ 648.472342][T18815] Buffer I/O error on dev loop5, logical block 3216, async page read 16:48:57 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0x4090ae82, &(0x7f0000000040)={0x1, 0x0, [{0x481}]}) 16:48:57 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0x4068aea3, &(0x7f0000000040)={0x1, 0x0, [{0x488}]}) 16:48:57 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2}, 0x0, 0xffffff7f}}, 0xf8}}, 0x0) [ 648.507889][ T7238] minix_free_inode: bit 1 already cleared [ 648.630001][T18836] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 648.653413][T18836] attempt to access beyond end of device [ 648.666090][T18836] loop5: rw=2049, want=6434, limit=52 [ 648.680059][T18836] Buffer I/O error on dev loop5, logical block 3216, lost async page write 16:48:57 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2}, 0x0, 0xffffff9e}}, 0xf8}}, 0x0) 16:48:57 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x482}]}) r3 = perf_event_open(&(0x7f000001d000)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={0x0, 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000200)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r3, 0x0) r4 = perf_event_open(&(0x7f0000000000)={0x2, 0x70, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r3, 0x0) r5 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') dup3(r5, r4, 0x0) r6 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_EVENTS(r6, 0x84, 0xb, &(0x7f0000000040)={0x0, 0x3}, 0xe) shutdown(r6, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r6, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x10, &(0x7f00000002c0)=[@in={0x2, 0x0, @local}]}, &(0x7f0000000180)=0x10) r7 = socket$inet(0x2, 0x80001, 0x84) getsockopt$inet_sctp_SCTP_MAX_BURST(r7, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={0x0}, &(0x7f0000000040)=0x8) setsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r6, 0x84, 0x79, &(0x7f00000000c0)={r8}, 0x8) setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r5, 0x84, 0x9, &(0x7f0000000100)={r8, @in={{0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x34}}}, 0x8000, 0x4, 0x0, 0x7, 0x20, 0x10001}, 0x9c) [ 648.740920][T18847] attempt to access beyond end of device [ 648.792111][T18847] loop5: rw=0, want=6434, limit=52 16:48:57 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0x4138ae84, &(0x7f0000000040)={0x1, 0x0, [{0x481}]}) 16:48:57 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0x4080aea2, &(0x7f0000000040)={0x1, 0x0, [{0x488}]}) 16:48:57 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2}, 0x0, 0xffffffef}}, 0xf8}}, 0x0) [ 648.828773][T18847] Buffer I/O error on dev loop5, logical block 3216, async page read 16:48:57 executing program 5: open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) write$P9_ROPEN(r0, &(0x7f0000000280)={0x18, 0x71, 0x0, {{}, 0x12000000}}, 0x18) [ 648.954747][ T7238] minix_free_inode: bit 1 already cleared 16:48:57 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2}, 0x0, 0xfffffff0}}, 0xf8}}, 0x0) 16:48:57 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0x4188aea7, &(0x7f0000000040)={0x1, 0x0, [{0x481}]}) [ 649.075858][T18898] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 649.090355][T18898] attempt to access beyond end of device [ 649.096147][T18898] loop5: rw=2049, want=6434, limit=52 16:48:57 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0x4080aebf, &(0x7f0000000040)={0x1, 0x0, [{0x488}]}) 16:48:57 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000140600007f00060000e3b3dc69cfce08f977823d19ee0000010000000000000000"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)=ANY=[@ANYBLOB]) [ 649.148815][T18901] attempt to access beyond end of device [ 649.154481][T18901] loop5: rw=0, want=6434, limit=52 16:48:57 executing program 5: open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) write$P9_ROPEN(r0, &(0x7f0000000280)={0x18, 0x71, 0x0, {{}, 0x17000000}}, 0x18) 16:48:57 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2}}}, 0x10}}, 0x0) 16:48:57 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0x41a0ae8d, &(0x7f0000000040)={0x1, 0x0, [{0x481}]}) [ 649.214382][ T7238] minix_free_inode: bit 1 already cleared [ 649.350451][T18934] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 649.379503][T18934] attempt to access beyond end of device [ 649.392130][T18934] loop5: rw=2049, want=6434, limit=52 16:48:58 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2}}}, 0x2c0}}, 0x0) 16:48:58 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0x4090ae82, &(0x7f0000000040)={0x1, 0x0, [{0x488}]}) 16:48:58 executing program 5: open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) write$P9_ROPEN(r0, &(0x7f0000000280)={0x18, 0x71, 0x0, {{}, 0x18000000}}, 0x18) 16:48:58 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = perf_event_open(&(0x7f000001d000)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={0x0, 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000200)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r3, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r5 = fcntl$dupfd(r4, 0x0, r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) ioctl$KVM_GET_VCPU_EVENTS(r5, 0x8040ae9f, &(0x7f0000000280)) r6 = perf_event_open(&(0x7f0000000000)={0x2, 0x70, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r3, 0x0) r7 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') dup3(r7, r6, 0x0) r8 = dup3(0xffffffffffffffff, r7, 0x80000) ioctl$KVM_SET_GSI_ROUTING(r8, 0x4008ae6a, &(0x7f0000000100)={0x4, 0x0, [{0x1000, 0x2, 0x0, 0x0, @adapter={0x7, 0x2, 0x0, 0x1, 0x1}}, {0x3, 0x0, 0x0, 0x0, @msi={0x2, 0x100, 0x5, 0x2}}, {0x9, 0x1, 0x0, 0x0, @irqchip={0x101, 0x6}}, {0x5, 0x3, 0x0, 0x0, @sint={0x7f, 0x2}}]}) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x482}]}) [ 649.425784][T18945] attempt to access beyond end of device [ 649.432725][T18945] loop5: rw=0, want=6434, limit=52 [ 649.459338][ T7238] minix_free_inode: bit 1 already cleared 16:48:58 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0x4400ae8f, &(0x7f0000000040)={0x1, 0x0, [{0x481}]}) 16:48:58 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2}}}, 0xec0}}, 0x0) [ 649.639313][T18973] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 649.670331][T18968] attempt to access beyond end of device 16:48:58 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0x4138ae84, &(0x7f0000000040)={0x1, 0x0, [{0x488}]}) [ 649.702145][T18968] loop5: rw=2049, want=6434, limit=52 [ 649.765241][T18973] attempt to access beyond end of device [ 649.777681][T18973] loop5: rw=0, want=6434, limit=52 16:48:58 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2}}}, 0x33fe0}}, 0x0) 16:48:58 executing program 5: open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) write$P9_ROPEN(r0, &(0x7f0000000280)={0x18, 0x71, 0x0, {{}, 0x20000000}}, 0x18) [ 649.830929][ T7238] minix_free_inode: bit 1 already cleared 16:48:58 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0x4188aea7, &(0x7f0000000040)={0x1, 0x0, [{0x488}]}) 16:48:58 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0x5000aea5, &(0x7f0000000040)={0x1, 0x0, [{0x481}]}) [ 649.942856][T19007] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 649.979430][T19007] attempt to access beyond end of device [ 649.998576][T19007] loop5: rw=2049, want=6434, limit=52 16:48:58 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2}}}, 0x20000938}}, 0x0) 16:48:58 executing program 5: open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) write$P9_ROPEN(r0, &(0x7f0000000280)={0x18, 0x71, 0x0, {{}, 0x2025d95e}}, 0x18) [ 650.033330][T19015] attempt to access beyond end of device [ 650.041366][T19015] loop5: rw=0, want=6434, limit=52 [ 650.047011][ T27] kauditd_printk_skb: 17 callbacks suppressed [ 650.047017][ T27] audit: type=1800 audit(1591289338.661:1392): pid=19015 uid=0 auid=0 ses=4 subj=_ op=collect_data cause=failed comm="syz-executor.5" name="/" dev="loop5" ino=1 res=0 16:48:58 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2}}}, 0x7ffff000}}, 0x0) [ 650.111190][ T7238] minix_free_inode: bit 1 already cleared 16:48:58 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0x41a0ae8d, &(0x7f0000000040)={0x1, 0x0, [{0x488}]}) 16:48:58 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0x8004ae98, &(0x7f0000000040)={0x1, 0x0, [{0x481}]}) [ 650.209333][ T27] audit: type=1800 audit(1591289338.821:1393): pid=19035 uid=0 auid=0 ses=4 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.5" name="file0" dev="sda1" ino=16290 res=0 [ 650.243640][T19035] MINIX-fs: mounting unchecked file system, running fsck is recommended 16:48:58 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2}}}, 0xfffffdef}}, 0x0) [ 650.310671][T19035] attempt to access beyond end of device [ 650.316335][T19035] loop5: rw=2049, want=6434, limit=52 16:48:59 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0x4400ae8f, &(0x7f0000000040)={0x1, 0x0, [{0x488}]}) 16:48:59 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2}}}, 0xf8}, 0x2}, 0x0) [ 650.430356][T19056] attempt to access beyond end of device [ 650.465093][T19056] loop5: rw=0, want=6434, limit=52 [ 650.494352][ T27] audit: type=1800 audit(1591289339.111:1394): pid=19056 uid=0 auid=0 ses=4 subj=_ op=collect_data cause=failed comm="syz-executor.5" name="/" dev="loop5" ino=1 res=0 16:48:59 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0x80086301, &(0x7f0000000040)={0x1, 0x0, [{0x481}]}) 16:48:59 executing program 5: open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) write$P9_ROPEN(r0, &(0x7f0000000280)={0x18, 0x71, 0x0, {{}, 0x25000000}}, 0x18) 16:48:59 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0x5000aea5, &(0x7f0000000040)={0x1, 0x0, [{0x488}]}) [ 650.578918][ T7238] minix_free_inode: bit 1 already cleared 16:48:59 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2}}}, 0xf8}, 0x5}, 0x0) [ 650.736854][ T27] audit: type=1800 audit(1591289339.351:1395): pid=19090 uid=0 auid=0 ses=4 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.5" name="file0" dev="sda1" ino=16371 res=0 16:48:59 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x7ffffffffffffffd) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f0000000200)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef71498fb3e61f4ce7a23d0fbb186e38c557d2dea269e253951db1cb514cb6cac4b700de796874954e8843f53bd8625ef9eb1557fd35366822af5f5238d99455e1d7199b32ed2a53afc7f206a133e8b2b8e3495ba6c42217461386860fbf7d95648b5131e8f032343c8bd7c613d8ec90b50374d4acac6cd270f6081d4f83090fe57bd9b86a658eaf5def02e19e88f81a1a4eef6a6f5263288294056e3a318b8c87f58460d2411754a6b4aa437b85fa0ebc4572ffa7807d11d5ff33c4acded1a001374e47a5d09387dcde8ce8696ad3843349f6274d"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x482}]}) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000005c0)='nl80211\x00') sendmsg$NL80211_CMD_SET_WIPHY(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000000)={0x1c, r3, 0x1, 0x0, 0x0, {}, [@NL80211_ATTR_WIPHY_RETRY_SHORT={0x5}]}, 0x1c}}, 0x0) sendmsg$NL80211_CMD_DEL_MPATH(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x28, r3, 0x100, 0x70bd2c, 0x25dfdbfb, {}, [@NL80211_ATTR_WIPHY={0x8, 0x1, 0x2}, @NL80211_ATTR_MPATH_NEXT_HOP={0xa, 0x1a, @local}]}, 0x28}, 0x1, 0x0, 0x0, 0x40041}, 0x20000000) 16:48:59 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0x8004ae98, &(0x7f0000000040)={0x1, 0x0, [{0x488}]}) [ 650.786324][T19097] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 650.816207][T19090] attempt to access beyond end of device 16:48:59 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0x8040ae9f, &(0x7f0000000040)={0x1, 0x0, [{0x481}]}) [ 650.846514][T19090] loop5: rw=2049, want=6434, limit=52 16:48:59 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2}}}, 0xf8}, 0x8}, 0x0) [ 650.916887][T19097] attempt to access beyond end of device [ 650.927334][T19097] loop5: rw=0, want=6434, limit=52 16:48:59 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0x8080aea1, &(0x7f0000000040)={0x1, 0x0, [{0x481}]}) [ 650.975872][ T27] audit: type=1800 audit(1591289339.591:1396): pid=19097 uid=0 auid=0 ses=4 subj=_ op=collect_data cause=failed comm="syz-executor.5" name="/" dev="loop5" ino=1 res=0 16:48:59 executing program 5: open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) write$P9_ROPEN(r0, &(0x7f0000000280)={0x18, 0x71, 0x0, {{}, 0x3f000000}}, 0x18) 16:48:59 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0x80086301, &(0x7f0000000040)={0x1, 0x0, [{0x488}]}) [ 651.090213][ T7238] minix_free_inode: bit 1 already cleared 16:48:59 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2}}}, 0xf8}, 0x300}, 0x0) 16:48:59 executing program 1: openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) r2 = perf_event_open(&(0x7f000001d000)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={0x0, 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000200)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r2, 0x0) r3 = perf_event_open(&(0x7f0000000000)={0x2, 0x70, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r2, 0x0) r4 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') dup3(r4, r3, 0x0) r5 = socket$nl_route(0x10, 0x3, 0x0) getsockopt$netlink(r5, 0x10e, 0x2, &(0x7f0000000280)=""/226, &(0x7f0000000180)=0xe2) ioctl$KVM_SET_CPUID(r4, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="0300000000a2050001000000000000007f00060000e3b3dc69cfce0819ee0000e50000ef"]) openat$full(0xffffffffffffff9c, &(0x7f0000000100)='/dev/full\x00', 0x0, 0x0) ioctl$KVM_SET_MSRS(r1, 0xc008ae88, &(0x7f0000000040)=ANY=[@ANYBLOB="010d00"/24]) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r7 = fcntl$dupfd(r6, 0x0, r6) ioctl$PERF_EVENT_IOC_ENABLE(r7, 0x8912, 0x400200) ioctl$MON_IOCT_RING_SIZE(r7, 0x9204, 0xff1a) 16:48:59 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0x8090ae81, &(0x7f0000000040)={0x1, 0x0, [{0x481}]}) [ 651.211173][ T27] audit: type=1800 audit(1591289339.831:1397): pid=19149 uid=0 auid=0 ses=4 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.5" name="file0" dev="sda1" ino=16275 res=0 [ 651.244753][T19149] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 651.280647][T19149] attempt to access beyond end of device 16:48:59 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2}}}, 0xf8}, 0xffffff1f}, 0x0) [ 651.332452][T19149] loop5: rw=2049, want=6434, limit=52 [ 651.349283][T19162] attempt to access beyond end of device [ 651.356259][T19162] loop5: rw=0, want=6434, limit=52 [ 651.366682][ T27] audit: type=1800 audit(1591289339.981:1398): pid=19162 uid=0 auid=0 ses=4 subj=_ op=collect_data cause=failed comm="syz-executor.5" name="/" dev="loop5" ino=1 res=0 16:49:00 executing program 5: open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) write$P9_ROPEN(r0, &(0x7f0000000280)={0x18, 0x71, 0x0, {{}, 0x46753200}}, 0x18) [ 651.408404][ T7238] minix_free_inode: bit 1 already cleared [ 651.529283][ T27] audit: type=1800 audit(1591289340.151:1399): pid=19183 uid=0 auid=0 ses=4 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.5" name="file0" dev="sda1" ino=16381 res=0 16:49:00 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2}}}, 0xf8}, 0x1, 0x2}, 0x0) 16:49:00 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0x8138ae83, &(0x7f0000000040)={0x1, 0x0, [{0x481}]}) 16:49:00 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0x8040ae9f, &(0x7f0000000040)={0x1, 0x0, [{0x488}]}) [ 651.584965][T19183] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 651.675937][T19183] attempt to access beyond end of device [ 651.721920][T19183] loop5: rw=2049, want=6434, limit=52 [ 651.758358][T19192] attempt to access beyond end of device [ 651.764127][T19192] loop5: rw=0, want=6434, limit=52 16:49:00 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2}}}, 0xf8}, 0x1, 0x3}, 0x0) 16:49:00 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0x8188aea6, &(0x7f0000000040)={0x1, 0x0, [{0x481}]}) [ 651.803281][ T27] audit: type=1800 audit(1591289340.421:1400): pid=19192 uid=0 auid=0 ses=4 subj=_ op=collect_data cause=failed comm="syz-executor.5" name="/" dev="loop5" ino=1 res=0 16:49:00 executing program 5: open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) write$P9_ROPEN(r0, &(0x7f0000000280)={0x18, 0x71, 0x0, {{}, 0x48000000}}, 0x18) 16:49:00 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) r3 = socket(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x9, &(0x7f0000000140)={&(0x7f0000000000)=@newlink={0x3c, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x75747}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc, 0x1, 'macvtap\x00'}, {0x4}}}, @IFLA_LINK={0x8}]}, 0x3c}}, 0x0) r4 = socket(0x1, 0x803, 0x0) getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000180)=0x14) r6 = socket(0x10, 0x3, 0x0) sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=@newlink={0x20, 0x10, 0x401, 0x0, 0x2, {0x0, 0x0, 0x0, 0x0, 0x77207}}, 0x20}}, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r8 = fcntl$dupfd(r7, 0x0, r7) ioctl$PERF_EVENT_IOC_ENABLE(r8, 0x8912, 0x400200) getsockopt$inet_IP_XFRM_POLICY(r8, 0x0, 0x11, &(0x7f0000000180)={{{@in=@remote, @in6=@initdev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@initdev}, 0x0, @in=@broadcast}}, &(0x7f0000000280)=0xe8) r10 = socket(0x1, 0x803, 0x0) getsockname$packet(r10, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000180)=0x14) r12 = socket(0x10, 0x3, 0x0) sendmsg$nl_route(r12, &(0x7f0000000080)={0x0, 0x9, &(0x7f0000000140)={&(0x7f0000000000)=@newlink={0x3c, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x75747}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc, 0x1, 'macvtap\x00'}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r11}]}, 0x3c}}, 0x0) sendmsg$TEAM_CMD_OPTIONS_GET(0xffffffffffffffff, &(0x7f00000005c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000580)={&(0x7f00000002c0)={0x2a8, 0x0, 0x2, 0x70bd2b, 0x25dfdbff, {}, [{{0x8}, {0xc4, 0x2, 0x0, 0x1, [{0x40, 0x1, @name={{0x24, 0x1, 'mode\x00'}, {0x5}, {0xe, 0x4, 'broadcast\x00'}}}, {0x40, 0x1, @lb_hash_stats={{{0x24, 0x1, 'lb_hash_stats\x00'}, {0x5}, {0x8}}, {0x8}}}, {0x40, 0x1, @lb_port_stats={{{0x24, 0x1, 'lb_port_stats\x00'}, {0x5}, {0x8, 0x4, 0x400}}, {0x8}}}]}}, {{0x8}, {0x1c0, 0x2, 0x0, 0x1, [{0x3c, 0x1, @user_linkup={{{0x24, 0x1, 'user_linkup\x00'}, {0x5}, {0x4}}, {0x8}}}, {0x3c, 0x1, @user_linkup={{{0x24, 0x1, 'user_linkup\x00'}, {0x5}, {0x4}}, {0x8, 0x6, r5}}}, {0x40, 0x1, @name={{0x24, 0x1, 'mode\x00'}, {0x5}, {0x10, 0x4, 'loadbalance\x00'}}}, {0x40, 0x1, @lb_hash_stats={{{0x24, 0x1, 'lb_hash_stats\x00'}, {0x5}, {0x8, 0x4, 0x7}}, {0x8}}}, {0x3c, 0x1, @user_linkup={{{0x24, 0x1, 'user_linkup\x00'}, {0x5}, {0x4}}, {0x8, 0x6, r9}}}, {0x4c, 0x1, @lb_tx_method={{0x24, 0x1, 'lb_tx_method\x00'}, {0x5}, {0x19, 0x4, 'hash_to_port_mapping\x00'}}}, {0x3c, 0x1, @user_linkup={{{0x24, 0x1, 'user_linkup\x00'}, {0x5}, {0x4}}, {0x8, 0x6, r11}}}]}}]}, 0x2a8}}, 0x2000c080) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x482}]}) 16:49:00 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0x8080aea1, &(0x7f0000000040)={0x1, 0x0, [{0x488}]}) [ 651.891031][ T7238] minix_free_inode: bit 1 already cleared 16:49:00 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2}}}, 0xf8}, 0x1, 0x4}, 0x0) [ 652.004141][ T27] audit: type=1800 audit(1591289340.621:1401): pid=19230 uid=0 auid=0 ses=4 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.5" name="file0" dev="sda1" ino=16384 res=0 [ 652.016701][T19230] MINIX-fs: mounting unchecked file system, running fsck is recommended 16:49:00 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0x8090ae81, &(0x7f0000000040)={0x1, 0x0, [{0x488}]}) [ 652.072917][T19230] attempt to access beyond end of device [ 652.095459][T19230] loop5: rw=2049, want=6434, limit=52 [ 652.101514][T19230] buffer_io_error: 16 callbacks suppressed [ 652.101522][T19230] Buffer I/O error on dev loop5, logical block 3216, lost async page write 16:49:00 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0x81a0ae8c, &(0x7f0000000040)={0x1, 0x0, [{0x481}]}) [ 652.156671][T19243] attempt to access beyond end of device [ 652.174230][T19243] loop5: rw=0, want=6434, limit=52 [ 652.180145][T19243] Buffer I/O error on dev loop5, logical block 3216, async page read 16:49:00 executing program 5: open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) write$P9_ROPEN(r0, &(0x7f0000000280)={0x18, 0x71, 0x0, {{}, 0x4c000000}}, 0x18) 16:49:00 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0x8138ae83, &(0x7f0000000040)={0x1, 0x0, [{0x488}]}) 16:49:00 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2}}}, 0xf8}, 0x1, 0x9}, 0x0) 16:49:00 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000004000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x482}]}) [ 652.258463][ T7238] minix_free_inode: bit 1 already cleared 16:49:00 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0x8400ae8e, &(0x7f0000000040)={0x1, 0x0, [{0x481}]}) 16:49:01 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2}}}, 0xf8}, 0x1, 0xa}, 0x0) 16:49:01 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0x8188aea6, &(0x7f0000000040)={0x1, 0x0, [{0x488}]}) [ 652.447597][T19287] MINIX-fs: mounting unchecked file system, running fsck is recommended 16:49:01 executing program 1: openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r0, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r0, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x482}]}) [ 652.578164][T19287] attempt to access beyond end of device 16:49:01 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0x9000aea4, &(0x7f0000000040)={0x1, 0x0, [{0x481}]}) 16:49:01 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2}}}, 0xf8}, 0x1, 0xf}, 0x0) 16:49:01 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0x81a0ae8c, &(0x7f0000000040)={0x1, 0x0, [{0x488}]}) [ 652.671321][T19287] loop5: rw=2049, want=6434, limit=52 [ 652.693383][T19287] Buffer I/O error on dev loop5, logical block 3216, lost async page write [ 652.743677][T19310] attempt to access beyond end of device [ 652.753702][T19310] loop5: rw=0, want=6434, limit=52 16:49:01 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000003c0)=ANY=[@ANYBLOB="0000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef198eceb231e0a8c7a115faef82a46d4c9c16d764251898a2d7c5e8b59ac0469382547225cde922c095197141f5ce7f90cafecc7f9bfd87176adea92baafacae105244a080229853d199602c6fee51722edd71f2b0ea7e3a954f87e3d0b9484e6cc51d24f4af2d214028b5f1428a63f62b2971db3fd2eccd106b78841c0086e5ad897080e765b8163775a58c87355ccf14df3a7de729f6a53d4f87bcd1e872bc8e64c0bda54ebbff9660da9f96586ca22707d0dd5c74a2b274fcaf362702d377b5c74b0c9084e7aa38a8f102f23e750e23ffff038386f7aacf9b1a19a153343965e9a3f927689cbcd99374724230b41d2302ec6d6967d0f7878b6f34ce08b77daca2b58a6e4602a0a1c9bd4fb157c9f4e722a85572547d5aaadb4bea1e60278dc58871aadd098e943413f2476a902026a5589d1089bc5e696606f33e123fb247c74aafde2f93d17a6aaf75d8c653896b8dee77a61de13970736fda2969fb610e54c99c1f64987e4c81ca9f106bde1fc9b00295c33fbc0acadff287fb2c8f35d7338b2f6199756801ef762e673bf7d9ab4b52f2df86bc5d9f9c849b77fa04306a2537a26841d6a589ea5ed533498aa415c92e407245ef29beea8b934c2b52004bfc369a0b37b16392cdeff59e750a367a6ee77d9f29ffe1d9bff9a445a0761754903b3a0e44cc76b779dc2ac76e66da66deab6edf5fd261055b1bf74e627fcb15aea6a55859551c0fa0f181917b0c4066fc306f9d519a2553c72aa55e8bbd085aaa277a5f86b06689f4236247c3f2a1c6b5f5f0d662c3106eb0d6d13cbe558dcd70554074d90a8ae7b296f6c5b163a39767cf99be75a078acbdb57eeea9213c653fa6dddf5f7dbc4c6bf782d9a2507ca32d1069ee2adc1fa9d7b47062eedd8c97ea69c7ab414451b5a9cf825d6f19a28f53b84e05f0eaa6be9bb2aedf0df26499b36a170bb8b4786108ab8a2a5e70193bbd8"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x482}]}) [ 652.786571][T19310] Buffer I/O error on dev loop5, logical block 3216, async page read 16:49:01 executing program 5: open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) write$P9_ROPEN(r0, &(0x7f0000000280)={0x18, 0x71, 0x0, {{}, 0x5ed92520}}, 0x18) 16:49:01 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2}}}, 0xf8}, 0x1, 0x60}, 0x0) 16:49:01 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc0045878, &(0x7f0000000040)={0x1, 0x0, [{0x481}]}) [ 652.893237][ T7238] minix_free_inode: bit 1 already cleared 16:49:01 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0x8400ae8e, &(0x7f0000000040)={0x1, 0x0, [{0x488}]}) 16:49:01 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) mlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x482}]}) 16:49:01 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2}}}, 0xf8}, 0x1, 0x2fc}, 0x0) [ 653.027094][T19363] MINIX-fs: mounting unchecked file system, running fsck is recommended 16:49:01 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc0045878, &(0x7f0000000040)={0x1, 0x0, [{0x481}]}) [ 653.075940][T19363] attempt to access beyond end of device [ 653.118568][T19363] loop5: rw=2049, want=6434, limit=52 16:49:01 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0x9000aea4, &(0x7f0000000040)={0x1, 0x0, [{0x488}]}) [ 653.174611][T19363] Buffer I/O error on dev loop5, logical block 3216, lost async page write 16:49:01 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)=ANY=[@ANYBLOB="0100000000729d18acd70000000000030000000000000000"]) [ 653.223197][T19389] attempt to access beyond end of device 16:49:01 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2}}}, 0xf8}, 0x1, 0x300}, 0x0) [ 653.258547][T19389] loop5: rw=0, want=6434, limit=52 [ 653.313169][T19389] Buffer I/O error on dev loop5, logical block 3216, async page read 16:49:02 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae91, &(0x7f0000000040)={0x1, 0x0, [{0x481}]}) 16:49:02 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc0045878, &(0x7f0000000040)={0x1, 0x0, [{0x488}]}) 16:49:02 executing program 5: open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) write$P9_ROPEN(r0, &(0x7f0000000280)={0x18, 0x71, 0x0, {{}, 0x60000000}}, 0x18) 16:49:02 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2}}}, 0xf8}, 0x1, 0x43b}, 0x0) 16:49:02 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r1, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="0300ff00000000000600007f00060000e3b3dc69cfce0819ee00000100001e5af8720000000000ef0000000000"]) ioctl$KVM_SET_MSRS(r1, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x482}]}) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)) setsockopt$IP_VS_SO_SET_ADDDEST(0xffffffffffffffff, 0x0, 0x487, &(0x7f0000000100)={{0x5c, @multicast2, 0x4e21, 0x2, 'lc\x00', 0x5, 0x4a, 0x48}, {@local, 0x4e20, 0x3, 0x0, 0x0, 0x3}}, 0x44) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) fcntl$dupfd(r2, 0x0, r2) r3 = fcntl$dupfd(r2, 0x406, r0) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$VHOST_SET_VRING_NUM(r3, 0x4008af10, &(0x7f0000000000)={0x2}) [ 653.456960][ T7238] minix_free_inode: bit 1 already cleared 16:49:02 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008aec1, &(0x7f0000000040)={0x1, 0x0, [{0x481}]}) 16:49:02 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2}}}, 0xf8}, 0x1, 0x900}, 0x0) [ 653.576615][T19445] MINIX-fs: mounting unchecked file system, running fsck is recommended 16:49:02 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc0045878, &(0x7f0000000040)={0x1, 0x0, [{0x488}]}) [ 653.628586][T19445] attempt to access beyond end of device 16:49:02 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff0000061100e3b369cfce0819ee0000010000000000000000000000ef00"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x482}]}) 16:49:02 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2}}}, 0xf8}, 0x1, 0xa00}, 0x0) [ 653.690240][T19445] loop5: rw=2049, want=6434, limit=52 [ 653.720490][T19445] Buffer I/O error on dev loop5, logical block 3216, lost async page write 16:49:02 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc0189436, &(0x7f0000000040)={0x1, 0x0, [{0x481}]}) [ 653.788601][T19482] attempt to access beyond end of device 16:49:02 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae91, &(0x7f0000000040)={0x1, 0x0, [{0x488}]}) [ 653.833935][T19482] loop5: rw=0, want=6434, limit=52 [ 653.847285][T19482] Buffer I/O error on dev loop5, logical block 3216, async page read 16:49:02 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2}}}, 0xf8}, 0x1, 0xf00}, 0x0) 16:49:02 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) r3 = perf_event_open(&(0x7f000001d000)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={0x0, 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000200)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r3, 0x0) r4 = perf_event_open(&(0x7f0000000000)={0x2, 0x70, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r3, 0x0) r5 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') dup3(r5, r4, 0x0) ioctl$DRM_IOCTL_ADD_CTX(r5, 0xc0086420, &(0x7f0000000000)) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x482}]}) 16:49:02 executing program 5: open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) write$P9_ROPEN(r0, &(0x7f0000000280)={0x18, 0x71, 0x0, {{}, 0x68000000}}, 0x18) 16:49:02 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008aec1, &(0x7f0000000040)={0x1, 0x0, [{0x488}]}) 16:49:02 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc018ae85, &(0x7f0000000040)={0x1, 0x0, [{0x481}]}) [ 653.998679][ T7238] minix_free_inode: bit 1 already cleared 16:49:02 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2}}}, 0xf8}, 0x1, 0x3b04}, 0x0) 16:49:02 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc020660b, &(0x7f0000000040)={0x1, 0x0, [{0x481}]}) 16:49:02 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc0189436, &(0x7f0000000040)={0x1, 0x0, [{0x488}]}) 16:49:02 executing program 1: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000001c40)={0x0, @empty, @empty}, &(0x7f0000001c80)=0xc) sendmsg$can_raw(r1, &(0x7f0000001dc0)={&(0x7f0000001cc0)={0x1d, r2}, 0x10, &(0x7f0000001d80)={&(0x7f0000001d00)=@canfd={{0x1, 0x1, 0x1}, 0x6, 0x0, 0x0, 0x0, "2f8bf6371acd85fb56c44f3eaed84e33e6025ac88da28e21f3b9ba6ff4963388fd93ceedab71e3338044ec3b5b67c8039a50d4500d6223f961839005700f02f5"}, 0x48}, 0x1, 0x0, 0x0, 0x40}, 0x40810) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r5, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r5, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x482}]}) [ 654.163600][T19549] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 654.238941][T19549] attempt to access beyond end of device [ 654.244602][T19549] loop5: rw=2049, want=6434, limit=52 16:49:02 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2}}}, 0xf8}, 0x1, 0x6000}, 0x0) [ 654.306418][T19549] Buffer I/O error on dev loop5, logical block 3216, lost async page write 16:49:03 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc018ae85, &(0x7f0000000040)={0x1, 0x0, [{0x488}]}) 16:49:03 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc028ae92, &(0x7f0000000040)={0x1, 0x0, [{0x481}]}) [ 654.370560][T19581] attempt to access beyond end of device [ 654.402463][T19581] loop5: rw=0, want=6434, limit=52 [ 654.424515][T19581] Buffer I/O error on dev loop5, logical block 3216, async page read 16:49:03 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2}}}, 0xf8}, 0x1, 0xfc02}, 0x0) 16:49:03 executing program 5: open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) write$P9_ROPEN(r0, &(0x7f0000000280)={0x18, 0x71, 0x0, {{}, 0x6c000000}}, 0x18) 16:49:03 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc080aebe, &(0x7f0000000040)={0x1, 0x0, [{0x481}]}) 16:49:03 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc020660b, &(0x7f0000000040)={0x1, 0x0, [{0x488}]}) [ 654.548882][ T7238] minix_free_inode: bit 1 already cleared 16:49:03 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2}}}, 0xf8}, 0x1, 0x34000}, 0x0) [ 654.665986][T19617] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 654.682936][T19617] attempt to access beyond end of device 16:49:03 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2}}}, 0xf8}, 0x1, 0x400300}, 0x0) [ 654.739681][T19617] loop5: rw=2049, want=6434, limit=52 [ 654.807646][T19645] attempt to access beyond end of device [ 654.820178][T19645] loop5: rw=0, want=6434, limit=52 16:49:03 executing program 5: open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) write$P9_ROPEN(r0, &(0x7f0000000280)={0x18, 0x71, 0x0, {{}, 0x74000000}}, 0x18) 16:49:03 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x3, 0x0, [{0x481}]}) 16:49:03 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc028ae92, &(0x7f0000000040)={0x1, 0x0, [{0x488}]}) 16:49:03 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2}}}, 0xf8}, 0x1, 0x1000000}, 0x0) [ 654.883812][ T7238] minix_free_inode: bit 1 already cleared 16:49:03 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x5, 0x0, [{0x481}]}) 16:49:03 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc080aebe, &(0x7f0000000040)={0x1, 0x0, [{0x488}]}) [ 655.044599][T19658] MINIX-fs: mounting unchecked file system, running fsck is recommended 16:49:03 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2}}}, 0xf8}, 0x1, 0x2000000}, 0x0) [ 655.094050][T19658] attempt to access beyond end of device 16:49:03 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2}}}, 0xf8}, 0x1, 0x3000000}, 0x0) [ 655.135420][T19658] loop5: rw=2049, want=6434, limit=52 [ 655.204644][T19689] attempt to access beyond end of device 16:49:03 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x500, 0x0, [{0x481}]}) [ 655.250903][T19689] loop5: rw=0, want=6434, limit=52 16:49:03 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r2 = fcntl$dupfd(r1, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/backup_only\x00', 0x2, 0x0) r4 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ubi_ctrl\x00', 0x0, 0x0) ioctl$ASHMEM_GET_SIZE(r4, 0x40186f40, 0x76006e) ioctl$DRM_IOCTL_ADD_CTX(0xffffffffffffffff, 0xc0086420, &(0x7f0000000080)={0x0}) ioctl$DRM_IOCTL_LOCK(r4, 0x4008642a, &(0x7f00000000c0)={r5, 0xc}) ioctl$DRM_IOCTL_RM_CTX(r3, 0xc0086421, &(0x7f00000000c0)={r5, 0x1}) ioctl$DRM_IOCTL_NEW_CTX(r2, 0x40086425, &(0x7f0000000000)={r5, 0x1}) r6 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0) perf_event_open(&(0x7f0000000200)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r8 = perf_event_open(&(0x7f0000000000)={0x2, 0x70, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r9 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') dup3(r9, r8, 0x0) ioctl$VIDIOC_ENUMOUTPUT(r9, 0xc0485630, &(0x7f0000000100)={0x10000, "63277df51b7f85f006c7630e9f62ec41917515fc48cfb0996b6676eda08ed888", 0x1, 0x81, 0x0, 0x800, 0x2}) ioctl$KVM_SET_CPUID(r7, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r7, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x482}]}) 16:49:03 executing program 5: open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) write$P9_ROPEN(r0, &(0x7f0000000280)={0x18, 0x71, 0x0, {{}, 0x7a000000}}, 0x18) [ 655.297237][ T27] kauditd_printk_skb: 12 callbacks suppressed [ 655.297245][ T27] audit: type=1800 audit(1591289343.912:1414): pid=19689 uid=0 auid=0 ses=4 subj=_ op=collect_data cause=failed comm="syz-executor.5" name="/" dev="loop5" ino=1 res=0 16:49:03 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x3, 0x0, [{0x488}]}) 16:49:04 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2}}}, 0xf8}, 0x1, 0x4000000}, 0x0) [ 655.340862][ T7238] minix_free_inode: bit 1 already cleared 16:49:04 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0xfffffdfd, 0x0, [{0x481}]}) [ 655.454181][ T27] audit: type=1800 audit(1591289344.072:1415): pid=19727 uid=0 auid=0 ses=4 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.5" name="file0" dev="sda1" ino=16067 res=0 [ 655.482965][T19727] MINIX-fs: mounting unchecked file system, running fsck is recommended 16:49:04 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x5, 0x0, [{0x488}]}) [ 655.525113][T19727] attempt to access beyond end of device [ 655.553435][T19727] loop5: rw=2049, want=6434, limit=52 16:49:04 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2}}}, 0xf8}, 0x1, 0x9000000}, 0x0) [ 655.573781][T19740] attempt to access beyond end of device [ 655.586461][T19740] loop5: rw=0, want=6434, limit=52 16:49:04 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x482}]}) ioctl$KVM_SET_FPU(r2, 0x41a0ae8d, &(0x7f0000000180)={[], 0xf8f1, 0x6, 0x30, 0x0, 0x0, 0xd000, 0x5000}) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe6000/0x18000)=nil, &(0x7f0000000100)=[@text16={0x10, &(0x7f0000000000)="66b80500000066b9000000000f01c16764660f1ad3f02095919b0f45c8362666660fc770f2b80b018ee0ea4d0003010f01df66f0802e0900500f01cf", 0x3c}], 0x1, 0x9, &(0x7f0000000140)=[@flags={0x3, 0x400}], 0x1) [ 655.611009][ T27] audit: type=1800 audit(1591289344.232:1416): pid=19740 uid=0 auid=0 ses=4 subj=_ op=collect_data cause=failed comm="syz-executor.5" name="/" dev="loop5" ino=1 res=0 16:49:04 executing program 5: open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) write$P9_ROPEN(r0, &(0x7f0000000280)={0x18, 0x71, 0x0, {{}, 0xf0ffffff}}, 0x18) 16:49:04 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0xffffff1f, 0x0, [{0x481}]}) [ 655.730325][ T7238] minix_free_inode: bit 1 already cleared 16:49:04 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x500, 0x0, [{0x488}]}) 16:49:04 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2}}}, 0xf8}, 0x1, 0xa000000}, 0x0) 16:49:04 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = openat$dlm_monitor(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dlm-monitor\x00', 0x49a102, 0x0) setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r1, 0x6, 0x14, &(0x7f0000000100), 0x4) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r3, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r3, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x482}]}) getsockopt$inet_sctp_SCTP_INITMSG(r1, 0x84, 0x2, &(0x7f0000000140), &(0x7f0000000180)=0x8) [ 655.941938][ T27] audit: type=1800 audit(1591289344.562:1417): pid=19778 uid=0 auid=0 ses=4 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.5" name="file0" dev="sda1" ino=16004 res=0 [ 655.966628][T19778] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 656.006356][T19778] attempt to access beyond end of device [ 656.027442][T19778] loop5: rw=2049, want=6434, limit=52 16:49:04 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2}}}, 0xf8}, 0x1, 0xf000000}, 0x0) 16:49:04 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0xfffffdfd, 0x0, [{0x488}]}) [ 656.086060][T19803] attempt to access beyond end of device 16:49:04 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = perf_event_open(&(0x7f000001d000)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={0x0, 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000200)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r2, 0x0) r3 = perf_event_open(&(0x7f0000000000)={0x2, 0x70, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r2, 0x0) r4 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') dup3(r4, r3, 0x0) ioctl$SOUND_MIXER_READ_STEREODEVS(r4, 0x80044dfb, &(0x7f0000000100)) r5 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r5, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) r6 = perf_event_open(&(0x7f000001d000)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={0x0, 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000200)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r6, 0x0) r7 = perf_event_open(&(0x7f0000000000)={0x2, 0x70, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r6, 0x0) r8 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') dup3(r8, r7, 0x0) setsockopt$ax25_int(r8, 0x101, 0xa, &(0x7f0000000000)=0x41a, 0x4) ioctl$KVM_SET_MSRS(r5, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x482}]}) openat$urandom(0xffffffffffffff9c, &(0x7f0000000180)='/dev/urandom\x00', 0x80, 0x0) 16:49:04 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x481}]}) [ 656.151088][T19803] loop5: rw=0, want=6434, limit=52 16:49:04 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0xffffff1f, 0x0, [{0x488}]}) [ 656.189936][ T27] audit: type=1800 audit(1591289344.812:1418): pid=19803 uid=0 auid=0 ses=4 subj=_ op=collect_data cause=failed comm="syz-executor.5" name="/" dev="loop5" ino=1 res=0 16:49:04 executing program 5: open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) write$P9_ROPEN(r0, &(0x7f0000000280)={0x18, 0x71, 0x0, {{}, 0xf4ffffff}}, 0x18) 16:49:04 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2}}}, 0xf8}, 0x1, 0x3b040000}, 0x0) 16:49:04 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x2, [{0x481}]}) [ 656.279756][ T7238] minix_free_inode: bit 1 already cleared 16:49:05 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x488}]}) [ 656.390980][ T27] audit: type=1800 audit(1591289345.012:1419): pid=19849 uid=0 auid=0 ses=4 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.5" name="file0" dev="sda1" ino=16116 res=0 16:49:05 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2}}}, 0xf8}, 0x1, 0x60000000}, 0x0) [ 656.436881][T19849] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 656.484070][T19849] attempt to access beyond end of device [ 656.493194][T19849] loop5: rw=2049, want=6434, limit=52 16:49:05 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) r3 = perf_event_open(&(0x7f000001d000)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={0x0, 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000200)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r3, 0x0) r4 = perf_event_open(&(0x7f0000000000)={0x2, 0x70, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r3, 0x0) r5 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') dup3(r5, r4, 0x0) ioctl$KVM_INTERRUPT(r2, 0x4004ae86, &(0x7f00000001c0)=0x5) sendmsg$RDMA_NLDEV_CMD_RES_CQ_GET(r5, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x38, 0x140c, 0xa00, 0x70bd2b, 0x25dfdbfd, "", [@RDMA_NLDEV_ATTR_RES_CQN={0x8, 0x3d, 0x3}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x1}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x3}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x1}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x3}]}, 0x38}, 0x1, 0x0, 0x0, 0x84040}, 0x4800) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x482}]}) [ 656.534021][T19864] attempt to access beyond end of device 16:49:05 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x3, [{0x481}]}) 16:49:05 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2}}}, 0xf8}, 0x1, 0x9effffff}, 0x0) [ 656.594007][T19864] loop5: rw=0, want=6434, limit=52 16:49:05 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x2, [{0x488}]}) 16:49:05 executing program 5: open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) write$P9_ROPEN(r0, &(0x7f0000000280)={0x18, 0x71, 0x0, {{}, 0xf5ffffff}}, 0x18) [ 656.622537][ T27] audit: type=1800 audit(1591289345.242:1420): pid=19864 uid=0 auid=0 ses=4 subj=_ op=collect_data cause=failed comm="syz-executor.5" name="/" dev="loop5" ino=1 res=0 [ 656.677238][ T7238] minix_free_inode: bit 1 already cleared 16:49:05 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x3, [{0x488}]}) 16:49:05 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x4, [{0x481}]}) 16:49:05 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2}}}, 0xf8}, 0x1, 0xefffffff}, 0x0) 16:49:05 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="0300007f00060000e3b3dc69cf39000000"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x482}]}) eventfd2(0x800, 0x1) socket$pptp(0x18, 0x1, 0x2) [ 656.851764][ T27] audit: type=1800 audit(1591289345.472:1421): pid=19911 uid=0 auid=0 ses=4 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.5" name="file0" dev="sda1" ino=15768 res=0 [ 656.894053][T19915] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 656.944557][T19911] attempt to access beyond end of device [ 656.970812][T19911] loop5: rw=2049, want=6434, limit=52 16:49:05 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x4, [{0x488}]}) 16:49:05 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x5, [{0x481}]}) [ 657.028275][T19915] attempt to access beyond end of device [ 657.033943][T19915] loop5: rw=0, want=6434, limit=52 [ 657.042188][ T27] audit: type=1800 audit(1591289345.662:1422): pid=19915 uid=0 auid=0 ses=4 subj=_ op=collect_data cause=failed comm="syz-executor.5" name="/" dev="loop5" ino=1 res=0 [ 657.069763][ T7238] minix_free_inode: bit 1 already cleared 16:49:05 executing program 5: open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) write$P9_ROPEN(r0, &(0x7f0000000280)={0x18, 0x71, 0x0, {{}, 0xfbffffff}}, 0x18) 16:49:05 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2}}}, 0xf8}, 0x1, 0xf0ffffff}, 0x0) 16:49:05 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x5, [{0x488}]}) [ 657.204758][ T27] audit: type=1800 audit(1591289345.822:1423): pid=19964 uid=0 auid=0 ses=4 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.5" name="file0" dev="sda1" ino=16136 res=0 [ 657.235467][T19964] MINIX-fs: mounting unchecked file system, running fsck is recommended 16:49:05 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x6, [{0x481}]}) 16:49:05 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2}}}, 0xf8}, 0x1, 0xfc020000}, 0x0) 16:49:05 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_open_dev$video(&(0x7f0000000100)='/dev/video#\x00', 0x0, 0x181801) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) sendmsg$IPSET_CMD_GET_BYNAME(r0, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x78, 0xe, 0x6, 0x801, 0x0, 0x0, {0xa}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x78}, 0x1, 0x0, 0x0, 0x800}, 0x4c005) r3 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dlm_plock\x00', 0x80080, 0x0) ioctl$TCSETSF(r3, 0x5404, &(0x7f0000000140)={0x8000, 0x40, 0x81, 0x7, 0xe, "d086b7c969b0415825ec0aab3b8ab0daf97338"}) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x482}]}) [ 657.294701][T19964] attempt to access beyond end of device [ 657.347145][T19964] loop5: rw=2049, want=6434, limit=52 [ 657.378628][T19964] buffer_io_error: 12 callbacks suppressed [ 657.378637][T19964] Buffer I/O error on dev loop5, logical block 3216, lost async page write 16:49:06 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2}}}, 0xf8}, 0x1, 0xffff0000}, 0x0) 16:49:06 executing program 5: open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) write$P9_ROPEN(r0, &(0x7f0000000280)={0x18, 0x71, 0x0, {{}, 0xff0f0000}}, 0x18) [ 657.398948][T19989] attempt to access beyond end of device [ 657.405561][T19989] loop5: rw=0, want=6434, limit=52 [ 657.412356][T19989] Buffer I/O error on dev loop5, logical block 3216, async page read 16:49:06 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2}}}, 0xf8}, 0x1, 0xffffff7f}, 0x0) [ 657.459771][ T7238] minix_free_inode: bit 1 already cleared 16:49:06 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x7, [{0x481}]}) 16:49:06 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x6, [{0x488}]}) [ 657.600959][T20009] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 657.659578][T20009] attempt to access beyond end of device 16:49:06 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r4 = fcntl$dupfd(r3, 0x0, r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$sock_x25_SIOCDELRT(r4, 0x890c, &(0x7f0000000100)={@null=' \x00', 0x4, 'batadv_slave_0\x00'}) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x482}]}) r5 = perf_event_open(&(0x7f000001d000)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={0x0, 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000200)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r5, 0x0) r6 = perf_event_open(&(0x7f0000000000)={0x2, 0x70, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r5, 0x0) r7 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') dup3(r7, r6, 0x0) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_CLIENT(r7, 0x404c534a, &(0x7f0000000200)={0x0, 0x9, 0x80000000}) 16:49:06 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2}}}, 0xf8}, 0x1, 0xffffff9e}, 0x0) 16:49:06 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x8, [{0x481}]}) [ 657.759070][T20009] loop5: rw=2049, want=6434, limit=52 [ 657.797027][T20009] Buffer I/O error on dev loop5, logical block 3216, lost async page write 16:49:06 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x7, [{0x488}]}) 16:49:06 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2}}}, 0xf8}, 0x1, 0xffffffef}, 0x0) [ 657.852882][T20043] attempt to access beyond end of device [ 657.880751][T20043] loop5: rw=0, want=6434, limit=52 [ 657.909989][T20043] Buffer I/O error on dev loop5, logical block 3216, async page read 16:49:06 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x9, [{0x481}]}) 16:49:06 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2}}}, 0xf8}, 0x1, 0xfffffff0}, 0x0) [ 658.058868][ T7238] minix_free_inode: bit 1 already cleared 16:49:06 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x8, [{0x488}]}) 16:49:06 executing program 5: open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) write$P9_ROPEN(r0, &(0x7f0000000280)={0x18, 0x71, 0x0, {{}, 0xfffbffff}}, 0x18) 16:49:06 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2}}}, 0xf8}, 0x1, 0x53afc7181f}, 0x0) 16:49:06 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)=ANY=[@ANYBLOB="010000000000000082041000"/24]) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000000)='/dev/full\x00', 0x400000, 0x0) r4 = shmget(0x2, 0x4000, 0x1, &(0x7f0000ffc000/0x4000)=nil) shmctl$SHM_LOCK(r4, 0xb) r5 = perf_event_open(&(0x7f000001d000)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={0x0, 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000200)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r5, 0x0) r6 = perf_event_open(&(0x7f0000000000)={0x2, 0x70, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r5, 0x0) r7 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') r8 = socket$inet6_sctp(0xa, 0x801, 0x84) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r8, 0x84, 0x64, &(0x7f0000cf6fe4)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c) sendmsg$TIPC_NL_LINK_GET(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)={0x14, 0x0, 0x1, 0x0, 0x0, {0x18}}, 0x33fe0}, 0x1, 0x4800}, 0x0) sendmsg$TIPC_NL_BEARER_GET(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000340)={&(0x7f00000002c0)={0x64, 0x0, 0x1, 0x70bd2c, 0x25dfdbfd, {}, [@TIPC_NLA_BEARER={0x50, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x80000000}, @TIPC_NLA_BEARER_PROP={0x34, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1f}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1d}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x3}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x81}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x34d5}]}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @l2={'eth', 0x3a, 'hsr0\x00'}}]}]}, 0x64}, 0x1, 0x0, 0x0, 0x44084}, 0x80) connect$inet6(r8, &(0x7f0000000080)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) getpeername(r8, 0x0, &(0x7f0000000000)) dup3(r7, r6, 0x0) syz_kvm_setup_cpu$x86(r3, r7, &(0x7f0000fe6000/0x18000)=nil, &(0x7f0000000180)=[@text64={0x40, &(0x7f0000000100)="66b822000f00d066baa10066b8f6ff66efb9800000c00f3235004000000f30c4617b100ec4e2f941aa0000000048b800506442efec620d0f23c80f21f8350000c0000f23f866b85c000f00d8c744240010010000c74424025cb20000ff1c24450f23d80f35", 0x65}], 0x1, 0x10, &(0x7f00000001c0)=[@vmwrite={0x8, 0x0, 0x1f, 0x0, 0x2, 0x0, 0x0, 0x0, 0x6}, @cr0={0x0, 0x20000003}], 0x2) [ 658.209020][T20090] MINIX-fs: mounting unchecked file system, running fsck is recommended 16:49:06 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0xa, [{0x481}]}) [ 658.279195][T20090] attempt to access beyond end of device [ 658.314133][T20090] loop5: rw=2049, want=6434, limit=52 16:49:07 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2}}}, 0xf8}, 0x1, 0x40030000000000}, 0x0) 16:49:07 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x9, [{0x488}]}) [ 658.353655][T20090] Buffer I/O error on dev loop5, logical block 3216, lost async page write [ 658.446345][T20124] attempt to access beyond end of device 16:49:07 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2}}}, 0xf8}, 0x1, 0x100000000000000}, 0x0) 16:49:07 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0xb, [{0x481}]}) [ 658.489319][T20124] loop5: rw=0, want=6434, limit=52 [ 658.533126][T20124] Buffer I/O error on dev loop5, logical block 3216, async page read 16:49:07 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0xa, [{0x488}]}) 16:49:07 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2}}}, 0xf8}, 0x1, 0x200000000000000}, 0x0) 16:49:07 executing program 5: open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) write$P9_ROPEN(r0, &(0x7f0000000280)={0x18, 0x71, 0x0, {{}, 0xfffffbff}}, 0x18) [ 658.674129][ T7238] minix_free_inode: bit 1 already cleared 16:49:07 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) openat$vcs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vcs\x00', 0x10000, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r4 = fcntl$dupfd(r3, 0x0, r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r6 = fcntl$dupfd(r5, 0x0, r5) ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000100)=ANY=[@ANYRES32=r0]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x482}]}) 16:49:07 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0xc, [{0x481}]}) 16:49:07 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0xb, [{0x488}]}) 16:49:07 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2}}}, 0xf8}, 0x1, 0x300000000000000}, 0x0) [ 658.853651][T20172] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 658.893546][T20172] attempt to access beyond end of device [ 658.931596][T20172] loop5: rw=2049, want=6434, limit=52 16:49:07 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0xc, [{0x488}]}) 16:49:07 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2}}}, 0xf8}, 0x1, 0x400000000000000}, 0x0) [ 659.013090][T20172] Buffer I/O error on dev loop5, logical block 3216, lost async page write 16:49:07 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0xd, [{0x481}]}) 16:49:07 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r4 = fcntl$dupfd(r3, 0x0, r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) r5 = perf_event_open(&(0x7f000001d000)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={0x0, 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000200)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r5, 0x0) r6 = perf_event_open(&(0x7f0000000000)={0x2, 0x70, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r5, 0x0) r7 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') dup3(r7, r6, 0x0) ioctl$PIO_SCRNMAP(r7, 0x4b41, &(0x7f0000000240)="3c6a61f18332b2d3c7930b473aa4c75d2f9f3ba22f9af3b66fbce30bc0f3d04523e87c5c707603ffc3c8de293c9b0d33274b6c7a6d19253a7fd2a192a9aba1d08adb4ce13c021030f950d7350da69bc0ed5f4c39e12b213e637bb125300820b8c4f4f133afcb06204120a74c4f87ebd9c3aa47d4e2241ae8a5837e438c2913111a9e08c0d1ce6a48e8b08160d194d01a3e0a226ba215383fc19224736337366fce5ef7fae65609c765b8b0a197a62268f1bdad31174a265c73aa2aaa8e2121ffab48f7f4a522b89cd872d78a3157040480321ddb6c11c793847a60a8440504128a2eed89b10461cb4b4bce6cf38790e2e01bf688399139d762bcd7e75cfc209eafb08dc86d08d8709028dbe81902212365f60b24b4d5c205c5a80c3a0e042db0c12afb7ef8367cd998a2b40a7fd41c74243642c6fad02cda55143acdb9a43329da41f59e70e1510986742d53b25a655bb4f05ac5af618ca251fd48a29bd7fd36ded9159a7be430e617e5fc6a1357c16787cdf19b26507cc58c0439c599d3de0a20ae354132ab084842c8a0e3e17f8729e0859b64040b3ed4af804e0b0cde257573e4be3212d8c44d302f770d7d0f5d9d36c97b78dfd9f0a33e11e9962671572a04ceec666103da865a3c9d13afec25e63b67d22d0b0dacdbb65406c1573ae50f1043690c0170933730b6f3a5bf6876bc974ead640674cd876900c57f6fd807e90775be431cec203d2dc12a7a05d5e1d143ed25b0bfa20d5d1b68541a7d9e8c8f17c83b799efe73e777c0bc1b647349db44ab2bec792d5cc71bc7e9d3e63dbf87121372a77d6b116904a4e0d9f8fd56295ecccf22b0e071ecfb1625cbca84b4a2c515e1ddf7623454355d44834762342cd61a7b44356e9ba0a2faf0bd5de49ce44f032a611229503f8e6b2e7560a70605558c28a35b58e5881ae45b4a8e834f12052d66d867153c372486b65bb2a79f13d5bf1d9f5e341628c8e254a8159ec8219128fc2a44e6f932c3e65d381e114b1ad54ca3ce8a7cec800ad87f2a3cc3fe40854328a4fc7655958c37b5d8552854231a33af0b213aaf54ca552956dcf5d8441b8f4994bb103b334019a15d269241f8a6b4a7d68e434894e7576bb99b27d58c193ae1cbd3773ee5cff2f2867182a30cc135a3a88b6591f761d86901206885d30a3135ddf0dbf9a712ea33dd5b76209fa2099bab38b6437426dc8c3cd5189c06d9ec943d2b89510214d6ff3ecdeca81a99d03996b2ba67fafd429853877413f657d298747bb1483342560570927958c11b92ca24313f03a554c939e71a94d0e1464b2a9984ac616bfc48370da4f4de04025ff21539f3b78d346d295233b0dd7eecea5998848e1a2d0dc44c68ffd7054fef83c4227bc0ac8637fdabf70cfc1c6bc90a8dd57993c42e49abbc61a9c4eddec520a82caf3a4a0416da43c1b67a9ec707d866c1e4e687e0844162a7663a930f0e9608296dacb47a4529b0c8ce7ebd46c7931b08d969c9a3d0846b1aa6c10e10f4ec68edd87f53f43ad5b44ac05791b3502b41a5181e9dc1ae557d296997241d22b7963c51be6262a7d86aa3b662602815614cb89758f3703551569111b7eadff3ff9d54df38e66c6a69f07ddc597bbfe2d54ad89426a1dfbbb95dfcc6d05057a283be12a2d77963fa2c2aebae51016bd48e39479043a9084934a231e570bd2fae156edb79f6985c82221302925996a419e43cea786e48edeb79f070b468ddb498682f8e071f2fbd28fd82aa4c9bbc555319e4d74ccb003af165730b9e120172f8f2aee92d5e1bdf12a4f54be4f9d7f20b2bf81041ec716f8bcc36f668558e73872577c4f6fb0e4fc3d8e978452e5c25370ac14c0f67de7761a362ceda1a9993936a62a585c5e9d47b50afa8dea40193541c9064642d14df2cefad0972157aace6ff3762e0c8736716d8ac591e42dc40ad6b4c514c8df2a37c49359136f75b07ddbc37dbfbe0eddbc8a00af2b9e6430419d5ca70cc1e1eb55f5def62ff7f663df4867ed63d251e03b725bb7e644ca45a89d761afed9b7e8b4e2e098562cef1a374703971fed3b7cfe4d570784a8176961b42539964caf8ad338260e1ee3a732f75537aefa4e069452f83cc77e5c75e348631ddaa40505371142e6e1423a55dd7e71e3d1616507155032a4d8d9f6ff348be238b33968fca18284ab19a3fc3fdd952fe413204f97aa6ddb51e69a646d37a5ee1bdfb5310291c140f40e84f4a7e4ba8fb2d3d0cbbed16750c9a6ecaf685629d2140db394af4337f38b1586dcb83c7b3fd49409faf322aba70b1648411dd82844dc11b4967a9f7a8797f1294b251ead7b594b9fe010837cc2c11040ff43e229af8c51144c583bd5f34bbb1b3c7f738f082c3a2ef2013588b13a7b0b99133b668362c97f4dbe7cc58344e2415896ac6122013b26d50fe2663b8d2bfe7c2f60605c128d1caf244ec203b67822f34606a95b89732d14b36621623ff3d3b6afa5504bf2b0e1646bf24fe8d7f9348351f01b844437f82b9b34e9e3e191c66241031652165cd5abf58ba89a55c32fe5d9ea15e2dff05292eec4c3a3b4d44f3d66717be8ee9baa14ce6651fcd25d3d183fa6ce38d6fc51b82ce511a96b98d840ba0d1648dd27a090df6de7be8183980cc697e544b0a6e3a552a07d77483955244be8ff2ac0d8b2c101fbef7f0661aba128464a7fb11b71658b66cd092f1c541f0d788f59901a420dd7969da2efbeb1ea987d18dfc9e4ad72d99fe0d0fdc9956b45a4b5481e628d004004048391c1ac5333d1ab69f990c5f6842fea5048e6c67f1c917325e7260405ff37a6f994909b742cad3c33c9c24b1b7cd0d8c2b2d206972397a405f296451f00096bf0685febca1a7efdc82956933344a7749ba0be4dfed90a9d819f3311a0144027da7c47cea58c885a29f9364a1118f3d90fa1ea6b475f3b9e4b1c664cf21dc1fce9b1d3c7e6705dd6a387e8d9a0a9116e8ec450a9b30b8809dc038b0156ff3e27f88aadd33e1e388efa2a4e9ca7a62f909c876b8a8741427a1e07fa0fd046e5251890fc359501e108d34df1284a6b7fc73165a0c608d8de34564f764c84074ca7c117b4010bf3b808423d60e600ef3ee75759dc6e2a40b25f3cdd8d795cb601837bf674964d97b0e499ec186d7022fbab0f99da12ba3b6c16777bbe273095feb772517221eb8dba1ccc71870614897c0a7819d59fef66564cb884ee0e934752d4147dde0e760ab29fc0402198465488ca967b63f8ff0580f2508198a441b01a2ac97df216d49b4a2c9eccc61821827a8ba4f66ac3fe05fce46ca705e56e6feb079f77d4ddb15df89727ce498af0684f243cdd858a679bc0a9d964695d45a2e90a3677f8e40ba3170c5e140ba69c9bd922199a41102431349a95570fea92334ec9f66fb751546167354a0e5a8cfea51a98d9fcd0299c167dc9f76ee805e6a0cd7c999ea2b8f5bfa7170b52a13e696918e61369eff4bb091a00d569ddf1c56ec6ed78eae1d924b226071fd3b132dbfd3388dba55ba8e23686eba5629ee97f6c127ab171357b3b0075dbd782fd23b2a762f7d68ea5813f641d13ace6c394ddab271efa36dbb0285c7f26169d3250e8333833c1ee1339541ac00abe32cd21d84a590c5c6827c72cc0a0fafbe1479f28719a7a73a0446123761e6013b4c0dc17693974103591eef09b4220be2ee211523f38adba617e6c0149020e99be03588af9c44f9c9cc95fa4d68998d33007ac91ed1774aaf4c5f7bd0640a8ab8125abcaecb3a39e5158e69cbc8b5e83cba120f3861c5e7be0dafea0900fb241b04b4caab092045abdb4c699f9ed2141e04898af080f4c30fa4855c47dc9732a9663f82da7911160c13d1e12f388142b14068597e50f6364d465692a773c440f09d39179b1124c19c7eae0aac33f6a29968ad954ef2353e062374e541934dc2b5dcf812aff4f240f8a9fa184e76c5f410ddcc4740c928e78c6950600eabbbc03a4168f16f9b6a42a467460c114ff59e6c6904d54d3f56896367ad1f288e72866ba18883527290ccbf5d23feeed82eae19acae5658363b19df5c5714546e7fab59c3d8568b5135d2b887ff476b3e8d24ebb4649ad13c46abaf085b86525d8ea1a7bd4495cbc17d0f29d0b9a930732df6561a9573e357858aa091546fc8990f80599a10f80de8dabc640be8c5ca92737708b3b3bb4e9e4ded1d0382c526a93b695bb3d9e3b880245c439ee4408db8a1787264cf08406c9aabbb1d1615f578e2d7b2afe98b8e6bf05c32c25b9ca81ac86426996d2369459fc48f9f176f7289d36d9119c718a125bccf2831b3cfdfb20403ecc8c38fa43e5628dff8f5aaaaef831c91eff92334aea0b695aafb9b826f1cb8fc4d6e28c4a72825985ef66975800a4cc75b01fa9674eb6d9dbb1b5e27864bebb63ddcb2f981eff9b61870193fbf12fc1a53f98908ca26de869b5fdcdc47cfe97e7ed15b890f8d53b3ec1c40f36be97151bdd2e94061010c2d2b7b2891610d4db621b0cbaf7269b81370e3f00a1674694364db0b077b9989e3be805e23eba4f26f7bb034ec98c480d44bccfd55ea7c0e583d3c6358929716bab3fdd02ec0376f69d57df8b430cbd3a8a21ab5a497425a8bcd207ed37ba580c14a86e1deab601e91c4bf22ed5353ae6ae1ad659da33fe369db63182d898a4a9fdb09b60e449df1721aa4b79996e8cc73ae8dfbac77e4ad692b4a9d08b655623cb1da24e32c31355cfa4978742be5eefdeb3ca30f46b00d5635640a39e969c5a34769a39d6b23a4b575f04fedccb2f19111a05cf1754800c7ae508ba7ecc2e8a3b030bf8f05b422d9e69a395230b1b248d6fb6d889707092ae77041f7f35231bbf9f82e90e80a56db55921f2996eb6573db4aa3b603e879ee3ea4023e403e2815366ed1c839c48e15f2ba3442439478e53ad2d5cca396fdb547d13c85216b7d08d392373be20f67c3bcd80d9f9e3e471e153a502ebc61de2dae6b48b93240f5a4624b4a28d28e9975204004d65805461116b94f7bee2cbab9a2bdcd0ac710b7ba52a677f7101b47971d96b2b77a77a84e22a02f604aadf9a54bfd5c38bdf32b6a58ef1bb34ef0571139338a09a361107f53c7d09cc504e4e54585d8e3648817b05988e4bdd8abd6a7c359ce4fd9adf864bab6db2c70d8b4be7c8e9274aa9bdb2344e1800ff67834c88b3df5cafd15a2e1995bdbae13214612d209cfe8f2e7475c44727ddca54f0356981034e82018ea90b1636dae9b35d2b1dc502994140488208e39712a01ee9eb6cbf19e842d39f5408650ae91db36dee10e7bc3ff68221b134417af1c9b8c157c87a35a4b12751e69241485a32553602596a6186fa1aa6b72993ecbb23b0918ffdd791abb22ea5365875356609c3cd2fd502b487f6fe1e9059274dd3a1fe09b356ad7a966cf48e5028650fc62731f7385d481ef454f90315c4cf2cef097b917ce2243b28d03919cce840d93b3f5a87b2432b80705af23235a0634a67bfde496a8a567732b3713f2f95ebe2588fdbb15b10adc8657d9244dd36d71c520ca624acf623327295d760f8ab13f8df8f4a4e260132845ab1f5f5254bbbd3e08e0497e405c4b7dfbcee0e43299e782c48cb2a639bba24a1e52e5bc31f95400d9d240ea47a22b3df647069599c1eb2be67201b64d0757988a4716dda57146e0b446fe0fc57c48cdf3b11a6af20eb2a04624a5b6fdedc89a4e9d4430186153a56ead7b2eb6b8b6cfaf5a061d47bd3df4cf9bb4f856a4e0b75afa4b008ad3591b8f252a51c4b8856d8b14e8c724d8674081d11d") ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000200)={0x10002, 0x1, 0x5, 0x2000, &(0x7f0000ffd000/0x2000)=nil}) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x482}]}) mount$9p_tcp(&(0x7f0000000000)='127.0.0.1\x00', &(0x7f0000000100)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x3864092, &(0x7f0000000180)={'trans=tcp,', {'port', 0x3d, 0x4e22}, 0x2c, {[{@cache_fscache='cache=fscache'}, {@nodevmap='nodevmap'}, {@access_uid={'access', 0x3d, 0xee00}}], [{@mask={'mask', 0x3d, '^MAY_READ'}}]}}) [ 659.088641][T20206] attempt to access beyond end of device [ 659.120794][T20206] loop5: rw=0, want=6434, limit=52 [ 659.149969][T20206] Buffer I/O error on dev loop5, logical block 3216, async page read 16:49:07 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0xd, [{0x488}]}) 16:49:07 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2}}}, 0xf8}, 0x1, 0x900000000000000}, 0x0) 16:49:07 executing program 5: open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) write$P9_ROPEN(r0, &(0x7f0000000280)={0x18, 0x71, 0x0, {{}, 0xffffff7f}}, 0x18) 16:49:07 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0xe, [{0x481}]}) [ 659.294243][ T7238] minix_free_inode: bit 1 already cleared 16:49:08 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2}}}, 0xf8}, 0x1, 0xa00000000000000}, 0x0) 16:49:08 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0xe, [{0x488}]}) 16:49:08 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x482}]}) [ 659.483493][T20260] MINIX-fs: mounting unchecked file system, running fsck is recommended 16:49:08 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2}}}, 0xf8}, 0x1, 0xf00000000000000}, 0x0) [ 659.529658][T20260] attempt to access beyond end of device [ 659.535489][T20260] loop5: rw=2049, want=6434, limit=52 16:49:08 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x10, [{0x481}]}) [ 659.633747][T20260] Buffer I/O error on dev loop5, logical block 3216, lost async page write [ 659.685366][T20288] attempt to access beyond end of device [ 659.719232][T20288] loop5: rw=0, want=6434, limit=52 16:49:08 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x10, [{0x488}]}) 16:49:08 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2}}}, 0xf8}, 0x1, 0x1f18c7af53000000}, 0x0) [ 659.734446][T20288] Buffer I/O error on dev loop5, logical block 3216, async page read 16:49:08 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x11, [{0x481}]}) 16:49:08 executing program 5: open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) write$P9_ROPEN(r0, &(0x7f0000000280)={0x18, 0x71, 0x0, {{}, 0xfffffff0}}, 0x18) [ 659.863686][ T7238] minix_free_inode: bit 1 already cleared 16:49:08 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2}}}, 0xf8}, 0x1, 0x3b04000000000000}, 0x0) 16:49:08 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x11, [{0x488}]}) 16:49:08 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x12, [{0x481}]}) 16:49:08 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2}}}, 0xf8}, 0x1, 0x6000000000000000}, 0x0) 16:49:08 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x25, [{0x481}]}) [ 660.045120][T20323] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 660.079730][T20323] attempt to access beyond end of device [ 660.110312][T20323] loop5: rw=2049, want=6434, limit=52 [ 660.190281][T20347] attempt to access beyond end of device [ 660.229433][T20347] loop5: rw=0, want=6434, limit=52 16:49:08 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x5c, [{0x481}]}) 16:49:08 executing program 5: open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) write$P9_ROPEN(r0, &(0x7f0000000280)={0x18, 0x71, 0x0, {{}, 0xfffffff4}}, 0x18) 16:49:08 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2}}}, 0xf8}, 0x1, 0x8000000000000000}, 0x0) [ 660.296052][ T7238] minix_free_inode: bit 1 already cleared 16:49:08 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x12, [{0x488}]}) 16:49:09 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x300, [{0x481}]}) [ 660.430096][ T27] kauditd_printk_skb: 11 callbacks suppressed [ 660.430104][ T27] audit: type=1800 audit(1591289349.052:1435): pid=20379 uid=0 auid=0 ses=4 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.5" name="file0" dev="sda1" ino=15797 res=0 16:49:09 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2}}}, 0xf8}, 0x1, 0x9effffff00000000}, 0x0) 16:49:09 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dlm-control\x00', 0x30000, 0x0) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f00000005c0)='nl80211\x00') sendmsg$NL80211_CMD_SET_WIPHY(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000000)={0x1c, r4, 0x1, 0x0, 0x0, {}, [@NL80211_ATTR_WIPHY_RETRY_SHORT={0x5}]}, 0x1c}}, 0x0) sendmsg$NL80211_CMD_GET_MESH_CONFIG(r3, &(0x7f00000001c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x1c, r4, 0x100, 0x70bd26, 0x25dfdbff, {}, [@NL80211_ATTR_WIPHY={0x8, 0x1, 0xffffffffffffffff}]}, 0x1c}, 0x1, 0x0, 0x0, 0x40001}, 0x80) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x482}]}) [ 660.474485][T20379] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 660.560644][T20379] attempt to access beyond end of device 16:49:09 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x25, [{0x488}]}) 16:49:09 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x500, [{0x481}]}) [ 660.635835][T20379] loop5: rw=2049, want=6434, limit=52 [ 660.699321][T20393] attempt to access beyond end of device [ 660.706171][T20393] loop5: rw=0, want=6434, limit=52 16:49:09 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2}}}, 0xf8}, 0x1, 0xefffffff00000000}, 0x0) [ 660.746668][ T27] audit: type=1800 audit(1591289349.362:1436): pid=20393 uid=0 auid=0 ses=4 subj=_ op=collect_data cause=failed comm="syz-executor.5" name="/" dev="loop5" ino=1 res=0 16:49:09 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x880, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_open_dev$vcsa(&(0x7f0000000080)='/dev/vcsa#\x00', 0x1ff, 0x0) r1 = perf_event_open(&(0x7f000001d000)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={0x0, 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000200)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r1, 0x0) r2 = perf_event_open(&(0x7f0000000000)={0x2, 0x70, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r1, 0x0) r3 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') dup3(r3, r2, 0x0) ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r5 = fcntl$dupfd(r4, 0x0, r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0) r7 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/pfkey\x00', 0x4000, 0x0) ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(r7, 0x40405515, &(0x7f0000000100)={0x2, 0x6, 0x1f, 0x70fa}) ioctl$KVM_SET_CPUID(r6, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r6, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x482}]}) 16:49:09 executing program 5: open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) write$P9_ROPEN(r0, &(0x7f0000000280)={0x18, 0x71, 0x0, {{}, 0xfffffff5}}, 0x18) 16:49:09 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x5c, [{0x488}]}) [ 660.826620][ T7238] minix_free_inode: bit 1 already cleared 16:49:09 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x600, [{0x481}]}) 16:49:09 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2}}}, 0xf8}, 0x1, 0xf0ffffff00000000}, 0x0) [ 660.989595][ T27] audit: type=1800 audit(1591289349.612:1437): pid=20445 uid=0 auid=0 ses=4 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.5" name="file0" dev="sda1" ino=15988 res=0 [ 661.049455][T20452] MINIX-fs: mounting unchecked file system, running fsck is recommended 16:49:09 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x300, [{0x488}]}) 16:49:09 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000100)=ANY=[@ANYBLOB="010000000000000082040000000002000000000000000000750df45ab63c9eb9b4b3cd28a456c4c539a98a1be2bc47df9223ad01c88e755ab773fab3678349b54e9c3ad58ec2422e799c0f2ad91400fed0a6d15403e7da92de75e3af3897ac00"/110]) 16:49:09 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2}}}, 0xf8}, 0x1, 0xfc02000000000000}, 0x0) 16:49:09 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x500, [{0x488}]}) 16:49:09 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x700, [{0x481}]}) 16:49:09 executing program 5: open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) write$P9_ROPEN(r0, &(0x7f0000000280)={0x18, 0x71, 0x0, {{}, 0xfffffffb}}, 0x18) 16:49:10 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x181001, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) getpeername(0xffffffffffffffff, &(0x7f0000000100)=@l2, &(0x7f0000000040)=0x80) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000000)=ANY=[@ANYRES16=r2]) [ 661.320645][ T7238] minix_free_inode: bit 1 already cleared 16:49:10 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2}}}, 0xf8}, 0x1, 0xffff000000000000}, 0x0) 16:49:10 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x600, [{0x488}]}) [ 661.462583][ T27] audit: type=1800 audit(1591289350.082:1438): pid=20512 uid=0 auid=0 ses=4 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.5" name="file0" dev="sda1" ino=16383 res=0 16:49:10 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2}}}, 0xf8}, 0x1, 0xffffff7f00000000}, 0x0) [ 661.502980][T20512] MINIX-fs: mounting unchecked file system, running fsck is recommended 16:49:10 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x900, [{0x481}]}) [ 661.571222][T20512] attempt to access beyond end of device [ 661.603834][T20512] loop5: rw=2049, want=6434, limit=52 [ 661.615879][T20532] attempt to access beyond end of device [ 661.624117][T20532] loop5: rw=0, want=6434, limit=52 [ 661.629991][ T27] audit: type=1800 audit(1591289350.252:1439): pid=20532 uid=0 auid=0 ses=4 subj=_ op=collect_data cause=failed comm="syz-executor.5" name="/" dev="loop5" ino=1 res=0 16:49:10 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2}}}, 0xf8}, 0x1, 0xffffffff00000000}, 0x0) 16:49:10 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x700, [{0x488}]}) 16:49:10 executing program 5: open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) write$P9_ROPEN(r0, &(0x7f0000000280)={0x18, 0x71, 0x0, {{}, 0xffffffff}}, 0x18) 16:49:10 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0xa00, [{0x481}]}) 16:49:10 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="030000edffff070000002bfffe00000020000600007f00060000e3b3dccade8569cfce0819ee00000100000000"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f00000012c0)=ANY=[@ANYBLOB="010000000000000082040000000000000000000000000000d36a4e9a805289f5abed1937ddba6fab293b0d51725f7d489cd549692ff172eb70a6ba6552a3d14624bc010076c24e68fde9da1a32e88fead75d3abf78ce9800c58c674624267ae41a4e8ae088856e22b091ee5c305c5a38a401d6a3d8e8a80e4878a1bcd4b83e2871d8e2c1505f9b1f2bf53125fee254576a0a9009002703709c3d0367635a533eb284064ce27530c743365d1a80ec349ae5c39d27975bad3f7a51c4"]) r3 = add_key$user(&(0x7f0000000200)='user\x00', &(0x7f0000001200)={'syz', 0x1}, &(0x7f0000001240)="f2514ec6ac7c76f1c0114677461ceafebab1616e9111f0ba68b6ac19380695e2ae2081dbd1b7834bc32ee42cce406751b8b940574dbc93e4a1cb4500"/72, 0x48, 0xfffffffffffffffd) r4 = add_key(&(0x7f0000000200)='user\x00', &(0x7f0000000240)={'syz', 0x0}, &(0x7f00000002c0)='4', 0xba, 0xfffffffffffffffe) keyctl$dh_compute(0x17, &(0x7f0000000100)={r4, r3, r4}, 0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)={'vmac64(aes)\x00'}}) r5 = syz_open_dev$vcsu(&(0x7f0000001380)='/dev/vcsu#\x00', 0x2, 0x40001) ioctl$DRM_IOCTL_IRQ_BUSID(r5, 0xc0106403, &(0x7f00000013c0)={0x5, 0x0, 0x0, 0x1}) keyctl$KEYCTL_PKEY_SIGN(0x1b, &(0x7f0000000000)={r4, 0x76, 0x1000}, &(0x7f0000000100)={'enc=', 'raw', ' hash=', {'cbcmac-aes-neon\x00'}}, &(0x7f0000000180)="ca1fda7f29e36c1e169f56b4bc181aafa10e3b894cb2c59b586ba89bdb000c248d1fd582a4f3214b3f6f3ef95891d77a133a42a22b3d2d8cfa3f3713ed36f552dae80f1dd996b85c7607abfab1944f122af9106d8b4a7d32212fec46d8736df1dd16745393aa7d8c4a5ee253bb6cc9df055be068a0e4", &(0x7f0000000200)=""/4096) 16:49:10 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2}}}, 0xf8}, 0x1, 0x0, 0x2}, 0x0) [ 661.759198][ T7238] minix_free_inode: bit 1 already cleared 16:49:10 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x900, [{0x488}]}) [ 661.915593][ T27] audit: type=1800 audit(1591289350.532:1440): pid=20574 uid=0 auid=0 ses=4 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.5" name="file0" dev="sda1" ino=16384 res=0 [ 661.947303][T20574] MINIX-fs: mounting unchecked file system, running fsck is recommended 16:49:10 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2}}}, 0xf8}, 0x1, 0x0, 0x3}, 0x0) [ 661.992042][T20574] attempt to access beyond end of device [ 662.017128][T20574] loop5: rw=2049, want=6434, limit=52 16:49:10 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0xb00, [{0x481}]}) 16:49:10 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = perf_event_open(&(0x7f000001d000)={0x1, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={0x0}, 0x80}, 0x0, 0x0, 0xffffffffffffffff, 0x3) perf_event_open(&(0x7f0000000200)={0x1, 0x70, 0x4, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xc, r2, 0x0) r3 = perf_event_open(&(0x7f0000000000)={0x2, 0x70, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r2, 0x0) r4 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') dup3(r4, r3, 0x0) r5 = fcntl$dupfd(0xffffffffffffffff, 0x406, r3) ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) r6 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r8 = fcntl$dupfd(r7, 0x0, r7) ioctl$PERF_EVENT_IOC_ENABLE(r8, 0x8912, 0x400200) ioctl$VIDIOC_SUBDEV_ENUM_DV_TIMINGS(r8, 0xc0945662, &(0x7f0000000280)={0x10000, 0x0, [], {0x0, @bt={0x40, 0x1f, 0x1, 0x2, 0x20, 0x0, 0x7fffffff, 0x7, 0x5, 0x6, 0x3f, 0x80, 0x52, 0x0, 0x5, 0x5, {0xfc9, 0x237}, 0x7, 0x83}}}) ioctl$KVM_SET_CPUID(r6, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060800e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r6, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x482}]}) [ 662.077154][T20595] attempt to access beyond end of device [ 662.122166][T20595] loop5: rw=0, want=6434, limit=52 16:49:10 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0xa00, [{0x488}]}) 16:49:10 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2}}}, 0xf8}, 0x1, 0x0, 0x4}, 0x0) [ 662.151390][ T27] audit: type=1800 audit(1591289350.772:1441): pid=20595 uid=0 auid=0 ses=4 subj=_ op=collect_data cause=failed comm="syz-executor.5" name="/" dev="loop5" ino=1 res=0 16:49:10 executing program 5: open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) write$P9_ROPEN(r0, &(0x7f0000000280)={0x18}, 0x29) [ 662.249319][ T7238] minix_free_inode: bit 1 already cleared 16:49:10 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2}}}, 0xf8}, 0x1, 0x0, 0x9}, 0x0) 16:49:10 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0xc00, [{0x481}]}) [ 662.339508][ T27] audit: type=1800 audit(1591289350.962:1442): pid=20634 uid=0 auid=0 ses=4 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.5" name="file0" dev="sda1" ino=15812 res=0 16:49:11 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2}}}, 0xf8}, 0x1, 0x0, 0xa}, 0x0) [ 662.393799][T20634] MINIX-fs: mounting unchecked file system, running fsck is recommended 16:49:11 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="030000000000000600007f00060000ebb3dc69010000000000000000000000ef00"/45]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x482}]}) [ 662.448285][T20634] attempt to access beyond end of device [ 662.479469][T20634] loop5: rw=2049, want=6434, limit=52 [ 662.485015][T20634] buffer_io_error: 8 callbacks suppressed 16:49:11 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0xb00, [{0x488}]}) [ 662.485022][T20634] Buffer I/O error on dev loop5, logical block 3216, lost async page write [ 662.507513][T20657] attempt to access beyond end of device [ 662.520833][T20657] loop5: rw=0, want=6434, limit=52 [ 662.531704][T20657] Buffer I/O error on dev loop5, logical block 3216, async page read 16:49:11 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0xd00, [{0x481}]}) 16:49:11 executing program 5: open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) write$P9_ROPEN(r0, &(0x7f0000000280)={0x18}, 0xc00) [ 662.550631][ T27] audit: type=1800 audit(1591289351.172:1443): pid=20657 uid=0 auid=0 ses=4 subj=_ op=collect_data cause=failed comm="syz-executor.5" name="/" dev="loop5" ino=1 res=0 16:49:11 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2}}}, 0xf8}, 0x1, 0x0, 0xf}, 0x0) [ 662.614183][ T7238] minix_free_inode: bit 1 already cleared 16:49:11 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0xc00, [{0x488}]}) 16:49:11 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2}}}, 0xf8}, 0x1, 0x0, 0x60}, 0x0) [ 662.748626][ T27] audit: type=1800 audit(1591289351.372:1444): pid=20688 uid=0 auid=0 ses=4 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.5" name="file0" dev="sda1" ino=16321 res=0 [ 662.777997][T20688] MINIX-fs: mounting unchecked file system, running fsck is recommended 16:49:11 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r2 = fcntl$dupfd(r1, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000400)='IPVS\x00') sendmsg$IPVS_CMD_SET_CONFIG(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000000)={0x1c, r3, 0x1, 0x0, 0x0, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP={0x8}]}, 0x1c}}, 0x0) sendmsg$IPVS_CMD_NEW_SERVICE(r2, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)={0x50, r3, 0x800, 0x70bd25, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_DAEMON={0x3c, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_STATE={0x8, 0x1, 0x1}, @IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'gretap0\x00'}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @mcast1}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x5}]}]}, 0x50}, 0x1, 0x0, 0x0, 0x2002}, 0x20000000) r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r5, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r5, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x482}]}) [ 662.798934][T20688] attempt to access beyond end of device [ 662.820181][T20688] loop5: rw=2049, want=6434, limit=52 [ 662.839659][T20688] Buffer I/O error on dev loop5, logical block 3216, lost async page write 16:49:11 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0xe00, [{0x481}]}) [ 662.891757][T20688] attempt to access beyond end of device 16:49:11 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2}}}, 0xf8}, 0x1, 0x0, 0x2fc}, 0x0) [ 662.942826][T20688] loop5: rw=2049, want=6436, limit=52 [ 662.975699][T20688] Buffer I/O error on dev loop5, logical block 3217, lost async page write 16:49:11 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0xd00, [{0x488}]}) 16:49:11 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x482}]}) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r4 = fcntl$dupfd(r3, 0x0, r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) r5 = syz_usb_connect$hid(0x1, 0x3f, &(0x7f0000000140)={{0x12, 0x1, 0x250, 0x0, 0x0, 0x0, 0x8, 0x150a, 0x1201, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x2d, 0x1, 0x1, 0xac, 0xa0, 0x7f, [{{0x9, 0x4, 0x0, 0x1a, 0x1, 0x3, 0x1, 0x0, 0x5, {0x9, 0x21, 0x2a2a, 0x8, 0x1, {0x22, 0xa32}}, {{{0x9, 0x5, 0x81, 0x3, 0x9545e8c5543494e, 0x7f, 0x9, 0x1}}, [{{0x9, 0x5, 0x2, 0x3, 0x0, 0x5, 0xfb, 0x1}}]}}}]}}]}}, &(0x7f0000000500)={0xa, &(0x7f0000000180)={0xa, 0x6, 0x210, 0x1, 0x31, 0x1f, 0x10, 0x9}, 0x5, &(0x7f00000001c0)={0x5, 0xf, 0x5}, 0x8, [{0x4, &(0x7f0000000200)=@lang_id={0x4, 0x3, 0x440a}}, {0x4, &(0x7f0000000240)=@lang_id={0x4, 0x3, 0x43e}}, {0x4d, &(0x7f0000000280)=@string={0x4d, 0x3, "818f072015a036711ba425f0d4dfe469c71e9727de96d09874d6efde6f482d217b33fdc0a5f27e8957a4edc1cb1911455b5f91824951c7d0acf17ffa0124600e88b2baa7845279e0ce193b"}}, {0x4, &(0x7f0000000300)=@lang_id={0x4, 0x3, 0x810}}, {0x4, &(0x7f0000000340)=@lang_id={0x4, 0x3, 0x42d}}, {0x4, &(0x7f0000000380)=@lang_id={0x4, 0x3, 0x441}}, {0x4, &(0x7f00000003c0)=@lang_id={0x4, 0x3, 0x180c}}, {0xce, &(0x7f0000000400)=@string={0xce, 0x3, "892b70381ac34a951a8817ad37d8000f47e8185b38b4d4f2d6b5c8cbbdb393c5fff583790f0816974b7a2dda245bcccff0bf247089a5af2c9c8953816d7cb7a7e0b07a1d72d55b829e0e2ad6540d450856c4fdbceea78328b4f38651cbcac13084dfeedb5cf53a971ed7857d93971e77b31ed57f6fd7f1bc90c41fe138de16043cabfa72204b24a5fe168b439df8a44b7524e8c593696715e8b8f359b8e0436d5835a0807ead213cc05712a7f643cbcc3ac152259b9f58f6ec330a5842badda58a463b84d8a528b4d441ad4b"}}]}) syz_usb_control_io$hid(r5, &(0x7f00000006c0)={0x24, &(0x7f0000000580)={0x0, 0x21, 0x4e, {0x4e, 0x3, "3cadf501f5a4af3fc426efa631f1ec034faa8495fbb922d8e776c19d6f4384ec0725e6ad3bbfeb93a7a479093a8f2b70017f814c60ec0408036f61304ad34518c35af2349da39e329ca2b7a9"}}, &(0x7f0000000600)={0x0, 0x3, 0x4, @lang_id={0x4, 0x3, 0x41c}}, &(0x7f0000000640)={0x0, 0x22, 0x15, {[@local=@item_012={0x2, 0x2, 0x9, "7393"}, @global=@item_4={0x3, 0x1, 0xb, "4f438e16"}, @main=@item_012={0x2, 0x0, 0xb, "daf7"}, @local=@item_4={0x3, 0x2, 0x0, "4dba8e77"}, @local=@item_4={0x3, 0x2, 0x8, "0d571b0a"}]}}, &(0x7f0000000680)={0x0, 0x21, 0x9, {0x9, 0x21, 0x1, 0xf3, 0x1, {0x22, 0xaef}}}}, &(0x7f0000000900)={0x2c, &(0x7f0000000700)={0x20, 0x2c, 0x7, "68d9da2a008ab1"}, &(0x7f0000000740)={0x0, 0xa, 0x1, 0x2}, &(0x7f0000000780)={0x0, 0x8, 0x1, 0x2}, &(0x7f0000000940)=ANY=[@ANYBLOB="2001f8000000e8bd50e6edabc67ab9aa12b81b9f5f9d88bdbc0093de5f832b2c2b6e14fc63f5377a3ada4fcac9878ab669b163d28ce403ffd170934f9d5eb8b625b79a2cb7263e46e53c90dda20c9129407f647a6481406f0e55576d08b85bdce5952edb5c3b1e9167496c88c3e7d05dc34b9a5da647639985b8b2f71b7f3697be5b1795ac2c50ed4426092220284c4af04e6d1c59a2d07fc9097dbe7600fbf539cdcf881a1466ce2d2f5f6b074c060aca687c7f389d42d93ed7cf0cb849baf595a3a6d3dc65053dd9b68e6c25c0eae109d2d1921bb08a60a4c7a61f0c546b347b19e40cba88cc9673473d9264617d3a887ad55f6ea28fbb60ae0a8a68deeb9fffed4ad1b31340"], &(0x7f00000008c0)={0x20, 0x3, 0x1, 0x81}}) r6 = fcntl$getown(0xffffffffffffffff, 0x9) write$cgroup_pid(r4, &(0x7f0000000100)=r6, 0x12) setsockopt$inet_udp_encap(r4, 0x11, 0x64, &(0x7f0000000000)=0x5, 0x4) [ 663.040155][T20688] attempt to access beyond end of device [ 663.050697][T20688] loop5: rw=2049, want=6438, limit=52 [ 663.061871][T20688] Buffer I/O error on dev loop5, logical block 3218, lost async page write 16:49:11 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2}}}, 0xf8}, 0x1, 0x0, 0x300}, 0x0) 16:49:11 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x1100, [{0x481}]}) [ 663.115717][T20733] attempt to access beyond end of device [ 663.159286][T20733] loop5: rw=0, want=6434, limit=52 [ 663.175894][T20733] Buffer I/O error on dev loop5, logical block 3216, async page read 16:49:11 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0xe00, [{0x488}]}) [ 663.205159][T20733] attempt to access beyond end of device [ 663.211883][T20733] loop5: rw=0, want=6436, limit=52 [ 663.218255][T20733] Buffer I/O error on dev loop5, logical block 3217, async page read [ 663.284604][T20733] attempt to access beyond end of device [ 663.294609][T20733] loop5: rw=0, want=6438, limit=52 [ 663.340563][T20733] Buffer I/O error on dev loop5, logical block 3218, async page read 16:49:12 executing program 5: open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) write$P9_ROPEN(r0, &(0x7f0000000280)={0x18}, 0x1001) 16:49:12 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2}}}, 0xf8}, 0x1, 0x0, 0x43b}, 0x0) 16:49:12 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x1200, [{0x481}]}) 16:49:12 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x1100, [{0x488}]}) [ 663.454653][ T7238] minix_free_inode: bit 1 already cleared [ 663.467684][ T46] usb 2-1: new low-speed USB device number 7 using dummy_hcd 16:49:12 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2}}}, 0xf8}, 0x1, 0x0, 0x900}, 0x0) 16:49:12 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2}}}, 0xf8}, 0x1, 0x0, 0xa00}, 0x0) [ 663.598929][T20786] MINIX-fs: mounting unchecked file system, running fsck is recommended 16:49:12 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x2500, [{0x481}]}) 16:49:12 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x1200, [{0x488}]}) [ 663.649183][T20786] attempt to access beyond end of device [ 663.700846][T20786] loop5: rw=2049, want=6434, limit=52 [ 663.730302][T20786] Buffer I/O error on dev loop5, logical block 3216, lost async page write [ 663.782715][T20786] attempt to access beyond end of device [ 663.805566][T20786] loop5: rw=2049, want=6436, limit=52 [ 663.812496][T20786] Buffer I/O error on dev loop5, logical block 3217, lost async page write [ 663.821453][T20786] attempt to access beyond end of device [ 663.827691][ T46] usb 2-1: No LPM exit latency info found, disabling LPM. [ 663.835124][T20786] loop5: rw=2049, want=6438, limit=52 [ 663.842220][T20786] attempt to access beyond end of device [ 663.861129][T20786] loop5: rw=2049, want=6440, limit=52 [ 663.867292][T20786] attempt to access beyond end of device [ 663.873056][T20786] loop5: rw=2049, want=6442, limit=52 [ 663.902390][T20829] attempt to access beyond end of device [ 663.906801][ T46] usb 2-1: config 1 interface 0 altsetting 26 endpoint 0x81 has invalid maxpacket 334, setting to 8 [ 663.913611][T20829] loop5: rw=0, want=6442, limit=52 [ 663.936596][ T46] usb 2-1: config 1 interface 0 altsetting 26 has 2 endpoint descriptors, different from the interface descriptor's value: 1 [ 663.954564][ T7238] minix_free_inode: bit 1 already cleared [ 663.956632][ T46] usb 2-1: config 1 interface 0 has no altsetting 0 [ 664.147851][ T46] usb 2-1: New USB device found, idVendor=150a, idProduct=1201, bcdDevice= 0.40 [ 664.166593][ T46] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 664.174787][ T46] usb 2-1: Product: 辁 ꀕ然ꐛ槤ệ➗雞飐홴䡯ℭ㍻샽襾ꑗ쇭᧋䔑彛芑光탇奔␁๠늈Ꞻ劄᧎ [ 664.196743][ T46] usb 2-1: Manufacturer: о [ 664.201266][ T46] usb 2-1: SerialNumber: ࠐ [ 664.232943][T20742] raw-gadget gadget: fail, usb_ep_enable returned -22 [ 664.876794][ T46] usbhid 2-1:1.0: can't add hid device: -71 [ 664.882825][ T46] usbhid: probe of 2-1:1.0 failed with error -71 [ 664.900927][ T46] usb 2-1: USB disconnect, device number 7 [ 665.506626][T10461] usb 2-1: new low-speed USB device number 8 using dummy_hcd [ 665.890840][T10461] usb 2-1: No LPM exit latency info found, disabling LPM. [ 665.989449][T10461] usb 2-1: config 1 interface 0 altsetting 26 endpoint 0x81 has invalid maxpacket 334, setting to 8 [ 666.012367][T10461] usb 2-1: config 1 interface 0 altsetting 26 has 2 endpoint descriptors, different from the interface descriptor's value: 1 [ 666.033894][T10461] usb 2-1: config 1 interface 0 has no altsetting 0 [ 666.222258][T10461] usb 2-1: New USB device found, idVendor=150a, idProduct=1201, bcdDevice= 0.40 [ 666.236053][T10461] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 666.261617][T10461] usb 2-1: Product: 辁 ꀕ然ꐛ槤ệ➗雞飐홴䡯ℭ㍻샽襾ꑗ쇭᧋䔑彛芑光탇奔␁๠늈Ꞻ劄᧎ [ 666.276265][T10461] usb 2-1: Manufacturer: о [ 666.281645][T10461] usb 2-1: SerialNumber: ࠐ 16:49:14 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) syz_init_net_socket$x25(0x9, 0x5, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x482}]}) 16:49:14 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x2500, [{0x488}]}) 16:49:14 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2}}}, 0xf8}, 0x1, 0x0, 0xf00}, 0x0) 16:49:14 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = perf_event_open(&(0x7f000001d000)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={0x0, 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000200)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r2, 0x0) r3 = perf_event_open(&(0x7f0000000000)={0x2, 0x70, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r2, 0x0) r4 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') dup3(r4, r3, 0x0) r5 = perf_event_open(&(0x7f000001d000)={0x5, 0xfffffffffffffeb3, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={0x0, 0x1}, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x4}, 0x0, 0x0, r4, 0x0) perf_event_open(&(0x7f0000000200)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r5, 0x0) r6 = perf_event_open(&(0x7f0000000000)={0x2, 0x70, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r5, 0x0) r7 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') dup3(r7, r6, 0x0) pidfd_send_signal(r7, 0x19, &(0x7f0000000100)={0xf, 0x15945061}, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r9 = fcntl$dupfd(r8, 0x0, r8) ioctl$PERF_EVENT_IOC_ENABLE(r9, 0x8912, 0x400200) sendmsg$NLBL_CALIPSO_C_ADD(r9, &(0x7f00000002c0)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000280)={&(0x7f00000001c0)={0x2c, 0x0, 0x300, 0x70bd2d, 0x25dfdbfc, {}, [@NLBL_CALIPSO_A_MTYPE={0x8}, @NLBL_CALIPSO_A_DOI={0x8, 0x1, 0x3}, @NLBL_CALIPSO_A_MTYPE={0x8}]}, 0x2c}, 0x1, 0x0, 0x0, 0xc040}, 0x10) r10 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r10, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r10, 0xc008ae88, &(0x7f0000000000)=ANY=[@ANYBLOB="020000000000000068592e0000000000e6000000000000001a880000000000001f00000000000000"]) 16:49:14 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x5c00, [{0x481}]}) 16:49:14 executing program 5: open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) write$P9_ROPEN(r0, &(0x7f0000000280)={0x18}, 0x8800000) [ 666.366639][T10461] usb 2-1: can't set config #1, error -71 [ 666.381772][T10461] usb 2-1: USB disconnect, device number 8 16:49:15 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2}}}, 0xf8}, 0x1, 0x0, 0x3b04}, 0x0) [ 666.479305][ T27] kauditd_printk_skb: 3 callbacks suppressed [ 666.479313][ T27] audit: type=1800 audit(1591289355.102:1448): pid=20892 uid=0 auid=0 ses=4 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.5" name="file0" dev="sda1" ino=16335 res=0 16:49:15 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x80ffff, [{0x481}]}) [ 666.555716][T20899] MINIX-fs: mounting unchecked file system, running fsck is recommended 16:49:15 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2}}}, 0xf8}, 0x1, 0x0, 0x6000}, 0x0) 16:49:15 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x482}]}) r3 = perf_event_open(&(0x7f000001d000)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={0x0, 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000200)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r3, 0x0) r4 = perf_event_open(&(0x7f0000000000)={0x2, 0x70, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r3, 0x0) r5 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r7 = fcntl$dupfd(r6, 0x0, r6) ioctl$PERF_EVENT_IOC_ENABLE(r7, 0x8912, 0x400200) setsockopt$inet6_tcp_buf(r7, 0x6, 0x1f, &(0x7f0000000280)="cdf4db20db16d6eb3c89621cb1fdfba785509057590319f14580e5687380c4917e70f1ef888d7260fbbb3c81abd34cd7b4c9a6248911c2552c687fe0b124715d57b97b2c76853c124b51253a2a3d1714a5431522ed73a053e2649ec2e97bd7bd3d390f6a7fd01a6927a5ca47114610b6a3a71df91d69a62754b3b71bde8da798c352dc3e72dac733a098730a43d338e805445868ae0ec18a8ba209388bb2857d88cf31f3d4fc93f89d80764d5c71002fef26b99e8c5d0b29f0eb3765b5d9e3a74c357630a22d508231bd6397b4ca960b99947534c8db91f7b61b4b76b1502c39f0961f0acd00a3a394c2c7350110d77e5cfd053b7f3ef04ffa07fcbe7b5f17cd26fff4d1f7b8f818da6d99fae15e89a84248e18cd063f46befa105e07f3b0de1f9eae93ef936da6965fbb5edaeb593197973afe9198cd30bb75f1276c5e57dbcf5815add99e9c9bef269c868757d942a79007f413bcd29c115987bb2fe0c090b5e0664aa9b7820fc6656be8e06cef5cfeaddecb92ad4f1d27662c6b7abc96b88c3232bba60ada59e492d91acfbfac6e700a1c9f83b4960c0bd852456fa175c799962c4768703e1b48d5dfe7dc440f2a6e2e7918c08e380314d8fe04dd59639b5074bf7520f9ec3f8753306ddd8cc350306dcd3179c2b9029f3baeaf2b77c95240302c58a088fa186a21d236b07da40c2b852752f68cbbd95a76e8e31a17d87f9591904469470ab7949a818ec9b400883f49a80ee769ac4469a97d016d32fa90f4b0e922bb9e18e9d9d4ef9b9b875056b11105742a73a05321ed92f24f932027e35bc98b4c272afabca73723191508e4c2d77375c3ce7cda8e1d1f9a00da265611e54205a5711b8664b77b42db0fab48f5bef5dbeaeb46a657d4cbf310ecb5f7340dccc74479d34ed8eb2e3728bf8a01f526a48b4cc2202d106c80e43d16d571da17ccd407d775cac11e3c04e93122c01bcae85b2e92856c4192c20e7f99bfd2fdff152115c224da8d718d6f194e64ddd5c244415bcb5c518ab2c4ee46a8064f956e31b46f1645e31c167c42dc5ef649a685c6a7399ca1a2d28ac55ae1d8c57c892e945492bfbc35b161ebceba3a2ac772013b890a39f9a9c65810ecec67ee855b86bca231bc71df503fd2f85e0693a43a4c0435b064bd945b9e8c5aa09e4aff502301b25424bdd99f5e60f3034d0b05f7b3af818f3b3c1aab3c732ee90a91db44c22492e1434ffa7167bccdbfe974ba7a9ffe1f1bd4c7da70850583468bedbad79442d57f5881ed060333a6ee7a1e4d8e7f0c6e6011aa8eb4ca029a95708b496a0ac47e19e95e0f53bcf3184c16597d11d20bd090da73972448c96bf5b9d1d8b082159202b0924bd1bd7ba26b6ee6be80cccaa7de54df5c30b9ed082baff6e100088dfa4c261540e463dd94adf3167659b1fdb569051241bb7e6bdbe452268fefd2cd2f2777b7ea78b262a1aef0f3339b024764d2dac2d11eaf76b9182dd57b3c21865c72e67970fcf6c5ee69afc82ee318c82674eacf010afedf0e601758e3e45694b4beaa8d17b62dc53cc8449a76748786083f000e085088318b1adbbca0a7880808c889e2d0b52ccb3cd2f992c124fcc10bfc9d97b9a3fe6919f0aa7a796b53b2b9ad24cea1af6010910a96e2aecbed187d491fabb3daa905734a0ea2019957fa58858b1c5735fbfd1baf9e555e20ed70884c86b3ec2c7346f3f2626c6b6263e7b141bc60d84e9f8b946b9102c797a65df07d5966fa209db08c9f11562abc4d941f11a1a3b8376ee105b7a5b1fc07a483cabc7c5335bd75481aab8374e08e1695f59ceedfd35fe783551d0712425ad82dfbb1ace3f97d4ab0e23b5ed3f132b0236d2707a55052ac1e8ff77cfbab4d8062e227df47f433c1e51c966fff5d8d14cd273cbacdeb278731bb5d56610f69ab0dde41504d5f928b88b7159db123a518ec18c7fb45bf7a3c46fbb535a33eb1d3110232b233a928c609a7a4c17eee47d1af02c87e6ce7e986e6b720945eb4b57f89631e5ab91a402bcab13f559632c1cd9f6ca206f94b023bac08c0451499c548d98983b1a5b793a91ae6264169aa20557061db9c813543e930f6ed672ce70b5072f3961986e15d5412d220594bea6bea7bcd490f467d0d64449f06bd6ee499c8bbf430cc20688239f9768642ff2bf6dc22adb41a7bb6e2a08d8431050086c299e726d00075f41c2943790eeeefd2c4606a30ac53f8b5b6e8fd2c51120d54bdfd67f1b20663e60a3fa43a3fee6e0bb3cb7aaf084d102c681166930face6491f7ada363c5efc89698353160d73e640d236da3546093ac602052d27a818c15c25ec8dcef39adc646ee0e56f198ab0df50382f83f8bc3320affea473476ce06207000823ed977f77d6c88546de8978330b4a34481d9b727f48156892f5c9cc0aca57c5ce6cb00f49d343b6b6e48cf5bc21cd51a21376825ad45ee5fddfc9029ea6e1616cff63462523acf331a167e0984ace1a201864cb36517df52d7902f807c77467c4ecf4b3111602d78eada8bf084c9421418f4d2366547f55a904eba1200977547f2467f6a83a39a47ff6ad7062faaa5b38e340e8c483a7cdbf0a01b677791250d79a035e295367758c3da74cc9a2421c89a365be9b54fb456beff1da65b04796371b6b72cd91a02c0216748d645fa56067150c225c60ecd8702d2fb63118f0229bd22a02a810b2f758867c09f41c5949a4c6a8eb2f107d70dcec1535fe6fb31a576340a066f2850b3ae336ca6d86d43734debb8296ff0873e2ad3f88e1ee091885986afb04fac0cc7e20b6ed6123a6708dc9b26f89761a4f6bec87bba78f42df8464472fbb20edf69abf4eb75a7045e429db6c5b3fbc0a6413d5f01c9607d421288ad18f0b521c2f24730f45c9d566d119cbe63fc55cb21ba7d3b2428441161db50324f4b70f7f558bea7e95c17579e9300ba59d3a816b2081e713847bc37d9de1526a224618a679fe0855fc1261f4efa9d6d0705b8da8067c39ac9bd6925e464d45c3ce30d55e61cbaedf2dd141e2e54a419722657e2f345d17270b500e46dc40778af03e85b465e76f1cf27a918330deefdaefb9910ddf487a83d0c7f1745b0bbb3a8ef55ec4b7b0cb4a20e9c9ea622294836d088859181ae7c98fe9e8510a6383db34ec2a522e815683805b18b84e6e8ec320fd1a27f86486f213135da16564189616de7a6b8968f69d670bdfbed6d8409777cfb9d5514e079fa0be5a7879d1c15ad421f8414142ad4e2317e03c1c4ec3fd50c710cabf24ee3f0a0011ab354dc9db3013190368f024c96e7441a2b8312b958fd905f56d3544fd1d3ca2d6e6e8a351dab0e784acd1f9c7abdf39ed9db6461d9083b41dc3e300f06db396c9c9dc9e99f1965e6526a424f8a4d87ab39fc58a693a22b03af776a74fff2758a65209b2484f5c9f129f3afa8799f60a598fbf81605f83e653636ff915947b9cf25acad24e043311068a1cffb75d731a0e0dfe7179c5e3e0942097b2a5bfe12150117d9e07410eb8a46b3e9f753def8f58c82f7fb637a5d8f2c25bb11cb4a95b4b441088817b31b011707ee090f62f7ca7563c0d03b5275bfb48657e2c9bd6cefa063a18e10e6a44b5004484c20d378291bd489d53f1d33a7c23ee822620012108c1a4a9bf025b97ed38dfdbdba03db68238fef03964b62d587f5587d070fdb721371c784b50a0b70c801c73fc478d829700c254fe8196cb4ba872c2066db3a36b062897c518f2afe33236e246ca331a67d385b2ce5f5e586a0d0a66678cf5fe9868a2ea8f1039a215b6e1e53d0164a141d65dbf4f72d0c7cfa4765e8f036d63983ad229b3a6782a60417bc5e537f6608c9c319b529991db1772c3c99b9dffd1505b43c24fbaab32426fdf76d08701c416aa6314b06cbf2dfd0172659ac53c366b993fba6ff4bd6a3eea2168a397562c8c1a33fb683b0c3f9f59eb02b158f7a3d7b311669bf913fc03ac13bfaf1655b1211caabd85f986c36cdff81e14bbe5889d054123d2301c25690d7a62028148c96f674077daac1c738051cfd1eeff0ddf1bf651951707df11b6b175f2feec50bc8e0977b3f01b0a76185a87bc24baa205fc78d21d292089d80c9e45b0e52e4dffcfb9ca15e89c39bd5f081075fc56dbee4fa59d60f2d17861c16a31d3d4dbde98b6c994387a58262f0f4afbef0279b44b883a89af9a005a6564919e4e0a5e4d4b015e80ffca376a85ee43427c23a8cec03a592acb9ce8f7f701cb97cc6e6418a37115e5bcfc727ad639c9071f7607efa816105cab541d0bd1cd280c09ff90cf95b61b1aa009f3db00ddaed346fd1f24488746fc720fab5c12c9bc59a260346305a1c6248b3c8fd9b81cab6eb97f8047b5d29eaaa20e94b23b2e9b6f6d5bf43b4e50bc75075b88091ef7b4be9726bbec940d8fefd1f30c6c2de3ff3250c81e6ba53557f3554a4e53ca5a2c3fa28ec5ab4ac2b81268b25a5fcf865cef59b95c4d43c34506260f0c6af5fbfb107be0f65f46b174538928342426f63ed3fc162a0d6e174ea5d6c5a90ec0d116e21244c292ffcfd341df892b0f32af2bcef8369ffc5b4c5a8f883120cba60dd753a4abbe01b85139e65618cce75db82535993666b32693b01bf92aeb3152040c220f496462a10c140064cd3614808d2bbe4420eaa9318e73dfac2e34d4cb7643769b1d6d0467c09844de56721e3b524964c87ef38fa0d4b8e24f0b918673859d75e5405005c350f5987445d7b22c17ec124f4071445e6035a36b1ebdc2bf3ca0f0fa22882a96d79066e4fc18e237f9292d522e7cd868be318b580d0f4bfb87df01f3b9cfb2436846be9f5e6e3a67767debdeb8e476cc576d75a852492dcc9f7e7af405aee4da491468d8562b31c403766d230d39bfcebe01ec2e3544b7b478c600c2eb1409295468d3bcdea4cac5825719d0fe957f10f9379731fa83a1179d36e7e3a2e8a5e8d41e77b8a8baf8d834539838c2f9bdc1622b4fdef2528a3655d89b21e0124502dc31210edaa34cf2cc35dff6eb180d297a904c8abcf36523db890ab0bde526316c082369ac889a395d048180e95ab805c651881f05b1080c8ea4c598613db3b9f9ff848f37f388883f2d59e45958f376d936a294e6b0adfbe52f0b984730296a7ebce107781a9f8fd748aaf08af22de0b1f23070d8d719cfd6cc702a7142b55fbfaab38b03691215a7d18162282cc564198cd1eb1f38265702e5276b6f00aa496b021f743d14744c57feebc6e840ed3596ce1bb4506f3a2988b20d93dee9cdcd5e9dd3ef3a91729bb3bb26d8e156c94e7157be2dfb327f24e1c1f9a8a699e031d91ba0499c5a4337747c80914fe02c792dda3486b503b0e4d354df893f22407f35c5a478131679806539d4b15bed705c418207f6b7e9742e19be4814c97e17dcfcbc7fc5a5bc36144f9a713140aa40628beb80548a783ea810b0b93d4efb03093fbcb7a0dbed1eb031b43dfbff1464477a15e8bf6a69559c84613ca358bc0a0f8ae99b7fcafb412b1793633c72e061a7ee5e691f3c5ce605c35dd3c85d9f69ee7906c086e2f7027c094b84ef1df0f39a08a1f9cf1c89eca7a32db6d1b22de01659a20117b2d1543e33252477dcb36f0a8f1e6d2e31ffc3b0fd48e90e5f12d7c4c5fda317cd42972352a6142c00a7527c0ed9f5e0ee869cfa7ab5aed098a3aa21852fe71c8c3599f592dda0b29d1d6637af4ec40292ba16d2b5ff70864024ca658d86b29aa1e6c7b45b3077dcb2fef0fe7121f3d9bccacae246760ccfd56506c4c5253ee69b72af0675239f36ba389f1", 0x1000) dup3(r5, r4, 0x0) ioctl$EVIOCGRAB(r5, 0x40044590, &(0x7f0000000000)=0x80000000) 16:49:15 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x5c00, [{0x488}]}) 16:49:15 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2}}}, 0xf8}, 0x1, 0x0, 0xfc02}, 0x0) 16:49:15 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x1000000, [{0x481}]}) 16:49:15 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2}}}, 0xf8}, 0x1, 0x0, 0x34000}, 0x0) 16:49:15 executing program 2: r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r1, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r1, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x483}]}) 16:49:15 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x80ffff, [{0x488}]}) 16:49:15 executing program 1: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2}}}, 0x33fe0}}, 0x0) 16:49:16 executing program 5: open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000140)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}, {&(0x7f0000000640)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494febcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5ff9b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bf19e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb0464cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e", 0x309, 0x34f9}], 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) write$P9_ROPEN(r0, &(0x7f0000000280)={0x18}, 0x20000298) 16:49:16 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x2000000, [{0x481}]}) 16:49:16 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2}}}, 0xf8}, 0x1, 0x0, 0x400300}, 0x0) 16:49:16 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x483}]}) ioctl$VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000600)={0x7, 0x7, 0x4, 0x40000000, 0x1f, {}, {0x1, 0x2, 0x3f, 0x0, 0x1, 0xc1, "83ffcbd4"}, 0xfff, 0x1, @userptr=0x7, 0x6, 0x0, r0}) bind$bt_sco(r1, &(0x7f0000000680)={0x1f, @fixed={[], 0x12}}, 0x8) 16:49:16 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0x4008ae8a, &(0x7f0000000040)={0x1, 0x0, [{0x481}]}) 16:49:16 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x1000000, [{0x488}]}) [ 667.676709][ T7238] minix_free_inode: bit 1 already cleared 16:49:16 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2}}}, 0xf8}, 0x1, 0x0, 0x1000000}, 0x0) 16:49:16 executing program 1: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@allocspi={0xf8, 0x16, 0xafe324b271123cf7, 0x0, 0x0, {{{@in6=@remote, @in=@multicast2}, {@in6=@private2, 0x0, 0x6c}, @in=@private, {}, {}, {}, 0x2}, 0x0, 0x2}}, 0xf8}}, 0x0) 16:49:16 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x3000000, [{0x481}]}) 16:49:16 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000)='/dev/hwrng\x00', 0x313002, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) setsockopt$netlink_NETLINK_LISTEN_ALL_NSID(r3, 0x10e, 0x8, &(0x7f0000000040)=0x6, 0x4) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f0000000140)=ANY=[@ANYBLOB="03000000000000ff000000000006c50d27d0167233b1b3dc69cfce0819ee0000010000000000000000000000ef82819bc48873a7dae10f01ac60cf3f5262060952e3c55925d6f0f98ea2f158687e9fb037b8ef45617e73372a1c5b9125ee2a91be5c5bfc84dd"]) r4 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r4, 0x84, 0x72, &(0x7f00000000c0)={0x0, 0x70f2}, 0xc) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000100)) 16:49:16 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x2000000, [{0x488}]}) 16:49:16 executing program 1 (fault-call:4 fault-nth:0): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="03000000000000ff00000000000600007f00060000e3b3dc69cfce0819ee0000010000000000000000000000ef"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x484}]}) [ 668.081682][T21066] FAULT_INJECTION: forcing a failure. [ 668.081682][T21066] name failslab, interval 1, probability 0, space 0, times 0 [ 668.124519][T21066] CPU: 1 PID: 21066 Comm: syz-executor.1 Not tainted 5.7.0-syzkaller #0 [ 668.132875][T21066] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 668.142929][T21066] Call Trace: [ 668.146757][T21066] dump_stack+0x1e9/0x30e [ 668.148745][T21079] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 668.151090][T21066] should_fail+0x433/0x5b0 [ 668.151111][T21066] ? tomoyo_realpath_from_path+0xd8/0x630 [ 668.151126][T21066] should_failslab+0x5/0x20 [ 668.169779][T21079] ================================================================== [ 668.174023][T21066] __kmalloc+0x74/0x330 [ 668.174041][T21066] ? tomoyo_realpath_from_path+0xcb/0x630 [ 668.182270][T21079] BUG: KASAN: null-ptr-deref in get_block+0x916/0x1600 [ 668.186404][T21066] tomoyo_realpath_from_path+0xd8/0x630 [ 668.192093][T21079] Write of size 8 at addr 0000000000000000 by task syz-executor.5/21079 [ 668.198923][T21066] tomoyo_path_number_perm+0x18f/0x690 [ 668.204428][T21079] [ 668.212756][T21066] security_file_ioctl+0x55/0xb0 [ 668.225377][T21066] __se_sys_ioctl+0x48/0x160 [ 668.229955][T21066] do_syscall_64+0xf3/0x1b0 [ 668.234455][T21066] entry_SYSCALL_64_after_hwframe+0x49/0xb3 [ 668.240324][T21066] RIP: 0033:0x45ca69 [ 668.244194][T21066] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 668.263771][T21066] RSP: 002b:00007f6a174b4c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 668.272155][T21066] RAX: ffffffffffffffda RBX: 00000000004e8480 RCX: 000000000045ca69 [ 668.280114][T21066] RDX: 0000000020000040 RSI: 00000000c008ae88 RDI: 0000000000000005 [ 668.288066][T21066] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 668.296013][T21066] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000006 [ 668.303979][T21066] R13: 00000000000003d8 R14: 00000000004c68ca R15: 00007f6a174b56d4 [ 668.312038][T21079] CPU: 0 PID: 21079 Comm: syz-executor.5 Not tainted 5.7.0-syzkaller #0 [ 668.313050][ T27] audit: type=1800 audit(1591289356.742:1449): pid=21079 uid=0 auid=0 ses=4 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.5" name="file0" dev="sda1" ino=16371 res=0 [ 668.320351][T21079] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 668.320356][T21079] Call Trace: [ 668.320373][T21079] dump_stack+0x1e9/0x30e [ 668.320388][T21079] kasan_report+0x151/0x1d0 [ 668.320400][T21079] ? get_block+0x916/0x1600 [ 668.320413][T21079] check_memory_region+0x2b5/0x2f0 [ 668.320424][T21079] get_block+0x916/0x1600 [ 668.320455][T21079] ? minix_get_block+0x90/0xf0 [ 668.379322][T21079] __block_write_begin_int+0x708/0x1a00 [ 668.384976][T21079] ? minix_prepare_chunk+0x30/0x30 [ 668.390146][T21079] ? minix_prepare_chunk+0x30/0x30 [ 668.395253][T21079] block_write_begin+0x59/0x280 [ 668.400105][T21079] minix_write_begin+0x38/0x1f0 [ 668.404961][T21079] generic_perform_write+0x23b/0x4e0 [ 668.410271][T21079] __generic_file_write_iter+0x22b/0x4e0 [ 668.415908][T21079] ? down_write+0xcd/0x130 [ 668.420324][T21079] generic_file_write_iter+0x4a6/0x650 [ 668.425793][T21079] __vfs_write+0x52f/0x6e0 [ 668.430222][T21079] vfs_write+0x274/0x580 [ 668.434469][T21079] ksys_write+0x11b/0x220 [ 668.438805][T21079] do_syscall_64+0xf3/0x1b0 [ 668.443308][T21079] entry_SYSCALL_64_after_hwframe+0x49/0xb3 [ 668.449198][T21079] RIP: 0033:0x45ca69 [ 668.453090][T21079] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 668.472700][T21079] RSP: 002b:00007f4e83fecc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 668.481118][T21079] RAX: ffffffffffffffda RBX: 000000000050b840 RCX: 000000000045ca69 [ 668.489091][T21079] RDX: 0000000020000298 RSI: 0000000020000280 RDI: 0000000000000004 [ 668.497067][T21079] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 668.505044][T21079] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 668.513016][T21079] R13: 0000000000000ca7 R14: 00000000004cefef R15: 00007f4e83fed6d4 [ 668.521001][T21079] ================================================================== [ 668.529055][T21079] Disabling lock debugging due to kernel taint [ 668.552732][T21079] Kernel panic - not syncing: panic_on_warn set ... [ 668.559347][T21079] CPU: 0 PID: 21079 Comm: syz-executor.5 Tainted: G B 5.7.0-syzkaller #0 [ 668.569185][T21079] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 668.579259][T21079] Call Trace: [ 668.582549][T21079] dump_stack+0x1e9/0x30e [ 668.586878][T21079] panic+0x264/0x7a0 [ 668.590772][T21079] ? trace_hardirqs_on+0x30/0x80 [ 668.595717][T21079] kasan_report+0x1c9/0x1d0 [ 668.600217][T21079] ? get_block+0x916/0x1600 [ 668.604720][T21079] check_memory_region+0x2b5/0x2f0 [ 668.609825][T21079] get_block+0x916/0x1600 [ 668.614156][T21079] ? minix_get_block+0x90/0xf0 [ 668.618916][T21079] __block_write_begin_int+0x708/0x1a00 [ 668.624468][T21079] ? minix_prepare_chunk+0x30/0x30 [ 668.629659][T21079] ? minix_prepare_chunk+0x30/0x30 [ 668.634760][T21079] block_write_begin+0x59/0x280 [ 668.639608][T21079] minix_write_begin+0x38/0x1f0 [ 668.644446][T21079] generic_perform_write+0x23b/0x4e0 [ 668.649810][T21079] __generic_file_write_iter+0x22b/0x4e0 [ 668.655431][T21079] ? down_write+0xcd/0x130 [ 668.659842][T21079] generic_file_write_iter+0x4a6/0x650 [ 668.662997][T21066] ERROR: Out of memory at tomoyo_realpath_from_path. [ 668.665293][T21079] __vfs_write+0x52f/0x6e0 [ 668.665307][T21079] vfs_write+0x274/0x580 [ 668.665319][T21079] ksys_write+0x11b/0x220 [ 668.684895][T21079] do_syscall_64+0xf3/0x1b0 [ 668.689392][T21079] entry_SYSCALL_64_after_hwframe+0x49/0xb3 [ 668.695278][T21079] RIP: 0033:0x45ca69 [ 668.699159][T21079] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 668.718755][T21079] RSP: 002b:00007f4e83fecc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 668.727162][T21079] RAX: ffffffffffffffda RBX: 000000000050b840 RCX: 000000000045ca69 [ 668.735209][T21079] RDX: 0000000020000298 RSI: 0000000020000280 RDI: 0000000000000004 [ 668.743184][T21079] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 668.751141][T21079] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 668.759223][T21079] R13: 0000000000000ca7 R14: 00000000004cefef R15: 00007f4e83fed6d4 [ 668.768972][T21079] Kernel Offset: disabled [ 668.773450][T21079] Rebooting in 86400 seconds..