open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
timer_create(0x0, &(0x7f0000000040)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=<r0=>0x0)
timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
syz_open_procfs(0x0, &(0x7f0000000100)='net/packet\x00')
poll(0x0, 0x0, 0x204)
syz_genetlink_get_family_id$ipvs(0x0)
pipe(&(0x7f0000000140)={<r1=>0xffffffffffffffff})
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

20:58:12 executing program 0:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0)
r1 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(0xffffffffffffffff, 0x2007fff)
sendfile(r0, r0, 0x0, 0x8080fffffffe)
r2 = socket(0x2, 0x803, 0xff)
connect$inet(r2, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r3 = dup(r2)
r4 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r3, r4, 0x0, 0x8000fffffffe)
creat(&(0x7f0000000100)='./bus\x00', 0x0)

[  385.883849][   T17] usb 6-1: device descriptor read/8, error -71
[  385.997429][T13097] raw-gadget gadget: fail, usb_ep_enable returned -22
[  386.273698][ T8808] cdc_ncm 3-1:1.0: bind() failure
[  386.306570][ T8808] cdc_ncm: probe of 3-1:1.1 failed with error -71
[  386.323966][ T8808] cdc_mbim: probe of 3-1:1.1 failed with error -71
[  386.332958][ T8808] usb 3-1: USB disconnect, device number 40
[  386.393875][   T17] usb 6-1: new high-speed USB device number 71 using dummy_hcd
[  386.483805][   T17] usb 6-1: Using ep0 maxpacket: 8
[  386.526199][   T17] usb 6-1: no configurations
[  386.530826][   T17] usb 6-1: can't read configurations, error -22
[  386.539683][   T17] usb usb6-port1: unable to enumerate USB device
[  386.853634][ T8808] Bluetooth: hci6: command 0xfc11 tx timeout
[  386.853642][ T1546] Bluetooth: hci6: Entering manufacturer mode failed (-110)
20:58:14 executing program 1:
socket$inet6(0xa, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
pipe(&(0x7f0000000100))
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x1, 0x803, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000540)=@newlink={0x78, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x48, 0x12, 0x0, 0x1, @vlan={{0x9, 0x1, 'vlan\x00'}, {0x38, 0x2, 0x0, 0x1, [@IFLA_VLAN_ID={0x6}, @IFLA_VLAN_INGRESS_QOS={0x28, 0x4, 0x0, 0x1, [@IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x0, 0x7}}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0xfff, 0x800}}, @IFLA_VLAN_QOS_MAPPING={0xc}]}, @IFLA_VLAN_EGRESS_QOS={0x4}]}}}, @IFLA_LINK={0x8, 0x5, r2}, @IFLA_MASTER={0x8, 0xa, r2}]}, 0x78}}, 0x0)

20:58:14 executing program 0:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0)
getpgid(0x0)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r1, 0x2007fff)
sendfile(r0, r0, 0x0, 0x8080fffffffe)
r2 = socket(0x2, 0x803, 0xff)
connect$inet(r2, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r3 = dup(r2)
r4 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r3, r4, 0x0, 0x8000fffffffe)
creat(&(0x7f0000000100)='./bus\x00', 0x0)

20:58:14 executing program 3:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r1, 0x400455c8, 0x9)
dup2(r0, 0xffffffffffffffff)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000008c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
r4 = fcntl$dupfd(r2, 0x0, r3)
ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200)
syz_usb_connect(0x0, 0x0, 0x0, 0x0)

20:58:14 executing program 2:
r0 = syz_usb_connect$cdc_ncm(0x0, 0x6e, &(0x7f00000000c0)=ANY=[@ANYBLOB="12010000020000102505a1a440000102030109025c0002010000000904000001020d0000052406000105240000000d240f0100000000000000000006241a0000000905810300000000000904010000020d000009"], 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = dup(r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)

[  387.470635][   T21] Bluetooth: hci6: Frame reassembly failed (-84)
[  387.483124][   T21] Bluetooth: hci6: Frame reassembly failed (-84)
[  387.491786][   T27] kauditd_printk_skb: 4 callbacks suppressed
[  387.491801][   T27] audit: type=1804 audit(1597265894.464:57): pid=13170 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/173/bus" dev="sda1" ino=16384 res=1 errno=0
20:58:14 executing program 1:
r0 = dup(0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
pipe(&(0x7f0000000100))
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x1, 0x803, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000540)=@newlink={0x78, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x48, 0x12, 0x0, 0x1, @vlan={{0x9, 0x1, 'vlan\x00'}, {0x38, 0x2, 0x0, 0x1, [@IFLA_VLAN_ID={0x6}, @IFLA_VLAN_INGRESS_QOS={0x28, 0x4, 0x0, 0x1, [@IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x0, 0x7}}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0xfff, 0x800}}, @IFLA_VLAN_QOS_MAPPING={0xc}]}, @IFLA_VLAN_EGRESS_QOS={0x4}]}}}, @IFLA_LINK={0x8, 0x5, r3}, @IFLA_MASTER={0x8, 0xa, r3}]}, 0x78}}, 0x0)

20:58:14 executing program 0:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0)
getpgid(0x0)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r1, 0x2007fff)
sendfile(r0, r0, 0x0, 0x8080fffffffe)
r2 = socket(0x2, 0x803, 0xff)
connect$inet(r2, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r3 = dup(r2)
r4 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r3, r4, 0x0, 0x8000fffffffe)
creat(&(0x7f0000000100)='./bus\x00', 0x0)

[  387.599249][   T27] audit: type=1804 audit(1597265894.534:58): pid=13176 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/173/bus" dev="sda1" ino=16384 res=1 errno=0
[  387.723654][ T8808] usb 3-1: new high-speed USB device number 41 using dummy_hcd
[  387.775609][   T27] audit: type=1804 audit(1597265894.754:59): pid=13189 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/174/bus" dev="sda1" ino=16384 res=1 errno=0
[  387.859965][   T27] audit: type=1804 audit(1597265894.834:60): pid=13190 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/174/bus" dev="sda1" ino=16384 res=1 errno=0
[  387.973505][ T8808] usb 3-1: Using ep0 maxpacket: 16
[  388.093505][ T8808] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  388.107345][ T8808] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  388.119597][ T8808] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  388.284704][ T8808] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  388.293842][ T8808] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  388.301867][ T8808] usb 3-1: Product: syz
[  388.306233][ T8808] usb 3-1: Manufacturer: syz
[  388.310892][ T8808] usb 3-1: SerialNumber: syz
[  388.355136][ T8808] usb 3-1: selecting invalid altsetting 1
20:58:15 executing program 5:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r0, &(0x7f0000000280)={0x2, 0x4e23, @multicast1}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
syz_usb_connect(0x0, 0x2d, &(0x7f0000000000)=ANY=[@ANYBLOB="1201fe0009003c080024"], 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000040)='highspeed\x00', 0xa)
sendto$inet(r0, &(0x7f00000012c0)=' ', 0x1, 0x0, 0x0, 0x0)

20:58:15 executing program 1:
r0 = dup(0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
pipe(&(0x7f0000000100))
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x1, 0x803, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000540)=@newlink={0x78, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x48, 0x12, 0x0, 0x1, @vlan={{0x9, 0x1, 'vlan\x00'}, {0x38, 0x2, 0x0, 0x1, [@IFLA_VLAN_ID={0x6}, @IFLA_VLAN_INGRESS_QOS={0x28, 0x4, 0x0, 0x1, [@IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x0, 0x7}}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0xfff, 0x800}}, @IFLA_VLAN_QOS_MAPPING={0xc}]}, @IFLA_VLAN_EGRESS_QOS={0x4}]}}}, @IFLA_LINK={0x8, 0x5, r3}, @IFLA_MASTER={0x8, 0xa, r3}]}, 0x78}}, 0x0)

20:58:15 executing program 0:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0)
getpgid(0x0)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r1, 0x2007fff)
sendfile(r0, r0, 0x0, 0x8080fffffffe)
r2 = socket(0x2, 0x803, 0xff)
connect$inet(r2, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r3 = dup(r2)
r4 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r3, r4, 0x0, 0x8000fffffffe)
creat(&(0x7f0000000100)='./bus\x00', 0x0)

[  388.750273][   T27] audit: type=1804 audit(1597265895.724:61): pid=13209 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/175/bus" dev="sda1" ino=16379 res=1 errno=0
20:58:15 executing program 1:
r0 = dup(0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
pipe(&(0x7f0000000100))
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x1, 0x803, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000540)=@newlink={0x78, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x48, 0x12, 0x0, 0x1, @vlan={{0x9, 0x1, 'vlan\x00'}, {0x38, 0x2, 0x0, 0x1, [@IFLA_VLAN_ID={0x6}, @IFLA_VLAN_INGRESS_QOS={0x28, 0x4, 0x0, 0x1, [@IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x0, 0x7}}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0xfff, 0x800}}, @IFLA_VLAN_QOS_MAPPING={0xc}]}, @IFLA_VLAN_EGRESS_QOS={0x4}]}}}, @IFLA_LINK={0x8, 0x5, r3}, @IFLA_MASTER={0x8, 0xa, r3}]}, 0x78}}, 0x0)

[  388.793516][ T8808] cdc_ncm 3-1:1.0: failed GET_NTB_PARAMETERS
[  388.800192][ T8808] cdc_ncm 3-1:1.0: bind() failure
[  388.844020][ T8808] cdc_ncm 3-1:1.1: skipping garbage
[  388.849288][ T8808] cdc_ncm 3-1:1.1: bind() failure
[  388.885503][   T27] audit: type=1804 audit(1597265895.794:62): pid=13209 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/175/bus" dev="sda1" ino=16379 res=1 errno=0
[  388.922798][ T8808] usb 3-1: USB disconnect, device number 41
20:58:16 executing program 4:
perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
timer_create(0x0, &(0x7f0000000040)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=<r0=>0x0)
timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
syz_open_procfs(0x0, &(0x7f0000000100)='net/packet\x00')
poll(0x0, 0x0, 0x204)
syz_genetlink_get_family_id$ipvs(0x0)
pipe(&(0x7f0000000140)={<r1=>0xffffffffffffffff})
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

20:58:16 executing program 0:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r1, 0x2007fff)
sendfile(r0, r0, 0x0, 0x8080fffffffe)
r2 = socket(0x2, 0x803, 0xff)
connect$inet(r2, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r3 = dup(r2)
r4 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r3, r4, 0x0, 0x8000fffffffe)
creat(&(0x7f0000000100)='./bus\x00', 0x0)

20:58:16 executing program 1:
r0 = socket$inet6(0xa, 0x0, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
pipe(&(0x7f0000000100))
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket(0x1, 0x803, 0x0)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000540)=@newlink={0x78, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x48, 0x12, 0x0, 0x1, @vlan={{0x9, 0x1, 'vlan\x00'}, {0x38, 0x2, 0x0, 0x1, [@IFLA_VLAN_ID={0x6}, @IFLA_VLAN_INGRESS_QOS={0x28, 0x4, 0x0, 0x1, [@IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x0, 0x7}}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0xfff, 0x800}}, @IFLA_VLAN_QOS_MAPPING={0xc}]}, @IFLA_VLAN_EGRESS_QOS={0x4}]}}}, @IFLA_LINK={0x8, 0x5, r4}, @IFLA_MASTER={0x8, 0xa, r4}]}, 0x78}}, 0x0)

[  389.126598][ T8130] usb 6-1: new high-speed USB device number 72 using dummy_hcd
20:58:16 executing program 1:
r0 = socket$inet6(0xa, 0x0, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
pipe(&(0x7f0000000100))
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket(0x1, 0x803, 0x0)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000540)=@newlink={0x78, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x48, 0x12, 0x0, 0x1, @vlan={{0x9, 0x1, 'vlan\x00'}, {0x38, 0x2, 0x0, 0x1, [@IFLA_VLAN_ID={0x6}, @IFLA_VLAN_INGRESS_QOS={0x28, 0x4, 0x0, 0x1, [@IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x0, 0x7}}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0xfff, 0x800}}, @IFLA_VLAN_QOS_MAPPING={0xc}]}, @IFLA_VLAN_EGRESS_QOS={0x4}]}}}, @IFLA_LINK={0x8, 0x5, r4}, @IFLA_MASTER={0x8, 0xa, r4}]}, 0x78}}, 0x0)

[  389.195128][   T27] audit: type=1804 audit(1597265896.174:63): pid=13241 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/176/bus" dev="sda1" ino=16383 res=1 errno=0
[  389.302723][   T27] audit: type=1804 audit(1597265896.224:64): pid=13242 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/176/bus" dev="sda1" ino=16383 res=1 errno=0
[  389.373526][ T8130] usb 6-1: Using ep0 maxpacket: 8
[  389.413755][ T8130] usb 6-1: no configurations
[  389.421904][ T8130] usb 6-1: can't read configurations, error -22
[  389.493409][ T1546] Bluetooth: hci6: Entering manufacturer mode failed (-110)
[  389.576049][ T8130] usb 6-1: new high-speed USB device number 73 using dummy_hcd
[  389.823316][ T8130] usb 6-1: Using ep0 maxpacket: 8
[  389.863607][ T8130] usb 6-1: no configurations
[  389.868217][ T8130] usb 6-1: can't read configurations, error -22
[  389.878868][ T8130] usb usb6-port1: attempt power cycle
20:58:17 executing program 3:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r1, 0x400455c8, 0x9)
dup2(r0, 0xffffffffffffffff)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000008c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
r4 = fcntl$dupfd(r2, 0x0, r3)
ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200)
syz_usb_connect(0x0, 0x0, 0x0, 0x0)

20:58:17 executing program 0:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r1, 0x2007fff)
sendfile(r0, r0, 0x0, 0x8080fffffffe)
r2 = socket(0x2, 0x803, 0xff)
connect$inet(r2, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r3 = dup(r2)
r4 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r3, r4, 0x0, 0x8000fffffffe)
creat(&(0x7f0000000100)='./bus\x00', 0x0)

20:58:17 executing program 2:
r0 = syz_usb_connect$cdc_ncm(0x0, 0x6e, &(0x7f00000000c0)=ANY=[@ANYBLOB="12010000020000102505a1a440000102030109025c0002010000000904000001020d0000052406000105240000000d240f0100000000000000000006241a0000000905810300000000000904010000020d000009"], 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = dup(r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)

20:58:17 executing program 1:
r0 = socket$inet6(0xa, 0x0, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
pipe(&(0x7f0000000100))
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket(0x1, 0x803, 0x0)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000540)=@newlink={0x78, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x48, 0x12, 0x0, 0x1, @vlan={{0x9, 0x1, 'vlan\x00'}, {0x38, 0x2, 0x0, 0x1, [@IFLA_VLAN_ID={0x6}, @IFLA_VLAN_INGRESS_QOS={0x28, 0x4, 0x0, 0x1, [@IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x0, 0x7}}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0xfff, 0x800}}, @IFLA_VLAN_QOS_MAPPING={0xc}]}, @IFLA_VLAN_EGRESS_QOS={0x4}]}}}, @IFLA_LINK={0x8, 0x5, r4}, @IFLA_MASTER={0x8, 0xa, r4}]}, 0x78}}, 0x0)

[  390.159541][   T58] Bluetooth: hci6: Frame reassembly failed (-84)
[  390.166245][   T27] audit: type=1804 audit(1597265897.134:65): pid=13271 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/177/bus" dev="sda1" ino=16366 res=1 errno=0
[  390.240220][   T27] audit: type=1804 audit(1597265897.204:66): pid=13275 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/177/bus" dev="sda1" ino=16366 res=1 errno=0
[  390.265108][T13260] syz-executor.0 (13260) used greatest stack depth: 22968 bytes left
[  390.348193][ T8236] usb 3-1: new high-speed USB device number 42 using dummy_hcd
[  390.593286][ T8130] usb 6-1: new high-speed USB device number 74 using dummy_hcd
[  390.613329][ T8236] usb 3-1: Using ep0 maxpacket: 16
[  390.703314][ T8130] usb 6-1: Using ep0 maxpacket: 8
[  390.733296][ T8236] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  390.743646][ T8236] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  390.755806][ T8236] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  390.763544][ T8130] usb 6-1: no configurations
[  390.770162][ T8130] usb 6-1: can't read configurations, error -22
[  390.923443][ T8236] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  390.932485][ T8236] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  390.933218][ T8130] usb 6-1: new high-speed USB device number 75 using dummy_hcd
[  390.946260][ T8236] usb 3-1: Product: syz
[  390.952829][ T8236] usb 3-1: Manufacturer: syz
[  390.958791][ T8236] usb 3-1: SerialNumber: syz
[  391.004214][ T8236] usb 3-1: selecting invalid altsetting 1
[  391.063493][ T8130] usb 6-1: Using ep0 maxpacket: 8
[  391.103669][ T8130] usb 6-1: no configurations
[  391.108311][ T8130] usb 6-1: can't read configurations, error -22
[  391.122099][ T8130] usb usb6-port1: unable to enumerate USB device
[  391.443285][ T8236] cdc_ncm 3-1:1.0: failed GET_NTB_PARAMETERS
[  391.449419][ T8236] cdc_ncm 3-1:1.0: bind() failure
[  391.465121][ T8236] cdc_ncm 3-1:1.1: skipping garbage
[  391.470380][ T8236] cdc_ncm 3-1:1.1: bind() failure
[  391.488970][ T8236] usb 3-1: USB disconnect, device number 42
20:58:18 executing program 5:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r0, &(0x7f0000000280)={0x2, 0x4e23, @multicast1}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
syz_usb_connect(0x0, 0x2d, &(0x7f0000000000)=ANY=[@ANYBLOB="1201fe0009003c080024"], 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000040)='highspeed\x00', 0xa)
sendto$inet(r0, &(0x7f00000012c0)=' ', 0x1, 0x0, 0x0, 0x0)

20:58:18 executing program 0:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r1, 0x2007fff)
sendfile(r0, r0, 0x0, 0x8080fffffffe)
r2 = socket(0x2, 0x803, 0xff)
connect$inet(r2, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r3 = dup(r2)
r4 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r3, r4, 0x0, 0x8000fffffffe)
creat(&(0x7f0000000100)='./bus\x00', 0x0)

20:58:18 executing program 1:
socket$inet6(0xa, 0x2, 0x0)
r0 = dup(0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
pipe(&(0x7f0000000100))
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x1, 0x803, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000540)=@newlink={0x78, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x48, 0x12, 0x0, 0x1, @vlan={{0x9, 0x1, 'vlan\x00'}, {0x38, 0x2, 0x0, 0x1, [@IFLA_VLAN_ID={0x6}, @IFLA_VLAN_INGRESS_QOS={0x28, 0x4, 0x0, 0x1, [@IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x0, 0x7}}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0xfff, 0x800}}, @IFLA_VLAN_QOS_MAPPING={0xc}]}, @IFLA_VLAN_EGRESS_QOS={0x4}]}}}, @IFLA_LINK={0x8, 0x5, r3}, @IFLA_MASTER={0x8, 0xa, r3}]}, 0x78}}, 0x0)

20:58:18 executing program 1:
socket$inet6(0xa, 0x2, 0x0)
r0 = dup(0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
pipe(&(0x7f0000000100))
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x1, 0x803, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000540)=@newlink={0x78, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x48, 0x12, 0x0, 0x1, @vlan={{0x9, 0x1, 'vlan\x00'}, {0x38, 0x2, 0x0, 0x1, [@IFLA_VLAN_ID={0x6}, @IFLA_VLAN_INGRESS_QOS={0x28, 0x4, 0x0, 0x1, [@IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x0, 0x7}}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0xfff, 0x800}}, @IFLA_VLAN_QOS_MAPPING={0xc}]}, @IFLA_VLAN_EGRESS_QOS={0x4}]}}}, @IFLA_LINK={0x8, 0x5, r3}, @IFLA_MASTER={0x8, 0xa, r3}]}, 0x78}}, 0x0)

20:58:19 executing program 4:
perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=<r0=>0x0)
timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
syz_open_procfs(0x0, &(0x7f0000000100)='net/packet\x00')
poll(0x0, 0x0, 0x204)
syz_genetlink_get_family_id$ipvs(0x0)
pipe(&(0x7f0000000140)={<r1=>0xffffffffffffffff})
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

20:58:19 executing program 2:
r0 = syz_usb_connect$cdc_ncm(0x0, 0x6e, &(0x7f00000000c0)=ANY=[@ANYBLOB="12010000020000102505a1a440000102030109025c0002010000000904000001020d0000052406000105240000000d240f0100000000000000000006241a0000000905810300000000000904010000020d000009"], 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = dup(r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)

20:58:19 executing program 0:
r0 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r1, 0x2007fff)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x8080fffffffe)
r2 = socket(0x2, 0x803, 0xff)
connect$inet(r2, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r3 = dup(r2)
r4 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r3, r4, 0x0, 0x8000fffffffe)
creat(&(0x7f0000000100)='./bus\x00', 0x0)

20:58:19 executing program 1:
socket$inet6(0xa, 0x2, 0x0)
r0 = dup(0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
pipe(&(0x7f0000000100))
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x1, 0x803, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000540)=@newlink={0x78, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x48, 0x12, 0x0, 0x1, @vlan={{0x9, 0x1, 'vlan\x00'}, {0x38, 0x2, 0x0, 0x1, [@IFLA_VLAN_ID={0x6}, @IFLA_VLAN_INGRESS_QOS={0x28, 0x4, 0x0, 0x1, [@IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x0, 0x7}}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0xfff, 0x800}}, @IFLA_VLAN_QOS_MAPPING={0xc}]}, @IFLA_VLAN_EGRESS_QOS={0x4}]}}}, @IFLA_LINK={0x8, 0x5, r3}, @IFLA_MASTER={0x8, 0xa, r3}]}, 0x78}}, 0x0)

[  392.213250][ T1546] Bluetooth: hci6: Entering manufacturer mode failed (-110)
[  392.213387][ T8808] usb 6-1: new high-speed USB device number 76 using dummy_hcd
[  392.221761][ T2545] Bluetooth: hci6: command tx timeout
[  392.481651][ T8236] usb 3-1: new high-speed USB device number 43 using dummy_hcd
[  392.553120][ T8808] usb 6-1: Using ep0 maxpacket: 8
[  392.593420][ T8808] usb 6-1: no configurations
[  392.598151][ T8808] usb 6-1: can't read configurations, error -22
20:58:19 executing program 3:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r1, 0x400455c8, 0x9)
dup2(r0, r1)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f00000008c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
r4 = fcntl$dupfd(r2, 0x0, r3)
ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200)
syz_usb_connect(0x0, 0x0, 0x0, 0x0)

20:58:19 executing program 1:
r0 = socket$inet6(0xa, 0x2, 0x0)
dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
pipe(&(0x7f0000000100))
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x1, 0x803, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000540)=@newlink={0x78, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x48, 0x12, 0x0, 0x1, @vlan={{0x9, 0x1, 'vlan\x00'}, {0x38, 0x2, 0x0, 0x1, [@IFLA_VLAN_ID={0x6}, @IFLA_VLAN_INGRESS_QOS={0x28, 0x4, 0x0, 0x1, [@IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x0, 0x7}}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0xfff, 0x800}}, @IFLA_VLAN_QOS_MAPPING={0xc}]}, @IFLA_VLAN_EGRESS_QOS={0x4}]}}}, @IFLA_LINK={0x8, 0x5, r3}, @IFLA_MASTER={0x8, 0xa, r3}]}, 0x78}}, 0x0)

20:58:19 executing program 0:
r0 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r1, 0x2007fff)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x8080fffffffe)
r2 = socket(0x2, 0x803, 0xff)
connect$inet(r2, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r3 = dup(r2)
r4 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r3, r4, 0x0, 0x8000fffffffe)
creat(&(0x7f0000000100)='./bus\x00', 0x0)

[  392.723113][ T8236] usb 3-1: Using ep0 maxpacket: 16
[  392.753261][ T8808] usb 6-1: new high-speed USB device number 77 using dummy_hcd
20:58:19 executing program 1:
r0 = socket$inet6(0xa, 0x2, 0x0)
dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
pipe(&(0x7f0000000100))
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x1, 0x803, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000540)=@newlink={0x78, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x48, 0x12, 0x0, 0x1, @vlan={{0x9, 0x1, 'vlan\x00'}, {0x38, 0x2, 0x0, 0x1, [@IFLA_VLAN_ID={0x6}, @IFLA_VLAN_INGRESS_QOS={0x28, 0x4, 0x0, 0x1, [@IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x0, 0x7}}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0xfff, 0x800}}, @IFLA_VLAN_QOS_MAPPING={0xc}]}, @IFLA_VLAN_EGRESS_QOS={0x4}]}}}, @IFLA_LINK={0x8, 0x5, r3}, @IFLA_MASTER={0x8, 0xa, r3}]}, 0x78}}, 0x0)

[  392.844696][ T8236] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  392.856475][   T27] kauditd_printk_skb: 4 callbacks suppressed
[  392.856491][   T27] audit: type=1804 audit(1597265899.835:71): pid=13345 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/180/bus" dev="sda1" ino=16379 res=1 errno=0
[  392.900477][ T8236] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  392.913335][ T8236] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  393.023275][ T8808] usb 6-1: Using ep0 maxpacket: 8
[  393.035229][   T27] audit: type=1804 audit(1597265899.945:72): pid=13353 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/180/bus" dev="sda1" ino=16379 res=1 errno=0
[  393.089774][ T8808] usb 6-1: no configurations
[  393.094840][ T8808] usb 6-1: can't read configurations, error -22
[  393.095433][ T8236] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  393.120798][ T8236] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  393.124188][ T8808] usb usb6-port1: attempt power cycle
[  393.137400][ T8236] usb 3-1: Product: syz
[  393.145409][ T8236] usb 3-1: Manufacturer: syz
[  393.150228][ T8236] usb 3-1: SerialNumber: syz
[  393.194239][ T8236] usb 3-1: selecting invalid altsetting 1
[  393.636880][ T8236] cdc_ncm 3-1:1.0: failed GET_NTB_PARAMETERS
[  393.642926][ T8236] cdc_ncm 3-1:1.0: bind() failure
[  393.661411][ T8236] cdc_ncm 3-1:1.1: skipping garbage
[  393.667482][ T8236] cdc_ncm 3-1:1.1: bind() failure
[  393.680715][ T8236] usb 3-1: USB disconnect, device number 43
[  393.903033][ T8808] usb 6-1: new high-speed USB device number 78 using dummy_hcd
[  394.013164][ T8808] usb 6-1: Using ep0 maxpacket: 8
[  394.075926][ T8808] usb 6-1: no configurations
[  394.080547][ T8808] usb 6-1: can't read configurations, error -22
[  394.243035][ T8808] usb 6-1: new high-speed USB device number 79 using dummy_hcd
[  394.333112][ T8808] usb 6-1: Using ep0 maxpacket: 8
[  394.383189][ T8808] usb 6-1: no configurations
[  394.387836][ T8808] usb 6-1: can't read configurations, error -22
[  394.399488][ T8808] usb usb6-port1: unable to enumerate USB device
20:58:21 executing program 1:
r0 = socket$inet6(0xa, 0x2, 0x0)
dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
pipe(&(0x7f0000000100))
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x1, 0x803, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000540)=@newlink={0x78, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x48, 0x12, 0x0, 0x1, @vlan={{0x9, 0x1, 'vlan\x00'}, {0x38, 0x2, 0x0, 0x1, [@IFLA_VLAN_ID={0x6}, @IFLA_VLAN_INGRESS_QOS={0x28, 0x4, 0x0, 0x1, [@IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x0, 0x7}}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0xfff, 0x800}}, @IFLA_VLAN_QOS_MAPPING={0xc}]}, @IFLA_VLAN_EGRESS_QOS={0x4}]}}}, @IFLA_LINK={0x8, 0x5, r3}, @IFLA_MASTER={0x8, 0xa, r3}]}, 0x78}}, 0x0)

20:58:21 executing program 0:
r0 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r1, 0x2007fff)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x8080fffffffe)
r2 = socket(0x2, 0x803, 0xff)
connect$inet(r2, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r3 = dup(r2)
r4 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r3, r4, 0x0, 0x8000fffffffe)
creat(&(0x7f0000000100)='./bus\x00', 0x0)

20:58:21 executing program 5:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r0, &(0x7f0000000280)={0x2, 0x4e23, @multicast1}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
syz_usb_connect(0x0, 0x2d, &(0x7f0000000000)=ANY=[@ANYBLOB="1201fe0009003c0800240042ef4200"], 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000040)='highspeed\x00', 0xa)
sendto$inet(r0, &(0x7f00000012c0)=' ', 0x1, 0x0, 0x0, 0x0)

20:58:21 executing program 2:
r0 = syz_usb_connect$cdc_ncm(0x0, 0x6e, &(0x7f00000000c0)=ANY=[@ANYBLOB="12010000020000102505a1a440000102030109025c0002010000000904000001020d0000052406000105240000000d240f0100000000000000000006241a0000000905810300000000000904010000020d00000904010102020d00"], 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = dup(r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)

[  394.871094][   T27] audit: type=1804 audit(1597265901.845:73): pid=13381 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/181/bus" dev="sda1" ino=16374 res=1 errno=0
[  394.933028][ T8236] Bluetooth: hci6: command 0xfc11 tx timeout
[  394.939174][ T1546] Bluetooth: hci6: Entering manufacturer mode failed (-110)
[  394.987281][   T27] audit: type=1804 audit(1597265901.955:74): pid=13394 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/181/bus" dev="sda1" ino=16374 res=1 errno=0
20:58:22 executing program 4:
perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=<r0=>0x0)
timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
syz_open_procfs(0x0, &(0x7f0000000100)='net/packet\x00')
poll(0x0, 0x0, 0x204)
syz_genetlink_get_family_id$ipvs(0x0)
pipe(&(0x7f0000000140)={<r1=>0xffffffffffffffff})
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

20:58:22 executing program 1:
r0 = socket$inet6(0xa, 0x2, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x0)
pipe(&(0x7f0000000100))
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket(0x1, 0x803, 0x0)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000540)=@newlink={0x78, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x48, 0x12, 0x0, 0x1, @vlan={{0x9, 0x1, 'vlan\x00'}, {0x38, 0x2, 0x0, 0x1, [@IFLA_VLAN_ID={0x6}, @IFLA_VLAN_INGRESS_QOS={0x28, 0x4, 0x0, 0x1, [@IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x0, 0x7}}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0xfff, 0x800}}, @IFLA_VLAN_QOS_MAPPING={0xc}]}, @IFLA_VLAN_EGRESS_QOS={0x4}]}}}, @IFLA_LINK={0x8, 0x5, r4}, @IFLA_MASTER={0x8, 0xa, r4}]}, 0x78}}, 0x0)

20:58:22 executing program 0:
r0 = open(0x0, 0x1031fe, 0x0)
r1 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r2, 0x2007fff)
sendfile(r0, r0, 0x0, 0x8080fffffffe)
r3 = socket(0x2, 0x803, 0xff)
connect$inet(r3, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r4 = dup(r3)
r5 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x8000fffffffe)
creat(&(0x7f0000000100)='./bus\x00', 0x0)

[  395.143037][ T8808] usb 3-1: new high-speed USB device number 44 using dummy_hcd
[  395.182978][   T12] usb 6-1: new high-speed USB device number 80 using dummy_hcd
[  395.275223][   T27] audit: type=1804 audit(1597265902.255:75): pid=13400 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/182/bus" dev="sda1" ino=16373 res=1 errno=0
20:58:22 executing program 1:
r0 = socket$inet6(0xa, 0x2, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x0)
pipe(&(0x7f0000000100))
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket(0x1, 0x803, 0x0)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000540)=@newlink={0x78, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x48, 0x12, 0x0, 0x1, @vlan={{0x9, 0x1, 'vlan\x00'}, {0x38, 0x2, 0x0, 0x1, [@IFLA_VLAN_ID={0x6}, @IFLA_VLAN_INGRESS_QOS={0x28, 0x4, 0x0, 0x1, [@IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x0, 0x7}}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0xfff, 0x800}}, @IFLA_VLAN_QOS_MAPPING={0xc}]}, @IFLA_VLAN_EGRESS_QOS={0x4}]}}}, @IFLA_LINK={0x8, 0x5, r4}, @IFLA_MASTER={0x8, 0xa, r4}]}, 0x78}}, 0x0)

[  395.380389][   T27] audit: type=1804 audit(1597265902.355:76): pid=13409 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/182/bus" dev="sda1" ino=16373 res=1 errno=0
[  395.419038][ T8808] usb 3-1: Using ep0 maxpacket: 16
20:58:22 executing program 3:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r1, 0x400455c8, 0x9)
dup2(r0, r1)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f00000008c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
r4 = fcntl$dupfd(r2, 0x0, r3)
ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200)
syz_usb_connect(0x0, 0x0, 0x0, 0x0)

[  395.434050][   T12] usb 6-1: Using ep0 maxpacket: 8
20:58:22 executing program 0:
r0 = open(0x0, 0x1031fe, 0x0)
r1 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r2, 0x2007fff)
sendfile(r0, r0, 0x0, 0x8080fffffffe)
r3 = socket(0x2, 0x803, 0xff)
connect$inet(r3, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r4 = dup(r3)
r5 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x8000fffffffe)
creat(&(0x7f0000000100)='./bus\x00', 0x0)

[  395.474423][   T12] usb 6-1: no configurations
[  395.479277][   T12] usb 6-1: can't read configurations, error -22
20:58:22 executing program 1:
r0 = socket$inet6(0xa, 0x2, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x0)
pipe(&(0x7f0000000100))
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket(0x1, 0x803, 0x0)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000540)=@newlink={0x78, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x48, 0x12, 0x0, 0x1, @vlan={{0x9, 0x1, 'vlan\x00'}, {0x38, 0x2, 0x0, 0x1, [@IFLA_VLAN_ID={0x6}, @IFLA_VLAN_INGRESS_QOS={0x28, 0x4, 0x0, 0x1, [@IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x0, 0x7}}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0xfff, 0x800}}, @IFLA_VLAN_QOS_MAPPING={0xc}]}, @IFLA_VLAN_EGRESS_QOS={0x4}]}}}, @IFLA_LINK={0x8, 0x5, r4}, @IFLA_MASTER={0x8, 0xa, r4}]}, 0x78}}, 0x0)

[  395.573289][ T8808] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  395.603836][ T8808] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  395.617965][   T27] audit: type=1804 audit(1597265902.595:77): pid=13420 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/183/bus" dev="sda1" ino=16373 res=1 errno=0
[  395.662928][   T12] usb 6-1: new high-speed USB device number 81 using dummy_hcd
[  395.680529][ T8808] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  395.708125][   T58] Bluetooth: hci6: Frame reassembly failed (-84)
20:58:22 executing program 0:
r0 = open(0x0, 0x1031fe, 0x0)
r1 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r2, 0x2007fff)
sendfile(r0, r0, 0x0, 0x8080fffffffe)
r3 = socket(0x2, 0x803, 0xff)
connect$inet(r3, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r4 = dup(r3)
r5 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x8000fffffffe)
creat(&(0x7f0000000100)='./bus\x00', 0x0)

[  395.745115][   T27] audit: type=1804 audit(1597265902.685:78): pid=13423 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/183/bus" dev="sda1" ino=16373 res=1 errno=0
[  395.748663][ T8808] usb 3-1: config 1 interface 1 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 2
20:58:22 executing program 1:
r0 = socket$inet6(0xa, 0x2, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
pipe(0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket(0x1, 0x803, 0x0)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000540)=@newlink={0x78, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x48, 0x12, 0x0, 0x1, @vlan={{0x9, 0x1, 'vlan\x00'}, {0x38, 0x2, 0x0, 0x1, [@IFLA_VLAN_ID={0x6}, @IFLA_VLAN_INGRESS_QOS={0x28, 0x4, 0x0, 0x1, [@IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x0, 0x7}}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0xfff, 0x800}}, @IFLA_VLAN_QOS_MAPPING={0xc}]}, @IFLA_VLAN_EGRESS_QOS={0x4}]}}}, @IFLA_LINK={0x8, 0x5, r4}, @IFLA_MASTER={0x8, 0xa, r4}]}, 0x78}}, 0x0)

[  395.919390][   T12] usb 6-1: Using ep0 maxpacket: 8
[  395.939307][   T27] audit: type=1804 audit(1597265902.915:79): pid=13435 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/184/bus" dev="sda1" ino=16373 res=1 errno=0
20:58:23 executing program 1:
r0 = socket$inet6(0xa, 0x2, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
pipe(0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket(0x1, 0x803, 0x0)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000540)=@newlink={0x78, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x48, 0x12, 0x0, 0x1, @vlan={{0x9, 0x1, 'vlan\x00'}, {0x38, 0x2, 0x0, 0x1, [@IFLA_VLAN_ID={0x6}, @IFLA_VLAN_INGRESS_QOS={0x28, 0x4, 0x0, 0x1, [@IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x0, 0x7}}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0xfff, 0x800}}, @IFLA_VLAN_QOS_MAPPING={0xc}]}, @IFLA_VLAN_EGRESS_QOS={0x4}]}}}, @IFLA_LINK={0x8, 0x5, r4}, @IFLA_MASTER={0x8, 0xa, r4}]}, 0x78}}, 0x0)

[  395.987016][   T12] usb 6-1: no configurations
[  395.991654][   T12] usb 6-1: can't read configurations, error -22
[  396.008870][   T12] usb usb6-port1: attempt power cycle
[  396.043331][ T8808] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  396.057311][ T8808] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  396.059666][   T27] audit: type=1804 audit(1597265903.035:80): pid=13438 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/184/bus" dev="sda1" ino=16373 res=1 errno=0
[  396.120700][ T8808] usb 3-1: Product: syz
[  396.144030][ T8808] usb 3-1: Manufacturer: syz
[  396.159938][ T8808] usb 3-1: SerialNumber: syz
[  396.673068][ T8808] cdc_ncm 3-1:1.0: bind() failure
[  396.703681][ T8808] cdc_ncm: probe of 3-1:1.1 failed with error -71
[  396.723056][   T12] usb 6-1: new high-speed USB device number 82 using dummy_hcd
[  396.726904][ T8808] cdc_mbim: probe of 3-1:1.1 failed with error -71
[  396.740836][ T8808] usb 3-1: USB disconnect, device number 44
[  396.822941][   T12] usb 6-1: Using ep0 maxpacket: 8
[  396.863952][   T12] usb 6-1: no configurations
[  396.868616][   T12] usb 6-1: can't read configurations, error -22
[  397.022852][   T12] usb 6-1: new high-speed USB device number 83 using dummy_hcd
[  397.113012][   T12] usb 6-1: Using ep0 maxpacket: 8
[  397.153100][   T12] usb 6-1: no configurations
[  397.157899][   T12] usb 6-1: can't read configurations, error -22
[  397.165755][   T12] usb usb6-port1: unable to enumerate USB device
[  397.732872][ T1546] Bluetooth: hci6: Entering manufacturer mode failed (-110)
20:58:24 executing program 5:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r0, &(0x7f0000000280)={0x2, 0x4e23, @multicast1}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
syz_usb_connect(0x0, 0x2d, &(0x7f0000000000)=ANY=[@ANYBLOB="1201fe0009003c0800240042ef4200"], 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000040)='highspeed\x00', 0xa)
sendto$inet(r0, &(0x7f00000012c0)=' ', 0x1, 0x0, 0x0, 0x0)

20:58:24 executing program 1:
r0 = socket$inet6(0xa, 0x2, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
pipe(0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket(0x1, 0x803, 0x0)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000540)=@newlink={0x78, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x48, 0x12, 0x0, 0x1, @vlan={{0x9, 0x1, 'vlan\x00'}, {0x38, 0x2, 0x0, 0x1, [@IFLA_VLAN_ID={0x6}, @IFLA_VLAN_INGRESS_QOS={0x28, 0x4, 0x0, 0x1, [@IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x0, 0x7}}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0xfff, 0x800}}, @IFLA_VLAN_QOS_MAPPING={0xc}]}, @IFLA_VLAN_EGRESS_QOS={0x4}]}}}, @IFLA_LINK={0x8, 0x5, r4}, @IFLA_MASTER={0x8, 0xa, r4}]}, 0x78}}, 0x0)

[  398.322775][ T8236] usb 6-1: new high-speed USB device number 84 using dummy_hcd
20:58:25 executing program 4:
perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=<r0=>0x0)
timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
syz_open_procfs(0x0, &(0x7f0000000100)='net/packet\x00')
poll(0x0, 0x0, 0x204)
syz_genetlink_get_family_id$ipvs(0x0)
pipe(&(0x7f0000000140)={<r1=>0xffffffffffffffff})
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

20:58:25 executing program 0:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x0, 0x0)
r1 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r2, 0x2007fff)
sendfile(r0, r0, 0x0, 0x8080fffffffe)
r3 = socket(0x2, 0x803, 0xff)
connect$inet(r3, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r4 = dup(r3)
r5 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x8000fffffffe)
creat(&(0x7f0000000100)='./bus\x00', 0x0)

20:58:25 executing program 2:
r0 = syz_usb_connect$cdc_ncm(0x0, 0x6e, &(0x7f00000000c0)=ANY=[@ANYBLOB="12010000020000102505a1a440000102030109025c0002010000000904000001020d0000052406000105240000000d240f0100000000000000000006241a0000000905810300000000000904010000020d00000904010102020d00"], 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = dup(r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)

20:58:25 executing program 1:
r0 = socket$inet6(0xa, 0x2, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
pipe(&(0x7f0000000100))
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket(0x0, 0x803, 0x0)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000540)=@newlink={0x78, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x48, 0x12, 0x0, 0x1, @vlan={{0x9, 0x1, 'vlan\x00'}, {0x38, 0x2, 0x0, 0x1, [@IFLA_VLAN_ID={0x6}, @IFLA_VLAN_INGRESS_QOS={0x28, 0x4, 0x0, 0x1, [@IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x0, 0x7}}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0xfff, 0x800}}, @IFLA_VLAN_QOS_MAPPING={0xc}]}, @IFLA_VLAN_EGRESS_QOS={0x4}]}}}, @IFLA_LINK={0x8, 0x5, r4}, @IFLA_MASTER={0x8, 0xa, r4}]}, 0x78}}, 0x0)

20:58:25 executing program 3:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r1, 0x400455c8, 0x9)
dup2(r0, r1)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f00000008c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
r4 = fcntl$dupfd(r2, 0x0, r3)
ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200)
syz_usb_connect(0x0, 0x0, 0x0, 0x0)

20:58:25 executing program 1:
r0 = socket$inet6(0xa, 0x2, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
pipe(&(0x7f0000000100))
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket(0x0, 0x803, 0x0)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000540)=@newlink={0x78, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x48, 0x12, 0x0, 0x1, @vlan={{0x9, 0x1, 'vlan\x00'}, {0x38, 0x2, 0x0, 0x1, [@IFLA_VLAN_ID={0x6}, @IFLA_VLAN_INGRESS_QOS={0x28, 0x4, 0x0, 0x1, [@IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x0, 0x7}}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0xfff, 0x800}}, @IFLA_VLAN_QOS_MAPPING={0xc}]}, @IFLA_VLAN_EGRESS_QOS={0x4}]}}}, @IFLA_LINK={0x8, 0x5, r4}, @IFLA_MASTER={0x8, 0xa, r4}]}, 0x78}}, 0x0)

[  398.535168][   T58] Bluetooth: hci6: Frame reassembly failed (-84)
[  398.549475][   T27] audit: type=1804 audit(1597265905.525:81): pid=13476 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/185/bus" dev="sda1" ino=16368 res=1 errno=0
[  398.574312][ T8236] usb 6-1: Using ep0 maxpacket: 8
[  398.614007][ T8236] usb 6-1: no configurations
[  398.618644][ T8236] usb 6-1: can't read configurations, error -22
[  398.676624][   T27] audit: type=1804 audit(1597265905.615:82): pid=13485 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/185/bus" dev="sda1" ino=16368 res=1 errno=0
20:58:25 executing program 1:
r0 = socket$inet6(0xa, 0x2, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
pipe(&(0x7f0000000100))
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket(0x0, 0x803, 0x0)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000540)=@newlink={0x78, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x48, 0x12, 0x0, 0x1, @vlan={{0x9, 0x1, 'vlan\x00'}, {0x38, 0x2, 0x0, 0x1, [@IFLA_VLAN_ID={0x6}, @IFLA_VLAN_INGRESS_QOS={0x28, 0x4, 0x0, 0x1, [@IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x0, 0x7}}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0xfff, 0x800}}, @IFLA_VLAN_QOS_MAPPING={0xc}]}, @IFLA_VLAN_EGRESS_QOS={0x4}]}}}, @IFLA_LINK={0x8, 0x5, r4}, @IFLA_MASTER={0x8, 0xa, r4}]}, 0x78}}, 0x0)

20:58:25 executing program 0:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x0, 0x0)
r1 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r2, 0x2007fff)
sendfile(r0, r0, 0x0, 0x8080fffffffe)
r3 = socket(0x2, 0x803, 0xff)
connect$inet(r3, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r4 = dup(r3)
r5 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x8000fffffffe)
creat(&(0x7f0000000100)='./bus\x00', 0x0)

20:58:25 executing program 1:
r0 = socket$inet6(0xa, 0x2, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
pipe(&(0x7f0000000100))
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket(0x1, 0x0, 0x0)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000540)=@newlink={0x78, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x48, 0x12, 0x0, 0x1, @vlan={{0x9, 0x1, 'vlan\x00'}, {0x38, 0x2, 0x0, 0x1, [@IFLA_VLAN_ID={0x6}, @IFLA_VLAN_INGRESS_QOS={0x28, 0x4, 0x0, 0x1, [@IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x0, 0x7}}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0xfff, 0x800}}, @IFLA_VLAN_QOS_MAPPING={0xc}]}, @IFLA_VLAN_EGRESS_QOS={0x4}]}}}, @IFLA_LINK={0x8, 0x5, r4}, @IFLA_MASTER={0x8, 0xa, r4}]}, 0x78}}, 0x0)

[  398.793147][   T17] usb 3-1: new high-speed USB device number 45 using dummy_hcd
[  398.813451][ T8236] usb 6-1: new high-speed USB device number 85 using dummy_hcd
20:58:25 executing program 1:
r0 = socket$inet6(0xa, 0x2, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
pipe(&(0x7f0000000100))
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket(0x1, 0x0, 0x0)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000540)=@newlink={0x78, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x48, 0x12, 0x0, 0x1, @vlan={{0x9, 0x1, 'vlan\x00'}, {0x38, 0x2, 0x0, 0x1, [@IFLA_VLAN_ID={0x6}, @IFLA_VLAN_INGRESS_QOS={0x28, 0x4, 0x0, 0x1, [@IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x0, 0x7}}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0xfff, 0x800}}, @IFLA_VLAN_QOS_MAPPING={0xc}]}, @IFLA_VLAN_EGRESS_QOS={0x4}]}}}, @IFLA_LINK={0x8, 0x5, r4}, @IFLA_MASTER={0x8, 0xa, r4}]}, 0x78}}, 0x0)

[  398.929662][   T27] audit: type=1804 audit(1597265905.905:83): pid=13497 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/186/bus" dev="sda1" ino=16363 res=1 errno=0
[  399.004882][   T27] audit: type=1804 audit(1597265905.985:84): pid=13500 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/186/bus" dev="sda1" ino=16363 res=1 errno=0
[  399.074930][ T8236] usb 6-1: Using ep0 maxpacket: 8
[  399.082791][   T17] usb 3-1: Using ep0 maxpacket: 16
[  399.120705][ T8236] usb 6-1: no configurations
[  399.126468][ T8236] usb 6-1: can't read configurations, error -22
[  399.138033][ T8236] usb usb6-port1: attempt power cycle
[  399.232843][   T17] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  399.243069][   T17] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  399.255752][   T17] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  399.266893][   T17] usb 3-1: config 1 interface 1 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[  399.472827][   T17] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  399.482130][   T17] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  399.491107][   T17] usb 3-1: Product: syz
[  399.495957][   T17] usb 3-1: Manufacturer: syz
[  399.500567][   T17] usb 3-1: SerialNumber: syz
[  399.852642][ T8236] usb 6-1: new high-speed USB device number 86 using dummy_hcd
[  399.942886][ T8236] usb 6-1: Using ep0 maxpacket: 8
[  399.982952][ T8236] usb 6-1: no configurations
[  399.988317][ T8236] usb 6-1: can't read configurations, error -22
[  400.002781][   T17] cdc_ncm 3-1:1.0: bind() failure
[  400.028681][   T17] cdc_ncm: probe of 3-1:1.1 failed with error -71
[  400.053390][   T17] cdc_mbim: probe of 3-1:1.1 failed with error -71
[  400.062998][   T17] usb 3-1: USB disconnect, device number 45
[  400.142626][ T8236] usb 6-1: new high-speed USB device number 87 using dummy_hcd
[  400.232966][ T8236] usb 6-1: Using ep0 maxpacket: 8
[  400.272721][ T8236] usb 6-1: no configurations
[  400.277564][ T8236] usb 6-1: can't read configurations, error -22
[  400.285309][ T8236] usb usb6-port1: unable to enumerate USB device
[  400.612643][ T1546] Bluetooth: hci6: Entering manufacturer mode failed (-110)
[  400.620892][ T8236] Bluetooth: hci6: command tx timeout
20:58:27 executing program 5:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r0, &(0x7f0000000280)={0x2, 0x4e23, @multicast1}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
syz_usb_connect(0x0, 0x2d, &(0x7f0000000000)=ANY=[@ANYBLOB="1201fe0009003c0800240042ef4200"], 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000040)='highspeed\x00', 0xa)
sendto$inet(r0, &(0x7f00000012c0)=' ', 0x1, 0x0, 0x0, 0x0)

20:58:27 executing program 0:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x0, 0x0)
r1 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r2, 0x2007fff)
sendfile(r0, r0, 0x0, 0x8080fffffffe)
r3 = socket(0x2, 0x803, 0xff)
connect$inet(r3, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r4 = dup(r3)
r5 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x8000fffffffe)
creat(&(0x7f0000000100)='./bus\x00', 0x0)

[  400.986018][   T27] audit: type=1804 audit(1597265907.965:85): pid=13527 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/187/bus" dev="sda1" ino=15857 res=1 errno=0
[  401.061315][   T27] audit: type=1804 audit(1597265908.035:86): pid=13528 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/187/bus" dev="sda1" ino=15857 res=1 errno=0
[  401.432537][ T8808] usb 6-1: new high-speed USB device number 88 using dummy_hcd
20:58:28 executing program 4:
perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
timer_create(0x0, &(0x7f0000000040)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=<r0=>0x0)
timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
syz_open_procfs(0x0, &(0x7f0000000100)='net/packet\x00')
poll(0x0, 0x0, 0x204)
syz_genetlink_get_family_id$ipvs(0x0)
pipe(&(0x7f0000000140)={<r1=>0xffffffffffffffff})
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

20:58:28 executing program 1:
r0 = socket$inet6(0xa, 0x2, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
pipe(&(0x7f0000000100))
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket(0x1, 0x0, 0x0)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000540)=@newlink={0x78, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x48, 0x12, 0x0, 0x1, @vlan={{0x9, 0x1, 'vlan\x00'}, {0x38, 0x2, 0x0, 0x1, [@IFLA_VLAN_ID={0x6}, @IFLA_VLAN_INGRESS_QOS={0x28, 0x4, 0x0, 0x1, [@IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x0, 0x7}}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0xfff, 0x800}}, @IFLA_VLAN_QOS_MAPPING={0xc}]}, @IFLA_VLAN_EGRESS_QOS={0x4}]}}}, @IFLA_LINK={0x8, 0x5, r4}, @IFLA_MASTER={0x8, 0xa, r4}]}, 0x78}}, 0x0)

20:58:28 executing program 2:
r0 = syz_usb_connect$cdc_ncm(0x0, 0x6e, &(0x7f00000000c0)=ANY=[@ANYBLOB="12010000020000102505a1a440000102030109025c0002010000000904000001020d0000052406000105240000000d240f0100000000000000000006241a0000000905810300000000000904010000020d00000904010102020d00"], 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = dup(r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)

20:58:28 executing program 3:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r1, 0x400455c8, 0x9)
dup2(r0, r1)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
r2 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
syz_usb_connect(0x0, 0x0, 0x0, 0x0)

20:58:28 executing program 0:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0)
r1 = getpgid(0x0)
perf_event_open(0x0, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r2, 0x2007fff)
sendfile(r0, r0, 0x0, 0x8080fffffffe)
r3 = socket(0x2, 0x803, 0xff)
connect$inet(r3, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r4 = dup(r3)
r5 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x8000fffffffe)
creat(&(0x7f0000000100)='./bus\x00', 0x0)

20:58:28 executing program 1:
r0 = socket$inet6(0xa, 0x2, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
pipe(&(0x7f0000000100))
r2 = socket$nl_route(0x10, 0x3, 0x0)
socket(0x1, 0x803, 0x0)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000540)=@newlink={0x78, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x48, 0x12, 0x0, 0x1, @vlan={{0x9, 0x1, 'vlan\x00'}, {0x38, 0x2, 0x0, 0x1, [@IFLA_VLAN_ID={0x6}, @IFLA_VLAN_INGRESS_QOS={0x28, 0x4, 0x0, 0x1, [@IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x0, 0x7}}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0xfff, 0x800}}, @IFLA_VLAN_QOS_MAPPING={0xc}]}, @IFLA_VLAN_EGRESS_QOS={0x4}]}}}, @IFLA_LINK={0x8, 0x5, r3}, @IFLA_MASTER={0x8, 0xa, r3}]}, 0x78}}, 0x0)

[  401.672576][ T8808] usb 6-1: Using ep0 maxpacket: 8
[  401.701070][   T27] audit: type=1804 audit(1597265908.675:87): pid=13546 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/188/bus" dev="sda1" ino=16034 res=1 errno=0
[  401.712779][ T8808] usb 6-1: no configurations
[  401.763177][ T8808] usb 6-1: can't read configurations, error -22
20:58:28 executing program 1:
r0 = socket$inet6(0xa, 0x2, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
pipe(&(0x7f0000000100))
r2 = socket$nl_route(0x10, 0x3, 0x0)
socket(0x1, 0x803, 0x0)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000540)=@newlink={0x78, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x48, 0x12, 0x0, 0x1, @vlan={{0x9, 0x1, 'vlan\x00'}, {0x38, 0x2, 0x0, 0x1, [@IFLA_VLAN_ID={0x6}, @IFLA_VLAN_INGRESS_QOS={0x28, 0x4, 0x0, 0x1, [@IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x0, 0x7}}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0xfff, 0x800}}, @IFLA_VLAN_QOS_MAPPING={0xc}]}, @IFLA_VLAN_EGRESS_QOS={0x4}]}}}, @IFLA_LINK={0x8, 0x5, r3}, @IFLA_MASTER={0x8, 0xa, r3}]}, 0x78}}, 0x0)

20:58:28 executing program 0:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0)
r1 = getpgid(0x0)
perf_event_open(0x0, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r2, 0x2007fff)
sendfile(r0, r0, 0x0, 0x8080fffffffe)
r3 = socket(0x2, 0x803, 0xff)
connect$inet(r3, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r4 = dup(r3)
r5 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x8000fffffffe)
creat(&(0x7f0000000100)='./bus\x00', 0x0)

[  401.821283][   T27] audit: type=1804 audit(1597265908.745:88): pid=13550 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/188/bus" dev="sda1" ino=16034 res=1 errno=0
[  401.822624][ T8236] usb 3-1: new high-speed USB device number 46 using dummy_hcd
20:58:28 executing program 1:
r0 = socket$inet6(0xa, 0x2, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
pipe(&(0x7f0000000100))
r2 = socket$nl_route(0x10, 0x3, 0x0)
socket(0x1, 0x803, 0x0)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000540)=@newlink={0x78, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x48, 0x12, 0x0, 0x1, @vlan={{0x9, 0x1, 'vlan\x00'}, {0x38, 0x2, 0x0, 0x1, [@IFLA_VLAN_ID={0x6}, @IFLA_VLAN_INGRESS_QOS={0x28, 0x4, 0x0, 0x1, [@IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x0, 0x7}}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0xfff, 0x800}}, @IFLA_VLAN_QOS_MAPPING={0xc}]}, @IFLA_VLAN_EGRESS_QOS={0x4}]}}}, @IFLA_LINK={0x8, 0x5, r3}, @IFLA_MASTER={0x8, 0xa, r3}]}, 0x78}}, 0x0)

20:58:28 executing program 1:
r0 = socket$inet6(0xa, 0x2, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
pipe(&(0x7f0000000100))
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket(0x1, 0x803, 0x0)
getsockname$packet(r3, 0x0, &(0x7f00000002c0))
sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000540)=@newlink={0x78, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x48, 0x12, 0x0, 0x1, @vlan={{0x9, 0x1, 'vlan\x00'}, {0x38, 0x2, 0x0, 0x1, [@IFLA_VLAN_ID={0x6}, @IFLA_VLAN_INGRESS_QOS={0x28, 0x4, 0x0, 0x1, [@IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x0, 0x7}}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0xfff, 0x800}}, @IFLA_VLAN_QOS_MAPPING={0xc}]}, @IFLA_VLAN_EGRESS_QOS={0x4}]}}}, @IFLA_LINK={0x8}, @IFLA_MASTER={0x8}]}, 0x78}}, 0x0)

[  401.954812][ T8808] usb 6-1: new high-speed USB device number 89 using dummy_hcd
[  402.043528][   T27] audit: type=1804 audit(1597265909.015:89): pid=13563 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/189/bus" dev="sda1" ino=15745 res=1 errno=0
[  402.102938][   T27] audit: type=1804 audit(1597265909.075:90): pid=13564 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/189/bus" dev="sda1" ino=15745 res=1 errno=0
[  402.133402][ T8236] usb 3-1: Using ep0 maxpacket: 16
[  402.202636][ T8808] usb 6-1: Using ep0 maxpacket: 8
[  402.246999][ T8808] usb 6-1: no configurations
[  402.251744][ T8808] usb 6-1: can't read configurations, error -22
[  402.258496][ T8808] usb usb6-port1: attempt power cycle
[  402.272695][ T8236] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  402.283059][ T8236] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  402.294047][ T8236] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  402.303868][ T8236] usb 3-1: config 1 interface 1 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[  402.507197][ T8236] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  402.522449][ T8236] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  402.530648][ T8236] usb 3-1: Product: syz
[  402.535252][ T8236] usb 3-1: Manufacturer: syz
[  402.539848][ T8236] usb 3-1: SerialNumber: syz
[  402.972439][ T8808] usb 6-1: new high-speed USB device number 90 using dummy_hcd
[  403.042705][ T8236] cdc_ncm 3-1:1.0: bind() failure
[  403.062849][ T8808] usb 6-1: Using ep0 maxpacket: 8
[  403.069179][ T8236] cdc_ncm: probe of 3-1:1.1 failed with error -71
[  403.096884][ T8236] cdc_mbim: probe of 3-1:1.1 failed with error -71
[  403.102653][ T8808] usb 6-1: no configurations
[  403.105562][ T8236] usb 3-1: USB disconnect, device number 46
[  403.108057][ T8808] usb 6-1: can't read configurations, error -22
[  403.272426][ T8808] usb 6-1: new high-speed USB device number 91 using dummy_hcd
[  403.363568][ T8808] usb 6-1: Using ep0 maxpacket: 8
[  403.402752][ T8808] usb 6-1: no configurations
[  403.407398][ T8808] usb 6-1: can't read configurations, error -22
[  403.418397][ T8808] usb usb6-port1: unable to enumerate USB device
[  403.652435][ T2545] Bluetooth: hci6: command 0xfc11 tx timeout
[  403.658595][ T1546] Bluetooth: hci6: Entering manufacturer mode failed (-110)
20:58:30 executing program 5:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r0, &(0x7f0000000280)={0x2, 0x4e23, @multicast1}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
syz_usb_connect(0x0, 0x2d, &(0x7f0000000000)=ANY=[@ANYBLOB="1201fe0009003c0800240042ef4200000001"], 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000040)='highspeed\x00', 0xa)
sendto$inet(r0, &(0x7f00000012c0)=' ', 0x1, 0x0, 0x0, 0x0)

20:58:30 executing program 1:
r0 = socket$inet6(0xa, 0x2, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
pipe(&(0x7f0000000100))
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket(0x1, 0x803, 0x0)
getsockname$packet(r3, 0x0, &(0x7f00000002c0))
sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000540)=@newlink={0x78, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x48, 0x12, 0x0, 0x1, @vlan={{0x9, 0x1, 'vlan\x00'}, {0x38, 0x2, 0x0, 0x1, [@IFLA_VLAN_ID={0x6}, @IFLA_VLAN_INGRESS_QOS={0x28, 0x4, 0x0, 0x1, [@IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x0, 0x7}}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0xfff, 0x800}}, @IFLA_VLAN_QOS_MAPPING={0xc}]}, @IFLA_VLAN_EGRESS_QOS={0x4}]}}}, @IFLA_LINK={0x8}, @IFLA_MASTER={0x8}]}, 0x78}}, 0x0)

20:58:30 executing program 0:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0)
r1 = getpgid(0x0)
perf_event_open(0x0, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r2, 0x2007fff)
sendfile(r0, r0, 0x0, 0x8080fffffffe)
r3 = socket(0x2, 0x803, 0xff)
connect$inet(r3, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r4 = dup(r3)
r5 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x8000fffffffe)
creat(&(0x7f0000000100)='./bus\x00', 0x0)

20:58:30 executing program 4:
perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
timer_create(0x0, &(0x7f0000000040)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=<r0=>0x0)
timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
syz_open_procfs(0x0, &(0x7f0000000100)='net/packet\x00')
poll(0x0, 0x0, 0x204)
syz_genetlink_get_family_id$ipvs(0x0)
pipe(&(0x7f0000000140)={<r1=>0xffffffffffffffff})
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

20:58:30 executing program 2:
r0 = syz_usb_connect$cdc_ncm(0x0, 0x6e, &(0x7f00000000c0)=ANY=[@ANYBLOB="12010000020000102505a1a440000102030109025c0002010000000904000001020d0000052406000105240000000d240f0100000000000000000006241a0000000905810300000000000904010000020d00000904010102020d00000905"], 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = dup(r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)

[  404.050792][   T27] audit: type=1804 audit(1597265911.025:91): pid=13600 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/190/bus" dev="sda1" ino=15857 res=1 errno=0
20:58:31 executing program 3:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r1, 0x400455c8, 0x9)
dup2(r0, r1)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
r2 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
syz_usb_connect(0x0, 0x0, 0x0, 0x0)

20:58:31 executing program 1:
r0 = socket$inet6(0xa, 0x2, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
pipe(&(0x7f0000000100))
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket(0x1, 0x803, 0x0)
getsockname$packet(r3, 0x0, &(0x7f00000002c0))
sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000540)=@newlink={0x78, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x48, 0x12, 0x0, 0x1, @vlan={{0x9, 0x1, 'vlan\x00'}, {0x38, 0x2, 0x0, 0x1, [@IFLA_VLAN_ID={0x6}, @IFLA_VLAN_INGRESS_QOS={0x28, 0x4, 0x0, 0x1, [@IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x0, 0x7}}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0xfff, 0x800}}, @IFLA_VLAN_QOS_MAPPING={0xc}]}, @IFLA_VLAN_EGRESS_QOS={0x4}]}}}, @IFLA_LINK={0x8}, @IFLA_MASTER={0x8}]}, 0x78}}, 0x0)

20:58:31 executing program 0:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0)
r1 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r2, 0x2007fff)
sendfile(r0, r0, 0x0, 0x8080fffffffe)
r3 = socket(0x2, 0x803, 0xff)
connect$inet(r3, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r4 = dup(r3)
r5 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x8000fffffffe)
creat(&(0x7f0000000100)='./bus\x00', 0x0)

[  404.156941][   T27] audit: type=1804 audit(1597265911.135:92): pid=13602 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/190/bus" dev="sda1" ino=15857 res=1 errno=0
20:58:31 executing program 1:
r0 = socket$inet6(0xa, 0x2, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
pipe(&(0x7f0000000100))
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket(0x1, 0x803, 0x0)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000540)=@newlink={0x78, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x48, 0x12, 0x0, 0x1, @vlan={{0x9, 0x1, 'vlan\x00'}, {0x38, 0x2, 0x0, 0x1, [@IFLA_VLAN_ID={0x6}, @IFLA_VLAN_INGRESS_QOS={0x28, 0x4, 0x0, 0x1, [@IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x0, 0x7}}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0xfff, 0x800}}, @IFLA_VLAN_QOS_MAPPING={0xc}]}, @IFLA_VLAN_EGRESS_QOS={0x4}]}}}, @IFLA_LINK={0x8, 0x5, r4}, @IFLA_MASTER={0x8, 0xa, r4}]}, 0x78}}, 0x0)

[  404.252524][ T8808] usb 3-1: new high-speed USB device number 47 using dummy_hcd
[  404.332401][   T58] Bluetooth: hci6: Frame reassembly failed (-84)
[  404.355487][   T27] audit: type=1804 audit(1597265911.335:93): pid=13613 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/191/bus" dev="sda1" ino=15985 res=1 errno=0
20:58:31 executing program 1:
r0 = socket$inet6(0xa, 0x2, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
pipe(&(0x7f0000000100))
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket(0x1, 0x803, 0x0)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000540)=@newlink={0x78, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x48, 0x12, 0x0, 0x1, @vlan={{0x9, 0x1, 'vlan\x00'}, {0x38, 0x2, 0x0, 0x1, [@IFLA_VLAN_ID={0x6}, @IFLA_VLAN_INGRESS_QOS={0x28, 0x4, 0x0, 0x1, [@IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x0, 0x7}}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0xfff, 0x800}}, @IFLA_VLAN_QOS_MAPPING={0xc}]}, @IFLA_VLAN_EGRESS_QOS={0x4}]}}}, @IFLA_LINK={0x8, 0x5, r4}, @IFLA_MASTER={0x8, 0xa, r4}]}, 0x78}}, 0x0)

[  404.422500][   T17] usb 6-1: new high-speed USB device number 92 using dummy_hcd
[  404.439102][   T27] audit: type=1804 audit(1597265911.415:94): pid=13616 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/191/bus" dev="sda1" ino=15985 res=1 errno=0
20:58:31 executing program 0:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0)
r1 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r2, 0x2007fff)
sendfile(r0, r0, 0x0, 0x8080fffffffe)
r3 = socket(0x2, 0x803, 0xff)
connect$inet(r3, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r4 = dup(r3)
r5 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x8000fffffffe)
creat(&(0x7f0000000100)='./bus\x00', 0x0)

[  404.512468][ T8808] usb 3-1: Using ep0 maxpacket: 16
20:58:31 executing program 1:
r0 = socket$inet6(0xa, 0x2, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
pipe(&(0x7f0000000100))
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket(0x1, 0x803, 0x0)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000540)=@newlink={0x78, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x48, 0x12, 0x0, 0x1, @vlan={{0x9, 0x1, 'vlan\x00'}, {0x38, 0x2, 0x0, 0x1, [@IFLA_VLAN_ID={0x6}, @IFLA_VLAN_INGRESS_QOS={0x28, 0x4, 0x0, 0x1, [@IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x0, 0x7}}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0xfff, 0x800}}, @IFLA_VLAN_QOS_MAPPING={0xc}]}, @IFLA_VLAN_EGRESS_QOS={0x4}]}}}, @IFLA_LINK={0x8, 0x5, r4}, @IFLA_MASTER={0x8, 0xa, r4}]}, 0x78}}, 0x0)

[  404.632986][ T8808] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  404.645517][ T8808] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  404.663553][ T8808] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  404.676866][   T27] audit: type=1804 audit(1597265911.655:95): pid=13626 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/192/bus" dev="sda1" ino=15860 res=1 errno=0
[  404.700873][   T17] usb 6-1: Using ep0 maxpacket: 8
[  404.706631][ T8808] usb 3-1: config 1 interface 1 altsetting 1 has an invalid endpoint with address 0x0, skipping
[  404.717830][ T8808] usb 3-1: config 1 interface 1 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  404.732644][   T27] audit: type=1804 audit(1597265911.715:96): pid=13627 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/192/bus" dev="sda1" ino=15860 res=1 errno=0
[  404.872772][   T17] usb 6-1: unable to read config index 0 descriptor/start: -61
[  404.880383][   T17] usb 6-1: can't read configurations, error -61
[  404.922488][ T8808] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  404.931630][ T8808] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  404.940734][ T8808] usb 3-1: Product: syz
[  404.946009][ T8808] usb 3-1: Manufacturer: syz
[  404.950617][ T8808] usb 3-1: SerialNumber: syz
[  405.032380][   T17] usb 6-1: new high-speed USB device number 93 using dummy_hcd
[  405.282424][   T17] usb 6-1: Using ep0 maxpacket: 8
[  405.472761][ T8808] cdc_ncm 3-1:1.0: bind() failure
[  405.499595][ T8808] cdc_ncm: probe of 3-1:1.1 failed with error -71
[  405.506186][   T17] usb 6-1: unable to read config index 0 descriptor/start: -61
[  405.514233][   T17] usb 6-1: can't read configurations, error -61
[  405.520654][   T17] usb usb6-port1: attempt power cycle
[  405.542469][ T8808] cdc_mbim: probe of 3-1:1.1 failed with error -71
[  405.550743][ T8808] usb 3-1: USB disconnect, device number 47
[  406.242369][   T17] usb 6-1: new high-speed USB device number 94 using dummy_hcd
[  406.352459][   T17] usb 6-1: Using ep0 maxpacket: 8
[  406.372309][ T1546] Bluetooth: hci6: Entering manufacturer mode failed (-110)
[  406.572479][   T17] usb 6-1: unable to read config index 0 descriptor/start: -61
[  406.580077][   T17] usb 6-1: can't read configurations, error -61
[  406.742255][   T17] usb 6-1: new high-speed USB device number 95 using dummy_hcd
[  406.842833][   T17] usb 6-1: Using ep0 maxpacket: 8
20:58:33 executing program 5:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r0, &(0x7f0000000280)={0x2, 0x4e23, @multicast1}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
syz_usb_connect(0x0, 0x2d, &(0x7f0000000000)=ANY=[@ANYBLOB="1201fe0009003c0800240042ef4200000001"], 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000040)='highspeed\x00', 0xa)
sendto$inet(r0, &(0x7f00000012c0)=' ', 0x1, 0x0, 0x0, 0x0)

20:58:33 executing program 1:
r0 = socket$inet6(0xa, 0x2, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
pipe(&(0x7f0000000100))
socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x1, 0x803, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000540)=@newlink={0x78, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x48, 0x12, 0x0, 0x1, @vlan={{0x9, 0x1, 'vlan\x00'}, {0x38, 0x2, 0x0, 0x1, [@IFLA_VLAN_ID={0x6}, @IFLA_VLAN_INGRESS_QOS={0x28, 0x4, 0x0, 0x1, [@IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x0, 0x7}}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0xfff, 0x800}}, @IFLA_VLAN_QOS_MAPPING={0xc}]}, @IFLA_VLAN_EGRESS_QOS={0x4}]}}}, @IFLA_LINK={0x8, 0x5, r3}, @IFLA_MASTER={0x8, 0xa, r3}]}, 0x78}}, 0x0)

20:58:33 executing program 0:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0)
r1 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r2, 0x2007fff)
sendfile(r0, r0, 0x0, 0x8080fffffffe)
r3 = socket(0x2, 0x803, 0xff)
connect$inet(r3, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r4 = dup(r3)
r5 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x8000fffffffe)
creat(&(0x7f0000000100)='./bus\x00', 0x0)

20:58:33 executing program 4:
perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
timer_create(0x0, &(0x7f0000000040)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=<r0=>0x0)
timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
syz_open_procfs(0x0, &(0x7f0000000100)='net/packet\x00')
poll(0x0, 0x0, 0x204)
syz_genetlink_get_family_id$ipvs(0x0)
pipe(&(0x7f0000000140)={<r1=>0xffffffffffffffff})
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

20:58:33 executing program 2:
r0 = syz_usb_connect$cdc_ncm(0x0, 0x6e, &(0x7f00000000c0)=ANY=[@ANYBLOB="12010000020000102505a1a440000102030109025c0002010000000904000001020d0000052406000105240000000d240f0100000000000000000006241a0000000905810300000000000904010000020d00000904010102020d00000905"], 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = dup(r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)

20:58:33 executing program 3:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r1, 0x400455c8, 0x9)
dup2(r0, r1)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
r2 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
syz_usb_connect(0x0, 0x0, 0x0, 0x0)

[  407.003890][   T17] usb 6-1: unable to read config index 0 descriptor/start: -71
[  407.011497][   T17] usb 6-1: can't read configurations, error -71
[  407.057207][   T17] usb usb6-port1: unable to enumerate USB device
[  407.150213][   T27] audit: type=1804 audit(1597265914.125:97): pid=13669 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/193/bus" dev="sda1" ino=16372 res=1 errno=0
20:58:34 executing program 1:
r0 = socket$inet6(0xa, 0x2, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
pipe(&(0x7f0000000100))
socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x1, 0x803, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000540)=@newlink={0x78, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x48, 0x12, 0x0, 0x1, @vlan={{0x9, 0x1, 'vlan\x00'}, {0x38, 0x2, 0x0, 0x1, [@IFLA_VLAN_ID={0x6}, @IFLA_VLAN_INGRESS_QOS={0x28, 0x4, 0x0, 0x1, [@IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x0, 0x7}}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0xfff, 0x800}}, @IFLA_VLAN_QOS_MAPPING={0xc}]}, @IFLA_VLAN_EGRESS_QOS={0x4}]}}}, @IFLA_LINK={0x8, 0x5, r3}, @IFLA_MASTER={0x8, 0xa, r3}]}, 0x78}}, 0x0)

20:58:34 executing program 0:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0)
r1 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r2, 0x2007fff)
sendfile(r0, r0, 0x0, 0x8080fffffffe)
r3 = socket(0x2, 0x803, 0xff)
connect$inet(r3, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r4 = dup(r3)
r5 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x8000fffffffe)
creat(&(0x7f0000000100)='./bus\x00', 0x0)

[  407.291932][   T27] audit: type=1804 audit(1597265914.225:98): pid=13675 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/193/bus" dev="sda1" ino=16372 res=1 errno=0
20:58:34 executing program 1:
r0 = socket$inet6(0xa, 0x2, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
pipe(&(0x7f0000000100))
socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x1, 0x803, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000540)=@newlink={0x78, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x48, 0x12, 0x0, 0x1, @vlan={{0x9, 0x1, 'vlan\x00'}, {0x38, 0x2, 0x0, 0x1, [@IFLA_VLAN_ID={0x6}, @IFLA_VLAN_INGRESS_QOS={0x28, 0x4, 0x0, 0x1, [@IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x0, 0x7}}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0xfff, 0x800}}, @IFLA_VLAN_QOS_MAPPING={0xc}]}, @IFLA_VLAN_EGRESS_QOS={0x4}]}}}, @IFLA_LINK={0x8, 0x5, r3}, @IFLA_MASTER={0x8, 0xa, r3}]}, 0x78}}, 0x0)

20:58:34 executing program 1:
r0 = socket$inet6(0xa, 0x2, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
pipe(&(0x7f0000000100))
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket(0x1, 0x803, 0x0)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r2, 0x0, 0x0)

[  407.362418][ T8237] usb 3-1: new high-speed USB device number 48 using dummy_hcd
20:58:34 executing program 1:
r0 = socket$inet6(0xa, 0x2, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
pipe(&(0x7f0000000100))
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket(0x1, 0x803, 0x0)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r2, 0x0, 0x0)

[  407.440333][   T27] audit: type=1804 audit(1597265914.415:99): pid=13682 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/194/bus" dev="sda1" ino=16383 res=1 errno=0
20:58:34 executing program 1:
r0 = socket$inet6(0xa, 0x2, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
pipe(&(0x7f0000000100))
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket(0x1, 0x803, 0x0)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r2, 0x0, 0x0)

[  407.521937][   T27] audit: type=1804 audit(1597265914.495:100): pid=13685 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/194/bus" dev="sda1" ino=16383 res=1 errno=0
[  407.632323][ T8237] usb 3-1: Using ep0 maxpacket: 16
[  407.637623][   T17] usb 6-1: new high-speed USB device number 96 using dummy_hcd
[  407.772451][ T8237] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  407.782729][ T8237] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  407.794834][ T8237] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  407.805492][ T8237] usb 3-1: config 1 interface 1 altsetting 1 has an invalid endpoint with address 0x0, skipping
[  407.816793][ T8237] usb 3-1: config 1 interface 1 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  407.892619][   T17] usb 6-1: Using ep0 maxpacket: 8
[  408.032594][ T8237] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  408.041655][ T8237] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  408.050678][ T8237] usb 3-1: Product: syz
[  408.055501][ T8237] usb 3-1: Manufacturer: syz
[  408.060107][ T8237] usb 3-1: SerialNumber: syz
[  408.113634][   T17] usb 6-1: unable to read config index 0 descriptor/start: -61
[  408.121240][   T17] usb 6-1: can't read configurations, error -61
[  408.282155][   T17] usb 6-1: new high-speed USB device number 97 using dummy_hcd
[  408.542122][   T17] usb 6-1: Using ep0 maxpacket: 8
[  408.582289][ T8237] cdc_ncm 3-1:1.0: bind() failure
[  408.602609][ T8237] cdc_ncm: probe of 3-1:1.1 failed with error -71
[  408.632708][ T8237] cdc_mbim: probe of 3-1:1.1 failed with error -71
[  408.641620][ T8237] usb 3-1: USB disconnect, device number 48
[  408.722323][   T17] usb 6-1: unable to read config index 0 descriptor/start: -61
[  408.730126][   T17] usb 6-1: can't read configurations, error -61
[  408.737784][   T17] usb usb6-port1: attempt power cycle
[  409.172258][ T1546] Bluetooth: hci6: Entering manufacturer mode failed (-110)
[  409.172345][ T8237] Bluetooth: hci6: command 0xfc11 tx timeout
[  409.472089][   T17] usb 6-1: new high-speed USB device number 98 using dummy_hcd
[  409.562134][   T17] usb 6-1: Using ep0 maxpacket: 8
[  409.732441][   T17] usb 6-1: unable to read config index 0 descriptor/start: -61
[  409.746756][   T17] usb 6-1: can't read configurations, error -61
[  409.902034][   T17] usb 6-1: new high-speed USB device number 99 using dummy_hcd
[  409.992313][   T17] usb 6-1: Using ep0 maxpacket: 8
20:58:37 executing program 5:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r0, &(0x7f0000000280)={0x2, 0x4e23, @multicast1}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
syz_usb_connect(0x0, 0x2d, &(0x7f0000000000)=ANY=[@ANYBLOB="1201fe0009003c0800240042ef4200000001"], 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000040)='highspeed\x00', 0xa)
sendto$inet(r0, &(0x7f00000012c0)=' ', 0x1, 0x0, 0x0, 0x0)

20:58:37 executing program 0:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0)
r1 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r2, 0x2007fff)
sendfile(r0, r0, 0x0, 0x8080fffffffe)
r3 = socket(0x2, 0x803, 0xff)
connect$inet(r3, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r4 = dup(r3)
r5 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x8000fffffffe)
creat(&(0x7f0000000100)='./bus\x00', 0x0)

20:58:37 executing program 1:
r0 = socket$inet6(0xa, 0x2, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
pipe(&(0x7f0000000100))
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket(0x1, 0x803, 0x0)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)

20:58:37 executing program 4:
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
timer_create(0x0, &(0x7f0000000040)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=<r0=>0x0)
timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
syz_open_procfs(0x0, &(0x7f0000000100)='net/packet\x00')
poll(0x0, 0x0, 0x204)
syz_genetlink_get_family_id$ipvs(0x0)
pipe(&(0x7f0000000140)={<r1=>0xffffffffffffffff})
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

20:58:37 executing program 2:
r0 = syz_usb_connect$cdc_ncm(0x0, 0x6e, &(0x7f00000000c0)=ANY=[@ANYBLOB="12010000020000102505a1a440000102030109025c0002010000000904000001020d0000052406000105240000000d240f0100000000000000000006241a0000000905810300000000000904010000020d00000904010102020d00000905"], 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = dup(r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)

20:58:37 executing program 3:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r1, 0x400455c8, 0x9)
dup2(r0, r1)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000008c0)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = fcntl$dupfd(0xffffffffffffffff, 0x0, r2)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
syz_usb_connect(0x0, 0x0, 0x0, 0x0)

[  410.132125][   T17] usb 6-1: unable to read config index 0 descriptor/start: -71
[  410.149227][   T17] usb 6-1: can't read configurations, error -71
20:58:37 executing program 1:
r0 = socket$inet6(0xa, 0x2, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
pipe(&(0x7f0000000100))
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket(0x1, 0x803, 0x0)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)

[  410.190259][   T17] usb usb6-port1: unable to enumerate USB device
[  410.270639][   T27] audit: type=1804 audit(1597265917.246:101): pid=13734 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/195/bus" dev="sda1" ino=16367 res=1 errno=0
20:58:37 executing program 1:
r0 = socket$inet6(0xa, 0x2, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
pipe(&(0x7f0000000100))
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket(0x1, 0x803, 0x0)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)

20:58:37 executing program 0:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0)
r1 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r2, 0x2007fff)
sendfile(r0, r0, 0x0, 0x8080fffffffe)
r3 = socket(0x2, 0x803, 0xff)
connect$inet(r3, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r4 = dup(r3)
r5 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x8000fffffffe)
creat(&(0x7f0000000100)='./bus\x00', 0x0)

[  410.351275][   T27] audit: type=1804 audit(1597265917.326:102): pid=13736 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/195/bus" dev="sda1" ino=16367 res=1 errno=0
20:58:37 executing program 1:
r0 = socket$inet6(0xa, 0x2, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
pipe(&(0x7f0000000100))
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket(0x1, 0x803, 0x0)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={0x0}}, 0x0)

20:58:37 executing program 1:
r0 = socket$inet6(0xa, 0x2, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
pipe(&(0x7f0000000100))
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket(0x1, 0x803, 0x0)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={0x0}}, 0x0)

20:58:37 executing program 1:
r0 = socket$inet6(0xa, 0x2, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
pipe(&(0x7f0000000100))
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket(0x1, 0x803, 0x0)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={0x0}}, 0x0)

[  410.492129][ T8237] usb 3-1: new high-speed USB device number 49 using dummy_hcd
[  410.561388][   T27] audit: type=1804 audit(1597265917.536:103): pid=13746 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/196/bus" dev="sda1" ino=16383 res=1 errno=0
[  410.612058][   T17] usb 6-1: new high-speed USB device number 100 using dummy_hcd
[  410.636835][   T27] audit: type=1804 audit(1597265917.616:104): pid=13749 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/196/bus" dev="sda1" ino=16383 res=1 errno=0
[  410.742046][ T8237] usb 3-1: Using ep0 maxpacket: 16
[  410.852754][   T17] usb 6-1: Using ep0 maxpacket: 8
[  410.862114][ T8237] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  410.872600][ T8237] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  410.884488][ T8237] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  410.896446][ T8237] usb 3-1: config 1 interface 1 altsetting 1 has an invalid endpoint with address 0x0, skipping
[  410.907664][ T8237] usb 3-1: config 1 interface 1 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  410.934056][    T0] NOHZ: local_softirq_pending 08
[  410.939039][    T0] NOHZ: local_softirq_pending 08
[  411.012191][   T17] usb 6-1: unable to read config index 0 descriptor/start: -61
[  411.019924][   T17] usb 6-1: can't read configurations, error -61
[  411.072066][ T8237] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  411.081127][ T8237] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  411.093822][ T8237] usb 3-1: Product: syz
[  411.097996][ T8237] usb 3-1: Manufacturer: syz
[  411.105024][ T8237] usb 3-1: SerialNumber: syz
[  411.172143][   T17] usb 6-1: new high-speed USB device number 101 using dummy_hcd
[  411.412045][   T17] usb 6-1: Using ep0 maxpacket: 8
[  411.572095][   T17] usb 6-1: unable to read config index 0 descriptor/start: -61
[  411.579333][    T0] NOHZ: local_softirq_pending 08
[  411.583938][   T17] usb 6-1: can't read configurations, error -61
[  411.592300][   T17] usb usb6-port1: attempt power cycle
[  411.617793][ T8237] cdc_ncm 3-1:1.0: bind() failure
[  411.642063][ T8237] cdc_ncm: probe of 3-1:1.1 failed with error -71
[  411.662241][ T8237] cdc_mbim: probe of 3-1:1.1 failed with error -71
[  411.670365][ T8237] usb 3-1: USB disconnect, device number 49
[  412.211935][ T1546] Bluetooth: hci6: Entering manufacturer mode failed (-110)
[  412.211956][ T8237] Bluetooth: hci6: command 0xfc11 tx timeout
[  412.311886][   T17] usb 6-1: new high-speed USB device number 102 using dummy_hcd
[  412.422068][   T17] usb 6-1: Using ep0 maxpacket: 8
[  412.592101][   T17] usb 6-1: unable to read config index 0 descriptor/start: -61
[  412.599688][   T17] usb 6-1: can't read configurations, error -61
[  412.751940][   T17] usb 6-1: new high-speed USB device number 103 using dummy_hcd
[  412.862233][   T17] usb 6-1: Using ep0 maxpacket: 8
[  413.032093][   T17] usb 6-1: unable to read config index 0 descriptor/start: -61
[  413.039767][   T17] usb 6-1: can't read configurations, error -61
[  413.050343][   T17] usb usb6-port1: unable to enumerate USB device
20:58:40 executing program 5:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r0, &(0x7f0000000280)={0x2, 0x4e23, @multicast1}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
syz_usb_connect(0x0, 0x2d, &(0x7f0000000000)=ANY=[@ANYBLOB="1201fe0009003c0800240042ef420000000109"], 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000040)='highspeed\x00', 0xa)
sendto$inet(r0, &(0x7f00000012c0)=' ', 0x1, 0x0, 0x0, 0x0)

20:58:40 executing program 4:
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
timer_create(0x0, &(0x7f0000000040)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=<r0=>0x0)
timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
syz_open_procfs(0x0, &(0x7f0000000100)='net/packet\x00')
poll(0x0, 0x0, 0x204)
syz_genetlink_get_family_id$ipvs(0x0)
pipe(&(0x7f0000000140)={<r1=>0xffffffffffffffff})
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

20:58:40 executing program 1:
r0 = socket$inet6(0xa, 0x2, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
pipe(&(0x7f0000000100))
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket(0x1, 0x803, 0x0)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000540)=@newlink={0x78, 0x10, 0x0, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x48, 0x12, 0x0, 0x1, @vlan={{0x9, 0x1, 'vlan\x00'}, {0x38, 0x2, 0x0, 0x1, [@IFLA_VLAN_ID={0x6}, @IFLA_VLAN_INGRESS_QOS={0x28, 0x4, 0x0, 0x1, [@IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x0, 0x7}}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0xfff, 0x800}}, @IFLA_VLAN_QOS_MAPPING={0xc}]}, @IFLA_VLAN_EGRESS_QOS={0x4}]}}}, @IFLA_LINK={0x8, 0x5, r4}, @IFLA_MASTER={0x8, 0xa, r4}]}, 0x78}}, 0x0)

20:58:40 executing program 0:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0)
r1 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r2, 0x2007fff)
sendfile(r0, r0, 0x0, 0x8080fffffffe)
r3 = socket(0x2, 0x803, 0xff)
connect$inet(r3, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r4 = dup(r3)
r5 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x8000fffffffe)
creat(&(0x7f0000000100)='./bus\x00', 0x0)

20:58:40 executing program 2:
r0 = syz_usb_connect$cdc_ncm(0x0, 0x6e, &(0x7f00000000c0)=ANY=[@ANYBLOB="12010000020000102505a1a440000102030109025c0002010000000904000001020d0000052406000105240000000d240f0100000000000000000006241a0000000905810300000000000904010000020d00000904010102020d000009058202"], 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = dup(r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)

20:58:40 executing program 3:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r1, 0x400455c8, 0x9)
dup2(r0, r1)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000008c0)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = fcntl$dupfd(0xffffffffffffffff, 0x0, r2)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
syz_usb_connect(0x0, 0x0, 0x0, 0x0)

20:58:40 executing program 1:
r0 = socket$inet6(0xa, 0x2, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
pipe(&(0x7f0000000100))
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket(0x1, 0x803, 0x0)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000540)=@newlink={0x78, 0x10, 0x0, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x48, 0x12, 0x0, 0x1, @vlan={{0x9, 0x1, 'vlan\x00'}, {0x38, 0x2, 0x0, 0x1, [@IFLA_VLAN_ID={0x6}, @IFLA_VLAN_INGRESS_QOS={0x28, 0x4, 0x0, 0x1, [@IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x0, 0x7}}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0xfff, 0x800}}, @IFLA_VLAN_QOS_MAPPING={0xc}]}, @IFLA_VLAN_EGRESS_QOS={0x4}]}}}, @IFLA_LINK={0x8, 0x5, r4}, @IFLA_MASTER={0x8, 0xa, r4}]}, 0x78}}, 0x0)

[  413.285385][ T6858] Bluetooth: hci6: sending frame failed (-49)
20:58:40 executing program 1:
r0 = socket$inet6(0xa, 0x2, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
pipe(&(0x7f0000000100))
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket(0x1, 0x803, 0x0)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000540)=@newlink={0x78, 0x10, 0x0, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x48, 0x12, 0x0, 0x1, @vlan={{0x9, 0x1, 'vlan\x00'}, {0x38, 0x2, 0x0, 0x1, [@IFLA_VLAN_ID={0x6}, @IFLA_VLAN_INGRESS_QOS={0x28, 0x4, 0x0, 0x1, [@IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x0, 0x7}}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0xfff, 0x800}}, @IFLA_VLAN_QOS_MAPPING={0xc}]}, @IFLA_VLAN_EGRESS_QOS={0x4}]}}}, @IFLA_LINK={0x8, 0x5, r4}, @IFLA_MASTER={0x8, 0xa, r4}]}, 0x78}}, 0x0)

[  413.380046][   T27] audit: type=1804 audit(1597265920.356:105): pid=13797 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/197/bus" dev="sda1" ino=16364 res=1 errno=0
20:58:40 executing program 1:
r0 = socket$inet6(0xa, 0x2, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
pipe(&(0x7f0000000100))
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket(0x1, 0x803, 0x0)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000540)=@newlink={0x70, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x48, 0x12, 0x0, 0x1, @vlan={{0x9, 0x1, 'vlan\x00'}, {0x38, 0x2, 0x0, 0x1, [@IFLA_VLAN_ID={0x6}, @IFLA_VLAN_INGRESS_QOS={0x28, 0x4, 0x0, 0x1, [@IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x0, 0x7}}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0xfff, 0x800}}, @IFLA_VLAN_QOS_MAPPING={0xc}]}, @IFLA_VLAN_EGRESS_QOS={0x4}]}}}, @IFLA_LINK={0x8, 0x5, r4}]}, 0x70}}, 0x0)

[  413.461043][   T27] audit: type=1804 audit(1597265920.436:106): pid=13799 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/197/bus" dev="sda1" ino=16364 res=1 errno=0
[  413.502431][   T12] usb 3-1: new high-speed USB device number 50 using dummy_hcd
20:58:40 executing program 0:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0)
r1 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r2, 0x2007fff)
sendfile(r0, r0, 0x0, 0x8080fffffffe)
r3 = socket(0x2, 0x803, 0xff)
connect$inet(r3, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r4 = dup(r3)
r5 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x8000fffffffe)
creat(&(0x7f0000000100)='./bus\x00', 0x0)

20:58:40 executing program 1:
r0 = socket$inet6(0xa, 0x2, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
pipe(&(0x7f0000000100))
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket(0x1, 0x803, 0x0)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000540)=@newlink={0x68, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x48, 0x12, 0x0, 0x1, @vlan={{0x9, 0x1, 'vlan\x00'}, {0x38, 0x2, 0x0, 0x1, [@IFLA_VLAN_ID={0x6}, @IFLA_VLAN_INGRESS_QOS={0x28, 0x4, 0x0, 0x1, [@IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x0, 0x7}}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0xfff, 0x800}}, @IFLA_VLAN_QOS_MAPPING={0xc}]}, @IFLA_VLAN_EGRESS_QOS={0x4}]}}}]}, 0x68}}, 0x0)

[  413.562122][ T2545] usb 6-1: new high-speed USB device number 104 using dummy_hcd
20:58:40 executing program 1:
r0 = socket$inet6(0xa, 0x2, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
pipe(&(0x7f0000000100))
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket(0x1, 0x803, 0x0)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000540)=@newlink={0x68, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x48, 0x12, 0x0, 0x1, @vlan={{0x9, 0x1, 'vlan\x00'}, {0x38, 0x2, 0x0, 0x1, [@IFLA_VLAN_ID={0x6}, @IFLA_VLAN_INGRESS_QOS={0x28, 0x4, 0x0, 0x1, [@IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x0, 0x7}}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0xfff, 0x800}}, @IFLA_VLAN_QOS_MAPPING={0xc}]}, @IFLA_VLAN_EGRESS_QOS={0x4}]}}}]}, 0x68}}, 0x0)

[  413.716945][   T27] audit: type=1804 audit(1597265920.696:107): pid=13811 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/198/bus" dev="sda1" ino=16366 res=1 errno=0
[  413.761837][   T12] usb 3-1: Using ep0 maxpacket: 16
[  413.803232][   T27] audit: type=1804 audit(1597265920.786:108): pid=13812 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/198/bus" dev="sda1" ino=16366 res=1 errno=0
[  413.827769][ T2545] usb 6-1: Using ep0 maxpacket: 8
[  413.881947][   T12] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  413.898090][   T12] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  413.920408][   T12] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  413.943777][   T12] usb 3-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0
[  413.960223][   T12] usb 3-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 0
[  413.980022][   T12] usb 3-1: config 1 interface 1 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  413.997450][ T2545] usb 6-1: unable to read config index 0 descriptor/start: -61
[  414.005350][ T2545] usb 6-1: can't read configurations, error -61
[  414.162050][   T12] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  414.171184][ T2545] usb 6-1: new high-speed USB device number 105 using dummy_hcd
[  414.179247][   T12] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  414.187601][   T12] usb 3-1: Product: syz
[  414.192040][   T12] usb 3-1: Manufacturer: syz
[  414.196627][   T12] usb 3-1: SerialNumber: syz
[  414.411751][ T2545] usb 6-1: Using ep0 maxpacket: 8
[  414.571947][ T2545] usb 6-1: unable to read config index 0 descriptor/start: -61
[  414.579518][ T2545] usb 6-1: can't read configurations, error -61
[  414.587535][ T2545] usb usb6-port1: attempt power cycle
[  414.701941][   T12] cdc_ncm 3-1:1.0: bind() failure
[  414.722075][   T12] cdc_ncm: probe of 3-1:1.1 failed with error -71
[  414.741903][   T12] cdc_mbim: probe of 3-1:1.1 failed with error -71
[  414.750272][   T12] usb 3-1: USB disconnect, device number 50
[  415.311716][ T2545] usb 6-1: new high-speed USB device number 106 using dummy_hcd
[  415.331849][ T1546] Bluetooth: hci6: Entering manufacturer mode failed (-110)
[  415.340211][ T8236] Bluetooth: hci6: command tx timeout
[  415.411951][ T2545] usb 6-1: Using ep0 maxpacket: 8
[  415.572537][ T2545] usb 6-1: unable to read config index 0 descriptor/start: -61
[  415.580138][ T2545] usb 6-1: can't read configurations, error -61
[  415.731886][ T2545] usb 6-1: new high-speed USB device number 107 using dummy_hcd
[  415.841744][ T2545] usb 6-1: Using ep0 maxpacket: 8
[  416.041745][ T2545] usb 6-1: unable to read config index 0 descriptor/start: -61
[  416.049451][ T2545] usb 6-1: can't read configurations, error -61
[  416.057626][ T2545] usb usb6-port1: unable to enumerate USB device
20:58:43 executing program 5:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r0, &(0x7f0000000280)={0x2, 0x4e23, @multicast1}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
syz_usb_connect(0x0, 0x2d, &(0x7f0000000000)=ANY=[@ANYBLOB="1201fe0009003c0800240042ef420000000109"], 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000040)='highspeed\x00', 0xa)
sendto$inet(r0, &(0x7f00000012c0)=' ', 0x1, 0x0, 0x0, 0x0)

20:58:43 executing program 1:
r0 = socket$inet6(0xa, 0x2, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
pipe(&(0x7f0000000100))
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket(0x1, 0x803, 0x0)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000540)=@newlink={0x68, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x48, 0x12, 0x0, 0x1, @vlan={{0x9, 0x1, 'vlan\x00'}, {0x38, 0x2, 0x0, 0x1, [@IFLA_VLAN_ID={0x6}, @IFLA_VLAN_INGRESS_QOS={0x28, 0x4, 0x0, 0x1, [@IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x0, 0x7}}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0xfff, 0x800}}, @IFLA_VLAN_QOS_MAPPING={0xc}]}, @IFLA_VLAN_EGRESS_QOS={0x4}]}}}]}, 0x68}}, 0x0)

20:58:43 executing program 0:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0)
r1 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r2, 0x2007fff)
sendfile(r0, r0, 0x0, 0x8080fffffffe)
r3 = socket(0x2, 0x803, 0xff)
connect$inet(r3, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r4 = dup(r3)
r5 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x8000fffffffe)
creat(&(0x7f0000000100)='./bus\x00', 0x0)

20:58:43 executing program 4:
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
timer_create(0x0, &(0x7f0000000040)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=<r0=>0x0)
timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
syz_open_procfs(0x0, &(0x7f0000000100)='net/packet\x00')
poll(0x0, 0x0, 0x204)
syz_genetlink_get_family_id$ipvs(0x0)
pipe(&(0x7f0000000140)={<r1=>0xffffffffffffffff})
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

20:58:43 executing program 2:
r0 = syz_usb_connect$cdc_ncm(0x0, 0x6e, &(0x7f00000000c0)=ANY=[@ANYBLOB="12010000020000102505a1a440000102030109025c0002010000000904000001020d0000052406000105240000000d240f0100000000000000000006241a0000000905810300000000000904010000020d00000904010102020d000009058202"], 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = dup(r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)

20:58:43 executing program 3:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r1, 0x400455c8, 0x9)
dup2(r0, r1)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000008c0)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = fcntl$dupfd(0xffffffffffffffff, 0x0, r2)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
syz_usb_connect(0x0, 0x0, 0x0, 0x0)

20:58:43 executing program 1:
r0 = socket$inet6(0xa, 0x2, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
pipe(&(0x7f0000000100))
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket(0x1, 0x803, 0x0)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000540)=@newlink={0x70, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x48, 0x12, 0x0, 0x1, @vlan={{0x9, 0x1, 'vlan\x00'}, {0x38, 0x2, 0x0, 0x1, [@IFLA_VLAN_ID={0x6}, @IFLA_VLAN_INGRESS_QOS={0x28, 0x4, 0x0, 0x1, [@IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x0, 0x7}}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0xfff, 0x800}}, @IFLA_VLAN_QOS_MAPPING={0xc}]}, @IFLA_VLAN_EGRESS_QOS={0x4}]}}}, @IFLA_LINK={0x8}]}, 0x70}}, 0x0)

[  416.344165][  T198] Bluetooth: hci6: Frame reassembly failed (-84)
[  416.421650][   T27] audit: type=1804 audit(1597265923.396:109): pid=13856 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/199/bus" dev="sda1" ino=16368 res=1 errno=0
[  416.487882][   T27] audit: type=1804 audit(1597265923.466:110): pid=13859 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/199/bus" dev="sda1" ino=16368 res=1 errno=0
20:58:43 executing program 1:
r0 = socket$inet6(0xa, 0x2, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
pipe(&(0x7f0000000100))
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket(0x1, 0x803, 0x0)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000540)=@newlink={0x70, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x48, 0x12, 0x0, 0x1, @vlan={{0x9, 0x1, 'vlan\x00'}, {0x38, 0x2, 0x0, 0x1, [@IFLA_VLAN_ID={0x6}, @IFLA_VLAN_INGRESS_QOS={0x28, 0x4, 0x0, 0x1, [@IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x0, 0x7}}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0xfff, 0x800}}, @IFLA_VLAN_QOS_MAPPING={0xc}]}, @IFLA_VLAN_EGRESS_QOS={0x4}]}}}, @IFLA_LINK={0x8}]}, 0x70}}, 0x0)

20:58:43 executing program 0:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0)
getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r1, 0x2007fff)
sendfile(r0, r0, 0x0, 0x8080fffffffe)
r2 = socket(0x2, 0x803, 0xff)
connect$inet(r2, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r3 = dup(r2)
r4 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r3, r4, 0x0, 0x8000fffffffe)
creat(&(0x7f0000000100)='./bus\x00', 0x0)

20:58:43 executing program 1:
r0 = socket$inet6(0xa, 0x2, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
pipe(&(0x7f0000000100))
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket(0x1, 0x803, 0x0)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000540)=@newlink={0x70, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x48, 0x12, 0x0, 0x1, @vlan={{0x9, 0x1, 'vlan\x00'}, {0x38, 0x2, 0x0, 0x1, [@IFLA_VLAN_ID={0x6}, @IFLA_VLAN_INGRESS_QOS={0x28, 0x4, 0x0, 0x1, [@IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x0, 0x7}}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0xfff, 0x800}}, @IFLA_VLAN_QOS_MAPPING={0xc}]}, @IFLA_VLAN_EGRESS_QOS={0x4}]}}}, @IFLA_LINK={0x8}]}, 0x70}}, 0x0)

[  416.591616][ T8130] usb 3-1: new high-speed USB device number 51 using dummy_hcd
20:58:43 executing program 1:
r0 = socket$inet6(0xa, 0x2, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
pipe(&(0x7f0000000100))
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket(0x1, 0x803, 0x0)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000540)=@newlink={0x28, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINK={0x8, 0x5, r4}]}, 0x28}}, 0x0)

[  416.678701][   T12] usb 6-1: new high-speed USB device number 108 using dummy_hcd
[  416.706406][   T27] audit: type=1804 audit(1597265923.686:111): pid=13868 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/200/bus" dev="sda1" ino=16383 res=1 errno=0
20:58:43 executing program 0:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0)
getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r1, 0x2007fff)
sendfile(r0, r0, 0x0, 0x8080fffffffe)
r2 = socket(0x2, 0x803, 0xff)
connect$inet(r2, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r3 = dup(r2)
r4 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r3, r4, 0x0, 0x8000fffffffe)
creat(&(0x7f0000000100)='./bus\x00', 0x0)

[  416.780130][   T27] audit: type=1804 audit(1597265923.756:112): pid=13869 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/200/bus" dev="sda1" ino=16383 res=1 errno=0
[  416.851686][ T8130] usb 3-1: Using ep0 maxpacket: 16
[  416.947697][   T27] audit: type=1804 audit(1597265923.926:113): pid=13874 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/201/bus" dev="sda1" ino=16371 res=1 errno=0
[  416.976732][   T12] usb 6-1: Using ep0 maxpacket: 8
[  416.983408][ T8130] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  416.995032][ T8130] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  417.007717][ T8130] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  417.017833][   T27] audit: type=1804 audit(1597265923.986:114): pid=13875 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/201/bus" dev="sda1" ino=16371 res=1 errno=0
[  417.050128][ T8130] usb 3-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0
[  417.060142][ T8130] usb 3-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 0
[  417.075893][ T8130] usb 3-1: config 1 interface 1 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  417.171796][   T12] usb 6-1: unable to read config index 0 descriptor/start: -61
[  417.179396][   T12] usb 6-1: can't read configurations, error -61
[  417.241907][ T8130] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  417.251066][ T8130] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  417.259273][ T8130] usb 3-1: Product: syz
[  417.263544][ T8130] usb 3-1: Manufacturer: syz
[  417.268130][ T8130] usb 3-1: SerialNumber: syz
[  417.351804][   T12] usb 6-1: new high-speed USB device number 109 using dummy_hcd
[  417.641560][   T12] usb 6-1: Using ep0 maxpacket: 8
[  417.771724][ T8130] cdc_ncm 3-1:1.0: bind() failure
[  417.791760][ T8130] cdc_ncm: probe of 3-1:1.1 failed with error -71
[  417.811719][ T8130] cdc_mbim: probe of 3-1:1.1 failed with error -71
[  417.820230][ T8130] usb 3-1: USB disconnect, device number 51
[  417.832169][   T12] usb 6-1: unable to read config index 0 descriptor/start: -61
[  417.847518][   T12] usb 6-1: can't read configurations, error -61
[  417.859460][   T12] usb usb6-port1: attempt power cycle
[  418.381566][ T2545] Bluetooth: hci6: command 0xfc11 tx timeout
[  418.381649][ T1546] Bluetooth: hci6: Entering manufacturer mode failed (-110)
[  418.591510][   T12] usb 6-1: new high-speed USB device number 110 using dummy_hcd
[  418.692947][   T12] usb 6-1: Using ep0 maxpacket: 8
[  418.872517][   T12] usb 6-1: unable to read config index 0 descriptor/start: -61
[  418.880143][   T12] usb 6-1: can't read configurations, error -61
[  419.031489][   T12] usb 6-1: new high-speed USB device number 111 using dummy_hcd
[  419.122683][   T12] usb 6-1: Using ep0 maxpacket: 8
20:58:46 executing program 5:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r0, &(0x7f0000000280)={0x2, 0x4e23, @multicast1}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
syz_usb_connect(0x0, 0x2d, &(0x7f0000000000)=ANY=[@ANYBLOB="1201fe0009003c0800240042ef420000000109"], 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000040)='highspeed\x00', 0xa)
sendto$inet(r0, &(0x7f00000012c0)=' ', 0x1, 0x0, 0x0, 0x0)

20:58:46 executing program 1:
r0 = socket$inet6(0xa, 0x2, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
pipe(&(0x7f0000000100))
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket(0x1, 0x803, 0x0)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000540)=@newlink={0x28, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINK={0x8, 0x5, r4}]}, 0x28}}, 0x0)

20:58:46 executing program 0:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0)
getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r1, 0x2007fff)
sendfile(r0, r0, 0x0, 0x8080fffffffe)
r2 = socket(0x2, 0x803, 0xff)
connect$inet(r2, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r3 = dup(r2)
r4 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r3, r4, 0x0, 0x8000fffffffe)
creat(&(0x7f0000000100)='./bus\x00', 0x0)

20:58:46 executing program 4:
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
timer_create(0x0, &(0x7f0000000040)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=<r0=>0x0)
timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
syz_open_procfs(0x0, &(0x7f0000000100)='net/packet\x00')
poll(0x0, 0x0, 0x204)
syz_genetlink_get_family_id$ipvs(0x0)
pipe(&(0x7f0000000140)={<r1=>0xffffffffffffffff})
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

20:58:46 executing program 2:
r0 = syz_usb_connect$cdc_ncm(0x0, 0x6e, &(0x7f00000000c0)=ANY=[@ANYBLOB="12010000020000102505a1a440000102030109025c0002010000000904000001020d0000052406000105240000000d240f0100000000000000000006241a0000000905810300000000000904010000020d00000904010102020d000009058202"], 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = dup(r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)

20:58:46 executing program 3:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r1, 0x400455c8, 0x9)
dup2(r0, r1)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000008c0)={<r2=>0xffffffffffffffff})
r3 = fcntl$dupfd(r2, 0x0, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
syz_usb_connect(0x0, 0x0, 0x0, 0x0)

[  419.291730][   T12] usb 6-1: unable to read config index 0 descriptor/start: -61
[  419.299322][   T12] usb 6-1: can't read configurations, error -61
[  419.307357][   T12] usb usb6-port1: unable to enumerate USB device
20:58:46 executing program 1:
r0 = socket$inet6(0xa, 0x2, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
pipe(&(0x7f0000000100))
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket(0x1, 0x803, 0x0)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000540)=@newlink={0x28, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINK={0x8, 0x5, r4}]}, 0x28}}, 0x0)

20:58:46 executing program 1:
r0 = socket$inet6(0xa, 0x2, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
pipe(&(0x7f0000000100))
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket(0x1, 0x803, 0x0)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000540)=@newlink={0x6c, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x44, 0x12, 0x0, 0x1, @vlan={{0x9, 0x1, 'vlan\x00'}, {0x34, 0x2, 0x0, 0x1, [@IFLA_VLAN_ID={0x6}, @IFLA_VLAN_INGRESS_QOS={0x28, 0x4, 0x0, 0x1, [@IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x0, 0x7}}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0xfff, 0x800}}, @IFLA_VLAN_QOS_MAPPING={0xc}]}]}}}, @IFLA_LINK={0x8, 0x5, r4}]}, 0x6c}}, 0x0)

[  419.560069][   T27] audit: type=1804 audit(1597265926.526:115): pid=13921 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/202/bus" dev="sda1" ino=16368 res=1 errno=0
20:58:46 executing program 0:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0)
r1 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r1, 0x0, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r2, 0x2007fff)
sendfile(r0, r0, 0x0, 0x8080fffffffe)
r3 = socket(0x2, 0x803, 0xff)
connect$inet(r3, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r4 = dup(r3)
r5 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x8000fffffffe)
creat(&(0x7f0000000100)='./bus\x00', 0x0)

20:58:46 executing program 1:
r0 = socket$inet6(0xa, 0x2, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
pipe(&(0x7f0000000100))
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket(0x1, 0x803, 0x0)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000540)=@newlink={0x6c, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x44, 0x12, 0x0, 0x1, @vlan={{0x9, 0x1, 'vlan\x00'}, {0x34, 0x2, 0x0, 0x1, [@IFLA_VLAN_ID={0x6}, @IFLA_VLAN_INGRESS_QOS={0x28, 0x4, 0x0, 0x1, [@IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x0, 0x7}}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0xfff, 0x800}}, @IFLA_VLAN_QOS_MAPPING={0xc}]}]}}}, @IFLA_LINK={0x8, 0x5, r4}]}, 0x6c}}, 0x0)

[  419.661799][   T27] audit: type=1804 audit(1597265926.626:116): pid=13924 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/202/bus" dev="sda1" ino=16368 res=1 errno=0
[  419.671518][   T23] usb 3-1: new high-speed USB device number 52 using dummy_hcd
20:58:46 executing program 1:
r0 = socket$inet6(0xa, 0x2, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
pipe(&(0x7f0000000100))
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket(0x1, 0x803, 0x0)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000540)=@newlink={0x6c, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x44, 0x12, 0x0, 0x1, @vlan={{0x9, 0x1, 'vlan\x00'}, {0x34, 0x2, 0x0, 0x1, [@IFLA_VLAN_ID={0x6}, @IFLA_VLAN_INGRESS_QOS={0x28, 0x4, 0x0, 0x1, [@IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x0, 0x7}}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0xfff, 0x800}}, @IFLA_VLAN_QOS_MAPPING={0xc}]}]}}}, @IFLA_LINK={0x8, 0x5, r4}]}, 0x6c}}, 0x0)

20:58:46 executing program 1:
r0 = socket$inet6(0xa, 0x2, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
pipe(&(0x7f0000000100))
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket(0x1, 0x803, 0x0)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000540)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @vlan={{0x9, 0x1, 'vlan\x00'}, {0x10, 0x2, 0x0, 0x1, [@IFLA_VLAN_ID={0x6}, @IFLA_VLAN_EGRESS_QOS={0x4}]}}}, @IFLA_LINK={0x8, 0x5, r4}]}, 0x48}}, 0x0)

[  419.761881][ T8130] usb 6-1: new high-speed USB device number 112 using dummy_hcd
[  419.857780][   T27] audit: type=1804 audit(1597265926.826:117): pid=13932 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/203/bus" dev="sda1" ino=16368 res=1 errno=0
[  419.941585][   T23] usb 3-1: Using ep0 maxpacket: 16
[  419.988607][   T27] audit: type=1804 audit(1597265926.886:118): pid=13933 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/203/bus" dev="sda1" ino=16368 res=1 errno=0
[  420.011438][ T8130] usb 6-1: Using ep0 maxpacket: 8
[  420.061966][   T23] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  420.082463][   T23] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  420.111306][   T23] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  420.122687][   T23] usb 3-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0
[  420.133930][   T23] usb 3-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 0
[  420.145035][   T23] usb 3-1: config 1 interface 1 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  420.171751][ T8130] usb 6-1: unable to read config index 0 descriptor/start: -61
[  420.179469][ T8130] usb 6-1: can't read configurations, error -61
[  420.311593][   T23] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  420.320669][   T23] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  420.328883][   T23] usb 3-1: Product: syz
[  420.333177][ T8130] usb 6-1: new high-speed USB device number 113 using dummy_hcd
[  420.340906][   T23] usb 3-1: Manufacturer: syz
[  420.345616][   T23] usb 3-1: SerialNumber: syz
[  420.571415][ T8130] usb 6-1: Using ep0 maxpacket: 8
[  420.731428][ T8130] usb 6-1: unable to read config index 0 descriptor/start: -61
[  420.739089][ T8130] usb 6-1: can't read configurations, error -61
[  420.746707][ T8130] usb usb6-port1: attempt power cycle
[  420.851576][   T23] cdc_ncm 3-1:1.0: bind() failure
[  420.881599][   T23] cdc_ncm: probe of 3-1:1.1 failed with error -71
[  420.901578][   T23] cdc_mbim: probe of 3-1:1.1 failed with error -71
[  420.910483][   T23] usb 3-1: USB disconnect, device number 52
[  421.461379][ T8130] usb 6-1: new high-speed USB device number 114 using dummy_hcd
[  421.491330][ T8236] Bluetooth: hci6: command 0xfc11 tx timeout
[  421.491358][ T1546] Bluetooth: hci6: Entering manufacturer mode failed (-110)
[  421.551454][ T8130] usb 6-1: Using ep0 maxpacket: 8
[  421.711377][ T8130] usb 6-1: unable to read config index 0 descriptor/start: -61
[  421.719054][ T8130] usb 6-1: can't read configurations, error -61
[  421.871306][ T8130] usb 6-1: new high-speed USB device number 115 using dummy_hcd
[  421.961499][ T8130] usb 6-1: Using ep0 maxpacket: 8
[  422.121674][ T8130] usb 6-1: unable to read config index 0 descriptor/start: -61
[  422.129250][ T8130] usb 6-1: can't read configurations, error -61
[  422.136003][ T8130] usb usb6-port1: unable to enumerate USB device
20:58:49 executing program 5:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r0, &(0x7f0000000280)={0x2, 0x4e23, @multicast1}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
syz_usb_connect(0x0, 0x2d, &(0x7f0000000000)=ANY=[@ANYBLOB="1201fe0009003c0800240042ef42000000010902"], 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(0xffffffffffffffff, 0x6, 0xd, &(0x7f0000000040)='highspeed\x00', 0xa)
sendto$inet(r0, &(0x7f00000012c0)=' ', 0x1, 0x0, 0x0, 0x0)

20:58:49 executing program 4:
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
timer_create(0x0, &(0x7f0000000040)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=<r0=>0x0)
timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
syz_open_procfs(0x0, &(0x7f0000000100)='net/packet\x00')
poll(0x0, 0x0, 0x204)
syz_genetlink_get_family_id$ipvs(0x0)
pipe(&(0x7f0000000140)={<r1=>0xffffffffffffffff})
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

20:58:49 executing program 0:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0)
r1 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r1, 0x0, 0xffffffffffffffff, 0x0)
r2 = open(0x0, 0x141042, 0x0)
ftruncate(r2, 0x2007fff)
sendfile(r0, r0, 0x0, 0x8080fffffffe)
r3 = socket(0x2, 0x803, 0xff)
connect$inet(r3, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r4 = dup(r3)
r5 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x8000fffffffe)
creat(&(0x7f0000000100)='./bus\x00', 0x0)

20:58:49 executing program 1:
r0 = socket$inet6(0xa, 0x2, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
pipe(&(0x7f0000000100))
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket(0x1, 0x803, 0x0)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000540)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @vlan={{0x9, 0x1, 'vlan\x00'}, {0x10, 0x2, 0x0, 0x1, [@IFLA_VLAN_ID={0x6}, @IFLA_VLAN_EGRESS_QOS={0x4}]}}}, @IFLA_LINK={0x8, 0x5, r4}]}, 0x48}}, 0x0)

20:58:49 executing program 2:
r0 = syz_usb_connect$cdc_ncm(0x0, 0x6e, &(0x7f00000000c0)=ANY=[@ANYBLOB="12010000020000102505a1a440000102030109025c0002010000000904000001020d0000052406000105240000000d240f0100000000000000000006241a0000000905810300000000000904010000020d00000904010102020d00000905820287"], 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = dup(r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)

20:58:49 executing program 3:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r1, 0x400455c8, 0x9)
dup2(r0, r1)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000008c0)={<r2=>0xffffffffffffffff})
r3 = fcntl$dupfd(r2, 0x0, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
syz_usb_connect(0x0, 0x0, 0x0, 0x0)

20:58:49 executing program 1:
r0 = socket$inet6(0xa, 0x2, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
pipe(&(0x7f0000000100))
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket(0x1, 0x803, 0x0)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000540)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @vlan={{0x9, 0x1, 'vlan\x00'}, {0x10, 0x2, 0x0, 0x1, [@IFLA_VLAN_ID={0x6}, @IFLA_VLAN_EGRESS_QOS={0x4}]}}}, @IFLA_LINK={0x8, 0x5, r4}]}, 0x48}}, 0x0)

[  422.554373][   T27] audit: type=1804 audit(1597265929.526:119): pid=13967 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/204/bus" dev="sda1" ino=16367 res=1 errno=0
20:58:49 executing program 0:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0)
r1 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r1, 0x0, 0xffffffffffffffff, 0x0)
r2 = open(0x0, 0x141042, 0x0)
ftruncate(r2, 0x2007fff)
sendfile(r0, r0, 0x0, 0x8080fffffffe)
r3 = socket(0x2, 0x803, 0xff)
connect$inet(r3, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r4 = dup(r3)
r5 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x8000fffffffe)
creat(&(0x7f0000000100)='./bus\x00', 0x0)

20:58:49 executing program 1:
r0 = socket$inet6(0xa, 0x2, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
pipe(&(0x7f0000000100))
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket(0x1, 0x803, 0x0)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000540)=@newlink={0x64, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x3c, 0x12, 0x0, 0x1, @vlan={{0x9, 0x1, 'vlan\x00'}, {0x2c, 0x2, 0x0, 0x1, [@IFLA_VLAN_ID={0x6}, @IFLA_VLAN_INGRESS_QOS={0x1c, 0x4, 0x0, 0x1, [@IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x0, 0x7}}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0xfff, 0x800}}]}, @IFLA_VLAN_EGRESS_QOS={0x4}]}}}, @IFLA_LINK={0x8, 0x5, r4}]}, 0x64}}, 0x0)

[  422.657941][   T27] audit: type=1804 audit(1597265929.566:120): pid=13967 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/204/bus" dev="sda1" ino=16367 res=1 errno=0
20:58:49 executing program 1:
r0 = socket$inet6(0xa, 0x2, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
pipe(&(0x7f0000000100))
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket(0x1, 0x803, 0x0)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000540)=@newlink={0x64, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x3c, 0x12, 0x0, 0x1, @vlan={{0x9, 0x1, 'vlan\x00'}, {0x2c, 0x2, 0x0, 0x1, [@IFLA_VLAN_ID={0x6}, @IFLA_VLAN_INGRESS_QOS={0x1c, 0x4, 0x0, 0x1, [@IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x0, 0x7}}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0xfff, 0x800}}]}, @IFLA_VLAN_EGRESS_QOS={0x4}]}}}, @IFLA_LINK={0x8, 0x5, r4}]}, 0x64}}, 0x0)

20:58:49 executing program 0:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0)
r1 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r1, 0x0, 0xffffffffffffffff, 0x0)
r2 = open(0x0, 0x141042, 0x0)
ftruncate(r2, 0x2007fff)
sendfile(r0, r0, 0x0, 0x8080fffffffe)
r3 = socket(0x2, 0x803, 0xff)
connect$inet(r3, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r4 = dup(r3)
r5 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x8000fffffffe)
creat(&(0x7f0000000100)='./bus\x00', 0x0)

[  422.749585][   T27] audit: type=1804 audit(1597265929.716:121): pid=13987 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/205/bus" dev="sda1" ino=16383 res=1 errno=0
20:58:49 executing program 1:
r0 = socket$inet6(0xa, 0x2, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
pipe(&(0x7f0000000100))
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket(0x1, 0x803, 0x0)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000540)=@newlink={0x64, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x3c, 0x12, 0x0, 0x1, @vlan={{0x9, 0x1, 'vlan\x00'}, {0x2c, 0x2, 0x0, 0x1, [@IFLA_VLAN_ID={0x6}, @IFLA_VLAN_INGRESS_QOS={0x1c, 0x4, 0x0, 0x1, [@IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x0, 0x7}}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0xfff, 0x800}}]}, @IFLA_VLAN_EGRESS_QOS={0x4}]}}}, @IFLA_LINK={0x8, 0x5, r4}]}, 0x64}}, 0x0)

[  422.792180][   T12] usb 3-1: new high-speed USB device number 53 using dummy_hcd
[  422.838524][   T27] audit: type=1804 audit(1597265929.716:122): pid=13987 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/205/bus" dev="sda1" ino=16383 res=1 errno=0
[  422.885693][   T27] audit: type=1804 audit(1597265929.806:123): pid=13991 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/206/bus" dev="sda1" ino=16383 res=1 errno=0
[  422.916525][   T27] audit: type=1804 audit(1597265929.806:124): pid=13991 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/206/bus" dev="sda1" ino=16383 res=1 errno=0
[  422.949825][ T2545] usb 6-1: new high-speed USB device number 116 using dummy_hcd
[  423.051278][   T12] usb 3-1: Using ep0 maxpacket: 16
[  423.191514][   T12] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  423.201833][ T2545] usb 6-1: Using ep0 maxpacket: 8
[  423.207021][   T12] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  423.218030][   T12] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  423.229627][   T12] usb 3-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 135
[  423.240342][   T12] usb 3-1: config 1 interface 1 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  423.337842][ T2545] usb 6-1: config 0 has no interfaces?
[  423.343929][ T2545] usb 6-1: New USB device found, idVendor=2400, idProduct=4200, bcdDevice=42.ef
[  423.362156][ T2545] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  423.378332][ T2545] usb 6-1: config 0 descriptor??
[  423.435657][   T12] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  423.445828][   T12] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  423.455878][   T12] usb 3-1: Product: syz
[  423.460110][   T12] usb 3-1: Manufacturer: syz
[  423.465642][   T12] usb 3-1: SerialNumber: syz
[  423.646235][ T8130] usb 6-1: USB disconnect, device number 116
[  423.733515][T13966] raw-gadget gadget: fail, usb_ep_enable returned -22
[  423.991340][   T12] cdc_ncm 3-1:1.0: bind() failure
[  424.011389][   T12] cdc_ncm: probe of 3-1:1.1 failed with error -71
[  424.041347][   T12] cdc_mbim: probe of 3-1:1.1 failed with error -71
[  424.050324][   T12] usb 3-1: USB disconnect, device number 53
20:58:51 executing program 5:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r0, &(0x7f0000000280)={0x2, 0x4e23, @multicast1}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
syz_usb_connect(0x0, 0x2d, &(0x7f0000000000)=ANY=[@ANYBLOB="1201fe0009003c0800240042ef42000000010902"], 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(0xffffffffffffffff, 0x6, 0xd, &(0x7f0000000040)='highspeed\x00', 0xa)
sendto$inet(r0, &(0x7f00000012c0)=' ', 0x1, 0x0, 0x0, 0x0)

20:58:51 executing program 0:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0)
r1 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r1, 0x0, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0)
ftruncate(r2, 0x2007fff)
sendfile(r0, r0, 0x0, 0x8080fffffffe)
r3 = socket(0x2, 0x803, 0xff)
connect$inet(r3, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r4 = dup(r3)
r5 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x8000fffffffe)
creat(&(0x7f0000000100)='./bus\x00', 0x0)

20:58:51 executing program 1:
r0 = socket$inet6(0xa, 0x2, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
pipe(&(0x7f0000000100))
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket(0x1, 0x803, 0x0)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000540)=@newlink={0x64, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x3c, 0x12, 0x0, 0x1, @vlan={{0x9, 0x1, 'vlan\x00'}, {0x2c, 0x2, 0x0, 0x1, [@IFLA_VLAN_ID={0x6}, @IFLA_VLAN_INGRESS_QOS={0x1c, 0x4, 0x0, 0x1, [@IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x0, 0x7}}, @IFLA_VLAN_QOS_MAPPING={0xc}]}, @IFLA_VLAN_EGRESS_QOS={0x4}]}}}, @IFLA_LINK={0x8, 0x5, r4}]}, 0x64}}, 0x0)

20:58:51 executing program 4:
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
timer_create(0x0, &(0x7f0000000040)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=<r0=>0x0)
timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
syz_open_procfs(0x0, &(0x7f0000000100)='net/packet\x00')
poll(0x0, 0x0, 0x204)
syz_genetlink_get_family_id$ipvs(0x0)
pipe(&(0x7f0000000140)={<r1=>0xffffffffffffffff})
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

[  424.253028][   T27] audit: type=1804 audit(1597265931.226:125): pid=14025 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/207/bus" dev="sda1" ino=16363 res=1 errno=0
[  424.296979][   T27] audit: type=1804 audit(1597265931.226:126): pid=14025 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/207/bus" dev="sda1" ino=16363 res=1 errno=0
[  424.333294][   T27] audit: type=1804 audit(1597265931.226:127): pid=14025 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/207/bus" dev="sda1" ino=16363 res=1 errno=0
20:58:51 executing program 2:
r0 = syz_usb_connect$cdc_ncm(0x0, 0x6e, &(0x7f00000000c0)=ANY=[@ANYBLOB="12010000020000102505a1a440000102030109025c0002010000000904000001020d0000052406000105240000000d240f0100000000000000000006241a0000000905810300000000000904010000020d00000904010102020d00000905820287"], 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = dup(r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)

[  424.511219][ T2545] usb 6-1: new high-speed USB device number 117 using dummy_hcd
[  424.611218][ T1546] Bluetooth: hci6: Entering manufacturer mode failed (-110)
[  424.751156][ T2545] usb 6-1: Using ep0 maxpacket: 8
[  424.791202][ T7291] usb 3-1: new high-speed USB device number 54 using dummy_hcd
[  424.881287][ T2545] usb 6-1: config 0 has no interfaces?
[  424.886925][ T2545] usb 6-1: New USB device found, idVendor=2400, idProduct=4200, bcdDevice=42.ef
[  424.897432][ T2545] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  424.906968][ T2545] usb 6-1: config 0 descriptor??
[  425.041218][ T7291] usb 3-1: Using ep0 maxpacket: 16
20:58:52 executing program 3:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r1, 0x400455c8, 0x9)
dup2(r0, r1)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000008c0)={<r2=>0xffffffffffffffff})
r3 = fcntl$dupfd(r2, 0x0, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
syz_usb_connect(0x0, 0x0, 0x0, 0x0)

20:58:52 executing program 1:
r0 = socket$inet6(0xa, 0x2, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
pipe(&(0x7f0000000100))
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket(0x1, 0x803, 0x0)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000540)=@newlink={0x64, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x3c, 0x12, 0x0, 0x1, @vlan={{0x9, 0x1, 'vlan\x00'}, {0x2c, 0x2, 0x0, 0x1, [@IFLA_VLAN_ID={0x6}, @IFLA_VLAN_INGRESS_QOS={0x1c, 0x4, 0x0, 0x1, [@IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x0, 0x7}}, @IFLA_VLAN_QOS_MAPPING={0xc}]}, @IFLA_VLAN_EGRESS_QOS={0x4}]}}}, @IFLA_LINK={0x8, 0x5, r4}]}, 0x64}}, 0x0)

20:58:52 executing program 0:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0)
r1 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r1, 0x0, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0)
ftruncate(r2, 0x2007fff)
sendfile(r0, r0, 0x0, 0x8080fffffffe)
r3 = socket(0x2, 0x803, 0xff)
connect$inet(r3, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r4 = dup(r3)
r5 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x8000fffffffe)
creat(&(0x7f0000000100)='./bus\x00', 0x0)

20:58:52 executing program 4:
perf_event_open(&(0x7f0000000100)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
timer_create(0x0, &(0x7f0000000040)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=<r0=>0x0)
timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
syz_open_procfs(0x0, &(0x7f0000000100)='net/packet\x00')
poll(0x0, 0x0, 0x204)
syz_genetlink_get_family_id$ipvs(0x0)
pipe(&(0x7f0000000140)={<r1=>0xffffffffffffffff})
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

[  425.165020][ T2545] usb 6-1: USB disconnect, device number 117
[  425.171654][ T7291] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  425.197337][ T7291] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
20:58:52 executing program 1:
r0 = socket$inet6(0xa, 0x2, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
pipe(&(0x7f0000000100))
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket(0x1, 0x803, 0x0)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000540)=@newlink={0x64, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x3c, 0x12, 0x0, 0x1, @vlan={{0x9, 0x1, 'vlan\x00'}, {0x2c, 0x2, 0x0, 0x1, [@IFLA_VLAN_ID={0x6}, @IFLA_VLAN_INGRESS_QOS={0x1c, 0x4, 0x0, 0x1, [@IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x0, 0x7}}, @IFLA_VLAN_QOS_MAPPING={0xc}]}, @IFLA_VLAN_EGRESS_QOS={0x4}]}}}, @IFLA_LINK={0x8, 0x5, r4}]}, 0x64}}, 0x0)

[  425.223854][ T7291] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  425.240177][   T27] audit: type=1804 audit(1597265932.207:128): pid=14052 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/208/bus" dev="sda1" ino=16365 res=1 errno=0
20:58:52 executing program 0:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0)
r1 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r1, 0x0, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0)
ftruncate(r2, 0x2007fff)
sendfile(r0, r0, 0x0, 0x8080fffffffe)
r3 = socket(0x2, 0x803, 0xff)
connect$inet(r3, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r4 = dup(r3)
r5 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x8000fffffffe)
creat(&(0x7f0000000100)='./bus\x00', 0x0)

[  425.268112][ T7291] usb 3-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 135
[  425.283732][ T7291] usb 3-1: config 1 interface 1 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2
20:58:52 executing program 1:
r0 = socket$inet6(0xa, 0x2, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
pipe(&(0x7f0000000100))
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket(0x1, 0x803, 0x0)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000540)=@newlink={0x70, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x48, 0x12, 0x0, 0x1, @vlan={{0x9, 0x1, 'vlan\x00'}, {0x38, 0x2, 0x0, 0x1, [@IFLA_VLAN_ID={0x6}, @IFLA_VLAN_INGRESS_QOS={0x28, 0x4, 0x0, 0x1, [@IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x0, 0x7}}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x0, 0x800}}, @IFLA_VLAN_QOS_MAPPING={0xc}]}, @IFLA_VLAN_EGRESS_QOS={0x4}]}}}, @IFLA_LINK={0x8, 0x5, r4}]}, 0x70}}, 0x0)

[  425.452479][ T7291] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  425.469659][ T7291] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  425.500926][ T7291] usb 3-1: Product: syz
[  425.518950][ T7291] usb 3-1: Manufacturer: syz
[  425.536274][ T7291] usb 3-1: SerialNumber: syz
20:58:52 executing program 5:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r0, &(0x7f0000000280)={0x2, 0x4e23, @multicast1}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
syz_usb_connect(0x0, 0x2d, &(0x7f0000000000)=ANY=[@ANYBLOB="1201fe0009003c0800240042ef42000000010902"], 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(0xffffffffffffffff, 0x6, 0xd, &(0x7f0000000040)='highspeed\x00', 0xa)
sendto$inet(r0, &(0x7f00000012c0)=' ', 0x1, 0x0, 0x0, 0x0)

20:58:52 executing program 0:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0)
r1 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r1, 0x0, 0xffffffffffffffff, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(0xffffffffffffffff, 0x2007fff)
sendfile(r0, r0, 0x0, 0x8080fffffffe)
r2 = socket(0x2, 0x803, 0xff)
connect$inet(r2, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r3 = dup(r2)
r4 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r3, r4, 0x0, 0x8000fffffffe)
creat(&(0x7f0000000100)='./bus\x00', 0x0)

20:58:52 executing program 1:
r0 = socket$inet6(0xa, 0x2, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
pipe(&(0x7f0000000100))
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket(0x1, 0x803, 0x0)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000540)=@newlink={0x70, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x48, 0x12, 0x0, 0x1, @vlan={{0x9, 0x1, 'vlan\x00'}, {0x38, 0x2, 0x0, 0x1, [@IFLA_VLAN_ID={0x6}, @IFLA_VLAN_INGRESS_QOS={0x28, 0x4, 0x0, 0x1, [@IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x0, 0x7}}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x0, 0x800}}, @IFLA_VLAN_QOS_MAPPING={0xc}]}, @IFLA_VLAN_EGRESS_QOS={0x4}]}}}, @IFLA_LINK={0x8, 0x5, r4}]}, 0x70}}, 0x0)

20:58:52 executing program 4:
perf_event_open(&(0x7f0000000100)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
timer_create(0x0, &(0x7f0000000040)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=<r0=>0x0)
timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
syz_open_procfs(0x0, &(0x7f0000000100)='net/packet\x00')
poll(0x0, 0x0, 0x204)
syz_genetlink_get_family_id$ipvs(0x0)
pipe(&(0x7f0000000140)={<r1=>0xffffffffffffffff})
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

[  425.796893][T14032] raw-gadget gadget: fail, usb_ep_enable returned -22
[  426.061188][ T8236] usb 6-1: new high-speed USB device number 118 using dummy_hcd
[  426.061329][ T7291] cdc_ncm 3-1:1.0: bind() failure
[  426.101403][ T7291] cdc_ncm: probe of 3-1:1.1 failed with error -71
[  426.123498][ T7291] cdc_mbim: probe of 3-1:1.1 failed with error -71
[  426.132793][ T7291] usb 3-1: USB disconnect, device number 54
[  426.321051][ T8236] usb 6-1: Using ep0 maxpacket: 8
20:58:53 executing program 2:
r0 = syz_usb_connect$cdc_ncm(0x0, 0x6e, &(0x7f00000000c0)=ANY=[@ANYBLOB="12010000020000102505a1a440000102030109025c0002010000000904000001020d0000052406000105240000000d240f0100000000000000000006241a0000000905810300000000000904010000020d00000904010102020d00000905820287"], 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = dup(r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)

[  426.441635][ T8236] usb 6-1: config 0 has no interfaces?
[  426.447210][ T8236] usb 6-1: New USB device found, idVendor=2400, idProduct=4200, bcdDevice=42.ef
[  426.458872][ T8236] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  426.468650][ T8236] usb 6-1: config 0 descriptor??
[  426.716958][ T7291] usb 6-1: USB disconnect, device number 118
[  426.851062][ T8130] usb 3-1: new high-speed USB device number 55 using dummy_hcd
[  427.111344][ T8130] usb 3-1: Using ep0 maxpacket: 16
[  427.241373][ T8130] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  427.251699][ T8130] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  427.263380][ T8130] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  427.273354][ T8130] usb 3-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 135
[  427.283673][ T8130] usb 3-1: config 1 interface 1 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  427.331149][ T1546] Bluetooth: hci6: Entering manufacturer mode failed (-110)
[  427.461149][ T8130] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  427.470214][ T8130] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  427.478421][ T8130] usb 3-1: Product: syz
[  427.482822][ T8130] usb 3-1: Manufacturer: syz
[  427.487416][ T8130] usb 3-1: SerialNumber: syz
[  427.733688][T14103] raw-gadget gadget: fail, usb_ep_enable returned -22
20:58:54 executing program 3:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r1, 0x400455c8, 0x9)
dup2(r0, r1)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000008c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
fcntl$dupfd(r2, 0x0, r3)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
syz_usb_connect(0x0, 0x0, 0x0, 0x0)

20:58:54 executing program 1:
r0 = socket$inet6(0xa, 0x2, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
pipe(&(0x7f0000000100))
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket(0x1, 0x803, 0x0)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000540)=@newlink={0x70, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x48, 0x12, 0x0, 0x1, @vlan={{0x9, 0x1, 'vlan\x00'}, {0x38, 0x2, 0x0, 0x1, [@IFLA_VLAN_ID={0x6}, @IFLA_VLAN_INGRESS_QOS={0x28, 0x4, 0x0, 0x1, [@IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x0, 0x7}}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x0, 0x800}}, @IFLA_VLAN_QOS_MAPPING={0xc}]}, @IFLA_VLAN_EGRESS_QOS={0x4}]}}}, @IFLA_LINK={0x8, 0x5, r4}]}, 0x70}}, 0x0)

20:58:54 executing program 0:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0)
r1 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r1, 0x0, 0xffffffffffffffff, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(0xffffffffffffffff, 0x2007fff)
sendfile(r0, r0, 0x0, 0x8080fffffffe)
r2 = socket(0x2, 0x803, 0xff)
connect$inet(r2, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r3 = dup(r2)
r4 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r3, r4, 0x0, 0x8000fffffffe)
creat(&(0x7f0000000100)='./bus\x00', 0x0)

20:58:54 executing program 4:
perf_event_open(&(0x7f0000000100)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
timer_create(0x0, &(0x7f0000000040)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=<r0=>0x0)
timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
syz_open_procfs(0x0, &(0x7f0000000100)='net/packet\x00')
poll(0x0, 0x0, 0x204)
syz_genetlink_get_family_id$ipvs(0x0)
pipe(&(0x7f0000000140)={<r1=>0xffffffffffffffff})
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

20:58:54 executing program 5:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r0, &(0x7f0000000280)={0x2, 0x4e23, @multicast1}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
syz_usb_connect(0x0, 0x2d, &(0x7f0000000000)=ANY=[@ANYBLOB="1201fe0009003c0800240042ef42000000010902"], 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, 0x0, 0x0)
sendto$inet(r0, &(0x7f00000012c0)=' ', 0x1, 0x0, 0x0, 0x0)

20:58:55 executing program 1:
r0 = socket$inet6(0xa, 0x2, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
pipe(&(0x7f0000000100))
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket(0x1, 0x803, 0x0)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000540)=@newlink={0x70, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x48, 0x12, 0x0, 0x1, @vlan={{0x9, 0x1, 'vlan\x00'}, {0x38, 0x2, 0x0, 0x1, [@IFLA_VLAN_ID={0x6}, @IFLA_VLAN_INGRESS_QOS={0x28, 0x4, 0x0, 0x1, [@IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x0, 0x7}}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0xfff}}, @IFLA_VLAN_QOS_MAPPING={0xc}]}, @IFLA_VLAN_EGRESS_QOS={0x4}]}}}, @IFLA_LINK={0x8, 0x5, r4}]}, 0x70}}, 0x0)

[  427.938526][   T27] kauditd_printk_skb: 7 callbacks suppressed
[  427.938543][   T27] audit: type=1804 audit(1597265934.907:136): pid=14123 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/211/bus" dev="sda1" ino=16369 res=1 errno=0
20:58:55 executing program 0:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0)
r1 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r1, 0x0, 0xffffffffffffffff, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(0xffffffffffffffff, 0x2007fff)
sendfile(r0, r0, 0x0, 0x8080fffffffe)
r2 = socket(0x2, 0x803, 0xff)
connect$inet(r2, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r3 = dup(r2)
r4 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r3, r4, 0x0, 0x8000fffffffe)
creat(&(0x7f0000000100)='./bus\x00', 0x0)

[  427.991553][  T198] Bluetooth: hci6: Frame reassembly failed (-84)
[  428.011196][ T8130] cdc_ncm 3-1:1.0: bind() failure
[  428.018463][   T27] audit: type=1804 audit(1597265934.907:137): pid=14123 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/211/bus" dev="sda1" ino=16369 res=1 errno=0
[  428.051422][ T8130] cdc_ncm: probe of 3-1:1.1 failed with error -71
[  428.081130][ T8130] cdc_mbim: probe of 3-1:1.1 failed with error -71
[  428.098303][ T8130] usb 3-1: USB disconnect, device number 55
20:58:55 executing program 1:
r0 = socket$inet6(0xa, 0x2, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
pipe(&(0x7f0000000100))
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket(0x1, 0x803, 0x0)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000540)=@newlink={0x70, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x48, 0x12, 0x0, 0x1, @vlan={{0x9, 0x1, 'vlan\x00'}, {0x38, 0x2, 0x0, 0x1, [@IFLA_VLAN_ID={0x6}, @IFLA_VLAN_INGRESS_QOS={0x28, 0x4, 0x0, 0x1, [@IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x0, 0x7}}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0xfff}}, @IFLA_VLAN_QOS_MAPPING={0xc}]}, @IFLA_VLAN_EGRESS_QOS={0x4}]}}}, @IFLA_LINK={0x8, 0x5, r4}]}, 0x70}}, 0x0)

20:58:55 executing program 0:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0)
r1 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r1, 0x0, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r2, 0x0)
sendfile(r0, r0, 0x0, 0x8080fffffffe)
r3 = socket(0x2, 0x803, 0xff)
connect$inet(r3, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r4 = dup(r3)
r5 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x8000fffffffe)
creat(&(0x7f0000000100)='./bus\x00', 0x0)

[  428.205542][   T27] audit: type=1804 audit(1597265935.177:138): pid=14150 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/212/bus" dev="sda1" ino=16367 res=1 errno=0
[  428.240998][ T8236] usb 6-1: new high-speed USB device number 119 using dummy_hcd
20:58:55 executing program 1:
r0 = socket$inet6(0xa, 0x2, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
pipe(&(0x7f0000000100))
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket(0x1, 0x803, 0x0)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000540)=@newlink={0x70, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x48, 0x12, 0x0, 0x1, @vlan={{0x9, 0x1, 'vlan\x00'}, {0x38, 0x2, 0x0, 0x1, [@IFLA_VLAN_ID={0x6}, @IFLA_VLAN_INGRESS_QOS={0x28, 0x4, 0x0, 0x1, [@IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x0, 0x7}}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0xfff}}, @IFLA_VLAN_QOS_MAPPING={0xc}]}, @IFLA_VLAN_EGRESS_QOS={0x4}]}}}, @IFLA_LINK={0x8, 0x5, r4}]}, 0x70}}, 0x0)

[  428.290963][   T27] audit: type=1804 audit(1597265935.177:139): pid=14150 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/212/bus" dev="sda1" ino=16367 res=1 errno=0
20:58:55 executing program 1:
r0 = socket$inet6(0xa, 0x2, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
pipe(&(0x7f0000000100))
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket(0x1, 0x803, 0x0)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000540)=@newlink={0x64, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x3c, 0x12, 0x0, 0x1, @vlan={{0x9, 0x1, 'vlan\x00'}, {0x2c, 0x2, 0x0, 0x1, [@IFLA_VLAN_ID={0x6}, @IFLA_VLAN_INGRESS_QOS={0x1c, 0x4, 0x0, 0x1, [@IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0xfff, 0x800}}, @IFLA_VLAN_QOS_MAPPING={0xc}]}, @IFLA_VLAN_EGRESS_QOS={0x4}]}}}, @IFLA_LINK={0x8, 0x5, r4}]}, 0x64}}, 0x0)

[  428.369837][   T27] audit: type=1804 audit(1597265935.337:140): pid=14154 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/213/bus" dev="sda1" ino=16367 res=1 errno=0
[  428.428412][   T27] audit: type=1804 audit(1597265935.377:141): pid=14154 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/213/bus" dev="sda1" ino=16367 res=1 errno=0
20:58:55 executing program 2:
r0 = syz_usb_connect$cdc_ncm(0x0, 0x6e, &(0x7f00000000c0)=ANY=[@ANYBLOB="12010000020000102505a1a440000102030109025c0002010000000904000001020d0000052406000105240000000d240f0100000000000000000006241a0000000905810300000000000904010000020d00000904010102020d00000905820287"], 0x0)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
r1 = dup(0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)

[  428.491105][ T8236] usb 6-1: Using ep0 maxpacket: 8
[  428.611291][ T8236] usb 6-1: config 0 has no interfaces?
[  428.616909][ T8236] usb 6-1: New USB device found, idVendor=2400, idProduct=4200, bcdDevice=42.ef
[  428.627307][ T8236] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  428.636927][ T8236] usb 6-1: config 0 descriptor??
[  428.850999][   T17] usb 3-1: new high-speed USB device number 56 using dummy_hcd
[  428.883973][ T8236] usb 6-1: USB disconnect, device number 119
[  429.120943][   T17] usb 3-1: Using ep0 maxpacket: 16
[  429.265072][   T17] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  429.275715][   T17] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  429.288359][   T17] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  429.298928][   T17] usb 3-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 135
[  429.309650][   T17] usb 3-1: config 1 interface 1 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  429.501151][   T17] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  429.510312][   T17] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  429.519598][   T17] usb 3-1: Product: syz
[  429.524471][   T17] usb 3-1: Manufacturer: syz
[  429.529144][   T17] usb 3-1: SerialNumber: syz
[  429.784349][T14160] raw-gadget gadget: fail, usb_ep_enable returned -22
[  430.060901][ T1546] Bluetooth: hci6: Entering manufacturer mode failed (-110)
[  430.060920][ T8130] Bluetooth: hci6: command 0xfc11 tx timeout
[  430.061079][   T17] cdc_ncm 3-1:1.0: bind() failure
[  430.121028][   T17] cdc_ncm: probe of 3-1:1.1 failed with error -71
[  430.142263][   T17] cdc_mbim: probe of 3-1:1.1 failed with error -71
[  430.151631][   T17] usb 3-1: USB disconnect, device number 56
20:58:57 executing program 3:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r1, 0x400455c8, 0x9)
dup2(r0, r1)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000008c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
fcntl$dupfd(r2, 0x0, r3)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
syz_usb_connect(0x0, 0x0, 0x0, 0x0)

20:58:57 executing program 0:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0)
r1 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r1, 0x0, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r2, 0x0)
sendfile(r0, r0, 0x0, 0x8080fffffffe)
r3 = socket(0x2, 0x803, 0xff)
connect$inet(r3, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r4 = dup(r3)
r5 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x8000fffffffe)
creat(&(0x7f0000000100)='./bus\x00', 0x0)

20:58:57 executing program 4:
perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
timer_create(0x0, &(0x7f0000000040)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=<r0=>0x0)
timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
syz_open_procfs(0x0, &(0x7f0000000100)='net/packet\x00')
poll(0x0, 0x0, 0x204)
syz_genetlink_get_family_id$ipvs(0x0)
pipe(&(0x7f0000000140)={<r1=>0xffffffffffffffff})
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

20:58:57 executing program 1:
r0 = socket$inet6(0xa, 0x2, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
pipe(&(0x7f0000000100))
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket(0x1, 0x803, 0x0)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000540)=@newlink={0x64, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x3c, 0x12, 0x0, 0x1, @vlan={{0x9, 0x1, 'vlan\x00'}, {0x2c, 0x2, 0x0, 0x1, [@IFLA_VLAN_ID={0x6}, @IFLA_VLAN_INGRESS_QOS={0x1c, 0x4, 0x0, 0x1, [@IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0xfff, 0x800}}, @IFLA_VLAN_QOS_MAPPING={0xc}]}, @IFLA_VLAN_EGRESS_QOS={0x4}]}}}, @IFLA_LINK={0x8, 0x5, r4}]}, 0x64}}, 0x0)

20:58:57 executing program 5:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r0, &(0x7f0000000280)={0x2, 0x4e23, @multicast1}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
syz_usb_connect(0x0, 0x2d, &(0x7f0000000000)=ANY=[@ANYBLOB="1201fe0009003c0800240042ef42000000010902"], 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, 0x0, 0x0)
sendto$inet(r0, &(0x7f00000012c0)=' ', 0x1, 0x0, 0x0, 0x0)

20:58:57 executing program 2:
r0 = syz_usb_connect$cdc_ncm(0x0, 0x6e, &(0x7f00000000c0)=ANY=[@ANYBLOB="12010000020000102505a1a440000102030109025c0002010000000904000001020d0000052406000105240000000d240f0100000000000000000006241a0000000905810300000000000904010000020d00000904010102020d00000905820287"], 0x0)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
r1 = dup(0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)

20:58:57 executing program 0:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0)
r1 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r1, 0x0, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r2, 0x0)
sendfile(r0, r0, 0x0, 0x8080fffffffe)
r3 = socket(0x2, 0x803, 0xff)
connect$inet(r3, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r4 = dup(r3)
r5 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x8000fffffffe)
creat(&(0x7f0000000100)='./bus\x00', 0x0)

[  430.678958][   T27] audit: type=1804 audit(1597265937.647:142): pid=14198 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/214/bus" dev="sda1" ino=15953 res=1 errno=0
20:58:57 executing program 1:
r0 = socket$inet6(0xa, 0x2, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
pipe(&(0x7f0000000100))
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket(0x1, 0x803, 0x0)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000540)=@newlink={0x64, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x3c, 0x12, 0x0, 0x1, @vlan={{0x9, 0x1, 'vlan\x00'}, {0x2c, 0x2, 0x0, 0x1, [@IFLA_VLAN_ID={0x6}, @IFLA_VLAN_INGRESS_QOS={0x1c, 0x4, 0x0, 0x1, [@IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0xfff, 0x800}}, @IFLA_VLAN_QOS_MAPPING={0xc}]}, @IFLA_VLAN_EGRESS_QOS={0x4}]}}}, @IFLA_LINK={0x8, 0x5, r4}]}, 0x64}}, 0x0)

[  430.734809][   T58] Bluetooth: hci6: Frame reassembly failed (-84)
20:58:57 executing program 1:
r0 = socket$inet6(0xa, 0x2, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
pipe(&(0x7f0000000100))
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket(0x1, 0x803, 0x0)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000540)=@newlink={0x70, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x48, 0x12, 0x0, 0x1, @vlan={{0x9, 0x1, 'vlan\x00'}, {0x38, 0x2, 0x0, 0x1, [@IFLA_VLAN_ID={0x6}, @IFLA_VLAN_INGRESS_QOS={0x28, 0x4, 0x0, 0x1, [@IFLA_VLAN_QOS_MAPPING={0xc}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0xfff, 0x800}}, @IFLA_VLAN_QOS_MAPPING={0xc}]}, @IFLA_VLAN_EGRESS_QOS={0x4}]}}}, @IFLA_LINK={0x8, 0x5, r4}]}, 0x70}}, 0x0)

[  430.780341][   T27] audit: type=1804 audit(1597265937.657:143): pid=14198 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/214/bus" dev="sda1" ino=15953 res=1 errno=0
[  430.847454][   T27] audit: type=1804 audit(1597265937.817:144): pid=14213 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/215/bus" dev="sda1" ino=15906 res=1 errno=0
20:58:57 executing program 0:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0)
r1 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r1, 0x0, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r2, 0x2007fff)
sendfile(0xffffffffffffffff, r0, 0x0, 0x8080fffffffe)
r3 = socket(0x2, 0x803, 0xff)
connect$inet(r3, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r4 = dup(r3)
r5 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x8000fffffffe)
creat(&(0x7f0000000100)='./bus\x00', 0x0)

20:58:57 executing program 1:
r0 = socket$inet6(0xa, 0x2, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
pipe(&(0x7f0000000100))
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket(0x1, 0x803, 0x0)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000540)=@newlink={0x70, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x48, 0x12, 0x0, 0x1, @vlan={{0x9, 0x1, 'vlan\x00'}, {0x38, 0x2, 0x0, 0x1, [@IFLA_VLAN_ID={0x6}, @IFLA_VLAN_INGRESS_QOS={0x28, 0x4, 0x0, 0x1, [@IFLA_VLAN_QOS_MAPPING={0xc}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0xfff, 0x800}}, @IFLA_VLAN_QOS_MAPPING={0xc}]}, @IFLA_VLAN_EGRESS_QOS={0x4}]}}}, @IFLA_LINK={0x8, 0x5, r4}]}, 0x70}}, 0x0)

[  430.900875][   T23] usb 6-1: new high-speed USB device number 120 using dummy_hcd
[  430.943993][   T27] audit: type=1804 audit(1597265937.817:145): pid=14213 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/215/bus" dev="sda1" ino=15906 res=1 errno=0
[  430.970914][ T2545] usb 3-1: new high-speed USB device number 57 using dummy_hcd
20:58:58 executing program 1:
r0 = socket$inet6(0xa, 0x2, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
pipe(&(0x7f0000000100))
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket(0x1, 0x803, 0x0)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000540)=@newlink={0x70, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x48, 0x12, 0x0, 0x1, @vlan={{0x9, 0x1, 'vlan\x00'}, {0x38, 0x2, 0x0, 0x1, [@IFLA_VLAN_ID={0x6}, @IFLA_VLAN_INGRESS_QOS={0x28, 0x4, 0x0, 0x1, [@IFLA_VLAN_QOS_MAPPING={0xc}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0xfff, 0x800}}, @IFLA_VLAN_QOS_MAPPING={0xc}]}, @IFLA_VLAN_EGRESS_QOS={0x4}]}}}, @IFLA_LINK={0x8, 0x5, r4}]}, 0x70}}, 0x0)

[  431.191110][   T23] usb 6-1: Using ep0 maxpacket: 8
[  431.210838][ T2545] usb 3-1: Using ep0 maxpacket: 16
[  431.330972][ T2545] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  431.341208][   T23] usb 6-1: config 0 has no interfaces?
[  431.341242][   T23] usb 6-1: New USB device found, idVendor=2400, idProduct=4200, bcdDevice=42.ef
[  431.341258][   T23] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  431.345233][   T23] usb 6-1: config 0 descriptor??
[  431.346901][ T2545] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  431.403389][ T2545] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  431.416565][ T2545] usb 3-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 135
[  431.426607][ T2545] usb 3-1: config 1 interface 1 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  431.590913][ T2545] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  431.600079][ T2545] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  431.608585][ T2545] usb 3-1: Product: syz
[  431.611101][   T23] usb 6-1: USB disconnect, device number 120
[  431.613200][ T2545] usb 3-1: Manufacturer: syz
[  431.623747][ T2545] usb 3-1: SerialNumber: syz
[  431.883424][T14203] raw-gadget gadget: fail, usb_ep_enable returned -22
[  432.052737][    T0] NOHZ: local_softirq_pending 08
[  432.057736][    T0] NOHZ: local_softirq_pending 08
[  432.140964][ T2545] cdc_ncm 3-1:1.0: bind() failure
[  432.171077][ T2545] cdc_ncm: probe of 3-1:1.1 failed with error -71
[  432.191344][ T2545] cdc_mbim: probe of 3-1:1.1 failed with error -71
[  432.201212][ T2545] usb 3-1: USB disconnect, device number 57
[  432.770782][ T2545] Bluetooth: hci6: command 0xfc11 tx timeout
[  432.776536][ T1546] Bluetooth: hci6: Entering manufacturer mode failed (-110)
20:59:00 executing program 3:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r1, 0x400455c8, 0x9)
dup2(r0, r1)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000008c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
fcntl$dupfd(r2, 0x0, r3)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
syz_usb_connect(0x0, 0x0, 0x0, 0x0)

20:59:00 executing program 1:
r0 = socket$inet6(0xa, 0x2, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
pipe(&(0x7f0000000100))
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket(0x1, 0x803, 0x0)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000540)=@newlink={0x68, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x40, 0x12, 0x0, 0x1, @vlan={{0x9, 0x1, 'vlan\x00'}, {0x30, 0x2, 0x0, 0x1, [@IFLA_VLAN_INGRESS_QOS={0x28, 0x4, 0x0, 0x1, [@IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x0, 0x7}}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0xfff, 0x800}}, @IFLA_VLAN_QOS_MAPPING={0xc}]}, @IFLA_VLAN_EGRESS_QOS={0x4}]}}}, @IFLA_LINK={0x8, 0x5, r4}]}, 0x68}}, 0x0)

20:59:00 executing program 0:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0)
r1 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r1, 0x0, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r2, 0x2007fff)
sendfile(0xffffffffffffffff, r0, 0x0, 0x8080fffffffe)
r3 = socket(0x2, 0x803, 0xff)
connect$inet(r3, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r4 = dup(r3)
r5 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x8000fffffffe)
creat(&(0x7f0000000100)='./bus\x00', 0x0)

20:59:00 executing program 4:
perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
timer_create(0x0, &(0x7f0000000040)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=<r0=>0x0)
timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
syz_open_procfs(0x0, &(0x7f0000000100)='net/packet\x00')
poll(0x0, 0x0, 0x204)
syz_genetlink_get_family_id$ipvs(0x0)
pipe(&(0x7f0000000140)={<r1=>0xffffffffffffffff})
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

20:59:00 executing program 5:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r0, &(0x7f0000000280)={0x2, 0x4e23, @multicast1}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
syz_usb_connect(0x0, 0x2d, &(0x7f0000000000)=ANY=[@ANYBLOB="1201fe0009003c0800240042ef42000000010902"], 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, 0x0, 0x0)
sendto$inet(r0, &(0x7f00000012c0)=' ', 0x1, 0x0, 0x0, 0x0)

20:59:00 executing program 2:
r0 = syz_usb_connect$cdc_ncm(0x0, 0x6e, &(0x7f00000000c0)=ANY=[@ANYBLOB="12010000020000102505a1a440000102030109025c0002010000000904000001020d0000052406000105240000000d240f0100000000000000000006241a0000000905810300000000000904010000020d00000904010102020d00000905820287"], 0x0)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
r1 = dup(0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)

20:59:00 executing program 1:
r0 = socket$inet6(0xa, 0x2, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
pipe(&(0x7f0000000100))
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket(0x1, 0x803, 0x0)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000540)=@newlink={0x68, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x40, 0x12, 0x0, 0x1, @vlan={{0x9, 0x1, 'vlan\x00'}, {0x30, 0x2, 0x0, 0x1, [@IFLA_VLAN_INGRESS_QOS={0x28, 0x4, 0x0, 0x1, [@IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x0, 0x7}}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0xfff, 0x800}}, @IFLA_VLAN_QOS_MAPPING={0xc}]}, @IFLA_VLAN_EGRESS_QOS={0x4}]}}}, @IFLA_LINK={0x8, 0x5, r4}]}, 0x68}}, 0x0)

[  433.422541][   T27] kauditd_printk_skb: 2 callbacks suppressed
[  433.422556][   T27] audit: type=1804 audit(1597265940.397:148): pid=14269 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/217/bus" dev="sda1" ino=16290 res=1 errno=0
[  433.538351][   T27] audit: type=1804 audit(1597265940.487:149): pid=14278 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/217/bus" dev="sda1" ino=16290 res=1 errno=0
20:59:00 executing program 1:
r0 = socket$inet6(0xa, 0x2, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
pipe(&(0x7f0000000100))
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket(0x1, 0x803, 0x0)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000540)=@newlink={0x68, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x40, 0x12, 0x0, 0x1, @vlan={{0x9, 0x1, 'vlan\x00'}, {0x30, 0x2, 0x0, 0x1, [@IFLA_VLAN_INGRESS_QOS={0x28, 0x4, 0x0, 0x1, [@IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x0, 0x7}}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0xfff, 0x800}}, @IFLA_VLAN_QOS_MAPPING={0xc}]}, @IFLA_VLAN_EGRESS_QOS={0x4}]}}}, @IFLA_LINK={0x8, 0x5, r4}]}, 0x68}}, 0x0)

20:59:00 executing program 0:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0)
r1 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r1, 0x0, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r2, 0x2007fff)
sendfile(0xffffffffffffffff, r0, 0x0, 0x8080fffffffe)
r3 = socket(0x2, 0x803, 0xff)
connect$inet(r3, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r4 = dup(r3)
r5 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x8000fffffffe)
creat(&(0x7f0000000100)='./bus\x00', 0x0)

[  433.650685][ T2545] usb 3-1: new high-speed USB device number 58 using dummy_hcd
[  433.660760][ T7291] usb 6-1: new high-speed USB device number 121 using dummy_hcd
[  433.709361][   T27] audit: type=1804 audit(1597265940.677:150): pid=14285 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/218/bus" dev="sda1" ino=16290 res=1 errno=0
20:59:00 executing program 1:
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000002c0)=@ipv6_delroute={0x28, 0x19, 0x1, 0x0, 0x0, {}, [@RTA_MULTIPATH={0xc}]}, 0x28}}, 0x0)

20:59:00 executing program 1:
clone(0x20002004ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
exit_group(0x0)
r0 = socket(0x11, 0x800000003, 0x0)
bind(r0, &(0x7f0000000080)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80)
getsockname$packet(r0, &(0x7f00000003c0)={0x11, 0x0, <r1=>0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000000)=0x14)
r2 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000280)=@newqdisc={0x40, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_fq_codel={{0xd, 0x1, 'fq_codel\x00'}, {0xc, 0x2, [@TCA_FQ_CODEL_FLOWS={0x8, 0x5, 0x8001}]}}]}, 0x40}}, 0x0)

20:59:00 executing program 4:
perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
timer_create(0x0, &(0x7f0000000040)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=<r0=>0x0)
timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
syz_open_procfs(0x0, &(0x7f0000000100)='net/packet\x00')
poll(0x0, 0x0, 0x204)
syz_genetlink_get_family_id$ipvs(0x0)
pipe(&(0x7f0000000140)={<r1=>0xffffffffffffffff})
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

[  433.785422][   T27] audit: type=1804 audit(1597265940.757:151): pid=14286 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/218/bus" dev="sda1" ino=16290 res=1 errno=0
[  433.900738][ T7291] usb 6-1: Using ep0 maxpacket: 8
[  433.905898][ T2545] usb 3-1: Using ep0 maxpacket: 16
[  434.060779][ T7291] usb 6-1: config 0 has no interfaces?
[  434.066441][ T2545] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  434.076630][ T7291] usb 6-1: New USB device found, idVendor=2400, idProduct=4200, bcdDevice=42.ef
[  434.087831][ T2545] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  434.099526][ T7291] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  434.108229][ T2545] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  434.119229][ T2545] usb 3-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 135
[  434.129710][ T7291] usb 6-1: config 0 descriptor??
[  434.141880][ T2545] usb 3-1: config 1 interface 1 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  434.340736][ T2545] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  434.349899][ T2545] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  434.358388][ T2545] usb 3-1: Product: syz
[  434.362997][ T2545] usb 3-1: Manufacturer: syz
[  434.367666][ T2545] usb 3-1: SerialNumber: syz
[  434.399911][   T17] usb 6-1: USB disconnect, device number 121
[  434.613025][T14262] raw-gadget gadget: fail, usb_ep_enable returned -22
[  434.870733][ T2545] cdc_ncm 3-1:1.0: bind() failure
[  434.890921][ T2545] cdc_ncm: probe of 3-1:1.1 failed with error -71
[  434.921299][ T2545] cdc_mbim: probe of 3-1:1.1 failed with error -71
[  434.934491][ T2545] usb 3-1: USB disconnect, device number 58
[  435.490599][ T1546] Bluetooth: hci6: Entering manufacturer mode failed (-110)
[  435.490606][ T8236] Bluetooth: hci6: command 0xfc11 tx timeout
20:59:03 executing program 3:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r1, 0x400455c8, 0x9)
dup2(r0, r1)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000008c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
r4 = fcntl$dupfd(r2, 0x0, r3)
ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x0)
syz_usb_connect(0x0, 0x0, 0x0, 0x0)

20:59:03 executing program 0:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0)
r1 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r1, 0x0, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r2, 0x2007fff)
sendfile(r0, 0xffffffffffffffff, 0x0, 0x8080fffffffe)
r3 = socket(0x2, 0x803, 0xff)
connect$inet(r3, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r4 = dup(r3)
r5 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x8000fffffffe)
creat(&(0x7f0000000100)='./bus\x00', 0x0)

20:59:03 executing program 1:
rt_sigqueueinfo(0x0, 0x0, &(0x7f0000000080))

20:59:03 executing program 4:
perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
timer_create(0x0, &(0x7f0000000040)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=<r0=>0x0)
timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
syz_open_procfs(0x0, &(0x7f0000000100)='net/packet\x00')
poll(0x0, 0x0, 0x204)
syz_genetlink_get_family_id$ipvs(0x0)
pipe(&(0x7f0000000140)={<r1=>0xffffffffffffffff})
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

20:59:03 executing program 5:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r0, &(0x7f0000000280)={0x2, 0x4e23, @multicast1}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
syz_usb_connect(0x0, 0x2d, &(0x7f0000000000)=ANY=[@ANYBLOB="1201fe0009003c0800240042ef42000000010902"], 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000040)='highspeed\x00', 0xa)
sendto$inet(0xffffffffffffffff, &(0x7f00000012c0)=' ', 0x1, 0x0, 0x0, 0x0)

20:59:03 executing program 2:
r0 = syz_usb_connect$cdc_ncm(0x0, 0x6e, &(0x7f00000000c0)=ANY=[@ANYBLOB="12010000020000102505a1a440000102030109025c0002010000000904000001020d0000052406000105240000000d240f0100000000000000000006241a0000000905810300000000000904010000020d00000904010102020d00000905820287"], 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180))
r1 = dup(0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)

20:59:03 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x3c, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bond={{0x9, 0x1, 'bond\x00'}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BOND_PRIMARY={0x8}]}}}]}, 0x3c}}, 0x0)

[  436.092458][   T27] audit: type=1804 audit(1597265943.067:152): pid=14332 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/219/bus" dev="sda1" ino=16372 res=1 errno=0
20:59:03 executing program 0:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0)
r1 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r1, 0x0, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r2, 0x2007fff)
sendfile(r0, 0xffffffffffffffff, 0x0, 0x8080fffffffe)
r3 = socket(0x2, 0x803, 0xff)
connect$inet(r3, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r4 = dup(r3)
r5 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x8000fffffffe)
creat(&(0x7f0000000100)='./bus\x00', 0x0)

[  436.205658][   T27] audit: type=1804 audit(1597265943.147:153): pid=14341 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/219/bus" dev="sda1" ino=16372 res=1 errno=0
[  436.286550][T14348] (unnamed net_device) (uninitialized): option primary: mode dependency failed, not supported in mode balance-rr(0)
[  436.321877][T14354] (unnamed net_device) (uninitialized): option primary: mode dependency failed, not supported in mode balance-rr(0)
[  436.343809][   T23] usb 6-1: new high-speed USB device number 122 using dummy_hcd
20:59:03 executing program 1:
prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0)
socket$inet6(0xa, 0x3, 0x7)
recvmmsg(0xffffffffffffffff, &(0x7f0000002680)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0)
dup(0xffffffffffffffff)
pipe(&(0x7f0000000300)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
pipe(&(0x7f0000000600)={<r3=>0xffffffffffffffff})
socket$nl_route(0x10, 0x3, 0x0)
splice(r3, 0x0, 0xffffffffffffffff, 0x0, 0x7fffffff, 0x0)
connect$bt_sco(r3, &(0x7f00000000c0)={0x1f, @none}, 0x8)
fcntl$setpipe(r2, 0x407, 0x0)
write(r2, &(0x7f0000000340), 0x41395527)
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x1, 0x0, 0x3}, 0x0)
perf_event_open(&(0x7f0000000100)={0x2, 0x70, 0xd4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r4 = creat(&(0x7f0000000180)='./bus\x00', 0x0)
fallocate(r4, 0x0, 0x0, 0x8020001)

[  436.400628][   T17] usb 3-1: new high-speed USB device number 59 using dummy_hcd
[  436.415271][   T27] audit: type=1804 audit(1597265943.387:154): pid=14355 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/220/bus" dev="sda1" ino=16383 res=1 errno=0
20:59:03 executing program 1:
prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0)
socket$inet6(0xa, 0x3, 0x7)
recvmmsg(0xffffffffffffffff, &(0x7f0000002680)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0)
dup(0xffffffffffffffff)
pipe(&(0x7f0000000300)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
pipe(&(0x7f0000000600)={<r3=>0xffffffffffffffff})
socket$nl_route(0x10, 0x3, 0x0)
splice(r3, 0x0, 0xffffffffffffffff, 0x0, 0x7fffffff, 0x0)
connect$bt_sco(r3, &(0x7f00000000c0)={0x1f, @none}, 0x8)
fcntl$setpipe(r2, 0x407, 0x0)
write(r2, &(0x7f0000000340), 0x41395527)
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x1, 0x0, 0x3}, 0x0)
perf_event_open(&(0x7f0000000100)={0x2, 0x70, 0xd4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r4 = creat(&(0x7f0000000180)='./bus\x00', 0x0)
fallocate(r4, 0x0, 0x0, 0x8020001)

20:59:03 executing program 0:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0)
r1 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r1, 0x0, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r2, 0x2007fff)
sendfile(r0, 0xffffffffffffffff, 0x0, 0x8080fffffffe)
r3 = socket(0x2, 0x803, 0xff)
connect$inet(r3, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r4 = dup(r3)
r5 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x8000fffffffe)
creat(&(0x7f0000000100)='./bus\x00', 0x0)

[  436.501672][   T27] audit: type=1804 audit(1597265943.477:155): pid=14358 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/220/bus" dev="sda1" ino=16383 res=1 errno=0
[  436.528458][    C1] Scheduler tracepoints stat_sleep, stat_iowait, stat_blocked and stat_runtime require the kernel parameter schedstats=enable or kernel.sched_schedstats=1
[  436.590477][   T23] usb 6-1: Using ep0 maxpacket: 8
20:59:03 executing program 4:
perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
timer_create(0x0, &(0x7f0000000040)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=<r0=>0x0)
timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
syz_open_procfs(0x0, &(0x7f0000000100)='net/packet\x00')
poll(0x0, 0x0, 0x204)
syz_genetlink_get_family_id$ipvs(0x0)
pipe(&(0x7f0000000140)={<r1=>0xffffffffffffffff})
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

[  436.624052][   T27] audit: type=1804 audit(1597265943.597:156): pid=14363 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/221/bus" dev="sda1" ino=16383 res=1 errno=0
[  436.671085][   T17] usb 3-1: Using ep0 maxpacket: 16
[  436.710766][   T23] usb 6-1: config 0 has no interfaces?
[  436.716727][   T23] usb 6-1: New USB device found, idVendor=2400, idProduct=4200, bcdDevice=42.ef
[  436.719901][   T27] audit: type=1804 audit(1597265943.687:157): pid=14367 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/221/bus" dev="sda1" ino=16383 res=1 errno=0
[  436.745249][   T23] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  436.777511][   T23] usb 6-1: config 0 descriptor??
[  436.797026][   T17] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  436.827119][   T17] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  436.864759][   T17] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  436.890120][   T17] usb 3-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 135
[  436.914117][   T17] usb 3-1: config 1 interface 1 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  437.086241][ T2545] usb 6-1: USB disconnect, device number 122
[  437.100573][   T17] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  437.114271][   T17] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  437.128533][   T17] usb 3-1: Product: syz
[  437.133213][   T17] usb 3-1: Manufacturer: syz
[  437.142878][   T17] usb 3-1: SerialNumber: syz
[  437.393901][T14337] raw-gadget gadget: fail, usb_ep_enable returned -22
[  437.650526][   T17] cdc_ncm 3-1:1.0: bind() failure
[  437.680599][   T17] cdc_ncm: probe of 3-1:1.1 failed with error -71
[  437.700694][   T17] cdc_mbim: probe of 3-1:1.1 failed with error -71
[  437.722440][   T17] usb 3-1: USB disconnect, device number 59
[  438.290593][ T8236] Bluetooth: hci6: command 0xfc11 tx timeout
[  438.290668][ T1546] Bluetooth: hci6: Entering manufacturer mode failed (-110)
20:59:05 executing program 3:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r1, 0x400455c8, 0x9)
dup2(r0, r1)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000008c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
r4 = fcntl$dupfd(r2, 0x0, r3)
ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x0)
syz_usb_connect(0x0, 0x0, 0x0, 0x0)

20:59:05 executing program 1:
r0 = syz_usb_connect(0x0, 0x36, &(0x7f0000000340)=ANY=[@ANYBLOB="12010000dccd5e08cb060900be5c000000010902240001000000000904340102d46def0009058acfe2368f7d940000000071222cbe0e00411fe50fa89e3f4392f6f1d11ba5b30000008000dbfb344205ba17c1d93ed7bd10a8b6d7adba06000000000000004e74a5a700828dc85041107a89c023591f4ccf82642ba5f0c233e0a3ce0a0f321a20d461a0cc78006ba18d00bd9a006c7d44edc6e040cf780c14fc3a792bc4d9f2bcda0fcbdb3a7aa6027501002832eb58bf50564798930c3f6e7a36c35c1a5e3f733ea465521aa0a75390fe18f80820cb71f40b195354818efa85ecdb5824c252988784ffff5b8db215cfcddb6922b8cd731b2eaef557e2bb565766d5d7d04663466f6330f8462edbf2ed84a6dfedc5d1646fb45e8f5184cfcd0a3027d6edb4d433d19d06d737f9ae7523626dddecf93fde183497d6cdfa8d281ddc"], 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_open_dev$evdev(&(0x7f0000000080)='/dev/input/event#\x00', 0x4, 0x24002)

20:59:05 executing program 0:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0)
r1 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r1, 0x0, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r2, 0x2007fff)
sendfile(r0, r0, 0x0, 0x0)
r3 = socket(0x2, 0x803, 0xff)
connect$inet(r3, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r4 = dup(r3)
r5 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x8000fffffffe)
creat(&(0x7f0000000100)='./bus\x00', 0x0)

20:59:05 executing program 4:
perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
timer_create(0x0, &(0x7f0000000040)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=<r0=>0x0)
timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
syz_open_procfs(0x0, &(0x7f0000000100)='net/packet\x00')
poll(0x0, 0x0, 0x204)
syz_genetlink_get_family_id$ipvs(0x0)
pipe(&(0x7f0000000140)={<r1=>0xffffffffffffffff})
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

20:59:05 executing program 5:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r0, &(0x7f0000000280)={0x2, 0x4e23, @multicast1}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
syz_usb_connect(0x0, 0x2d, &(0x7f0000000000)=ANY=[@ANYBLOB="1201fe0009003c0800240042ef42000000010902"], 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000040)='highspeed\x00', 0xa)
sendto$inet(0xffffffffffffffff, &(0x7f00000012c0)=' ', 0x1, 0x0, 0x0, 0x0)

20:59:05 executing program 2:
r0 = syz_usb_connect$cdc_ncm(0x0, 0x6e, &(0x7f00000000c0)=ANY=[@ANYBLOB="12010000020000102505a1a440000102030109025c0002010000000904000001020d0000052406000105240000000d240f0100000000000000000006241a0000000905810300000000000904010000020d00000904010102020d00000905820287"], 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180))
r1 = dup(0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)

[  438.962284][   T27] audit: type=1804 audit(1597265945.937:158): pid=14416 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/222/bus" dev="sda1" ino=16357 res=1 errno=0
[  439.066581][   T27] audit: type=1804 audit(1597265946.027:159): pid=14427 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/222/bus" dev="sda1" ino=16357 res=1 errno=0
20:59:06 executing program 0:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0)
r1 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r1, 0x0, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r2, 0x2007fff)
sendfile(r0, r0, 0x0, 0x0)
r3 = socket(0x2, 0x803, 0xff)
connect$inet(r3, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r4 = dup(r3)
r5 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x8000fffffffe)
creat(&(0x7f0000000100)='./bus\x00', 0x0)

[  439.150462][   T23] usb 3-1: new high-speed USB device number 60 using dummy_hcd
[  439.180477][ T8236] usb 2-1: new high-speed USB device number 18 using dummy_hcd
[  439.200472][ T2545] usb 6-1: new high-speed USB device number 123 using dummy_hcd
[  439.234227][   T27] audit: type=1804 audit(1597265946.207:160): pid=14429 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/223/bus" dev="sda1" ino=16379 res=1 errno=0
20:59:06 executing program 0:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0)
r1 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r1, 0x0, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r2, 0x2007fff)
sendfile(r0, r0, 0x0, 0x0)
r3 = socket(0x2, 0x803, 0xff)
connect$inet(r3, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r4 = dup(r3)
r5 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x8000fffffffe)
creat(&(0x7f0000000100)='./bus\x00', 0x0)

[  439.303877][   T27] audit: type=1804 audit(1597265946.277:161): pid=14430 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/223/bus" dev="sda1" ino=16379 res=1 errno=0
[  439.386650][   T27] audit: type=1804 audit(1597265946.357:162): pid=14432 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/224/bus" dev="sda1" ino=16379 res=1 errno=0
[  439.390441][   T23] usb 3-1: Using ep0 maxpacket: 16
20:59:06 executing program 0:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0)
r1 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r1, 0x0, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r2, 0x2007fff)
sendfile(r0, r0, 0x0, 0x8080fffffffe)
r3 = socket(0x0, 0x803, 0xff)
connect$inet(r3, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r4 = dup(r3)
r5 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x8000fffffffe)
creat(&(0x7f0000000100)='./bus\x00', 0x0)

[  439.450522][ T8236] usb 2-1: Using ep0 maxpacket: 8
[  439.467506][   T27] audit: type=1804 audit(1597265946.437:163): pid=14433 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/224/bus" dev="sda1" ino=16379 res=1 errno=0
[  439.492410][ T2545] usb 6-1: Using ep0 maxpacket: 8
[  439.540690][   T23] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  439.556754][   T23] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  439.578130][   T23] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  439.589409][   T23] usb 3-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 135
[  439.600690][   T23] usb 3-1: config 1 interface 1 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  439.636617][   T27] audit: type=1804 audit(1597265946.607:164): pid=14436 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/225/bus" dev="sda1" ino=16379 res=1 errno=0
[  439.637294][ T8236] usb 2-1: config 0 has an invalid interface number: 52 but max is 0
[  439.669312][ T8236] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
20:59:06 executing program 4:
perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
timer_create(0x0, &(0x7f0000000040)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=<r0=>0x0)
timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
syz_open_procfs(0x0, &(0x7f0000000100)='net/packet\x00')
poll(0x0, 0x0, 0x204)
syz_genetlink_get_family_id$ipvs(0x0)
pipe(&(0x7f0000000140)={<r1=>0xffffffffffffffff})
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

[  439.686837][   T27] audit: type=1804 audit(1597265946.657:165): pid=14436 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/225/bus" dev="sda1" ino=16379 res=1 errno=0
[  439.690692][ T2545] usb 6-1: config 0 has no interfaces?
[  439.715775][ T8236] usb 2-1: config 0 has no interface number 0
[  439.722360][ T8236] usb 2-1: config 0 interface 52 altsetting 1 endpoint 0x8A has an invalid bInterval 143, changing to 11
20:59:06 executing program 0:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0)
r1 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r1, 0x0, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r2, 0x2007fff)
sendfile(r0, r0, 0x0, 0x8080fffffffe)
r3 = socket(0x0, 0x803, 0xff)
connect$inet(r3, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r4 = dup(r3)
r5 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x8000fffffffe)
creat(&(0x7f0000000100)='./bus\x00', 0x0)

[  439.750303][ T2545] usb 6-1: New USB device found, idVendor=2400, idProduct=4200, bcdDevice=42.ef
[  439.759628][ T2545] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  439.768044][ T8236] usb 2-1: config 0 interface 52 altsetting 1 endpoint 0x8A has invalid maxpacket 1762, setting to 1024
[  439.781767][ T2545] usb 6-1: config 0 descriptor??
[  439.787406][ T8236] usb 2-1: config 0 interface 52 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  439.792794][   T23] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  439.806901][ T8236] usb 2-1: config 0 interface 52 has no altsetting 0
[  439.816351][   T23] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  439.821901][ T8236] usb 2-1: New USB device found, idVendor=06cb, idProduct=0009, bcdDevice=5c.be
[  439.842855][   T23] usb 3-1: Product: syz
[  439.851640][ T8236] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  439.858908][   T23] usb 3-1: Manufacturer: syz
[  439.874821][   T23] usb 3-1: SerialNumber: syz
[  439.879221][ T8236] usb 2-1: config 0 descriptor??
[  439.910807][T14408] raw-gadget gadget: fail, usb_ep_enable returned -22
[  440.038299][ T8236] usb 6-1: USB disconnect, device number 123
[  440.047634][   T27] audit: type=1804 audit(1597265947.017:166): pid=14456 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/226/bus" dev="sda1" ino=16356 res=1 errno=0
20:59:07 executing program 0:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0)
r1 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r1, 0x0, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r2, 0x2007fff)
sendfile(r0, r0, 0x0, 0x8080fffffffe)
r3 = socket(0x0, 0x803, 0xff)
connect$inet(r3, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r4 = dup(r3)
r5 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x8000fffffffe)
creat(&(0x7f0000000100)='./bus\x00', 0x0)

[  440.118492][   T27] audit: type=1804 audit(1597265947.017:167): pid=14456 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/226/bus" dev="sda1" ino=16356 res=1 errno=0
[  440.151616][T14406] raw-gadget gadget: fail, usb_ep_enable returned -22
[  440.410460][   T23] cdc_ncm 3-1:1.0: bind() failure
[  440.432271][   T23] cdc_ncm: probe of 3-1:1.1 failed with error -71
[  440.454791][   T23] cdc_mbim: probe of 3-1:1.1 failed with error -71
[  440.467956][   T23] usb 3-1: USB disconnect, device number 60
[  441.010345][ T1546] Bluetooth: hci6: Entering manufacturer mode failed (-110)
[  441.011149][ T8236] Bluetooth: hci6: command 0xfc11 tx timeout
20:59:08 executing program 5:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r0, &(0x7f0000000280)={0x2, 0x4e23, @multicast1}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
syz_usb_connect(0x0, 0x2d, &(0x7f0000000000)=ANY=[@ANYBLOB="1201fe0009003c0800240042ef42000000010902"], 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000040)='highspeed\x00', 0xa)
sendto$inet(0xffffffffffffffff, &(0x7f00000012c0)=' ', 0x1, 0x0, 0x0, 0x0)

20:59:08 executing program 1:
r0 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @remote, 0x4}, 0x1c)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM(0x2, 0x0, 0x0)
faccessat(0xffffffffffffffff, 0x0, 0x0)
renameat2(0xffffffffffffffff, 0x0, 0xffffffffffffff9c, 0x0, 0x0)
r1 = syz_open_dev$media(&(0x7f00000000c0)='/dev/media#\x00', 0x2, 0x10000)
ioctl$HIDIOCGREPORT(r1, 0x400c4807, &(0x7f0000000180)={0x2, 0x3, 0x600000})
setsockopt$SO_BINDTODEVICE(0xffffffffffffffff, 0x1, 0x19, 0x0, 0x0)
socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, 0x0, 0x0)
connect$inet6(0xffffffffffffffff, &(0x7f0000000300)={0xa, 0x0, 0x0, @ipv4={[], [], @multicast1}}, 0x1c)
syz_open_procfs(0x0, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)
pipe(&(0x7f0000000480)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r3, &(0x7f0000000000)={0xa, 0x8000002}, 0x1c)
r4 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cuse\x00', 0x82, 0x0)
write$FUSE_NOTIFY_INVAL_ENTRY(r4, &(0x7f0000000000)={0x23, 0x3, 0x0, {0x0, 0x2, 0x0, '*+'}}, 0x23)
ioctl$FITRIM(r4, 0xc0185879, &(0x7f0000000080)={0x1, 0x401, 0x1})
sendto$inet6(r3, 0x0, 0x0, 0x20000001, &(0x7f0000b63fe4)={0xa, 0x2, 0x0, @loopback}, 0x1c)
splice(r3, 0x0, r2, 0x0, 0x7fffffff, 0x0)
sendto$packet(r3, &(0x7f0000000340), 0xfffffffffffffd4d, 0x0, 0x0, 0x0)

20:59:08 executing program 0:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0)
r1 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r1, 0x0, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r2, 0x2007fff)
sendfile(r0, r0, 0x0, 0x8080fffffffe)
r3 = socket(0x2, 0x0, 0xff)
connect$inet(r3, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r4 = dup(r3)
r5 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x8000fffffffe)
creat(&(0x7f0000000100)='./bus\x00', 0x0)

20:59:08 executing program 4:
perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
timer_create(0x0, 0x0, &(0x7f0000000080))
timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=<r0=>0x0)
timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
syz_open_procfs(0x0, &(0x7f0000000100)='net/packet\x00')
poll(0x0, 0x0, 0x204)
syz_genetlink_get_family_id$ipvs(0x0)
pipe(&(0x7f0000000140)={<r1=>0xffffffffffffffff})
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

20:59:08 executing program 3:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r1, 0x400455c8, 0x9)
dup2(r0, r1)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000008c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
r4 = fcntl$dupfd(r2, 0x0, r3)
ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x0)
syz_usb_connect(0x0, 0x0, 0x0, 0x0)

20:59:08 executing program 2:
r0 = syz_usb_connect$cdc_ncm(0x0, 0x6e, &(0x7f00000000c0)=ANY=[@ANYBLOB="12010000020000102505a1a440000102030109025c0002010000000904000001020d0000052406000105240000000d240f0100000000000000000006241a0000000905810300000000000904010000020d00000904010102020d00000905820287"], 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180))
r1 = dup(0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)

[  441.830207][   T12] usb 6-1: new high-speed USB device number 124 using dummy_hcd
[  441.845165][   T23] usb 2-1: USB disconnect, device number 18
20:59:08 executing program 4:
perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
timer_create(0x0, 0x0, &(0x7f0000000080))
timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=<r0=>0x0)
timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
syz_open_procfs(0x0, &(0x7f0000000100)='net/packet\x00')
poll(0x0, 0x0, 0x204)
syz_genetlink_get_family_id$ipvs(0x0)
pipe(&(0x7f0000000140)={<r1=>0xffffffffffffffff})
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

20:59:09 executing program 4:
perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
timer_create(0x0, 0x0, &(0x7f0000000080))
timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=<r0=>0x0)
timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
syz_open_procfs(0x0, &(0x7f0000000100)='net/packet\x00')
poll(0x0, 0x0, 0x204)
syz_genetlink_get_family_id$ipvs(0x0)
pipe(&(0x7f0000000140)={<r1=>0xffffffffffffffff})
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

20:59:09 executing program 0:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0)
r1 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r1, 0x0, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r2, 0x2007fff)
sendfile(r0, r0, 0x0, 0x8080fffffffe)
r3 = socket(0x2, 0x0, 0xff)
connect$inet(r3, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r4 = dup(r3)
r5 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x8000fffffffe)
creat(&(0x7f0000000100)='./bus\x00', 0x0)

[  442.090207][   T12] usb 6-1: Using ep0 maxpacket: 8
20:59:09 executing program 4:
perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
timer_create(0x0, &(0x7f0000000040)={0x0, 0x0, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=<r0=>0x0)
timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
syz_open_procfs(0x0, &(0x7f0000000100)='net/packet\x00')
poll(0x0, 0x0, 0x204)
syz_genetlink_get_family_id$ipvs(0x0)
pipe(&(0x7f0000000140)={<r1=>0xffffffffffffffff})
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

[  442.210545][   T12] usb 6-1: config 0 has no interfaces?
[  442.214626][ T8237] usb 3-1: new high-speed USB device number 61 using dummy_hcd
[  442.220679][   T12] usb 6-1: New USB device found, idVendor=2400, idProduct=4200, bcdDevice=42.ef
[  442.266896][   T12] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  442.299510][   T12] usb 6-1: config 0 descriptor??
20:59:09 executing program 0:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0)
r1 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r1, 0x0, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r2, 0x2007fff)
sendfile(r0, r0, 0x0, 0x8080fffffffe)
r3 = socket(0x2, 0x0, 0xff)
connect$inet(r3, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r4 = dup(r3)
r5 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x8000fffffffe)
creat(&(0x7f0000000100)='./bus\x00', 0x0)

[  442.470226][ T8237] usb 3-1: Using ep0 maxpacket: 16
[  442.561892][   T12] usb 6-1: USB disconnect, device number 124
[  442.590449][ T8237] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
20:59:09 executing program 0:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0)
r1 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r1, 0x0, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r2, 0x2007fff)
sendfile(r0, r0, 0x0, 0x8080fffffffe)
r3 = socket(0x2, 0x803, 0x0)
connect$inet(r3, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r4 = dup(r3)
r5 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x8000fffffffe)
creat(&(0x7f0000000100)='./bus\x00', 0x0)

[  442.623015][ T8237] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  442.648365][ T8237] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  442.661111][ T8237] usb 3-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 135
[  442.671487][ T8237] usb 3-1: config 1 interface 1 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  442.840515][ T8237] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  442.851557][ T8237] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  442.859896][ T8237] usb 3-1: Product: syz
[  442.868789][ T8237] usb 3-1: Manufacturer: syz
[  442.874071][ T8237] usb 3-1: SerialNumber: syz
20:59:10 executing program 5:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r0, &(0x7f0000000280)={0x2, 0x4e23, @multicast1}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
syz_usb_connect(0x0, 0x2d, &(0x7f0000000000)=ANY=[@ANYBLOB="1201fe0009003c0800240042ef42000000010902"], 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000040)='highspeed\x00', 0xa)
sendto$inet(r0, 0x0, 0x0, 0x0, 0x0, 0x0)

20:59:10 executing program 1:
r0 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @remote, 0x4}, 0x1c)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM(0x2, 0x0, 0x0)
faccessat(0xffffffffffffffff, 0x0, 0x0)
renameat2(0xffffffffffffffff, 0x0, 0xffffffffffffff9c, 0x0, 0x0)
r1 = syz_open_dev$media(&(0x7f00000000c0)='/dev/media#\x00', 0x2, 0x10000)
ioctl$HIDIOCGREPORT(r1, 0x400c4807, &(0x7f0000000180)={0x2, 0x3, 0x600000})
setsockopt$SO_BINDTODEVICE(0xffffffffffffffff, 0x1, 0x19, 0x0, 0x0)
socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, 0x0, 0x0)
connect$inet6(0xffffffffffffffff, &(0x7f0000000300)={0xa, 0x0, 0x0, @ipv4={[], [], @multicast1}}, 0x1c)
syz_open_procfs(0x0, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)
pipe(&(0x7f0000000480)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r3, &(0x7f0000000000)={0xa, 0x8000002}, 0x1c)
r4 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cuse\x00', 0x82, 0x0)
write$FUSE_NOTIFY_INVAL_ENTRY(r4, &(0x7f0000000000)={0x23, 0x3, 0x0, {0x0, 0x2, 0x0, '*+'}}, 0x23)
ioctl$FITRIM(r4, 0xc0185879, &(0x7f0000000080)={0x1, 0x401, 0x1})
sendto$inet6(r3, 0x0, 0x0, 0x20000001, &(0x7f0000b63fe4)={0xa, 0x2, 0x0, @loopback}, 0x1c)
splice(r3, 0x0, r2, 0x0, 0x7fffffff, 0x0)
sendto$packet(r3, &(0x7f0000000340), 0xfffffffffffffd4d, 0x0, 0x0, 0x0)

20:59:10 executing program 0:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0)
r1 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r1, 0x0, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r2, 0x2007fff)
sendfile(r0, r0, 0x0, 0x8080fffffffe)
r3 = socket(0x2, 0x803, 0x0)
connect$inet(r3, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r4 = dup(r3)
r5 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x8000fffffffe)
creat(&(0x7f0000000100)='./bus\x00', 0x0)

[  443.129708][T14503] raw-gadget gadget: fail, usb_ep_enable returned -22
20:59:10 executing program 0:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0)
r1 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r1, 0x0, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r2, 0x2007fff)
sendfile(r0, r0, 0x0, 0x8080fffffffe)
r3 = socket(0x2, 0x803, 0x0)
connect$inet(r3, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r4 = dup(r3)
r5 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x8000fffffffe)
creat(&(0x7f0000000100)='./bus\x00', 0x0)

[  443.400695][ T8237] cdc_ncm 3-1:1.0: bind() failure
[  443.427878][ T8130] usb 6-1: new high-speed USB device number 125 using dummy_hcd
[  443.462974][ T8237] cdc_ncm: probe of 3-1:1.1 failed with error -71
[  443.491741][ T8237] cdc_mbim: probe of 3-1:1.1 failed with error -71
[  443.507165][ T8237] usb 3-1: USB disconnect, device number 61
[  443.690121][ T8130] usb 6-1: Using ep0 maxpacket: 8
[  443.810351][ T8130] usb 6-1: config 0 has no interfaces?
[  443.816117][ T8130] usb 6-1: New USB device found, idVendor=2400, idProduct=4200, bcdDevice=42.ef
[  443.825665][ T8130] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  443.835684][ T8130] usb 6-1: config 0 descriptor??
[  444.050166][ T1546] Bluetooth: hci6: Entering manufacturer mode failed (-110)
[  444.083661][ T8237] usb 6-1: USB disconnect, device number 125
20:59:11 executing program 0:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0)
r1 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r1, 0x0, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r2, 0x2007fff)
sendfile(r0, r0, 0x0, 0x8080fffffffe)
r3 = socket(0x2, 0x803, 0xff)
connect$inet(0xffffffffffffffff, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r4 = dup(r3)
r5 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x8000fffffffe)
creat(&(0x7f0000000100)='./bus\x00', 0x0)

20:59:11 executing program 2:
r0 = syz_usb_connect$cdc_ncm(0x0, 0x6e, &(0x7f00000000c0)=ANY=[@ANYBLOB="12010000020000102505a1a440000102030109025c0002010000000904000001020d0000052406000105240000000d240f0100000000000000000006241a0000000905810300000000000904010000020d00000904010102020d00000905820287"], 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
dup(r1)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)

20:59:11 executing program 1:
r0 = socket$qrtr(0x2a, 0x2, 0x0)
pipe(&(0x7f00000000c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
dup2(r1, r0)

20:59:11 executing program 3:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000300)=0x80, 0x4)
bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @broadcast}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000080)='htcp\x00', 0x5)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f00000003c0), 0x4)
write$binfmt_elf64(r0, &(0x7f0000000100)=ANY=[@ANYRES32, @ANYRES16=0x0], 0x2bcf)
shutdown(r0, 0x1)
recvmsg(r0, &(0x7f0000001440)={0x0, 0xa, &(0x7f00000015c0)=[{&(0x7f0000001600)=""/4096, 0xf99e}], 0x1, 0x0, 0xff96ce4aaaa47475, 0x7115}, 0x100)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, 0x0, 0x0)
setsockopt$inet_sctp_SCTP_RECONFIG_SUPPORTED(0xffffffffffffffff, 0x84, 0x18, 0x0, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, 0x0)
socket(0x0, 0x0, 0x0)
ioctl$HIDIOCGREPORT(0xffffffffffffffff, 0x400c4807, &(0x7f0000000180)={0x0, 0x100, 0xff})

20:59:11 executing program 5:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r0, &(0x7f0000000280)={0x2, 0x4e23, @multicast1}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
syz_usb_connect(0x0, 0x2d, &(0x7f0000000000)=ANY=[@ANYBLOB="1201fe0009003c0800240042ef42000000010902"], 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000040)='highspeed\x00', 0xa)
sendto$inet(r0, 0x0, 0x0, 0x0, 0x0, 0x0)

[  444.783414][   T27] kauditd_printk_skb: 14 callbacks suppressed
[  444.783427][   T27] audit: type=1804 audit(1597265951.758:182): pid=14610 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/234/bus" dev="sda1" ino=16357 res=1 errno=0
[  444.876599][   T27] audit: type=1804 audit(1597265951.798:183): pid=14610 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/234/bus" dev="sda1" ino=16357 res=1 errno=0
[  444.970093][   T12] usb 3-1: new high-speed USB device number 62 using dummy_hcd
[  445.050034][   T23] usb 6-1: new high-speed USB device number 126 using dummy_hcd
[  445.240265][   T12] usb 3-1: Using ep0 maxpacket: 16
20:59:12 executing program 4:
perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
timer_create(0x0, &(0x7f0000000040)={0x0, 0x0, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=<r0=>0x0)
timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
syz_open_procfs(0x0, &(0x7f0000000100)='net/packet\x00')
poll(0x0, 0x0, 0x204)
syz_genetlink_get_family_id$ipvs(0x0)
pipe(&(0x7f0000000140)={<r1=>0xffffffffffffffff})
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

20:59:12 executing program 1:
r0 = socket$qrtr(0x2a, 0x2, 0x0)
pipe(&(0x7f00000000c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
dup2(r1, r0)

20:59:12 executing program 0:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0)
r1 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r1, 0x0, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r2, 0x2007fff)
sendfile(r0, r0, 0x0, 0x8080fffffffe)
r3 = socket(0x2, 0x803, 0xff)
connect$inet(0xffffffffffffffff, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r4 = dup(r3)
r5 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x8000fffffffe)
creat(&(0x7f0000000100)='./bus\x00', 0x0)

20:59:12 executing program 3:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000300)=0x80, 0x4)
bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @broadcast}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000080)='htcp\x00', 0x5)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f00000003c0), 0x4)
write$binfmt_elf64(r0, &(0x7f0000000100)=ANY=[@ANYRES32, @ANYRES16=0x0], 0x2bcf)
shutdown(r0, 0x1)
recvmsg(r0, &(0x7f0000001440)={0x0, 0xa, &(0x7f00000015c0)=[{&(0x7f0000001600)=""/4096, 0xf99e}], 0x1, 0x0, 0xff96ce4aaaa47475, 0x7115}, 0x100)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, 0x0, 0x0)
setsockopt$inet_sctp_SCTP_RECONFIG_SUPPORTED(0xffffffffffffffff, 0x84, 0x18, 0x0, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, 0x0)
socket(0x0, 0x0, 0x0)
ioctl$HIDIOCGREPORT(0xffffffffffffffff, 0x400c4807, &(0x7f0000000180)={0x0, 0x100, 0xff})

[  445.290069][   T23] usb 6-1: Using ep0 maxpacket: 8
20:59:12 executing program 1:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000300)=0x80, 0x4)
bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @broadcast}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000080)='htcp\x00', 0x5)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f00000003c0), 0x4)
write$binfmt_elf64(r0, &(0x7f0000000100)=ANY=[@ANYRES32, @ANYRES16=0x0], 0x2bcf)
shutdown(r0, 0x1)
recvmsg(r0, &(0x7f0000001440)={0x0, 0xa, &(0x7f00000015c0)=[{&(0x7f0000001600)=""/4096, 0xf99e}], 0x1, 0x0, 0xff96ce4aaaa47475, 0x7115}, 0x100)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, 0x0, 0x0)
setsockopt$inet_sctp_SCTP_RECONFIG_SUPPORTED(0xffffffffffffffff, 0x84, 0x18, 0x0, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, 0x0)
socket(0x0, 0x0, 0x0)
ioctl$HIDIOCGREPORT(0xffffffffffffffff, 0x400c4807, &(0x7f0000000180)={0x0, 0x100, 0xff})

[  445.390232][   T12] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  445.410360][   T23] usb 6-1: config 0 has no interfaces?
[  445.416034][   T23] usb 6-1: New USB device found, idVendor=2400, idProduct=4200, bcdDevice=42.ef
[  445.416728][   T12] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  445.459870][   T23] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  445.526230][   T23] usb 6-1: config 0 descriptor??
[  445.536239][   T12] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  445.575259][   T27] audit: type=1804 audit(1597265952.548:184): pid=14634 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/235/bus" dev="sda1" ino=16363 res=1 errno=0
[  445.674718][   T12] usb 3-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 135
[  445.692216][   T27] audit: type=1804 audit(1597265952.588:185): pid=14634 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/235/bus" dev="sda1" ino=16363 res=1 errno=0
[  445.728235][   T12] usb 3-1: config 1 interface 1 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2
20:59:12 executing program 0:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0)
r1 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r1, 0x0, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r2, 0x2007fff)
sendfile(r0, r0, 0x0, 0x8080fffffffe)
r3 = socket(0x2, 0x803, 0xff)
connect$inet(0xffffffffffffffff, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r4 = dup(r3)
r5 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x8000fffffffe)
creat(&(0x7f0000000100)='./bus\x00', 0x0)

[  445.822020][   T23] usb 6-1: USB disconnect, device number 126
20:59:12 executing program 3:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000300)=0x80, 0x4)
bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @broadcast}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000080)='htcp\x00', 0x5)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f00000003c0), 0x4)
write$binfmt_elf64(r0, &(0x7f0000000100)=ANY=[@ANYRES32, @ANYRES16=0x0], 0x2bcf)
shutdown(r0, 0x1)
recvmsg(r0, &(0x7f0000001440)={0x0, 0xa, &(0x7f00000015c0)=[{&(0x7f0000001600)=""/4096, 0xf99e}], 0x1, 0x0, 0xff96ce4aaaa47475, 0x7115}, 0x100)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, 0x0, 0x0)
setsockopt$inet_sctp_SCTP_RECONFIG_SUPPORTED(0xffffffffffffffff, 0x84, 0x18, 0x0, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, 0x0)
socket(0x0, 0x0, 0x0)
ioctl$HIDIOCGREPORT(0xffffffffffffffff, 0x400c4807, &(0x7f0000000180)={0x0, 0x100, 0xff})

[  445.950391][   T12] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  445.959465][   T12] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  445.990033][   T12] usb 3-1: Product: syz
[  446.003462][   T12] usb 3-1: Manufacturer: syz
[  446.021669][   T12] usb 3-1: SerialNumber: syz
20:59:13 executing program 0:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0)
r1 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r1, 0x0, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r2, 0x2007fff)
sendfile(r0, r0, 0x0, 0x8080fffffffe)
r3 = socket(0x2, 0x803, 0xff)
connect$inet(r3, 0x0, 0x0)
r4 = dup(r3)
r5 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x8000fffffffe)
creat(&(0x7f0000000100)='./bus\x00', 0x0)

[  446.042408][   T27] audit: type=1804 audit(1597265953.018:186): pid=14655 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/236/bus" dev="sda1" ino=16359 res=1 errno=0
[  446.112559][   T27] audit: type=1804 audit(1597265953.018:187): pid=14655 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/236/bus" dev="sda1" ino=16359 res=1 errno=0
[  446.274447][   T27] audit: type=1804 audit(1597265953.248:188): pid=14665 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/237/bus" dev="sda1" ino=16366 res=1 errno=0
[  446.304147][T14606] raw-gadget gadget: fail, usb_ep_enable returned -22
[  446.360334][   T27] audit: type=1804 audit(1597265953.298:189): pid=14665 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/237/bus" dev="sda1" ino=16366 res=1 errno=0
[  446.570075][   T12] cdc_ncm 3-1:1.0: bind() failure
[  446.597217][   T12] cdc_ncm: probe of 3-1:1.1 failed with error -71
[  446.620291][   T12] cdc_mbim: probe of 3-1:1.1 failed with error -71
[  446.628763][   T12] usb 3-1: USB disconnect, device number 62
20:59:14 executing program 2:
r0 = syz_usb_connect$cdc_ncm(0x0, 0x6e, &(0x7f00000000c0)=ANY=[@ANYBLOB="12010000020000102505a1a440000102030109025c0002010000000904000001020d0000052406000105240000000d240f0100000000000000000006241a0000000905810300000000000904010000020d00000904010102020d00000905820287"], 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
dup(r1)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)

20:59:14 executing program 1:
r0 = syz_usb_connect(0x0, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x4d, 0x10, 0xc3, 0x10, 0x45ba, 0x92dc, 0x5ce, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x2, 0xfe, 0x3, 0x0, 0x0, [], [{{0x9, 0x5, 0x5, 0x2}}, {{0x9, 0x5, 0x8f, 0x1e, 0x18}}]}}]}}]}}, 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000003900)={0xac, &(0x7f00000033c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f00000001c0)='oom_adj\x00')
sendfile(r1, r2, 0x0, 0x7f85)

20:59:14 executing program 5:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r0, &(0x7f0000000280)={0x2, 0x4e23, @multicast1}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
syz_usb_connect(0x0, 0x2d, &(0x7f0000000000)=ANY=[@ANYBLOB="1201fe0009003c0800240042ef42000000010902"], 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000040)='highspeed\x00', 0xa)
sendto$inet(r0, 0x0, 0x0, 0x0, 0x0, 0x0)

20:59:14 executing program 0:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0)
r1 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r1, 0x0, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r2, 0x2007fff)
sendfile(r0, r0, 0x0, 0x8080fffffffe)
r3 = socket(0x2, 0x803, 0xff)
connect$inet(r3, 0x0, 0x0)
r4 = dup(r3)
r5 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x8000fffffffe)
creat(&(0x7f0000000100)='./bus\x00', 0x0)

[  447.166758][   T27] audit: type=1804 audit(1597265954.138:190): pid=14693 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/238/bus" dev="sda1" ino=16377 res=1 errno=0
[  447.225893][   T27] audit: type=1804 audit(1597265954.138:191): pid=14693 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/238/bus" dev="sda1" ino=16377 res=1 errno=0
[  447.359909][   T12] usb 6-1: new high-speed USB device number 127 using dummy_hcd
[  447.399939][ T8237] usb 2-1: new high-speed USB device number 19 using dummy_hcd
[  447.400009][ T2545] usb 3-1: new high-speed USB device number 63 using dummy_hcd
[  447.620063][   T12] usb 6-1: Using ep0 maxpacket: 8
[  447.639986][ T8237] usb 2-1: Using ep0 maxpacket: 16
[  447.679983][ T2545] usb 3-1: Using ep0 maxpacket: 16
[  447.740429][   T12] usb 6-1: config 0 has no interfaces?
[  447.746294][   T12] usb 6-1: New USB device found, idVendor=2400, idProduct=4200, bcdDevice=42.ef
[  447.755785][   T12] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  447.760080][ T8237] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  447.771588][   T12] usb 6-1: config 0 descriptor??
[  447.780627][ T8237] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  447.795879][ T8237] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8F has invalid maxpacket 24
[  447.808454][ T8237] usb 2-1: New USB device found, idVendor=45ba, idProduct=92dc, bcdDevice= 5.ce
[  447.810115][ T2545] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  447.827442][ T8237] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  447.836556][ T2545] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  447.848587][ T2545] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  447.849485][ T8237] usb 2-1: config 0 descriptor??
[  447.880404][ T2545] usb 3-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 135
[  447.891018][T14687] raw-gadget gadget: fail, usb_ep_enable returned -22
[  447.906140][ T2545] usb 3-1: config 1 interface 1 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  448.031180][ T8237] usb 6-1: USB disconnect, device number 127
[  448.110300][ T2545] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  448.119467][ T2545] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  448.127828][ T2545] usb 3-1: Product: syz
[  448.132547][ T2545] usb 3-1: Manufacturer: syz
[  448.137235][ T2545] usb 3-1: SerialNumber: syz
[  448.394067][T14688] raw-gadget gadget: fail, usb_ep_enable returned -22
20:59:15 executing program 4:
perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
timer_create(0x0, &(0x7f0000000040)={0x0, 0x0, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=<r0=>0x0)
timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
syz_open_procfs(0x0, &(0x7f0000000100)='net/packet\x00')
poll(0x0, 0x0, 0x204)
syz_genetlink_get_family_id$ipvs(0x0)
pipe(&(0x7f0000000140)={<r1=>0xffffffffffffffff})
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

20:59:15 executing program 3:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0)
r1 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r1, 0x0, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r2, 0x2007fff)
sendfile(r0, r0, 0x0, 0x8080fffffffe)
r3 = socket(0x2, 0x803, 0x0)
connect$inet(r3, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r4 = dup(r3)
r5 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x8000fffffffe)
creat(&(0x7f0000000100)='./bus\x00', 0x0)

20:59:15 executing program 0:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0)
r1 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r1, 0x0, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r2, 0x2007fff)
sendfile(r0, r0, 0x0, 0x8080fffffffe)
r3 = socket(0x2, 0x803, 0xff)
connect$inet(r3, 0x0, 0x0)
r4 = dup(r3)
r5 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x8000fffffffe)
creat(&(0x7f0000000100)='./bus\x00', 0x0)

20:59:15 executing program 5:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r0, &(0x7f0000000280)={0x2, 0x4e23, @multicast1}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
syz_usb_connect(0x0, 0x2d, &(0x7f0000000000)=ANY=[@ANYBLOB="1201fe0009003c0800240042ef42000000010902"], 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000040)='highspeed\x00', 0xa)
sendto$inet(r0, &(0x7f00000012c0), 0x0, 0x0, 0x0, 0x0)

[  448.659990][ T2545] cdc_ncm 3-1:1.0: bind() failure
[  448.700192][ T2545] cdc_ncm: probe of 3-1:1.1 failed with error -71
20:59:15 executing program 0:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0)
r1 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r1, 0x0, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r2, 0x2007fff)
sendfile(r0, r0, 0x0, 0x8080fffffffe)
r3 = socket(0x2, 0x803, 0xff)
connect$inet(r3, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r4 = dup(0xffffffffffffffff)
r5 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x8000fffffffe)
creat(&(0x7f0000000100)='./bus\x00', 0x0)

[  448.759966][ T2545] cdc_mbim: probe of 3-1:1.1 failed with error -71
[  448.781719][ T2545] usb 3-1: USB disconnect, device number 63
20:59:15 executing program 3:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0)
r1 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r1, 0x0, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r2, 0x2007fff)
sendfile(r0, r0, 0x0, 0x8080fffffffe)
r3 = socket(0x0, 0x803, 0xff)
connect$inet(r3, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r4 = dup(r3)
r5 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x8000fffffffe)
creat(&(0x7f0000000100)='./bus\x00', 0x0)

20:59:16 executing program 2:
r0 = syz_usb_connect$cdc_ncm(0x0, 0x6e, &(0x7f00000000c0)=ANY=[@ANYBLOB="12010000020000102505a1a440000102030109025c0002010000000904000001020d0000052406000105240000000d240f0100000000000000000006241a0000000905810300000000000904010000020d00000904010102020d00000905820287"], 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
dup(r1)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)

[  449.129954][ T8236] usb 6-1: new high-speed USB device number 2 using dummy_hcd
20:59:16 executing program 0:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0)
r1 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r1, 0x0, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r2, 0x2007fff)
sendfile(r0, r0, 0x0, 0x8080fffffffe)
r3 = socket(0x2, 0x803, 0xff)
connect$inet(r3, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r4 = dup(0xffffffffffffffff)
r5 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x8000fffffffe)
creat(&(0x7f0000000100)='./bus\x00', 0x0)

20:59:16 executing program 3:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0)
r1 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r1, 0x0, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r2, 0x2007fff)
sendfile(r0, r0, 0x0, 0x8080fffffffe)
r3 = socket(0x2, 0x803, 0xff)
connect$inet(r3, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r4 = dup(0xffffffffffffffff)
r5 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x8000fffffffe)
creat(&(0x7f0000000100)='./bus\x00', 0x0)

[  449.399824][ T8236] usb 6-1: Using ep0 maxpacket: 8
[  449.540168][ T8236] usb 6-1: config 0 has no interfaces?
[  449.545702][ T8236] usb 6-1: New USB device found, idVendor=2400, idProduct=4200, bcdDevice=42.ef
[  449.569284][ T8236] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  449.583874][ T8236] usb 6-1: config 0 descriptor??
[  449.596699][   T12] usb 3-1: new high-speed USB device number 64 using dummy_hcd
[  449.824905][   T17] usb 6-1: USB disconnect, device number 2
[  449.879802][   T12] usb 3-1: Using ep0 maxpacket: 16
20:59:17 executing program 1:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0)
r1 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r1, 0x0, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r2, 0x2007fff)
sendfile(0xffffffffffffffff, r0, 0x0, 0x8080fffffffe)
r3 = socket(0x2, 0x803, 0xff)
connect$inet(r3, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r4 = dup(r3)
r5 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x8000fffffffe)
creat(&(0x7f0000000100)='./bus\x00', 0x0)

20:59:17 executing program 0:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0)
r1 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r1, 0x0, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r2, 0x2007fff)
sendfile(r0, r0, 0x0, 0x8080fffffffe)
r3 = socket(0x2, 0x803, 0xff)
connect$inet(r3, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r4 = dup(0xffffffffffffffff)
r5 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x8000fffffffe)
creat(&(0x7f0000000100)='./bus\x00', 0x0)

[  450.019858][   T12] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  450.030233][   T12] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  450.043726][   T12] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  450.054590][   T12] usb 3-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 135
20:59:17 executing program 3:
perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
timer_create(0x0, &(0x7f0000000040)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=<r0=>0x0)
timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
syz_open_procfs(0x0, &(0x7f0000000100)='net/packet\x00')
poll(0x0, 0x0, 0x204)
syz_genetlink_get_family_id$ipvs(0x0)
pipe(&(0x7f0000000140)={<r1=>0xffffffffffffffff})
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

[  450.065341][   T12] usb 3-1: config 1 interface 1 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  450.085673][   T17] usb 2-1: USB disconnect, device number 19
[  450.208621][   T27] kauditd_printk_skb: 12 callbacks suppressed
[  450.208637][   T27] audit: type=1804 audit(1597265957.178:204): pid=14782 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir504584553/syzkaller.tMLelO/254/bus" dev="sda1" ino=16358 res=1 errno=0
[  450.260335][   T12] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  450.269799][   T12] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  450.270132][   T27] audit: type=1804 audit(1597265957.248:205): pid=14783 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/242/bus" dev="sda1" ino=16373 res=1 errno=0
[  450.279169][   T12] usb 3-1: Product: syz
[  450.310924][   T12] usb 3-1: Manufacturer: syz
[  450.332494][   T12] usb 3-1: SerialNumber: syz
[  450.346854][   T27] audit: type=1804 audit(1597265957.288:206): pid=14783 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/242/bus" dev="sda1" ino=16373 res=1 errno=0
[  450.445222][   T27] audit: type=1804 audit(1597265957.298:207): pid=14785 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.1" name="/root/syzkaller-testdir504584553/syzkaller.tMLelO/254/bus" dev="sda1" ino=16358 res=1 errno=0
[  450.643232][T14752] raw-gadget gadget: fail, usb_ep_enable returned -22
[  450.900105][   T12] cdc_ncm 3-1:1.0: bind() failure
[  450.930792][   T12] cdc_ncm: probe of 3-1:1.1 failed with error -71
[  450.950031][   T12] cdc_mbim: probe of 3-1:1.1 failed with error -71
[  450.960362][   T12] usb 3-1: USB disconnect, device number 64
20:59:18 executing program 4:
perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
timer_create(0x0, &(0x7f0000000040)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, 0x0)
timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=<r0=>0x0)
timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
syz_open_procfs(0x0, &(0x7f0000000100)='net/packet\x00')
poll(0x0, 0x0, 0x204)
syz_genetlink_get_family_id$ipvs(0x0)
pipe(&(0x7f0000000140)={<r1=>0xffffffffffffffff})
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

20:59:18 executing program 0:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0)
r1 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r1, 0x0, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r2, 0x2007fff)
sendfile(r0, r0, 0x0, 0x8080fffffffe)
r3 = socket(0x2, 0x803, 0xff)
connect$inet(r3, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r4 = dup(r3)
r5 = open(0x0, 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x8000fffffffe)
creat(&(0x7f0000000100)='./bus\x00', 0x0)

20:59:18 executing program 5:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r0, &(0x7f0000000280)={0x2, 0x4e23, @multicast1}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
syz_usb_connect(0x0, 0x2d, &(0x7f0000000000)=ANY=[@ANYBLOB="1201fe0009003c0800240042ef42000000010902"], 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000040)='highspeed\x00', 0xa)
sendto$inet(r0, &(0x7f00000012c0), 0x0, 0x0, 0x0, 0x0)

20:59:18 executing program 1:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r0, &(0x7f0000000280)={0x2, 0x4e23, @multicast1}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
syz_usb_connect(0x0, 0x2d, &(0x7f0000000000)=ANY=[@ANYBLOB="1201fe0009003c0800240042ef42000000010902"], 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000040)='highspeed\x00', 0xa)
sendto$inet(r0, &(0x7f00000012c0), 0x0, 0x0, 0x0, 0x0)

20:59:18 executing program 3:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r1, 0x400455c8, 0x9)
dup2(r0, r1)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000008c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
fcntl$dupfd(r2, 0x0, r3)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
syz_usb_connect(0x0, 0x0, 0x0, 0x0)

20:59:18 executing program 2:
r0 = syz_usb_connect$cdc_ncm(0x0, 0x6e, &(0x7f00000000c0)=ANY=[@ANYBLOB="12010000020000102505a1a440000102030109025c0002010000000904000001020d0000052406000105240000000d240f0100000000000000000006241a0000000905810300000000000904010000020d00000904010102020d00000905820287"], 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = dup(r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)

20:59:18 executing program 0:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0)
r1 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r1, 0x0, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r2, 0x2007fff)
sendfile(r0, r0, 0x0, 0x8080fffffffe)
r3 = socket(0x2, 0x803, 0xff)
connect$inet(r3, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r4 = dup(r3)
r5 = open(0x0, 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x8000fffffffe)
creat(&(0x7f0000000100)='./bus\x00', 0x0)

[  451.889761][   T12] usb 2-1: new high-speed USB device number 20 using dummy_hcd
[  451.929786][ T2545] usb 3-1: new high-speed USB device number 65 using dummy_hcd
20:59:19 executing program 0:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0)
r1 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r1, 0x0, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r2, 0x2007fff)
sendfile(r0, r0, 0x0, 0x8080fffffffe)
r3 = socket(0x2, 0x803, 0xff)
connect$inet(r3, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r4 = dup(r3)
r5 = open(0x0, 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x8000fffffffe)
creat(&(0x7f0000000100)='./bus\x00', 0x0)

[  451.969961][ T8130] usb 6-1: new high-speed USB device number 3 using dummy_hcd
20:59:19 executing program 0:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0)
r1 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r1, 0x0, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r2, 0x2007fff)
sendfile(r0, r0, 0x0, 0x8080fffffffe)
r3 = socket(0x2, 0x803, 0xff)
connect$inet(r3, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
dup(r3)
r4 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(0xffffffffffffffff, r4, 0x0, 0x8000fffffffe)
creat(&(0x7f0000000100)='./bus\x00', 0x0)

[  452.159668][   T12] usb 2-1: Using ep0 maxpacket: 8
[  452.219720][ T8130] usb 6-1: Using ep0 maxpacket: 8
[  452.220654][ T2545] usb 3-1: Using ep0 maxpacket: 16
[  452.297176][   T27] audit: type=1804 audit(1597265959.268:208): pid=14834 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/246/bus" dev="sda1" ino=16379 res=1 errno=0
[  452.303629][   T12] usb 2-1: config 0 has no interfaces?
[  452.345520][   T27] audit: type=1804 audit(1597265959.308:209): pid=14834 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/246/bus" dev="sda1" ino=16379 res=1 errno=0
[  452.359048][   T12] usb 2-1: New USB device found, idVendor=2400, idProduct=4200, bcdDevice=42.ef
[  452.378905][ T8130] usb 6-1: config 0 has no interfaces?
[  452.384678][ T8130] usb 6-1: New USB device found, idVendor=2400, idProduct=4200, bcdDevice=42.ef
[  452.389898][ T2545] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  452.400625][ T8130] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  452.419391][ T8130] usb 6-1: config 0 descriptor??
20:59:19 executing program 0:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0)
r1 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r1, 0x0, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r2, 0x2007fff)
sendfile(r0, r0, 0x0, 0x8080fffffffe)
r3 = socket(0x2, 0x803, 0xff)
connect$inet(r3, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
dup(r3)
r4 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(0xffffffffffffffff, r4, 0x0, 0x8000fffffffe)
creat(&(0x7f0000000100)='./bus\x00', 0x0)

[  452.456296][ T2545] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  452.483704][   T12] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  452.492715][ T2545] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  452.508456][ T2545] usb 3-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 135
[  452.519779][   T12] usb 2-1: config 0 descriptor??
[  452.540014][ T2545] usb 3-1: config 1 interface 1 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  452.660530][   T27] audit: type=1804 audit(1597265959.638:210): pid=14843 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/247/bus" dev="sda1" ino=16379 res=1 errno=0
[  452.689847][ T8130] usb 6-1: USB disconnect, device number 3
[  452.730175][ T2545] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  452.732736][   T27] audit: type=1804 audit(1597265959.638:211): pid=14843 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/247/bus" dev="sda1" ino=16379 res=1 errno=0
[  452.775332][ T2545] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
20:59:19 executing program 0:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0)
r1 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r1, 0x0, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r2, 0x2007fff)
sendfile(r0, r0, 0x0, 0x8080fffffffe)
r3 = socket(0x2, 0x803, 0xff)
connect$inet(r3, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
dup(r3)
r4 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(0xffffffffffffffff, r4, 0x0, 0x8000fffffffe)
creat(&(0x7f0000000100)='./bus\x00', 0x0)

[  452.810223][ T2545] usb 3-1: Product: syz
[  452.824400][   T17] usb 2-1: USB disconnect, device number 20
[  452.839697][ T2545] usb 3-1: Manufacturer: syz
[  452.849796][ T2545] usb 3-1: SerialNumber: syz
20:59:20 executing program 0:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0)
r1 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r1, 0x0, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r2, 0x2007fff)
sendfile(r0, r0, 0x0, 0x8080fffffffe)
r3 = socket(0x2, 0x803, 0xff)
connect$inet(r3, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r4 = dup(r3)
open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r4, 0xffffffffffffffff, 0x0, 0x8000fffffffe)
creat(&(0x7f0000000100)='./bus\x00', 0x0)

[  452.973007][   T27] audit: type=1804 audit(1597265959.948:212): pid=14858 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/248/bus" dev="sda1" ino=16379 res=1 errno=0
[  453.006480][   T27] audit: type=1804 audit(1597265959.978:213): pid=14858 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/248/bus" dev="sda1" ino=16379 res=1 errno=0
[  453.113570][T14811] raw-gadget gadget: fail, usb_ep_enable returned -22
[  453.379713][ T2545] cdc_ncm 3-1:1.0: bind() failure
[  453.405861][ T2545] cdc_ncm: probe of 3-1:1.1 failed with error -71
[  453.430809][ T2545] cdc_mbim: probe of 3-1:1.1 failed with error -71
[  453.439268][ T2545] usb 3-1: USB disconnect, device number 65
[  453.739660][ T1546] Bluetooth: hci6: Entering manufacturer mode failed (-110)
[  453.748240][ T2545] Bluetooth: hci6: command tx timeout
20:59:21 executing program 4:
perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
timer_create(0x0, &(0x7f0000000040)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, 0x0)
timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=<r0=>0x0)
timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
syz_open_procfs(0x0, &(0x7f0000000100)='net/packet\x00')
poll(0x0, 0x0, 0x204)
syz_genetlink_get_family_id$ipvs(0x0)
pipe(&(0x7f0000000140)={<r1=>0xffffffffffffffff})
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

20:59:21 executing program 5:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r0, &(0x7f0000000280)={0x2, 0x4e23, @multicast1}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
syz_usb_connect(0x0, 0x2d, &(0x7f0000000000)=ANY=[@ANYBLOB="1201fe0009003c0800240042ef42000000010902"], 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000040)='highspeed\x00', 0xa)
sendto$inet(r0, &(0x7f00000012c0), 0x0, 0x0, 0x0, 0x0)

20:59:21 executing program 1:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0)
r1 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r1, 0x0, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r2, 0x2007fff)
sendfile(r0, r0, 0x0, 0x8080fffffffe)
r3 = socket(0x2, 0x803, 0xff)
connect$inet(r3, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
dup(r3)
r4 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(0xffffffffffffffff, r4, 0x0, 0x8000fffffffe)
creat(&(0x7f0000000100)='./bus\x00', 0x0)

20:59:21 executing program 2:
r0 = syz_usb_connect$cdc_ncm(0x0, 0x6e, &(0x7f00000000c0)=ANY=[@ANYBLOB="12010000020000102505a1a440000102030109025c0002010000000904000001020d0000052406000105240000000d240f0100000000000000000006241a0000000905810300000000000904010000020d00000904010102020d00000905820287"], 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = dup(r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)

20:59:21 executing program 0:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0)
r1 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r1, 0x0, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r2, 0x2007fff)
sendfile(r0, r0, 0x0, 0x8080fffffffe)
r3 = socket(0x2, 0x803, 0xff)
connect$inet(r3, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r4 = dup(r3)
open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r4, 0xffffffffffffffff, 0x0, 0x8000fffffffe)
creat(&(0x7f0000000100)='./bus\x00', 0x0)

20:59:21 executing program 3:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0)
r1 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r1, 0x0, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r2, 0x2007fff)
sendfile(r0, r0, 0x0, 0x8080fffffffe)
r3 = socket(0x2, 0x803, 0xff)
connect$inet(r3, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
dup(r3)
r4 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(0xffffffffffffffff, r4, 0x0, 0x8000fffffffe)
creat(&(0x7f0000000100)='./bus\x00', 0x0)

20:59:22 executing program 0:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0)
r1 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r1, 0x0, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r2, 0x2007fff)
sendfile(r0, r0, 0x0, 0x8080fffffffe)
r3 = socket(0x2, 0x803, 0xff)
connect$inet(r3, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r4 = dup(r3)
open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r4, 0xffffffffffffffff, 0x0, 0x8000fffffffe)
creat(&(0x7f0000000100)='./bus\x00', 0x0)

[  455.069530][ T8130] usb 6-1: new high-speed USB device number 4 using dummy_hcd
20:59:22 executing program 1:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0)
r1 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r1, 0x0, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r2, 0x2007fff)
sendfile(r0, r0, 0x0, 0x8080fffffffe)
r3 = socket(0x2, 0x803, 0xff)
connect$inet(r3, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r4 = dup(r3)
open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r4, 0xffffffffffffffff, 0x0, 0x8000fffffffe)
creat(&(0x7f0000000100)='./bus\x00', 0x0)

[  455.119719][ T2545] usb 3-1: new high-speed USB device number 66 using dummy_hcd
20:59:22 executing program 3:
r0 = syz_usb_connect$cdc_ncm(0x0, 0x6e, &(0x7f00000000c0)=ANY=[@ANYBLOB="12010000020000102505a1a440000102030109025c0002010000000904000001020d0000052406000105240000000d240f0100000000000000000006241a0000000905810300000000000904010000020d00000904010102020d00000905820287"], 0x0)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
r1 = dup(0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)

20:59:22 executing program 0:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0)
r1 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r1, 0x0, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r2, 0x2007fff)
sendfile(r0, r0, 0x0, 0x8080fffffffe)
r3 = socket(0x2, 0x803, 0xff)
connect$inet(r3, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r4 = dup(r3)
r5 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x0)
creat(&(0x7f0000000100)='./bus\x00', 0x0)

[  455.267941][   T27] kauditd_printk_skb: 8 callbacks suppressed
[  455.267958][   T27] audit: type=1804 audit(1597265962.238:222): pid=14901 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/251/bus" dev="sda1" ino=16366 res=1 errno=0
[  455.319516][ T8130] usb 6-1: Using ep0 maxpacket: 8
[  455.366528][   T27] audit: type=1804 audit(1597265962.248:223): pid=14901 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/251/bus" dev="sda1" ino=16366 res=1 errno=0
[  455.390157][ T2545] usb 3-1: Using ep0 maxpacket: 16
[  455.407166][   T27] audit: type=1804 audit(1597265962.378:224): pid=14906 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir504584553/syzkaller.tMLelO/257/bus" dev="sda1" ino=16373 res=1 errno=0
[  455.440017][ T8130] usb 6-1: config 0 has no interfaces?
[  455.445625][ T8130] usb 6-1: New USB device found, idVendor=2400, idProduct=4200, bcdDevice=42.ef
[  455.453600][   T27] audit: type=1804 audit(1597265962.388:225): pid=14906 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.1" name="/root/syzkaller-testdir504584553/syzkaller.tMLelO/257/bus" dev="sda1" ino=16373 res=1 errno=0
[  455.483395][ T8130] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  455.519751][ T8130] usb 6-1: config 0 descriptor??
[  455.522543][   T27] audit: type=1804 audit(1597265962.478:226): pid=14910 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/252/bus" dev="sda1" ino=16355 res=1 errno=0
20:59:22 executing program 1:
perf_event_open(&(0x7f0000000100)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
timer_create(0x0, &(0x7f0000000040)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=<r0=>0x0)
timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
syz_open_procfs(0x0, &(0x7f0000000100)='net/packet\x00')
poll(0x0, 0x0, 0x204)
syz_genetlink_get_family_id$ipvs(0x0)
pipe(&(0x7f0000000140)={<r1=>0xffffffffffffffff})
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

20:59:22 executing program 0:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0)
r1 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r1, 0x0, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r2, 0x2007fff)
sendfile(r0, r0, 0x0, 0x8080fffffffe)
r3 = socket(0x2, 0x803, 0xff)
connect$inet(r3, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r4 = dup(r3)
r5 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x0)
creat(&(0x7f0000000100)='./bus\x00', 0x0)

[  455.569843][ T2545] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  455.589359][ T2545] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  455.602595][ T2545] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  455.621800][   T27] audit: type=1804 audit(1597265962.478:227): pid=14910 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/252/bus" dev="sda1" ino=16355 res=1 errno=0
[  455.653124][ T2545] usb 3-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 135
[  455.667673][ T2545] usb 3-1: config 1 interface 1 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  455.681516][ T7291] usb 4-1: new high-speed USB device number 9 using dummy_hcd
[  455.777590][ T8130] usb 6-1: USB disconnect, device number 4
[  455.786252][   T27] audit: type=1804 audit(1597265962.768:228): pid=14920 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/253/bus" dev="sda1" ino=16372 res=1 errno=0
[  455.867627][   T27] audit: type=1804 audit(1597265962.798:229): pid=14920 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/253/bus" dev="sda1" ino=16372 res=1 errno=0
[  455.919665][ T2545] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  455.932138][ T2545] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  455.946686][ T2545] usb 3-1: Product: syz
[  455.951605][ T7291] usb 4-1: Using ep0 maxpacket: 16
[  455.962662][ T2545] usb 3-1: Manufacturer: syz
[  455.967309][ T2545] usb 3-1: SerialNumber: syz
[  456.079857][ T7291] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  456.090906][ T7291] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  456.104563][ T7291] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  456.115153][ T7291] usb 4-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 135
[  456.125963][ T7291] usb 4-1: config 1 interface 1 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  456.243349][T14889] raw-gadget gadget: fail, usb_ep_enable returned -22
[  456.339697][ T7291] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  456.348867][ T7291] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  456.358166][ T7291] usb 4-1: Product: syz
[  456.363406][ T7291] usb 4-1: Manufacturer: syz
[  456.368061][ T7291] usb 4-1: SerialNumber: syz
[  456.509521][ T2545] cdc_ncm 3-1:1.0: bind() failure
[  456.549766][ T2545] cdc_ncm: probe of 3-1:1.1 failed with error -71
[  456.579599][ T2545] cdc_mbim: probe of 3-1:1.1 failed with error -71
[  456.588108][ T2545] usb 3-1: USB disconnect, device number 66
[  456.627813][T14907] raw-gadget gadget: fail, usb_ep_enable returned -22
[  456.889513][ T7291] cdc_ncm 4-1:1.0: bind() failure
[  456.915402][ T7291] cdc_ncm: probe of 4-1:1.1 failed with error -71
[  456.940017][ T7291] cdc_mbim: probe of 4-1:1.1 failed with error -71
[  456.948474][ T7291] usb 4-1: USB disconnect, device number 9
20:59:24 executing program 5:
r0 = syz_usb_connect$cdc_ncm(0x0, 0x6e, &(0x7f00000000c0)=ANY=[@ANYBLOB="12010000020000102505a1a440000102030109025c0002010000000904000001020d0000052406000105240000000d240f0100000000000000000006241a0000000905810300000000000904010000020d00000904010102020d00000905820287"], 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = dup(r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)

20:59:24 executing program 0:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0)
r1 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r1, 0x0, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r2, 0x2007fff)
sendfile(r0, r0, 0x0, 0x8080fffffffe)
r3 = socket(0x2, 0x803, 0xff)
connect$inet(r3, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r4 = dup(r3)
r5 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x0)
creat(&(0x7f0000000100)='./bus\x00', 0x0)

20:59:24 executing program 1:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0)
r1 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r1, 0x0, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r2, 0x2007fff)
sendfile(r0, r0, 0x0, 0x8080fffffffe)
r3 = socket(0x2, 0x803, 0xff)
connect$inet(r3, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r4 = dup(r3)
r5 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x8000fffffffe)
creat(&(0x7f0000000100)='./bus\x00', 0x0)

20:59:24 executing program 2:
r0 = syz_usb_connect$cdc_ncm(0x0, 0x6e, &(0x7f00000000c0)=ANY=[@ANYBLOB="12010000020000102505a1a440000102030109025c0002010000000904000001020d0000052406000105240000000d240f0100000000000000000006241a0000000905810300000000000904010000020d00000904010102020d00000905820287"], 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = dup(r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)

20:59:24 executing program 4:
perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
timer_create(0x0, &(0x7f0000000040)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, 0x0)
timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=<r0=>0x0)
timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
syz_open_procfs(0x0, &(0x7f0000000100)='net/packet\x00')
poll(0x0, 0x0, 0x204)
syz_genetlink_get_family_id$ipvs(0x0)
pipe(&(0x7f0000000140)={<r1=>0xffffffffffffffff})
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

20:59:24 executing program 3:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0)
getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r1, 0x2007fff)
sendfile(r0, r0, 0x0, 0x8080fffffffe)
r2 = socket(0x2, 0x803, 0xff)
connect$inet(r2, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r3 = dup(r2)
r4 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r3, r4, 0x0, 0x8000fffffffe)
creat(&(0x7f0000000100)='./bus\x00', 0x0)

[  457.991281][   T27] audit: type=1804 audit(1597265964.968:230): pid=14972 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir504438119/syzkaller.d3nXn7/109/bus" dev="sda1" ino=16359 res=1 errno=0
[  458.109498][ T8130] usb 6-1: new high-speed USB device number 5 using dummy_hcd
[  458.128209][   T27] audit: type=1804 audit(1597265964.968:231): pid=14971 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/254/bus" dev="sda1" ino=16355 res=1 errno=0
[  458.153320][ T8237] usb 3-1: new high-speed USB device number 67 using dummy_hcd
20:59:25 executing program 0:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0)
r1 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r1, 0x0, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r2, 0x2007fff)
sendfile(r0, r0, 0x0, 0x8080fffffffe)
r3 = socket(0x2, 0x803, 0xff)
connect$inet(r3, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r4 = dup(r3)
r5 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x8000fffffffe)
creat(0x0, 0x0)

20:59:25 executing program 3:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0)
getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r1, 0x2007fff)
sendfile(r0, r0, 0x0, 0x8080fffffffe)
r2 = socket(0x2, 0x803, 0xff)
connect$inet(r2, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r3 = dup(r2)
r4 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r3, r4, 0x0, 0x8000fffffffe)
creat(&(0x7f0000000100)='./bus\x00', 0x0)

[  458.373315][ T8130] usb 6-1: Using ep0 maxpacket: 16
[  458.419499][ T8237] usb 3-1: Using ep0 maxpacket: 16
[  458.509658][ T8130] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  458.539675][ T8237] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  458.556062][ T8130] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  458.581636][ T8237] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  458.648725][ T8130] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  458.673981][ T8237] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
20:59:25 executing program 1:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0)
r1 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r1, 0x0, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r2, 0x2007fff)
sendfile(r0, r0, 0x0, 0x8080fffffffe)
r3 = socket(0x2, 0x803, 0xff)
connect$inet(r3, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r4 = dup(r3)
r5 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x8000fffffffe)
creat(&(0x7f0000000100)='./bus\x00', 0x0)

[  458.717730][ T8130] usb 6-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 135
[  458.740531][ T8237] usb 3-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 135
[  458.793549][ T8130] usb 6-1: config 1 interface 1 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2
20:59:25 executing program 3:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0)
getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r1, 0x2007fff)
sendfile(r0, r0, 0x0, 0x8080fffffffe)
r2 = socket(0x2, 0x803, 0xff)
connect$inet(r2, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r3 = dup(r2)
r4 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r3, r4, 0x0, 0x8000fffffffe)
creat(&(0x7f0000000100)='./bus\x00', 0x0)

[  458.836858][ T8237] usb 3-1: config 1 interface 1 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  459.059931][ T8130] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  459.068999][ T8130] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  459.079542][ T8237] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  459.116067][ T8237] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  459.193503][ T8130] usb 6-1: Product: syz
[  459.197933][ T8237] usb 3-1: Product: syz
[  459.234403][ T8130] usb 6-1: Manufacturer: syz
[  459.240605][ T8237] usb 3-1: Manufacturer: syz
[  459.283859][ T8130] usb 6-1: SerialNumber: syz
[  459.292293][ T8237] usb 3-1: SerialNumber: syz
20:59:26 executing program 0:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0)
r1 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r1, 0x0, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r2, 0x2007fff)
sendfile(r0, r0, 0x0, 0x8080fffffffe)
r3 = socket(0x2, 0x803, 0xff)
connect$inet(r3, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r4 = dup(r3)
r5 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x8000fffffffe)
creat(0x0, 0x0)

20:59:26 executing program 3:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0)
getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r1, 0x2007fff)
sendfile(r0, r0, 0x0, 0x8080fffffffe)
r2 = socket(0x2, 0x803, 0xff)
connect$inet(r2, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r3 = dup(r2)
r4 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r3, r4, 0x0, 0x8000fffffffe)
creat(&(0x7f0000000100)='./bus\x00', 0x0)

[  459.587989][T14961] raw-gadget gadget: fail, usb_ep_enable returned -22
[  459.599413][T14966] raw-gadget gadget: fail, usb_ep_enable returned -22
[  459.850163][ T8237] cdc_ncm 3-1:1.0: bind() failure
[  459.869418][ T8130] cdc_ncm 6-1:1.0: bind() failure
[  459.912556][ T8237] cdc_ncm: probe of 3-1:1.1 failed with error -71
[  459.929873][ T8130] cdc_ncm: probe of 6-1:1.1 failed with error -71
[  460.003777][ T8237] cdc_mbim: probe of 3-1:1.1 failed with error -71
[  460.010700][ T8130] cdc_mbim: probe of 6-1:1.1 failed with error -71
[  460.048519][ T8237] usb 3-1: USB disconnect, device number 67
[  460.067041][ T8130] usb 6-1: USB disconnect, device number 5
20:59:27 executing program 5:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r0, &(0x7f0000000280)={0x2, 0x4e23, @multicast1}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
syz_usb_connect(0x0, 0x2d, &(0x7f0000000000)=ANY=[@ANYBLOB="1201fe0009003c0800240042ef4200000001"], 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000040)='highspeed\x00', 0xa)
sendto$inet(r0, &(0x7f00000012c0)=' ', 0x1, 0x0, 0x0, 0x0)

20:59:27 executing program 1:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0)
r1 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r1, 0x0, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r2, 0x2007fff)
sendfile(r0, r0, 0x0, 0x8080fffffffe)
r3 = socket(0x2, 0x803, 0xff)
connect$inet(r3, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r4 = dup(r3)
r5 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x8000fffffffe)
creat(0x0, 0x0)

20:59:27 executing program 3:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0)
r1 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r2, 0x2007fff)
sendfile(r0, r0, 0x0, 0x8080fffffffe)
r3 = socket(0x2, 0x803, 0xff)
connect$inet(r3, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r4 = dup(r3)
r5 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x8000fffffffe)
creat(&(0x7f0000000100)='./bus\x00', 0x0)

20:59:27 executing program 2:
syz_usb_connect$cdc_ncm(0x0, 0x6e, &(0x7f00000000c0)=ANY=[@ANYBLOB="12010000020000102505a1a440000102030109025c0002010000000904000001020d0000052406000105240000000d240f0100000000000000000006241a0000000905810300000000000904010000020d00000904010102020d00000905820287"], 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_usb_control_io$cdc_ncm(0xffffffffffffffff, 0x0, 0x0)

[  460.653396][   T27] kauditd_printk_skb: 15 callbacks suppressed
[  460.653411][   T27] audit: type=1804 audit(1597265967.628:247): pid=15044 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir504584553/syzkaller.tMLelO/261/bus" dev="sda1" ino=15891 res=1 errno=0
[  460.809239][ T8236] usb 3-1: new high-speed USB device number 68 using dummy_hcd
[  460.822679][   T27] audit: type=1804 audit(1597265967.698:248): pid=15045 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir504438119/syzkaller.d3nXn7/113/bus" dev="sda1" ino=15907 res=1 errno=0
20:59:27 executing program 4:
perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
timer_create(0x0, &(0x7f0000000040)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
timer_settime(0x0, 0x0, 0x0, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=<r0=>0x0)
timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
syz_open_procfs(0x0, &(0x7f0000000100)='net/packet\x00')
poll(0x0, 0x0, 0x204)
syz_genetlink_get_family_id$ipvs(0x0)
pipe(&(0x7f0000000140)={<r1=>0xffffffffffffffff})
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

20:59:27 executing program 0:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0)
r1 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r1, 0x0, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r2, 0x2007fff)
sendfile(r0, r0, 0x0, 0x8080fffffffe)
r3 = socket(0x2, 0x803, 0xff)
connect$inet(r3, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r4 = dup(r3)
r5 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x8000fffffffe)
creat(0x0, 0x0)

[  460.889326][ T7291] usb 6-1: new high-speed USB device number 6 using dummy_hcd
[  461.070343][   T27] audit: type=1804 audit(1597265967.828:249): pid=15047 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.3" name="/root/syzkaller-testdir504438119/syzkaller.d3nXn7/113/bus" dev="sda1" ino=15907 res=1 errno=0
[  461.099502][ T8236] usb 3-1: Using ep0 maxpacket: 16
[  461.159980][ T7291] usb 6-1: Using ep0 maxpacket: 8
[  461.220265][ T8236] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  461.260005][ T8236] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  461.330105][ T7291] usb 6-1: unable to read config index 0 descriptor/start: -61
[  461.337708][ T7291] usb 6-1: can't read configurations, error -61
[  461.356931][   T27] audit: type=1804 audit(1597265968.088:250): pid=15051 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/257/bus" dev="sda1" ino=15987 res=1 errno=0
[  461.400242][ T8236] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  461.474657][ T8236] usb 3-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 135
[  461.557872][ T8236] usb 3-1: config 1 interface 1 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  461.599297][ T7291] usb 6-1: new high-speed USB device number 7 using dummy_hcd
20:59:28 executing program 0:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0)
r1 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r1, 0x0, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r2, 0x2007fff)
sendfile(r0, r0, 0x0, 0x8080fffffffe)
r3 = socket(0x2, 0x803, 0xff)
connect$inet(r3, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r4 = dup(r3)
r5 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x8000fffffffe)
creat(0x0, 0x0)

[  461.849935][ T7291] usb 6-1: Using ep0 maxpacket: 8
[  461.855331][ T8236] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  461.886042][ T8236] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  461.965892][ T8236] usb 3-1: Product: syz
[  461.988900][ T8236] usb 3-1: Manufacturer: syz
[  462.013221][ T8236] usb 3-1: SerialNumber: syz
[  462.039467][ T7291] usb 6-1: unable to read config index 0 descriptor/start: -61
[  462.063434][ T7291] usb 6-1: can't read configurations, error -61
[  462.113909][ T7291] usb usb6-port1: attempt power cycle
20:59:29 executing program 3:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0)
r1 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r2, 0x2007fff)
sendfile(r0, r0, 0x0, 0x8080fffffffe)
r3 = socket(0x2, 0x803, 0xff)
connect$inet(r3, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r4 = dup(r3)
r5 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x8000fffffffe)
creat(&(0x7f0000000100)='./bus\x00', 0x0)

[  462.349446][ T8236] cdc_ncm 3-1:1.0: bind() failure
[  462.382362][ T8236] cdc_ncm 3-1:1.1: bind() failure
[  462.438077][ T8236] usb 3-1: USB disconnect, device number 68
20:59:29 executing program 1:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0)
r1 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r2, 0x2007fff)
sendfile(r0, r0, 0x0, 0x8080fffffffe)
r3 = socket(0x2, 0x803, 0xff)
connect$inet(r3, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r4 = dup(r3)
r5 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x8000fffffffe)
creat(&(0x7f0000000100)='./bus\x00', 0x0)

[  462.518028][   T27] audit: type=1804 audit(1597265969.489:251): pid=15068 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/258/bus" dev="sda1" ino=16066 res=1 errno=0
[  462.640675][   T27] audit: type=1804 audit(1597265969.599:252): pid=15077 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir504438119/syzkaller.d3nXn7/114/bus" dev="sda1" ino=15875 res=1 errno=0
[  462.717218][   T27] audit: type=1804 audit(1597265969.669:253): pid=15078 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.3" name="/root/syzkaller-testdir504438119/syzkaller.d3nXn7/114/bus" dev="sda1" ino=15875 res=1 errno=0
20:59:29 executing program 3:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0)
r1 = getpgid(0x0)
perf_event_open(0x0, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r2, 0x2007fff)
sendfile(r0, r0, 0x0, 0x8080fffffffe)
r3 = socket(0x2, 0x803, 0xff)
connect$inet(r3, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r4 = dup(r3)
r5 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x8000fffffffe)
creat(&(0x7f0000000100)='./bus\x00', 0x0)

20:59:29 executing program 2:
syz_usb_connect$cdc_ncm(0x0, 0x6e, &(0x7f00000000c0)=ANY=[@ANYBLOB="12010000020000102505a1a440000102030109025c0002010000000904000001020d0000052406000105240000000d240f0100000000000000000006241a0000000905810300000000000904010000020d00000904010102020d00000905820287"], 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_usb_control_io$cdc_ncm(0xffffffffffffffff, 0x0, 0x0)

[  462.859212][ T7291] usb 6-1: new high-speed USB device number 8 using dummy_hcd
[  462.893587][   T27] audit: type=1804 audit(1597265969.869:254): pid=15081 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir504584553/syzkaller.tMLelO/262/bus" dev="sda1" ino=15891 res=1 errno=0
[  462.965834][ T7291] usb 6-1: Using ep0 maxpacket: 8
[  463.011394][   T27] audit: type=1804 audit(1597265969.989:255): pid=15086 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.1" name="/root/syzkaller-testdir504584553/syzkaller.tMLelO/262/bus" dev="sda1" ino=15891 res=1 errno=0
20:59:30 executing program 0:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0)
r1 = getpgid(0x0)
perf_event_open(0x0, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r2, 0x2007fff)
sendfile(r0, r0, 0x0, 0x8080fffffffe)
r3 = socket(0x2, 0x803, 0xff)
connect$inet(r3, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r4 = dup(r3)
r5 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x8000fffffffe)
creat(&(0x7f0000000100)='./bus\x00', 0x0)

[  463.143068][   T27] audit: type=1804 audit(1597265970.119:256): pid=15089 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir504438119/syzkaller.d3nXn7/115/bus" dev="sda1" ino=16083 res=1 errno=0
[  463.168417][ T7291] usb 6-1: unable to read config index 0 descriptor/start: -61
[  463.184585][ T7291] usb 6-1: can't read configurations, error -61
[  463.249613][ T8130] usb 3-1: new high-speed USB device number 69 using dummy_hcd
[  463.369104][ T7291] usb 6-1: new high-speed USB device number 9 using dummy_hcd
20:59:30 executing program 1:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x0, 0x0)
r1 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r2, 0x2007fff)
sendfile(r0, r0, 0x0, 0x8080fffffffe)
r3 = socket(0x2, 0x803, 0xff)
connect$inet(r3, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r4 = dup(r3)
r5 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x8000fffffffe)
creat(&(0x7f0000000100)='./bus\x00', 0x0)

20:59:30 executing program 5:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r0, &(0x7f0000000280)={0x2, 0x4e23, @multicast1}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
syz_usb_connect(0x0, 0x2d, &(0x7f0000000000)=ANY=[@ANYBLOB="1201fe0009003c0800240042ef4200000001"], 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000040)='highspeed\x00', 0xa)
sendto$inet(r0, &(0x7f00000012c0)=' ', 0x1, 0x0, 0x0, 0x0)

20:59:30 executing program 3:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x0, 0x0)
r1 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r2, 0x2007fff)
sendfile(r0, r0, 0x0, 0x8080fffffffe)
r3 = socket(0x2, 0x803, 0xff)
connect$inet(r3, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r4 = dup(r3)
r5 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x8000fffffffe)
creat(&(0x7f0000000100)='./bus\x00', 0x0)

20:59:30 executing program 0:
r0 = open(0x0, 0x1031fe, 0x0)
r1 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r2, 0x2007fff)
sendfile(r0, r0, 0x0, 0x8080fffffffe)
r3 = socket(0x2, 0x803, 0xff)
connect$inet(r3, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r4 = dup(r3)
r5 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x8000fffffffe)
creat(&(0x7f0000000100)='./bus\x00', 0x0)

[  463.489237][ T8130] usb 3-1: Using ep0 maxpacket: 16
[  463.489388][ T7291] usb 6-1: Using ep0 maxpacket: 8
[  463.599310][ T7291] usb 6-1: device descriptor read/all, error -71
[  463.606390][ T7291] usb usb6-port1: unable to enumerate USB device
[  463.632541][ T8130] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  463.656683][ T8130] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  463.679972][ T8130] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  463.695840][ T8130] usb 3-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 135
[  463.726058][ T8130] usb 3-1: config 1 interface 1 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  463.986296][ T8130] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  464.017487][ T8130] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  464.089268][ T7291] usb 6-1: new high-speed USB device number 10 using dummy_hcd
[  464.102422][ T8130] usb 3-1: Product: syz
[  464.128774][ T8130] usb 3-1: Manufacturer: syz
[  464.156277][ T8130] usb 3-1: SerialNumber: syz
[  464.359174][ T7291] usb 6-1: Using ep0 maxpacket: 8
[  464.469170][ T8130] cdc_ncm 3-1:1.0: bind() failure
[  464.494493][ T8130] cdc_ncm 3-1:1.1: bind() failure
[  464.549749][ T7291] usb 6-1: unable to read config index 0 descriptor/start: -61
[  464.557381][ T7291] usb 6-1: can't read configurations, error -61
[  464.568819][ T8130] usb 3-1: USB disconnect, device number 69
20:59:31 executing program 4:
perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
timer_create(0x0, &(0x7f0000000040)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
timer_settime(0x0, 0x0, 0x0, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=<r0=>0x0)
timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
syz_open_procfs(0x0, &(0x7f0000000100)='net/packet\x00')
poll(0x0, 0x0, 0x204)
syz_genetlink_get_family_id$ipvs(0x0)
pipe(&(0x7f0000000140)={<r1=>0xffffffffffffffff})
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

20:59:31 executing program 1:
r0 = open(0x0, 0x1031fe, 0x0)
r1 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r2, 0x2007fff)
sendfile(r0, r0, 0x0, 0x8080fffffffe)
r3 = socket(0x2, 0x803, 0xff)
connect$inet(r3, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r4 = dup(r3)
r5 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x8000fffffffe)
creat(&(0x7f0000000100)='./bus\x00', 0x0)

[  464.782054][ T7291] usb 6-1: new high-speed USB device number 11 using dummy_hcd
20:59:31 executing program 0:
r0 = socket$inet6(0xa, 0x2, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x0)
pipe(&(0x7f0000000100))
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket(0x1, 0x803, 0x0)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000540)=@newlink={0x78, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x48, 0x12, 0x0, 0x1, @vlan={{0x9, 0x1, 'vlan\x00'}, {0x38, 0x2, 0x0, 0x1, [@IFLA_VLAN_ID={0x6}, @IFLA_VLAN_INGRESS_QOS={0x28, 0x4, 0x0, 0x1, [@IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x0, 0x7}}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0xfff, 0x800}}, @IFLA_VLAN_QOS_MAPPING={0xc}]}, @IFLA_VLAN_EGRESS_QOS={0x4}]}}}, @IFLA_LINK={0x8, 0x5, r4}, @IFLA_MASTER={0x8, 0xa, r4}]}, 0x78}}, 0x0)

20:59:31 executing program 3:
r0 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r1, 0x2007fff)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x8080fffffffe)
r2 = socket(0x2, 0x803, 0xff)
connect$inet(r2, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r3 = dup(r2)
r4 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r3, r4, 0x0, 0x8000fffffffe)
creat(&(0x7f0000000100)='./bus\x00', 0x0)

20:59:31 executing program 2:
syz_usb_connect$cdc_ncm(0x0, 0x6e, &(0x7f00000000c0)=ANY=[@ANYBLOB="12010000020000102505a1a440000102030109025c0002010000000904000001020d0000052406000105240000000d240f0100000000000000000006241a0000000905810300000000000904010000020d00000904010102020d00000905820287"], 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_usb_control_io$cdc_ncm(0xffffffffffffffff, 0x0, 0x0)

[  465.059492][ T7291] usb 6-1: Using ep0 maxpacket: 8
[  465.249388][ T7291] usb 6-1: unable to read config index 0 descriptor/start: -61
[  465.267331][ T7291] usb 6-1: can't read configurations, error -61
20:59:32 executing program 0:
r0 = socket$inet6(0xa, 0x2, 0x0)
dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
pipe(&(0x7f0000000100))
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x1, 0x803, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000540)=@newlink={0x78, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x48, 0x12, 0x0, 0x1, @vlan={{0x9, 0x1, 'vlan\x00'}, {0x38, 0x2, 0x0, 0x1, [@IFLA_VLAN_ID={0x6}, @IFLA_VLAN_INGRESS_QOS={0x28, 0x4, 0x0, 0x1, [@IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x0, 0x7}}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0xfff, 0x800}}, @IFLA_VLAN_QOS_MAPPING={0xc}]}, @IFLA_VLAN_EGRESS_QOS={0x4}]}}}, @IFLA_LINK={0x8, 0x5, r3}, @IFLA_MASTER={0x8, 0xa, r3}]}, 0x78}}, 0x0)

[  465.306823][ T7291] usb usb6-port1: attempt power cycle
20:59:32 executing program 0:
r0 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r1, 0x2007fff)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x8080fffffffe)
r2 = socket(0x2, 0x803, 0xff)
connect$inet(r2, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r3 = dup(r2)
r4 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r3, r4, 0x0, 0x8000fffffffe)
creat(&(0x7f0000000100)='./bus\x00', 0x0)

[  465.409285][ T8808] usb 3-1: new high-speed USB device number 70 using dummy_hcd
[  465.669167][ T8808] usb 3-1: Using ep0 maxpacket: 16
20:59:32 executing program 1:
r0 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r1, 0x2007fff)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x8080fffffffe)
r2 = socket(0x2, 0x803, 0xff)
connect$inet(r2, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r3 = dup(r2)
r4 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r3, r4, 0x0, 0x8000fffffffe)
creat(&(0x7f0000000100)='./bus\x00', 0x0)

[  465.728820][   T27] kauditd_printk_skb: 13 callbacks suppressed
[  465.728836][   T27] audit: type=1804 audit(1597265972.699:270): pid=15149 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/263/bus" dev="sda1" ino=16258 res=1 errno=0
[  465.789401][ T8808] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  465.829639][ T8808] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
20:59:32 executing program 3:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r1, 0x2007fff)
sendfile(r0, r0, 0x0, 0x8080fffffffe)
r2 = socket(0x2, 0x803, 0xff)
connect$inet(r2, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r3 = dup(r2)
r4 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r3, r4, 0x0, 0x8000fffffffe)
creat(&(0x7f0000000100)='./bus\x00', 0x0)

[  465.860840][   T27] audit: type=1804 audit(1597265972.839:271): pid=15150 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/263/bus" dev="sda1" ino=16258 res=1 errno=0
[  465.880198][ T8808] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  465.943750][ T8808] usb 3-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 135
[  466.016766][ T8808] usb 3-1: config 1 interface 1 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  466.069118][ T7291] usb 6-1: new high-speed USB device number 12 using dummy_hcd
[  466.103731][   T27] audit: type=1804 audit(1597265973.079:272): pid=15152 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir504584553/syzkaller.tMLelO/265/bus" dev="sda1" ino=15859 res=1 errno=0
[  466.206919][   T27] audit: type=1804 audit(1597265973.179:273): pid=15155 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir504438119/syzkaller.d3nXn7/118/bus" dev="sda1" ino=16291 res=1 errno=0
[  466.249117][ T7291] usb 6-1: Using ep0 maxpacket: 8
[  466.269241][ T8808] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  466.312997][ T8808] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  466.372977][ T8808] usb 3-1: Product: syz
[  466.390881][ T8808] usb 3-1: Manufacturer: syz
[  466.405841][   T27] audit: type=1804 audit(1597265973.239:274): pid=15157 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.3" name="/root/syzkaller-testdir504438119/syzkaller.d3nXn7/118/bus" dev="sda1" ino=16291 res=1 errno=0
[  466.410505][ T8808] usb 3-1: SerialNumber: syz
[  466.449234][ T7291] usb 6-1: unable to read config index 0 descriptor/start: -61
[  466.455872][   T27] audit: type=1804 audit(1597265973.259:275): pid=15156 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.1" name="/root/syzkaller-testdir504584553/syzkaller.tMLelO/265/bus" dev="sda1" ino=15859 res=1 errno=0
[  466.457028][ T7291] usb 6-1: can't read configurations, error -61
20:59:33 executing program 5:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r0, &(0x7f0000000280)={0x2, 0x4e23, @multicast1}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
syz_usb_connect(0x0, 0x2d, &(0x7f0000000000)=ANY=[@ANYBLOB="1201fe0009003c0800240042ef4200000001"], 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000040)='highspeed\x00', 0xa)
sendto$inet(r0, &(0x7f00000012c0)=' ', 0x1, 0x0, 0x0, 0x0)

20:59:33 executing program 0:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r1, 0x2007fff)
sendfile(r0, r0, 0x0, 0x8080fffffffe)
r2 = socket(0x2, 0x803, 0xff)
connect$inet(r2, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r3 = dup(r2)
r4 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r3, r4, 0x0, 0x8000fffffffe)
creat(&(0x7f0000000100)='./bus\x00', 0x0)

20:59:33 executing program 3:
r0 = dup(0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
pipe(&(0x7f0000000100))
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x1, 0x803, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000540)=@newlink={0x78, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x48, 0x12, 0x0, 0x1, @vlan={{0x9, 0x1, 'vlan\x00'}, {0x38, 0x2, 0x0, 0x1, [@IFLA_VLAN_ID={0x6}, @IFLA_VLAN_INGRESS_QOS={0x28, 0x4, 0x0, 0x1, [@IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x0, 0x7}}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0xfff, 0x800}}, @IFLA_VLAN_QOS_MAPPING={0xc}]}, @IFLA_VLAN_EGRESS_QOS={0x4}]}}}, @IFLA_LINK={0x8, 0x5, r3}, @IFLA_MASTER={0x8, 0xa, r3}]}, 0x78}}, 0x0)

[  466.758999][ T8808] cdc_ncm 3-1:1.0: bind() failure
[  466.780215][ T8808] cdc_ncm 3-1:1.1: bind() failure
[  466.857950][ T8808] usb 3-1: USB disconnect, device number 70
[  466.906032][   T27] audit: type=1804 audit(1597265973.879:276): pid=15181 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/264/bus" dev="sda1" ino=16145 res=1 errno=0
[  466.973637][   T27] audit: type=1804 audit(1597265973.949:277): pid=15187 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/264/bus" dev="sda1" ino=16145 res=1 errno=0
[  467.268958][ T7291] usb 6-1: new high-speed USB device number 13 using dummy_hcd
[  467.389552][ T7291] usb 6-1: Using ep0 maxpacket: 8
[  467.579195][ T7291] usb 6-1: unable to read config index 0 descriptor/start: -61
[  467.586779][ T7291] usb 6-1: can't read configurations, error -61
[  467.593317][ T7291] usb usb6-port1: unable to enumerate USB device
20:59:34 executing program 4:
perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
timer_create(0x0, &(0x7f0000000040)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
timer_settime(0x0, 0x0, 0x0, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=<r0=>0x0)
timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
syz_open_procfs(0x0, &(0x7f0000000100)='net/packet\x00')
poll(0x0, 0x0, 0x204)
syz_genetlink_get_family_id$ipvs(0x0)
pipe(&(0x7f0000000140)={<r1=>0xffffffffffffffff})
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

20:59:34 executing program 1:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0)
getpgid(0x0)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r1, 0x2007fff)
sendfile(r0, r0, 0x0, 0x8080fffffffe)
r2 = socket(0x2, 0x803, 0xff)
connect$inet(r2, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r3 = dup(r2)
r4 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r3, r4, 0x0, 0x8000fffffffe)
creat(&(0x7f0000000100)='./bus\x00', 0x0)

20:59:34 executing program 3:
perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
timer_create(0x0, &(0x7f0000000040)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
timer_settime(0x0, 0x0, &(0x7f0000000180)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
syz_open_procfs(0x0, &(0x7f0000000100)='net/packet\x00')
poll(0x0, 0x0, 0x204)
syz_genetlink_get_family_id$ipvs(0x0)
pipe(&(0x7f0000000140)={<r0=>0xffffffffffffffff})
vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

20:59:34 executing program 0:
open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0)
r0 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r1, 0x2007fff)
r2 = socket(0x2, 0x803, 0xff)
connect$inet(r2, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r3 = dup(r2)
r4 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r3, r4, 0x0, 0x8000fffffffe)
creat(&(0x7f0000000100)='./bus\x00', 0x0)

20:59:34 executing program 2:
perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
timer_create(0x0, &(0x7f0000000040)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200))
syz_open_procfs(0x0, &(0x7f0000000100)='net/packet\x00')
poll(0x0, 0x0, 0x204)
syz_genetlink_get_family_id$ipvs(0x0)
pipe(&(0x7f0000000140)={<r0=>0xffffffffffffffff})
vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

[  467.996657][   T27] audit: type=1804 audit(1597265974.969:278): pid=15193 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/265/bus" dev="sda1" ino=16225 res=1 errno=0
[  468.051400][   T27] audit: type=1804 audit(1597265975.019:279): pid=15201 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir504584553/syzkaller.tMLelO/266/bus" dev="sda1" ino=16379 res=1 errno=0
20:59:35 executing program 1:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0)
r1 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r2, 0x2007fff)
sendfile(r0, r0, 0x0, 0x8080fffffffe)
connect$inet(0xffffffffffffffff, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r3 = dup(0xffffffffffffffff)
r4 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r3, r4, 0x0, 0x8000fffffffe)
creat(&(0x7f0000000100)='./bus\x00', 0x0)

20:59:35 executing program 2:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0)
r1 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r2, 0x2007fff)
sendfile(r0, r0, 0x0, 0x8080fffffffe)
connect$inet(0xffffffffffffffff, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r3 = dup(0xffffffffffffffff)
r4 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r3, r4, 0x0, 0x8000fffffffe)
creat(&(0x7f0000000100)='./bus\x00', 0x0)

20:59:35 executing program 0:
perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
timer_create(0x0, &(0x7f0000000040)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200))
syz_open_procfs(0x0, &(0x7f0000000100)='net/packet\x00')
poll(0x0, 0x0, 0x204)
syz_genetlink_get_family_id$ipvs(0x0)
pipe(&(0x7f0000000140)={<r0=>0xffffffffffffffff})
vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

20:59:35 executing program 3:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0)
r1 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r2, 0x2007fff)
sendfile(r0, r0, 0x0, 0x8080fffffffe)
connect$inet(0xffffffffffffffff, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r3 = dup(0xffffffffffffffff)
r4 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r3, r4, 0x0, 0x8000fffffffe)
creat(&(0x7f0000000100)='./bus\x00', 0x0)

20:59:36 executing program 5:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0)
r1 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r2, 0x2007fff)
sendfile(r0, r0, 0x0, 0x8080fffffffe)
r3 = socket(0x2, 0x803, 0xff)
connect$inet(r3, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r4 = dup(r3)
r5 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x8000fffffffe)
creat(&(0x7f0000000100)='./bus\x00', 0x0)

20:59:36 executing program 0:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0)
r1 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r2, 0x2007fff)
sendfile(r0, r0, 0x0, 0x8080fffffffe)
connect$inet(0xffffffffffffffff, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r3 = dup(0xffffffffffffffff)
r4 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r3, r4, 0x0, 0x8000fffffffe)
creat(&(0x7f0000000100)='./bus\x00', 0x0)

20:59:36 executing program 2:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0)
r1 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r2, 0x2007fff)
sendfile(r0, r0, 0x0, 0x8080fffffffe)
r3 = socket(0x2, 0x803, 0xff)
connect$inet(r3, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r4 = dup(r3)
r5 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x8000fffffffe)
creat(&(0x7f0000000100)='./bus\x00', 0x0)

20:59:37 executing program 4:
perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
timer_create(0x0, &(0x7f0000000040)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
timer_create(0x0, 0x0, &(0x7f0000000200)=<r0=>0x0)
timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
syz_open_procfs(0x0, &(0x7f0000000100)='net/packet\x00')
poll(0x0, 0x0, 0x204)
syz_genetlink_get_family_id$ipvs(0x0)
pipe(&(0x7f0000000140)={<r1=>0xffffffffffffffff})
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

20:59:37 executing program 1:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0)
r1 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r2, 0x2007fff)
sendfile(r0, r0, 0x0, 0x8080fffffffe)
r3 = socket(0x2, 0x803, 0xff)
connect$inet(r3, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r4 = dup(r3)
r5 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x8000fffffffe)
creat(&(0x7f0000000100)='./bus\x00', 0x0)

20:59:37 executing program 3:
perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
timer_create(0x0, &(0x7f0000000040)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=<r0=>0x0)
timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
poll(0x0, 0x0, 0x204)
syz_genetlink_get_family_id$ipvs(0x0)
pipe(&(0x7f0000000140)={<r1=>0xffffffffffffffff})
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

20:59:37 executing program 0:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0)
r1 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r2, 0x2007fff)
sendfile(r0, r0, 0x0, 0x8080fffffffe)
r3 = socket(0x2, 0x803, 0xff)
connect$inet(r3, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r4 = dup(r3)
r5 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x8000fffffffe)
creat(&(0x7f0000000100)='./bus\x00', 0x0)

20:59:37 executing program 2:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0)
r1 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r2, 0x2007fff)
sendfile(r0, r0, 0x0, 0x8080fffffffe)
r3 = socket(0x2, 0x803, 0xff)
connect$inet(r3, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r4 = dup(r3)
r5 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x8000fffffffe)
creat(&(0x7f0000000100)='./bus\x00', 0x0)

20:59:38 executing program 4:
perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
timer_create(0x0, &(0x7f0000000040)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
timer_create(0x0, 0x0, &(0x7f0000000200)=<r0=>0x0)
timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
syz_open_procfs(0x0, &(0x7f0000000100)='net/packet\x00')
poll(0x0, 0x0, 0x204)
syz_genetlink_get_family_id$ipvs(0x0)
pipe(&(0x7f0000000140)={<r1=>0xffffffffffffffff})
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

20:59:38 executing program 4:
perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
timer_create(0x0, &(0x7f0000000040)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
timer_create(0x0, 0x0, &(0x7f0000000200)=<r0=>0x0)
timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
syz_open_procfs(0x0, &(0x7f0000000100)='net/packet\x00')
poll(0x0, 0x0, 0x204)
syz_genetlink_get_family_id$ipvs(0x0)
pipe(&(0x7f0000000140)={<r1=>0xffffffffffffffff})
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

[  471.270492][   T27] kauditd_printk_skb: 14 callbacks suppressed
[  471.270507][   T27] audit: type=1804 audit(1597265978.239:294): pid=15247 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir504584553/syzkaller.tMLelO/268/bus" dev="sda1" ino=16209 res=1 errno=0
20:59:38 executing program 3:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0)
r1 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r2, 0x2007fff)
sendfile(r0, r0, 0x0, 0x8080fffffffe)
r3 = socket(0x2, 0x803, 0xff)
connect$inet(r3, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r4 = dup(r3)
r5 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x8000fffffffe)
creat(&(0x7f0000000100)='./bus\x00', 0x0)

[  471.666529][   T27] audit: type=1804 audit(1597265978.319:295): pid=15250 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/268/bus" dev="sda1" ino=16380 res=1 errno=0
20:59:38 executing program 5:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0)
r1 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r2, 0x2007fff)
sendfile(r0, r0, 0x0, 0x8080fffffffe)
r3 = socket(0x2, 0x803, 0xff)
getsockopt$EBT_SO_GET_INIT_ENTRIES(0xffffffffffffffff, 0x0, 0x83, 0x0, 0x0)
r4 = dup(r3)
r5 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x8000fffffffe)
creat(&(0x7f0000000100)='./bus\x00', 0x0)

20:59:38 executing program 4:
perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
timer_create(0x0, &(0x7f0000000040)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x0, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=<r0=>0x0)
timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
syz_open_procfs(0x0, &(0x7f0000000100)='net/packet\x00')
poll(0x0, 0x0, 0x204)
syz_genetlink_get_family_id$ipvs(0x0)
pipe(&(0x7f0000000140)={<r1=>0xffffffffffffffff})
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

[  471.948786][   T27] audit: type=1804 audit(1597265978.389:296): pid=15250 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/268/bus" dev="sda1" ino=16380 res=1 errno=0
[  472.203590][   T27] audit: type=1804 audit(1597265978.389:297): pid=15253 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.1" name="/root/syzkaller-testdir504584553/syzkaller.tMLelO/268/bus" dev="sda1" ino=16209 res=1 errno=0
[  472.448880][   T27] audit: type=1804 audit(1597265978.719:298): pid=15259 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir977606918/syzkaller.7QGhxZ/154/bus" dev="sda1" ino=16379 res=1 errno=0
[  472.671077][   T27] audit: type=1804 audit(1597265978.889:299): pid=15263 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.2" name="/root/syzkaller-testdir977606918/syzkaller.7QGhxZ/154/bus" dev="sda1" ino=16379 res=1 errno=0
20:59:39 executing program 4:
perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
timer_create(0x0, &(0x7f0000000040)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x0, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=<r0=>0x0)
timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
syz_open_procfs(0x0, &(0x7f0000000100)='net/packet\x00')
poll(0x0, 0x0, 0x204)
syz_genetlink_get_family_id$ipvs(0x0)
pipe(&(0x7f0000000140)={<r1=>0xffffffffffffffff})
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

20:59:39 executing program 0:
perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
timer_create(0x0, &(0x7f0000000040)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
timer_create(0x0, 0x0, &(0x7f0000000200)=<r0=>0x0)
timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
syz_open_procfs(0x0, &(0x7f0000000100)='net/packet\x00')
poll(0x0, 0x0, 0x204)
syz_genetlink_get_family_id$ipvs(0x0)
pipe(&(0x7f0000000140)={<r1=>0xffffffffffffffff})
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

[  472.864510][   T27] audit: type=1804 audit(1597265979.079:300): pid=15261 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir504438119/syzkaller.d3nXn7/123/bus" dev="sda1" ino=16129 res=1 errno=0
[  473.030229][   T27] audit: type=1804 audit(1597265979.249:301): pid=15271 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.3" name="/root/syzkaller-testdir504438119/syzkaller.d3nXn7/123/bus" dev="sda1" ino=16129 res=1 errno=0
20:59:40 executing program 1:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0)
r1 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r2, 0x2007fff)
sendfile(r0, r0, 0x0, 0x8080fffffffe)
r3 = socket(0x2, 0x803, 0xff)
connect$inet(r3, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r4 = dup(r3)
r5 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x8000fffffffe)
creat(&(0x7f0000000100)='./bus\x00', 0x0)

20:59:40 executing program 0:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0)
r1 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r2, 0x2007fff)
sendfile(r0, r0, 0x0, 0x8080fffffffe)
r3 = socket(0x2, 0x803, 0xff)
getsockopt$EBT_SO_GET_INIT_ENTRIES(0xffffffffffffffff, 0x0, 0x83, 0x0, 0x0)
r4 = dup(r3)
r5 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x8000fffffffe)
creat(&(0x7f0000000100)='./bus\x00', 0x0)

[  473.228978][   T27] audit: type=1804 audit(1597265979.299:302): pid=15269 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir564795758/syzkaller.F1CQcA/105/bus" dev="sda1" ino=15896 res=1 errno=0
20:59:40 executing program 5:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0)
r1 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r2, 0x2007fff)
sendfile(r0, r0, 0x0, 0x8080fffffffe)
r3 = socket(0x2, 0x803, 0xff)
getsockopt$EBT_SO_GET_INIT_ENTRIES(0xffffffffffffffff, 0x0, 0x83, 0x0, 0x0)
r4 = dup(r3)
r5 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x8000fffffffe)
creat(&(0x7f0000000100)='./bus\x00', 0x0)

20:59:40 executing program 2:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0)
r1 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r2, 0x2007fff)
sendfile(r0, r0, 0x0, 0x8080fffffffe)
r3 = socket(0x2, 0x803, 0xff)
connect$inet(r3, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r4 = dup(r3)
r5 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x8000fffffffe)
creat(&(0x7f0000000100)='./bus\x00', 0x0)

[  473.410897][   T27] audit: type=1804 audit(1597265979.389:303): pid=15269 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.5" name="/root/syzkaller-testdir564795758/syzkaller.F1CQcA/105/bus" dev="sda1" ino=15896 res=1 errno=0
20:59:40 executing program 4:
perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
timer_create(0x0, &(0x7f0000000040)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x0, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=<r0=>0x0)
timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
syz_open_procfs(0x0, &(0x7f0000000100)='net/packet\x00')
poll(0x0, 0x0, 0x204)
syz_genetlink_get_family_id$ipvs(0x0)
pipe(&(0x7f0000000140)={<r1=>0xffffffffffffffff})
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

20:59:41 executing program 3:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0)
r1 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r2, 0x2007fff)
sendfile(r0, r0, 0x0, 0x8080fffffffe)
r3 = socket(0x2, 0x803, 0xff)
getsockopt$EBT_SO_GET_INIT_ENTRIES(0xffffffffffffffff, 0x0, 0x83, 0x0, 0x0)
connect$inet(r3, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r4 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(0xffffffffffffffff, r4, 0x0, 0x8000fffffffe)
creat(&(0x7f0000000100)='./bus\x00', 0x0)

20:59:41 executing program 4:
perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
timer_create(0x0, &(0x7f0000000040)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, 0x0)
timer_settime(0x0, 0x0, &(0x7f0000000180)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
syz_open_procfs(0x0, &(0x7f0000000100)='net/packet\x00')
poll(0x0, 0x0, 0x204)
syz_genetlink_get_family_id$ipvs(0x0)
pipe(&(0x7f0000000140)={<r0=>0xffffffffffffffff})
vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

20:59:42 executing program 0:
perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
timer_create(0x0, &(0x7f0000000040)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x0, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=<r0=>0x0)
timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
syz_open_procfs(0x0, &(0x7f0000000100)='net/packet\x00')
poll(0x0, 0x0, 0x204)
syz_genetlink_get_family_id$ipvs(0x0)
pipe(&(0x7f0000000140)={<r1=>0xffffffffffffffff})
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

20:59:42 executing program 5:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r1, 0x400455c8, 0x0)
dup2(r0, r1)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000008c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
r4 = fcntl$dupfd(r2, 0x0, r3)
ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200)
syz_usb_connect(0x0, 0x0, 0x0, 0x0)

20:59:42 executing program 1:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0)
r1 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r2, 0x2007fff)
sendfile(r0, r0, 0x0, 0x8080fffffffe)
r3 = socket(0x2, 0x803, 0xff)
getsockopt$EBT_SO_GET_INIT_ENTRIES(0xffffffffffffffff, 0x0, 0x83, 0x0, 0x0)
connect$inet(r3, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r4 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(0xffffffffffffffff, r4, 0x0, 0x8000fffffffe)
creat(&(0x7f0000000100)='./bus\x00', 0x0)

[  475.531282][   T21] Bluetooth: hci6: Frame reassembly failed (-84)
20:59:42 executing program 4:
perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
timer_create(0x0, &(0x7f0000000040)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, 0x0)
timer_settime(0x0, 0x0, &(0x7f0000000180)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
syz_open_procfs(0x0, &(0x7f0000000100)='net/packet\x00')
poll(0x0, 0x0, 0x204)
syz_genetlink_get_family_id$ipvs(0x0)
pipe(&(0x7f0000000140)={<r0=>0xffffffffffffffff})
vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

20:59:42 executing program 0:
perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
timer_create(0x0, &(0x7f0000000040)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=<r0=>0x0)
timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
syz_open_procfs(0x0, &(0x7f0000000100)='net/packet\x00')
poll(0x0, 0x0, 0x204)
pipe(&(0x7f0000000140)={<r1=>0xffffffffffffffff})
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

20:59:42 executing program 3:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0)
r1 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r2, 0x2007fff)
sendfile(r0, r0, 0x0, 0x8080fffffffe)
r3 = socket(0x2, 0x803, 0xff)
getsockopt$EBT_SO_GET_INIT_ENTRIES(0xffffffffffffffff, 0x0, 0x83, 0x0, 0x0)
connect$inet(r3, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r4 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(0xffffffffffffffff, r4, 0x0, 0x8000fffffffe)
creat(&(0x7f0000000100)='./bus\x00', 0x0)

20:59:42 executing program 2:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0)
r1 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r2, 0x2007fff)
sendfile(r0, r0, 0x0, 0x8080fffffffe)
r3 = socket(0x2, 0x803, 0xff)
getsockopt$EBT_SO_GET_INIT_ENTRIES(0xffffffffffffffff, 0x0, 0x83, 0x0, 0x0)
connect$inet(r3, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r4 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(0xffffffffffffffff, r4, 0x0, 0x8000fffffffe)
creat(&(0x7f0000000100)='./bus\x00', 0x0)

20:59:43 executing program 4:
perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
timer_create(0x0, &(0x7f0000000040)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, 0x0)
timer_settime(0x0, 0x0, &(0x7f0000000180)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
syz_open_procfs(0x0, &(0x7f0000000100)='net/packet\x00')
poll(0x0, 0x0, 0x204)
syz_genetlink_get_family_id$ipvs(0x0)
pipe(&(0x7f0000000140)={<r0=>0xffffffffffffffff})
vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

[  476.450358][   T27] kauditd_printk_skb: 12 callbacks suppressed
[  476.450374][   T27] audit: type=1804 audit(1597265983.419:316): pid=15337 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir977606918/syzkaller.7QGhxZ/156/bus" dev="sda1" ino=16372 res=1 errno=0
20:59:43 executing program 0:
perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
timer_create(0x0, &(0x7f0000000040)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=<r0=>0x0)
timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
syz_open_procfs(0x0, &(0x7f0000000100)='net/packet\x00')
poll(0x0, 0x0, 0x204)
pipe(&(0x7f0000000140)={<r1=>0xffffffffffffffff})
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

[  476.657949][   T27] audit: type=1804 audit(1597265983.479:317): pid=15337 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.2" name="/root/syzkaller-testdir977606918/syzkaller.7QGhxZ/156/bus" dev="sda1" ino=16372 res=1 errno=0
[  476.836924][   T27] audit: type=1804 audit(1597265983.539:318): pid=15335 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir504438119/syzkaller.d3nXn7/125/bus" dev="sda1" ino=16371 res=1 errno=0
20:59:44 executing program 1:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0)
r1 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r2, 0x2007fff)
sendfile(r0, r0, 0x0, 0x8080fffffffe)
r3 = socket(0x2, 0x803, 0xff)
getsockopt$EBT_SO_GET_INIT_ENTRIES(0xffffffffffffffff, 0x0, 0x83, 0x0, 0x0)
connect$inet(r3, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r4 = dup(r3)
sendfile(r4, 0xffffffffffffffff, 0x0, 0x8000fffffffe)
creat(&(0x7f0000000100)='./bus\x00', 0x0)

[  476.997286][   T27] audit: type=1804 audit(1597265983.579:319): pid=15335 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.3" name="/root/syzkaller-testdir504438119/syzkaller.d3nXn7/125/bus" dev="sda1" ino=16371 res=1 errno=0
20:59:44 executing program 4:
perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
timer_create(0x0, &(0x7f0000000040)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, 0x0)
timer_settime(0x0, 0x0, 0x0, 0x0)
syz_open_procfs(0x0, &(0x7f0000000100)='net/packet\x00')
poll(0x0, 0x0, 0x204)
syz_genetlink_get_family_id$ipvs(0x0)
pipe(&(0x7f0000000140)={<r0=>0xffffffffffffffff})
vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

20:59:44 executing program 3:
perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
timer_create(0x0, &(0x7f0000000040)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=<r0=>0x0)
timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
syz_open_procfs(0x0, &(0x7f0000000100)='net/packet\x00')
poll(0x0, 0x0, 0x204)
pipe(&(0x7f0000000140)={<r1=>0xffffffffffffffff})
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

20:59:44 executing program 0:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0)
r1 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r2, 0x2007fff)
sendfile(r0, r0, 0x0, 0x8080fffffffe)
r3 = socket(0x2, 0x803, 0xff)
getsockopt$EBT_SO_GET_INIT_ENTRIES(0xffffffffffffffff, 0x0, 0x83, 0x0, 0x0)
connect$inet(r3, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r4 = dup(r3)
r5 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x8000fffffffe)

[  477.568433][ T7291] Bluetooth: hci6: command 0x1003 tx timeout
[  477.576036][ T6858] Bluetooth: hci6: sending frame failed (-49)
[  477.844612][   T27] audit: type=1804 audit(1597265984.819:320): pid=15363 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/274/bus" dev="sda1" ino=16377 res=1 errno=0
[  479.658323][   T12] Bluetooth: hci6: command 0x1001 tx timeout
[  479.665092][ T6858] Bluetooth: hci6: sending frame failed (-49)
[  481.738230][   T12] Bluetooth: hci6: command 0x1009 tx timeout
20:59:52 executing program 5:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r1, 0x400455c8, 0x0)
dup2(r0, r1)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000008c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
r4 = fcntl$dupfd(r2, 0x0, r3)
ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200)
syz_usb_connect(0x0, 0x0, 0x0, 0x0)

20:59:52 executing program 2:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0)
r1 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r2, 0x2007fff)
sendfile(r0, r0, 0x0, 0x8080fffffffe)
r3 = socket(0x2, 0x803, 0xff)
getsockopt$EBT_SO_GET_INIT_ENTRIES(0xffffffffffffffff, 0x0, 0x83, 0x0, 0x0)
connect$inet(r3, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r4 = dup(r3)
r5 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x8000fffffffe)

20:59:52 executing program 4:
perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
timer_create(0x0, &(0x7f0000000040)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, 0x0)
timer_settime(0x0, 0x0, 0x0, 0x0)
syz_open_procfs(0x0, 0x0)
poll(0x0, 0x0, 0x204)
syz_genetlink_get_family_id$ipvs(0x0)
pipe(&(0x7f0000000140)={<r0=>0xffffffffffffffff})
vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

20:59:52 executing program 1:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0)
r1 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r2, 0x2007fff)
sendfile(r0, r0, 0x0, 0x8080fffffffe)
r3 = socket(0x2, 0x803, 0xff)
getsockopt$EBT_SO_GET_INIT_ENTRIES(0xffffffffffffffff, 0x0, 0x83, 0x0, 0x0)
connect$inet(r3, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r4 = dup(r3)
r5 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x8000fffffffe)

20:59:52 executing program 3:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r0, &(0x7f0000000280)={0x2, 0x4e23, @multicast1}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x0, @local}, 0x10)
syz_usb_connect(0x0, 0x2d, &(0x7f0000000000)=ANY=[@ANYBLOB="1201fe0009003c0800240042ef42000000010902"], 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000040)='highspeed\x00', 0xa)
sendto$inet(r0, &(0x7f00000012c0)=' ', 0x1, 0x0, 0x0, 0x0)

20:59:52 executing program 0:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0)
r1 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r2, 0x2007fff)
sendfile(r0, r0, 0x0, 0x8080fffffffe)
r3 = socket(0x2, 0x803, 0xff)
getsockopt$EBT_SO_GET_INIT_ENTRIES(0xffffffffffffffff, 0x0, 0x83, 0x0, 0x0)
connect$inet(r3, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r4 = dup(r3)
r5 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x8000fffffffe)

[  486.053585][   T21] Bluetooth: hci6: Frame reassembly failed (-84)
[  486.223168][   T27] audit: type=1804 audit(1597265993.190:321): pid=15390 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir504584553/syzkaller.tMLelO/272/bus" dev="sda1" ino=16358 res=1 errno=0
[  486.248356][   T12] usb 4-1: new high-speed USB device number 10 using dummy_hcd
20:59:53 executing program 4:
perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
timer_create(0x0, &(0x7f0000000040)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, 0x0)
timer_settime(0x0, 0x0, 0x0, 0x0)
syz_open_procfs(0x0, 0x0)
poll(0x0, 0x0, 0x204)
syz_genetlink_get_family_id$ipvs(0x0)
pipe(&(0x7f0000000140)={<r0=>0xffffffffffffffff})
vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

[  486.456902][   T27] audit: type=1804 audit(1597265993.240:322): pid=15392 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir977606918/syzkaller.7QGhxZ/157/bus" dev="sda1" ino=16359 res=1 errno=0
[  486.528115][   T12] usb 4-1: Using ep0 maxpacket: 8
[  486.658207][   T12] usb 4-1: config 0 has no interfaces?
[  486.664219][   T12] usb 4-1: New USB device found, idVendor=2400, idProduct=4200, bcdDevice=42.ef
[  486.717574][   T27] audit: type=1804 audit(1597265993.270:323): pid=15391 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/275/bus" dev="sda1" ino=16363 res=1 errno=0
[  486.831878][   T12] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  486.918765][   T12] usb 4-1: config 0 descriptor??
[  487.299748][   T12] usb 4-1: USB disconnect, device number 10
20:59:54 executing program 4:
perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
timer_create(0x0, &(0x7f0000000040)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, 0x0)
timer_settime(0x0, 0x0, 0x0, 0x0)
syz_open_procfs(0x0, 0x0)
poll(0x0, 0x0, 0x204)
syz_genetlink_get_family_id$ipvs(0x0)
pipe(&(0x7f0000000140)={<r0=>0xffffffffffffffff})
vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

20:59:54 executing program 1:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r0, &(0x7f0000000280)={0x2, 0x4e23, @multicast1}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, 0x0, 0x0)
syz_usb_connect(0x0, 0x2d, &(0x7f0000000000)=ANY=[@ANYBLOB="1201fe0009003c0800240042ef42000000010902"], 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000040)='highspeed\x00', 0xa)
sendto$inet(r0, &(0x7f00000012c0)=' ', 0x1, 0x0, 0x0, 0x0)

20:59:54 executing program 3:
syz_usb_connect(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="120100004d10c310ba45dc92ce050000000109026ae6c9a10000000904080002fe03000009050502090000000009058f"], 0x0)

[  488.127993][ T8808] Bluetooth: hci6: command 0x1003 tx timeout
[  488.134326][ T6858] Bluetooth: hci6: sending frame failed (-49)
20:59:55 executing program 0:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0)
r1 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r2, 0x2007fff)
sendfile(r0, r0, 0x0, 0x8080fffffffe)
r3 = socket(0x2, 0x803, 0xff)
getsockopt$EBT_SO_GET_INIT_ENTRIES(0xffffffffffffffff, 0x0, 0x83, 0x0, 0x0)
connect$inet(r3, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r4 = dup(r3)
r5 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x8000fffffffe)

20:59:55 executing program 4:
perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
timer_create(0x0, &(0x7f0000000040)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, 0x0)
timer_settime(0x0, 0x0, 0x0, 0x0)
syz_open_procfs(0x0, &(0x7f0000000100)='net/packet\x00')
poll(0x0, 0x0, 0x0)
syz_genetlink_get_family_id$ipvs(0x0)
pipe(&(0x7f0000000140)={<r0=>0xffffffffffffffff})
vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

[  488.463781][   T12] usb 4-1: new high-speed USB device number 11 using dummy_hcd
[  488.558079][ T8808] usb 2-1: new high-speed USB device number 21 using dummy_hcd
[  488.716590][   T27] audit: type=1804 audit(1597265995.690:324): pid=15426 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/276/bus" dev="sda1" ino=16369 res=1 errno=0
[  488.748180][   T12] usb 4-1: Using ep0 maxpacket: 16
[  488.798022][ T8808] usb 2-1: Using ep0 maxpacket: 8
[  488.888242][   T12] usb 4-1: config index 0 descriptor too short (expected 58986, got 36)
[  488.896615][   T12] usb 4-1: config 161 has too many interfaces: 201, using maximum allowed: 32
[  488.918607][ T8808] usb 2-1: config 0 has no interfaces?
[  488.919932][   T12] usb 4-1: config 161 has 1 interface, different from the descriptor's value: 201
[  488.924199][ T8808] usb 2-1: New USB device found, idVendor=2400, idProduct=4200, bcdDevice=42.ef
[  488.942199][   T12] usb 4-1: config 161 has no interface number 0
[  488.950572][   T12] usb 4-1: config 161 interface 8 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 9
[  488.961936][   T12] usb 4-1: config 161 interface 8 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  488.973748][   T12] usb 4-1: New USB device found, idVendor=45ba, idProduct=92dc, bcdDevice= 5.ce
[  488.985582][   T12] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  489.018334][T15412] raw-gadget gadget: fail, usb_ep_enable returned -22
[  489.045448][ T8808] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  489.094808][ T8808] usb 2-1: config 0 descriptor??
[  489.324307][   T12] usb 4-1: USB disconnect, device number 11
[  489.485085][ T8236] usb 2-1: USB disconnect, device number 21
[  490.207913][ T8808] Bluetooth: hci6: command 0x1001 tx timeout
[  490.214885][ T6858] Bluetooth: hci6: sending frame failed (-49)
[  492.287744][ T8130] Bluetooth: hci6: command 0x1009 tx timeout
21:00:03 executing program 5:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r1, 0x400455c8, 0x0)
dup2(r0, r1)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000008c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
r4 = fcntl$dupfd(r2, 0x0, r3)
ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200)
syz_usb_connect(0x0, 0x0, 0x0, 0x0)

21:00:03 executing program 2:
syz_usb_connect(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="120100004d10c310ba45dc92ce050000000109026ae6c9a10000000904080002fe03000009050502090000000009058f1e1800"], 0x0)

21:00:03 executing program 1:
r0 = syz_usb_connect$cdc_ncm(0x0, 0x6e, &(0x7f00000000c0)=ANY=[@ANYBLOB="12010000020000102505a1a440000102030109025c0002010000000904000001020d0000052406000105240000000d240f0100000000000000000006241a0000000905810300000000000904010000020d00000904010102020d000009058202870000000009050307a502000000"], 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
dup(r1)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)

21:00:03 executing program 4:
perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
timer_create(0x0, &(0x7f0000000040)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, 0x0)
timer_settime(0x0, 0x0, 0x0, 0x0)
syz_open_procfs(0x0, &(0x7f0000000100)='net/packet\x00')
poll(0x0, 0x0, 0x0)
syz_genetlink_get_family_id$ipvs(0x0)
pipe(&(0x7f0000000140)={<r0=>0xffffffffffffffff})
vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

21:00:03 executing program 3:
getsockopt$inet_sctp6_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, 0x0, &(0x7f0000000200))
chmod(0x0, 0x4d)
perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x800, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x5)
r0 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(r0, &(0x7f0000002cc0), 0x1a3, 0x0)

21:00:03 executing program 0:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0)
r1 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r2, 0x2007fff)
sendfile(r0, r0, 0x0, 0x8080fffffffe)
r3 = socket(0x2, 0x803, 0xff)
getsockopt$EBT_SO_GET_INIT_ENTRIES(0xffffffffffffffff, 0x0, 0x83, 0x0, 0x0)
connect$inet(r3, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r4 = dup(r3)
sendfile(r4, 0xffffffffffffffff, 0x0, 0x8000fffffffe)

21:00:03 executing program 4:
perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
timer_create(0x0, &(0x7f0000000040)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, 0x0)
timer_settime(0x0, 0x0, 0x0, 0x0)
syz_open_procfs(0x0, &(0x7f0000000100)='net/packet\x00')
poll(0x0, 0x0, 0x0)
syz_genetlink_get_family_id$ipvs(0x0)
pipe(&(0x7f0000000140)={<r0=>0xffffffffffffffff})
vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

[  496.959901][  T198] Bluetooth: hci6: Frame reassembly failed (-84)
21:00:04 executing program 4:
perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
timer_create(0x0, &(0x7f0000000040)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, 0x0)
timer_settime(0x0, 0x0, 0x0, 0x0)
syz_open_procfs(0x0, &(0x7f0000000100)='net/packet\x00')
poll(0x0, 0x0, 0x204)
syz_genetlink_get_family_id$ipvs(0x0)
pipe(0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

[  497.057931][ T7291] usb 3-1: new high-speed USB device number 71 using dummy_hcd
[  497.078731][   T12] usb 2-1: new high-speed USB device number 22 using dummy_hcd
21:00:04 executing program 3:
getsockopt$inet_sctp6_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, 0x0, &(0x7f0000000200))
chmod(0x0, 0x4d)
perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x800, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x5)
r0 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(r0, &(0x7f0000002cc0), 0x1a3, 0x0)

21:00:04 executing program 4:
perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
timer_create(0x0, &(0x7f0000000040)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, 0x0)
timer_settime(0x0, 0x0, 0x0, 0x0)
syz_open_procfs(0x0, &(0x7f0000000100)='net/packet\x00')
poll(0x0, 0x0, 0x204)
syz_genetlink_get_family_id$ipvs(0x0)
pipe(0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

[  497.337566][   T12] usb 2-1: Using ep0 maxpacket: 16
[  497.371552][ T7291] usb 3-1: Using ep0 maxpacket: 16
21:00:04 executing program 4:
perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
timer_create(0x0, &(0x7f0000000040)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, 0x0)
timer_settime(0x0, 0x0, 0x0, 0x0)
syz_open_procfs(0x0, &(0x7f0000000100)='net/packet\x00')
poll(0x0, 0x0, 0x204)
syz_genetlink_get_family_id$ipvs(0x0)
pipe(0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

[  497.458677][   T12] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  497.498910][   T12] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  497.509254][ T7291] usb 3-1: config index 0 descriptor too short (expected 58986, got 36)
[  497.526986][ T7291] usb 3-1: config 161 has too many interfaces: 201, using maximum allowed: 32
[  497.543810][   T12] usb 2-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 135
[  497.556329][ T7291] usb 3-1: config 161 has 1 interface, different from the descriptor's value: 201
[  497.591088][   T12] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x3 has an invalid bInterval 0, changing to 7
[  497.609115][ T7291] usb 3-1: config 161 has no interface number 0
21:00:04 executing program 4:
perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
timer_create(0x0, &(0x7f0000000040)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, 0x0)
timer_settime(0x0, 0x0, 0x0, 0x0)
syz_open_procfs(0x0, &(0x7f0000000100)='net/packet\x00')
poll(0x0, 0x0, 0x204)
syz_genetlink_get_family_id$ipvs(0x0)
pipe(&(0x7f0000000140))
vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

[  497.651300][ T7291] usb 3-1: config 161 interface 8 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 9
[  497.705936][ T7291] usb 3-1: config 161 interface 8 altsetting 0 bulk endpoint 0x8F has invalid maxpacket 24
[  497.740864][ T7291] usb 3-1: New USB device found, idVendor=45ba, idProduct=92dc, bcdDevice= 5.ce
[  497.810000][ T7291] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  497.857972][T15456] raw-gadget gadget: fail, usb_ep_enable returned -22
[  497.864899][T15456] raw-gadget gadget: fail, usb_ep_enable returned -22
[  497.876267][   T12] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  497.889980][   T12] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  497.900539][   T12] usb 2-1: Product: syz
[  497.904953][   T12] usb 2-1: Manufacturer: syz
[  497.911012][   T12] usb 2-1: SerialNumber: syz
[  498.149769][ T8237] usb 3-1: USB disconnect, device number 71
[  498.200370][T15457] raw-gadget gadget: fail, usb_ep_enable returned -22
[  498.467531][   T12] cdc_ncm 2-1:1.0: bind() failure
[  498.497549][   T12] cdc_ncm: probe of 2-1:1.1 failed with error -71
[  498.527509][   T12] cdc_mbim: probe of 2-1:1.1 failed with error -71
[  498.536305][   T12] usb 2-1: USB disconnect, device number 22
[  499.007408][ T8237] Bluetooth: hci6: command 0x1003 tx timeout
[  499.013493][ T6858] Bluetooth: hci6: sending frame failed (-49)
[  501.087376][ T8808] Bluetooth: hci6: command 0x1001 tx timeout
[  501.094663][ T6858] Bluetooth: hci6: sending frame failed (-49)
[  503.167189][T10323] Bluetooth: hci6: command 0x1009 tx timeout
21:00:14 executing program 5:
getsockopt$inet_sctp6_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, 0x0, &(0x7f0000000200))
chmod(0x0, 0x4d)
r0 = perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x800, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x5)
ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40042409, 0x1)
r2 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(r2, &(0x7f0000002cc0), 0x1a3, 0x0)
setsockopt$inet6_mtu(r2, 0x29, 0x17, &(0x7f00000003c0)=0x5, 0x4)
write$binfmt_misc(r1, &(0x7f0000000840)=ANY=[@ANYBLOB="5300000044a6aeabc81e1520000000000000000700fff64017db9820000000000000d423ffff633b27e59aa146175dd106736d173f0fc7ec6e26560000000049d23822c013286344c03948c6801d2c0945c08ba8c552fc99a7422007653872ecb4f63acdfe80819a277d9079cc4cb5e0ab17b299b81f2d274014ae40b81d030000d2fbea75e16af8ffffffffffffff0627ec60cb274e00da971f333396d74c92fad7e34bd5522400cc36c2442eac2d224609abe062060800000200000000000000000000f390d71cc6092cddd3b056f3fc65d61c2b3c65f2f80a61ea6e457ebc93a71b20e03b86d4e999bbb53a0e786b6d985f7f04533da93f7b0ee0ceb0e80600cff8ca2996e518e3e69051f6d243e0e9b2be17f9ebfeb82ee2469fb39bdbb2768d25f19600002dc045421b94d878d0d9c2a5c74633b6cd8ae563734d4f1089a687a135308e517ac7bb2994ccc7e054d3f18cb770e4908dd3deaafaab51144c1e1b86b6291f5e73ff040000000000000000000000000000009a583b79ab00f71d85463c57c5bb1f1084e683b591fc2c8b8a38b7ee57afa01a"], 0x259)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0)

21:00:14 executing program 0:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0)
r1 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r2, 0x2007fff)
sendfile(r0, r0, 0x0, 0x8080fffffffe)
r3 = socket(0x2, 0x803, 0xff)
getsockopt$EBT_SO_GET_INIT_ENTRIES(0xffffffffffffffff, 0x0, 0x83, 0x0, 0x0)
connect$inet(r3, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r4 = dup(r3)
sendfile(r4, 0xffffffffffffffff, 0x0, 0x8000fffffffe)

21:00:14 executing program 4:
perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
timer_create(0x0, &(0x7f0000000040)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, 0x0)
timer_settime(0x0, 0x0, 0x0, 0x0)
syz_open_procfs(0x0, &(0x7f0000000100)='net/packet\x00')
poll(0x0, 0x0, 0x204)
syz_genetlink_get_family_id$ipvs(0x0)
pipe(&(0x7f0000000140))
vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

21:00:14 executing program 3:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r1, 0x400455c8, 0x9)
dup2(r0, r1)
r2 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
syz_usb_connect(0x0, 0x0, 0x0, 0x0)

21:00:14 executing program 2:
getsockopt$inet_sctp6_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, 0x0, &(0x7f0000000200))
chmod(0x0, 0x4d)
r0 = perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x800, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x5)
ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40042409, 0x1)
r1 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(r1, &(0x7f0000002cc0), 0x1a3, 0x0)
setsockopt$inet6_mtu(r1, 0x29, 0x17, &(0x7f00000003c0)=0x5, 0x4)

21:00:14 executing program 1:
getsockopt$inet_sctp6_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, 0x0, &(0x7f0000000200))
chmod(0x0, 0x4d)
r0 = perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x800, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x5)
ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40042409, 0x1)
r2 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(r2, &(0x7f0000002cc0), 0x1a3, 0x0)
setsockopt$inet6_mtu(r2, 0x29, 0x17, &(0x7f00000003c0)=0x5, 0x4)
write$binfmt_misc(r1, &(0x7f0000000840)=ANY=[@ANYBLOB="5300000044a6aeabc81e1520000000000000000700fff64017db9820000000000000d423ffff633b27e59aa146175dd106736d173f0fc7ec6e26560000000049d23822c013286344c03948c6801d2c0945c08ba8c552fc99a7422007653872ecb4f63acdfe80819a277d9079cc4cb5e0ab17b299b81f2d274014ae40b81d030000d2fbea75e16af8ffffffffffffff0627ec60cb274e00da971f333396d74c92fad7e34bd5522400cc36c2442eac2d224609abe062060800000200000000000000000000f390d71cc6092cddd3b056f3fc65d61c2b3c65f2f80a61ea6e457ebc93a71b20e03b86d4e999bbb53a0e786b6d985f7f04533da93f7b0ee0ceb0e80600cff8ca2996e518e3e69051f6d243e0e9b2be17f9ebfeb82ee2469fb39bdbb2768d25f19600002dc045421b94d878d0d9c2a5c74633b6cd8ae563734d4f1089a687a135308e517ac7bb2994ccc7e054d3f18cb770e4908dd3deaafaab51144c1e1b86b6291f5e73ff040000000000000000000000000000009a583b79ab00f71d85463c57c5bb1f1084e683b591fc2c8b8a38b7ee57afa01a"], 0x259)

[  507.768877][  T198] Bluetooth: hci6: Frame reassembly failed (-84)
[  507.775585][    C0] sd 0:0:1:0: [sg0] tag#6989 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s
[  507.786089][    C0] sd 0:0:1:0: [sg0] tag#6989 CDB: Test Unit Ready
[  507.792561][    C0] sd 0:0:1:0: [sg0] tag#6989 CDB[00]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  507.802155][    C0] sd 0:0:1:0: [sg0] tag#6989 CDB[10]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  507.811762][    C0] sd 0:0:1:0: [sg0] tag#6989 CDB[20]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  507.821368][    C0] sd 0:0:1:0: [sg0] tag#6989 CDB[30]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  507.830961][    C0] sd 0:0:1:0: [sg0] tag#6989 CDB[40]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  507.840557][    C0] sd 0:0:1:0: [sg0] tag#6989 CDB[50]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  507.850164][    C0] sd 0:0:1:0: [sg0] tag#6989 CDB[60]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  507.859754][    C0] sd 0:0:1:0: [sg0] tag#6989 CDB[70]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  507.869347][    C0] sd 0:0:1:0: [sg0] tag#6989 CDB[80]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  507.878939][    C0] sd 0:0:1:0: [sg0] tag#6989 CDB[90]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  507.888539][    C0] sd 0:0:1:0: [sg0] tag#6989 CDB[a0]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  507.898139][    C0] sd 0:0:1:0: [sg0] tag#6989 CDB[b0]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  507.907735][    C0] sd 0:0:1:0: [sg0] tag#6989 CDB[c0]: 00 00 00 00 00 00 00 00
21:00:14 executing program 4:
perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
timer_create(0x0, &(0x7f0000000040)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, 0x0)
timer_settime(0x0, 0x0, 0x0, 0x0)
syz_open_procfs(0x0, &(0x7f0000000100)='net/packet\x00')
poll(0x0, 0x0, 0x204)
syz_genetlink_get_family_id$ipvs(0x0)
pipe(&(0x7f0000000140))
vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

21:00:15 executing program 2:
getsockopt$inet_sctp6_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, 0x0, &(0x7f0000000200))
chmod(0x0, 0x4d)
r0 = perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x800, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x5)
ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40042409, 0x1)
r2 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(r2, &(0x7f0000002cc0), 0x1a3, 0x0)
setsockopt$inet6_mtu(r2, 0x29, 0x17, &(0x7f00000003c0)=0x5, 0x4)
write$binfmt_misc(r1, &(0x7f0000000840)=ANY=[@ANYBLOB="5300000044a6aeabc81e1520000000000000000700fff64017db9820000000000000d423ffff633b27e59aa146175dd106736d173f0fc7ec6e26560000000049d23822c013286344c03948c6801d2c0945c08ba8c552fc99a7422007653872ecb4f63acdfe80819a277d9079cc4cb5e0ab17b299b81f2d274014ae40b81d030000d2fbea75e16af8ffffffffffffff0627ec60cb274e00da971f333396d74c92fad7e34bd5522400cc36c2442eac2d224609abe062060800000200000000000000000000f390d71cc6092cddd3b056f3fc65d61c2b3c65f2f80a61ea6e457ebc93a71b20e03b86d4e999bbb53a0e786b6d985f7f04533da93f7b0ee0ceb0e80600cff8ca2996e518e3e69051f6d243e0e9b2be17f9ebfeb82ee2469fb39bdbb2768d25f19600002dc045421b94d878d0d9c2a5c74633b6cd8ae563734d4f1089a687a135308e517ac7bb2994ccc7e054d3f18cb770e4908dd3deaafaab51144c1e1b86b6291f5e73ff040000000000000000000000000000009a583b79ab00f71d85463c57c5bb1f1084e683b591fc2c8b8a38b7ee57afa01a"], 0x259)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)

[  508.414814][    C1] sd 0:0:1:0: [sg0] tag#6978 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s
[  508.425303][    C1] sd 0:0:1:0: [sg0] tag#6978 CDB: Test Unit Ready
[  508.431799][    C1] sd 0:0:1:0: [sg0] tag#6978 CDB[00]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  508.441418][    C1] sd 0:0:1:0: [sg0] tag#6978 CDB[10]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  508.451031][    C1] sd 0:0:1:0: [sg0] tag#6978 CDB[20]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
21:00:15 executing program 4:
perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
timer_create(0x0, &(0x7f0000000040)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, 0x0)
timer_settime(0x0, 0x0, 0x0, 0x0)
syz_open_procfs(0x0, &(0x7f0000000100)='net/packet\x00')
poll(0x0, 0x0, 0x204)
syz_genetlink_get_family_id$ipvs(0x0)
pipe(&(0x7f0000000140)={<r0=>0xffffffffffffffff})
vmsplice(r0, 0x0, 0x0, 0x0)

[  508.460654][    C1] sd 0:0:1:0: [sg0] tag#6978 CDB[30]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  508.470255][    C1] sd 0:0:1:0: [sg0] tag#6978 CDB[40]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  508.479860][    C1] sd 0:0:1:0: [sg0] tag#6978 CDB[50]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  508.489465][    C1] sd 0:0:1:0: [sg0] tag#6978 CDB[60]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  508.499077][    C1] sd 0:0:1:0: [sg0] tag#6978 CDB[70]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  508.505442][    C0] sd 0:0:1:0: [sg0] tag#6997 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s
[  508.508660][    C1] sd 0:0:1:0: [sg0] tag#6978 CDB[80]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  508.519010][    C0] sd 0:0:1:0: [sg0] tag#6997 CDB: Test Unit Ready
[  508.528530][    C1] sd 0:0:1:0: [sg0] tag#6978 CDB[90]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  508.528550][    C1] sd 0:0:1:0: [sg0] tag#6978 CDB[a0]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  508.534960][    C0] sd 0:0:1:0: [sg0] tag#6997 CDB[00]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  508.544486][    C1] sd 0:0:1:0: [sg0] tag#6978 CDB[b0]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  508.554034][    C0] sd 0:0:1:0: [sg0] tag#6997 CDB[10]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  508.563563][    C1] sd 0:0:1:0: [sg0] tag#6978 CDB[c0]: 00 00 00 00 00 00 00 00
[  508.573108][    C0] sd 0:0:1:0: [sg0] tag#6997 CDB[20]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  508.599704][    C0] sd 0:0:1:0: [sg0] tag#6997 CDB[30]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  508.609296][    C0] sd 0:0:1:0: [sg0] tag#6997 CDB[40]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  508.618886][    C0] sd 0:0:1:0: [sg0] tag#6997 CDB[50]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  508.628471][    C0] sd 0:0:1:0: [sg0] tag#6997 CDB[60]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  508.638057][    C0] sd 0:0:1:0: [sg0] tag#6997 CDB[70]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  508.647644][    C0] sd 0:0:1:0: [sg0] tag#6997 CDB[80]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
21:00:15 executing program 1:
getsockopt$inet_sctp6_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, 0x0, &(0x7f0000000200))
chmod(0x0, 0x4d)
r0 = perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x800, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x5)
ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40042409, 0x1)
r2 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(r2, &(0x7f0000002cc0), 0x1a3, 0x0)
setsockopt$inet6_mtu(r2, 0x29, 0x17, &(0x7f00000003c0)=0x5, 0x4)
write$binfmt_misc(r1, &(0x7f0000000840)=ANY=[@ANYBLOB="5300000044a6aeabc81e1520000000000000000700fff64017db9820000000000000d423ffff633b27e59aa146175dd106736d173f0fc7ec6e26560000000049d23822c013286344c03948c6801d2c0945c08ba8c552fc99a7422007653872ecb4f63acdfe80819a277d9079cc4cb5e0ab17b299b81f2d274014ae40b81d030000d2fbea75e16af8ffffffffffffff0627ec60cb274e00da971f333396d74c92fad7e34bd5522400cc36c2442eac2d224609abe062060800000200000000000000000000f390d71cc6092cddd3b056f3fc65d61c2b3c65f2f80a61ea6e457ebc93a71b20e03b86d4e999bbb53a0e786b6d985f7f04533da93f7b0ee0ceb0e80600cff8ca2996e518e3e69051f6d243e0e9b2be17f9ebfeb82ee2469fb39bdbb2768d25f19600002dc045421b94d878d0d9c2a5c74633b6cd8ae563734d4f1089a687a135308e517ac7bb2994ccc7e054d3f18cb770e4908dd3deaafaab51144c1e1b86b6291f5e73ff040000000000000000000000000000009a583b79ab00f71d85463c57c5bb1f1084e683b591fc2c8b8a38b7ee57afa01a"], 0x259)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)

21:00:15 executing program 4:
perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
timer_create(0x0, &(0x7f0000000040)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, 0x0)
timer_settime(0x0, 0x0, 0x0, 0x0)
syz_open_procfs(0x0, &(0x7f0000000100)='net/packet\x00')
poll(0x0, 0x0, 0x204)
syz_genetlink_get_family_id$ipvs(0x0)
pipe(&(0x7f0000000140)={<r0=>0xffffffffffffffff})
vmsplice(r0, 0x0, 0x0, 0x0)

[  508.657231][    C0] sd 0:0:1:0: [sg0] tag#6997 CDB[90]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  508.666820][    C0] sd 0:0:1:0: [sg0] tag#6997 CDB[a0]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  508.676392][    C0] sd 0:0:1:0: [sg0] tag#6997 CDB[b0]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  508.689379][    C0] sd 0:0:1:0: [sg0] tag#6997 CDB[c0]: 00 00 00 00 00 00 00 00
21:00:15 executing program 5:
getsockopt$inet_sctp6_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, 0x0, &(0x7f0000000200))
chmod(0x0, 0x4d)
r0 = perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x800, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x5)
ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40042409, 0x1)
r2 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(r2, &(0x7f0000002cc0), 0x1a3, 0x0)
setsockopt$inet6_mtu(r2, 0x29, 0x17, &(0x7f00000003c0)=0x5, 0x4)
write$binfmt_misc(r1, &(0x7f0000000840)=ANY=[@ANYBLOB="5300000044a6aeabc81e1520000000000000000700fff64017db9820000000000000d423ffff633b27e59aa146175dd106736d173f0fc7ec6e26560000000049d23822c013286344c03948c6801d2c0945c08ba8c552fc99a7422007653872ecb4f63acdfe80819a277d9079cc4cb5e0ab17b299b81f2d274014ae40b81d030000d2fbea75e16af8ffffffffffffff0627ec60cb274e00da971f333396d74c92fad7e34bd5522400cc36c2442eac2d224609abe062060800000200000000000000000000f390d71cc6092cddd3b056f3fc65d61c2b3c65f2f80a61ea6e457ebc93a71b20e03b86d4e999bbb53a0e786b6d985f7f04533da93f7b0ee0ceb0e80600cff8ca2996e518e3e69051f6d243e0e9b2be17f9ebfeb82ee2469fb39bdbb2768d25f19600002dc045421b94d878d0d9c2a5c74633b6cd8ae563734d4f1089a687a135308e517ac7bb2994ccc7e054d3f18cb770e4908dd3deaafaab51144c1e1b86b6291f5e73ff040000000000000000000000000000009a583b79ab00f71d85463c57c5bb1f1084e683b591fc2c8b8a38b7ee57afa01a"], 0x259)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)

[  508.883709][    C0] sd 0:0:1:0: [sg0] tag#6980 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s
[  508.894172][    C0] sd 0:0:1:0: [sg0] tag#6980 CDB: Test Unit Ready
[  508.900654][    C0] sd 0:0:1:0: [sg0] tag#6980 CDB[00]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  508.910241][    C0] sd 0:0:1:0: [sg0] tag#6980 CDB[10]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  508.919826][    C0] sd 0:0:1:0: [sg0] tag#6980 CDB[20]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  508.929411][    C0] sd 0:0:1:0: [sg0] tag#6980 CDB[30]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  508.938999][    C0] sd 0:0:1:0: [sg0] tag#6980 CDB[40]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  508.948586][    C0] sd 0:0:1:0: [sg0] tag#6980 CDB[50]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  508.958167][    C0] sd 0:0:1:0: [sg0] tag#6980 CDB[60]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  508.967748][    C0] sd 0:0:1:0: [sg0] tag#6980 CDB[70]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  508.977335][    C0] sd 0:0:1:0: [sg0] tag#6980 CDB[80]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  508.986915][    C0] sd 0:0:1:0: [sg0] tag#6980 CDB[90]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  508.996611][    C0] sd 0:0:1:0: [sg0] tag#6980 CDB[a0]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  508.999970][    C1] sd 0:0:1:0: [sg0] tag#6981 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s
[  509.006148][    C0] sd 0:0:1:0: [sg0] tag#6980 CDB[b0]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  509.016517][    C1] sd 0:0:1:0: [sg0] tag#6981 CDB: Test Unit Ready
[  509.026000][    C0] sd 0:0:1:0: [sg0] tag#6980 CDB[c0]: 00 00 00 00 00 00 00 00
[  509.040018][    C1] sd 0:0:1:0: [sg0] tag#6981 CDB[00]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  509.049643][    C1] sd 0:0:1:0: [sg0] tag#6981 CDB[10]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  509.059299][    C1] sd 0:0:1:0: [sg0] tag#6981 CDB[20]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  509.068935][    C1] sd 0:0:1:0: [sg0] tag#6981 CDB[30]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  509.078571][    C1] sd 0:0:1:0: [sg0] tag#6981 CDB[40]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  509.088206][    C1] sd 0:0:1:0: [sg0] tag#6981 CDB[50]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  509.097853][    C1] sd 0:0:1:0: [sg0] tag#6981 CDB[60]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  509.107496][    C1] sd 0:0:1:0: [sg0] tag#6981 CDB[70]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  509.117150][    C1] sd 0:0:1:0: [sg0] tag#6981 CDB[80]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
21:00:16 executing program 2:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r0, &(0x7f0000000280)={0x2, 0x4e23, @multicast1}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
syz_usb_connect(0x0, 0x2d, &(0x7f0000000000)=ANY=[@ANYBLOB="1201fe0009003c0800240042ef42000000010902"], 0x0)
sendto$inet(r0, &(0x7f00000012c0)=' ', 0x1, 0x0, 0x0, 0x0)

[  509.126793][    C1] sd 0:0:1:0: [sg0] tag#6981 CDB[90]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  509.136386][    C1] sd 0:0:1:0: [sg0] tag#6981 CDB[a0]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  509.146038][    C1] sd 0:0:1:0: [sg0] tag#6981 CDB[b0]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  509.155677][    C1] sd 0:0:1:0: [sg0] tag#6981 CDB[c0]: 00 00 00 00 00 00 00 00
21:00:16 executing program 0:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0)
r1 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r2, 0x2007fff)
sendfile(r0, r0, 0x0, 0x8080fffffffe)
r3 = socket(0x2, 0x803, 0xff)
getsockopt$EBT_SO_GET_INIT_ENTRIES(0xffffffffffffffff, 0x0, 0x83, 0x0, 0x0)
connect$inet(r3, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r4 = dup(r3)
sendfile(r4, 0xffffffffffffffff, 0x0, 0x8000fffffffe)

21:00:16 executing program 4:
perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
timer_create(0x0, &(0x7f0000000040)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, 0x0)
timer_settime(0x0, 0x0, 0x0, 0x0)
syz_open_procfs(0x0, &(0x7f0000000100)='net/packet\x00')
poll(0x0, 0x0, 0x204)
syz_genetlink_get_family_id$ipvs(0x0)
pipe(&(0x7f0000000140)={<r0=>0xffffffffffffffff})
vmsplice(r0, 0x0, 0x0, 0x0)

[  509.557645][ T8237] usb 3-1: new high-speed USB device number 72 using dummy_hcd
[  509.806444][   T12] Bluetooth: hci6: command 0xfc11 tx timeout
[  509.806527][ T1546] Bluetooth: hci6: Entering manufacturer mode failed (-110)
[  509.820124][ T8237] usb 3-1: Using ep0 maxpacket: 8
[  509.936717][ T8237] usb 3-1: config 0 has no interfaces?
[  509.942304][ T8237] usb 3-1: New USB device found, idVendor=2400, idProduct=4200, bcdDevice=42.ef
[  509.956273][ T8237] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  509.975832][ T8237] usb 3-1: config 0 descriptor??
[  510.229038][   T12] usb 3-1: USB disconnect, device number 72
21:00:17 executing program 3:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r1, 0x400455c8, 0x9)
dup2(r0, r1)
r2 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
syz_usb_connect(0x0, 0x0, 0x0, 0x0)

21:00:17 executing program 5:
getsockopt$inet_sctp6_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, 0x0, &(0x7f0000000200))
chmod(0x0, 0x4d)
r0 = perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x800, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x5)
ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40042409, 0x1)
r2 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(r2, &(0x7f0000002cc0), 0x1a3, 0x0)
setsockopt$inet6_mtu(r2, 0x29, 0x17, &(0x7f00000003c0)=0x5, 0x4)
write$binfmt_misc(r1, &(0x7f0000000840)=ANY=[@ANYBLOB="5300000044a6aeabc81e1520000000000000000700fff64017db9820000000000000d423ffff633b27e59aa146175dd106736d173f0fc7ec6e26560000000049d23822c013286344c03948c6801d2c0945c08ba8c552fc99a7422007653872ecb4f63acdfe80819a277d9079cc4cb5e0ab17b299b81f2d274014ae40b81d030000d2fbea75e16af8ffffffffffffff0627ec60cb274e00da971f333396d74c92fad7e34bd5522400cc36c2442eac2d224609abe062060800000200000000000000000000f390d71cc6092cddd3b056f3fc65d61c2b3c65f2f80a61ea6e457ebc93a71b20e03b86d4e999bbb53a0e786b6d985f7f04533da93f7b0ee0ceb0e80600cff8ca2996e518e3e69051f6d243e0e9b2be17f9ebfeb82ee2469fb39bdbb2768d25f19600002dc045421b94d878d0d9c2a5c74633b6cd8ae563734d4f1089a687a135308e517ac7bb2994ccc7e054d3f18cb770e4908dd3deaafaab51144c1e1b86b6291f5e73ff040000000000000000000000000000009a583b79ab00f71d85463c57c5bb1f1084e683b591fc2c8b8a38b7ee57afa01a"], 0x259)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)

21:00:17 executing program 1:
getsockopt$inet_sctp6_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, 0x0, &(0x7f0000000200))
chmod(0x0, 0x4d)
r0 = perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x800, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x5)
ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40042409, 0x1)
r2 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(r2, &(0x7f0000002cc0), 0x1a3, 0x0)
setsockopt$inet6_mtu(r2, 0x29, 0x17, &(0x7f00000003c0)=0x5, 0x4)
write$binfmt_misc(r1, &(0x7f0000000840)=ANY=[@ANYBLOB="5300000044a6aeabc81e1520000000000000000700fff64017db9820000000000000d423ffff633b27e59aa146175dd106736d173f0fc7ec6e26560000000049d23822c013286344c03948c6801d2c0945c08ba8c552fc99a7422007653872ecb4f63acdfe80819a277d9079cc4cb5e0ab17b299b81f2d274014ae40b81d030000d2fbea75e16af8ffffffffffffff0627ec60cb274e00da971f333396d74c92fad7e34bd5522400cc36c2442eac2d224609abe062060800000200000000000000000000f390d71cc6092cddd3b056f3fc65d61c2b3c65f2f80a61ea6e457ebc93a71b20e03b86d4e999bbb53a0e786b6d985f7f04533da93f7b0ee0ceb0e80600cff8ca2996e518e3e69051f6d243e0e9b2be17f9ebfeb82ee2469fb39bdbb2768d25f19600002dc045421b94d878d0d9c2a5c74633b6cd8ae563734d4f1089a687a135308e517ac7bb2994ccc7e054d3f18cb770e4908dd3deaafaab51144c1e1b86b6291f5e73ff040000000000000000000000000000009a583b79ab00f71d85463c57c5bb1f1084e683b591fc2c8b8a38b7ee57afa01a"], 0x259)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
r6 = socket$inet_udplite(0x2, 0x2, 0x88)
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc)
syz_kvm_setup_cpu$x86(r4, r5, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x5, 0x0, 0x0)

21:00:17 executing program 4:
perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
timer_create(0x0, &(0x7f0000000040)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, 0x0)
timer_settime(0x0, 0x0, 0x0, 0x0)
syz_open_procfs(0x0, &(0x7f0000000100)='net/packet\x00')
poll(0x0, 0x0, 0x204)
syz_genetlink_get_family_id$ipvs(0x0)
pipe(&(0x7f0000000140)={<r0=>0xffffffffffffffff})
vmsplice(r0, &(0x7f0000000000), 0x0, 0x0)

21:00:17 executing program 0:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0)
r1 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r2, 0x2007fff)
sendfile(r0, r0, 0x0, 0x8080fffffffe)
r3 = socket(0x2, 0x803, 0xff)
getsockopt$EBT_SO_GET_INIT_ENTRIES(0xffffffffffffffff, 0x0, 0x83, 0x0, 0x0)
connect$inet(r3, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r4 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(0xffffffffffffffff, r4, 0x0, 0x8000fffffffe)

21:00:17 executing program 4:
perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
timer_create(0x0, &(0x7f0000000040)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, 0x0)
timer_settime(0x0, 0x0, 0x0, 0x0)
syz_open_procfs(0x0, &(0x7f0000000100)='net/packet\x00')
poll(0x0, 0x0, 0x204)
syz_genetlink_get_family_id$ipvs(0x0)
pipe(&(0x7f0000000140)={<r0=>0xffffffffffffffff})
vmsplice(r0, &(0x7f0000000000), 0x0, 0x0)

[  510.480222][    C1] sd 0:0:1:0: [sg0] tag#6981 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s
[  510.490678][    C1] sd 0:0:1:0: [sg0] tag#6981 CDB: Test Unit Ready
[  510.497180][    C1] sd 0:0:1:0: [sg0] tag#6981 CDB[00]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  510.506789][    C1] sd 0:0:1:0: [sg0] tag#6981 CDB[10]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  510.516379][    C1] sd 0:0:1:0: [sg0] tag#6981 CDB[20]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  510.523290][    C0] sd 0:0:1:0: [sg0] tag#6982 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s
[  510.525949][    C1] sd 0:0:1:0: [sg0] tag#6981 CDB[30]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  510.525966][    C1] sd 0:0:1:0: [sg0] tag#6981 CDB[40]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  510.525982][    C1] sd 0:0:1:0: [sg0] tag#6981 CDB[50]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  510.536330][    C0] sd 0:0:1:0: [sg0] tag#6982 CDB: Test Unit Ready
[  510.545847][    C1] sd 0:0:1:0: [sg0] tag#6981 CDB[60]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  510.545868][    C1] sd 0:0:1:0: [sg0] tag#6981 CDB[70]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  510.555412][    C0] sd 0:0:1:0: [sg0] tag#6982 CDB[00]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  510.564953][    C1] sd 0:0:1:0: [sg0] tag#6981 CDB[80]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  510.564971][    C1] sd 0:0:1:0: [sg0] tag#6981 CDB[90]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  510.564987][    C1] sd 0:0:1:0: [sg0] tag#6981 CDB[a0]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  510.565003][    C1] sd 0:0:1:0: [sg0] tag#6981 CDB[b0]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  510.565018][    C1] sd 0:0:1:0: [sg0] tag#6981 CDB[c0]: 00 00 00 00 00 00 00 00
[  510.571443][    C0] sd 0:0:1:0: [sg0] tag#6982 CDB[10]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  510.655252][    C0] sd 0:0:1:0: [sg0] tag#6982 CDB[20]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  510.664832][    C0] sd 0:0:1:0: [sg0] tag#6982 CDB[30]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  510.674414][    C0] sd 0:0:1:0: [sg0] tag#6982 CDB[40]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  510.683990][    C0] sd 0:0:1:0: [sg0] tag#6982 CDB[50]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  510.693567][    C0] sd 0:0:1:0: [sg0] tag#6982 CDB[60]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  510.703141][    C0] sd 0:0:1:0: [sg0] tag#6982 CDB[70]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  510.712720][    C0] sd 0:0:1:0: [sg0] tag#6982 CDB[80]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  510.722299][    C0] sd 0:0:1:0: [sg0] tag#6982 CDB[90]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  510.731875][    C0] sd 0:0:1:0: [sg0] tag#6982 CDB[a0]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  510.741456][    C0] sd 0:0:1:0: [sg0] tag#6982 CDB[b0]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  510.751045][    C0] sd 0:0:1:0: [sg0] tag#6982 CDB[c0]: 00 00 00 00 00 00 00 00
21:00:17 executing program 1:
getsockopt$inet_sctp6_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, 0x0, &(0x7f0000000200))
chmod(0x0, 0x4d)
r0 = perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x800, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x5)
ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40042409, 0x1)
r2 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(r2, &(0x7f0000002cc0), 0x1a3, 0x0)
setsockopt$inet6_mtu(r2, 0x29, 0x17, &(0x7f00000003c0)=0x5, 0x4)
write$binfmt_misc(r1, &(0x7f0000000840)=ANY=[@ANYBLOB="5300000044a6aeabc81e1520000000000000000700fff64017db9820000000000000d423ffff633b27e59aa146175dd106736d173f0fc7ec6e26560000000049d23822c013286344c03948c6801d2c0945c08ba8c552fc99a7422007653872ecb4f63acdfe80819a277d9079cc4cb5e0ab17b299b81f2d274014ae40b81d030000d2fbea75e16af8ffffffffffffff0627ec60cb274e00da971f333396d74c92fad7e34bd5522400cc36c2442eac2d224609abe062060800000200000000000000000000f390d71cc6092cddd3b056f3fc65d61c2b3c65f2f80a61ea6e457ebc93a71b20e03b86d4e999bbb53a0e786b6d985f7f04533da93f7b0ee0ceb0e80600cff8ca2996e518e3e69051f6d243e0e9b2be17f9ebfeb82ee2469fb39bdbb2768d25f19600002dc045421b94d878d0d9c2a5c74633b6cd8ae563734d4f1089a687a135308e517ac7bb2994ccc7e054d3f18cb770e4908dd3deaafaab51144c1e1b86b6291f5e73ff040000000000000000000000000000009a583b79ab00f71d85463c57c5bb1f1084e683b591fc2c8b8a38b7ee57afa01a"], 0x259)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
r6 = socket$inet_udplite(0x2, 0x2, 0x88)
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc)
syz_kvm_setup_cpu$x86(r4, r5, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x5, 0x0, 0x0)

[  510.849464][   T27] audit: type=1804 audit(1597266017.831:325): pid=15626 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/280/bus" dev="sda1" ino=16374 res=1 errno=0
21:00:17 executing program 2:
perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
timer_create(0x0, &(0x7f0000000040)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, 0x0)
timer_settime(0x0, 0x0, 0x0, 0x0)
syz_open_procfs(0x0, &(0x7f0000000100)='net/packet\x00')
poll(0x0, 0x0, 0x204)
syz_genetlink_get_family_id$ipvs(0x0)
pipe(&(0x7f0000000140)={<r0=>0xffffffffffffffff})
vmsplice(r0, 0x0, 0x0, 0x0)

21:00:18 executing program 5:
getsockopt$inet_sctp6_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, 0x0, &(0x7f0000000200))
chmod(0x0, 0x4d)
r0 = perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x800, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x5)
ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40042409, 0x1)
r2 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(r2, &(0x7f0000002cc0), 0x1a3, 0x0)
setsockopt$inet6_mtu(r2, 0x29, 0x17, &(0x7f00000003c0)=0x5, 0x4)
write$binfmt_misc(r1, &(0x7f0000000840)=ANY=[@ANYBLOB="5300000044a6aeabc81e1520000000000000000700fff64017db9820000000000000d423ffff633b27e59aa146175dd106736d173f0fc7ec6e26560000000049d23822c013286344c03948c6801d2c0945c08ba8c552fc99a7422007653872ecb4f63acdfe80819a277d9079cc4cb5e0ab17b299b81f2d274014ae40b81d030000d2fbea75e16af8ffffffffffffff0627ec60cb274e00da971f333396d74c92fad7e34bd5522400cc36c2442eac2d224609abe062060800000200000000000000000000f390d71cc6092cddd3b056f3fc65d61c2b3c65f2f80a61ea6e457ebc93a71b20e03b86d4e999bbb53a0e786b6d985f7f04533da93f7b0ee0ceb0e80600cff8ca2996e518e3e69051f6d243e0e9b2be17f9ebfeb82ee2469fb39bdbb2768d25f19600002dc045421b94d878d0d9c2a5c74633b6cd8ae563734d4f1089a687a135308e517ac7bb2994ccc7e054d3f18cb770e4908dd3deaafaab51144c1e1b86b6291f5e73ff040000000000000000000000000000009a583b79ab00f71d85463c57c5bb1f1084e683b591fc2c8b8a38b7ee57afa01a"], 0x259)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)

21:00:18 executing program 2:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r1, 0x400455c8, 0x9)
dup2(r0, r1)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000008c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
fcntl$dupfd(r2, 0x0, r3)
syz_usb_connect(0x0, 0x0, 0x0, 0x0)

21:00:18 executing program 0:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0)
r1 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r2, 0x2007fff)
sendfile(r0, r0, 0x0, 0x8080fffffffe)
r3 = socket(0x2, 0x803, 0xff)
getsockopt$EBT_SO_GET_INIT_ENTRIES(0xffffffffffffffff, 0x0, 0x83, 0x0, 0x0)
connect$inet(r3, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r4 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(0xffffffffffffffff, r4, 0x0, 0x8000fffffffe)

21:00:18 executing program 4:
perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
timer_create(0x0, &(0x7f0000000040)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, 0x0)
timer_settime(0x0, 0x0, 0x0, 0x0)
syz_open_procfs(0x0, &(0x7f0000000100)='net/packet\x00')
poll(0x0, 0x0, 0x204)
syz_genetlink_get_family_id$ipvs(0x0)
pipe(&(0x7f0000000140)={<r0=>0xffffffffffffffff})
vmsplice(r0, &(0x7f0000000000), 0x0, 0x0)

[  511.422419][    C0] sd 0:0:1:0: [sg0] tag#7039 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s
[  511.433330][    C0] sd 0:0:1:0: [sg0] tag#7039 CDB: Test Unit Ready
[  511.439807][    C0] sd 0:0:1:0: [sg0] tag#7039 CDB[00]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  511.449388][    C0] sd 0:0:1:0: [sg0] tag#7039 CDB[10]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  511.458968][    C0] sd 0:0:1:0: [sg0] tag#7039 CDB[20]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  511.468544][    C0] sd 0:0:1:0: [sg0] tag#7039 CDB[30]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  511.478117][    C0] sd 0:0:1:0: [sg0] tag#7039 CDB[40]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  511.487692][    C0] sd 0:0:1:0: [sg0] tag#7039 CDB[50]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  511.497309][    C0] sd 0:0:1:0: [sg0] tag#7039 CDB[60]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  511.506902][    C0] sd 0:0:1:0: [sg0] tag#7039 CDB[70]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  511.516478][    C0] sd 0:0:1:0: [sg0] tag#7039 CDB[80]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  511.526025][    C0] sd 0:0:1:0: [sg0] tag#7039 CDB[90]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  511.535600][    C0] sd 0:0:1:0: [sg0] tag#7039 CDB[a0]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  511.545179][    C0] sd 0:0:1:0: [sg0] tag#7039 CDB[b0]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  511.554753][    C0] sd 0:0:1:0: [sg0] tag#7039 CDB[c0]: 00 00 00 00 00 00 00 00
[  511.562371][    C0] sd 0:0:1:0: [sg0] tag#7037 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s
[  511.572765][    C0] sd 0:0:1:0: [sg0] tag#7037 CDB: Test Unit Ready
[  511.579215][    C0] sd 0:0:1:0: [sg0] tag#7037 CDB[00]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  511.588793][    C0] sd 0:0:1:0: [sg0] tag#7037 CDB[10]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  511.598375][    C0] sd 0:0:1:0: [sg0] tag#7037 CDB[20]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  511.607947][    C0] sd 0:0:1:0: [sg0] tag#7037 CDB[30]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  511.617530][    C0] sd 0:0:1:0: [sg0] tag#7037 CDB[40]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  511.627129][    C0] sd 0:0:1:0: [sg0] tag#7037 CDB[50]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  511.636708][    C0] sd 0:0:1:0: [sg0] tag#7037 CDB[60]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  511.646632][    C0] sd 0:0:1:0: [sg0] tag#7037 CDB[70]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  511.656205][    C0] sd 0:0:1:0: [sg0] tag#7037 CDB[80]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  511.665754][    C0] sd 0:0:1:0: [sg0] tag#7037 CDB[90]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  511.675333][    C0] sd 0:0:1:0: [sg0] tag#7037 CDB[a0]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  511.684913][    C0] sd 0:0:1:0: [sg0] tag#7037 CDB[b0]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  511.694486][    C0] sd 0:0:1:0: [sg0] tag#7037 CDB[c0]: 00 00 00 00 00 00 00 00
[  511.763886][   T27] audit: type=1804 audit(1597266018.741:326): pid=15655 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/281/bus" dev="sda1" ino=16273 res=1 errno=0
[  512.606161][ T1546] Bluetooth: hci6: Entering manufacturer mode failed (-110)
21:00:20 executing program 3:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r1, 0x400455c8, 0x9)
dup2(r0, r1)
r2 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
syz_usb_connect(0x0, 0x0, 0x0, 0x0)

21:00:20 executing program 1:
getsockopt$inet_sctp6_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, 0x0, &(0x7f0000000200))
chmod(0x0, 0x4d)
r0 = perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x800, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x5)
ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40042409, 0x1)
r2 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(r2, &(0x7f0000002cc0), 0x1a3, 0x0)
setsockopt$inet6_mtu(r2, 0x29, 0x17, &(0x7f00000003c0)=0x5, 0x4)
write$binfmt_misc(r1, &(0x7f0000000840)=ANY=[@ANYBLOB="5300000044a6aeabc81e1520000000000000000700fff64017db9820000000000000d423ffff633b27e59aa146175dd106736d173f0fc7ec6e26560000000049d23822c013286344c03948c6801d2c0945c08ba8c552fc99a7422007653872ecb4f63acdfe80819a277d9079cc4cb5e0ab17b299b81f2d274014ae40b81d030000d2fbea75e16af8ffffffffffffff0627ec60cb274e00da971f333396d74c92fad7e34bd5522400cc36c2442eac2d224609abe062060800000200000000000000000000f390d71cc6092cddd3b056f3fc65d61c2b3c65f2f80a61ea6e457ebc93a71b20e03b86d4e999bbb53a0e786b6d985f7f04533da93f7b0ee0ceb0e80600cff8ca2996e518e3e69051f6d243e0e9b2be17f9ebfeb82ee2469fb39bdbb2768d25f19600002dc045421b94d878d0d9c2a5c74633b6cd8ae563734d4f1089a687a135308e517ac7bb2994ccc7e054d3f18cb770e4908dd3deaafaab51144c1e1b86b6291f5e73ff040000000000000000000000000000009a583b79ab00f71d85463c57c5bb1f1084e683b591fc2c8b8a38b7ee57afa01a"], 0x259)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
r6 = socket$inet_udplite(0x2, 0x2, 0x88)
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc)
syz_kvm_setup_cpu$x86(r4, r5, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x5, 0x0, 0x0)

21:00:20 executing program 5:
getsockopt$inet_sctp6_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, 0x0, &(0x7f0000000200))
chmod(0x0, 0x4d)
r0 = perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x800, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x5)
ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40042409, 0x1)
r2 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(r2, &(0x7f0000002cc0), 0x1a3, 0x0)
setsockopt$inet6_mtu(r2, 0x29, 0x17, &(0x7f00000003c0)=0x5, 0x4)
write$binfmt_misc(r1, &(0x7f0000000840)=ANY=[@ANYBLOB="5300000044a6aeabc81e1520000000000000000700fff64017db9820000000000000d423ffff633b27e59aa146175dd106736d173f0fc7ec6e26560000000049d23822c013286344c03948c6801d2c0945c08ba8c552fc99a7422007653872ecb4f63acdfe80819a277d9079cc4cb5e0ab17b299b81f2d274014ae40b81d030000d2fbea75e16af8ffffffffffffff0627ec60cb274e00da971f333396d74c92fad7e34bd5522400cc36c2442eac2d224609abe062060800000200000000000000000000f390d71cc6092cddd3b056f3fc65d61c2b3c65f2f80a61ea6e457ebc93a71b20e03b86d4e999bbb53a0e786b6d985f7f04533da93f7b0ee0ceb0e80600cff8ca2996e518e3e69051f6d243e0e9b2be17f9ebfeb82ee2469fb39bdbb2768d25f19600002dc045421b94d878d0d9c2a5c74633b6cd8ae563734d4f1089a687a135308e517ac7bb2994ccc7e054d3f18cb770e4908dd3deaafaab51144c1e1b86b6291f5e73ff040000000000000000000000000000009a583b79ab00f71d85463c57c5bb1f1084e683b591fc2c8b8a38b7ee57afa01a"], 0x259)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)

21:00:20 executing program 4:
perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
timer_create(0x0, &(0x7f0000000040)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, 0x0)
timer_settime(0x0, 0x0, 0x0, 0x0)
syz_open_procfs(0x0, &(0x7f0000000100)='net/packet\x00')
poll(0x0, 0x0, 0x204)
syz_genetlink_get_family_id$ipvs(0x0)
pipe(&(0x7f0000000140)={<r0=>0xffffffffffffffff})
vmsplice(r0, &(0x7f0000000000)=[{0x0}], 0x1, 0x0)

21:00:20 executing program 0:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0)
r1 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r2, 0x2007fff)
sendfile(r0, r0, 0x0, 0x8080fffffffe)
r3 = socket(0x2, 0x803, 0xff)
getsockopt$EBT_SO_GET_INIT_ENTRIES(0xffffffffffffffff, 0x0, 0x83, 0x0, 0x0)
connect$inet(r3, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r4 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(0xffffffffffffffff, r4, 0x0, 0x8000fffffffe)

[  513.264121][    C1] sd 0:0:1:0: [sg0] tag#6990 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s
[  513.274576][    C1] sd 0:0:1:0: [sg0] tag#6990 CDB: Test Unit Ready
[  513.281061][    C1] sd 0:0:1:0: [sg0] tag#6990 CDB[00]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  513.290672][    C1] sd 0:0:1:0: [sg0] tag#6990 CDB[10]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  513.300272][    C1] sd 0:0:1:0: [sg0] tag#6990 CDB[20]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
21:00:20 executing program 4:
perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
timer_create(0x0, &(0x7f0000000040)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, 0x0)
timer_settime(0x0, 0x0, 0x0, 0x0)
syz_open_procfs(0x0, &(0x7f0000000100)='net/packet\x00')
poll(0x0, 0x0, 0x204)
syz_genetlink_get_family_id$ipvs(0x0)
pipe(&(0x7f0000000140)={<r0=>0xffffffffffffffff})
vmsplice(r0, &(0x7f0000000000)=[{0x0}], 0x1, 0x0)

[  513.309883][    C1] sd 0:0:1:0: [sg0] tag#6990 CDB[30]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  513.319607][    C1] sd 0:0:1:0: [sg0] tag#6990 CDB[40]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  513.329210][    C1] sd 0:0:1:0: [sg0] tag#6990 CDB[50]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  513.338959][    C1] sd 0:0:1:0: [sg0] tag#6990 CDB[60]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  513.348559][    C1] sd 0:0:1:0: [sg0] tag#6990 CDB[70]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  513.358153][    C1] sd 0:0:1:0: [sg0] tag#6990 CDB[80]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  513.367748][    C1] sd 0:0:1:0: [sg0] tag#6990 CDB[90]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  513.377365][    C1] sd 0:0:1:0: [sg0] tag#6990 CDB[a0]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  513.379216][    C0] sd 0:0:1:0: [sg0] tag#6992 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s
[  513.386948][    C1] sd 0:0:1:0: [sg0] tag#6990 CDB[b0]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  513.386966][    C1] sd 0:0:1:0: [sg0] tag#6990 CDB[c0]: 00 00 00 00 00 00 00 00
[  513.414355][    C0] sd 0:0:1:0: [sg0] tag#6992 CDB: Test Unit Ready
[  513.420823][    C0] sd 0:0:1:0: [sg0] tag#6992 CDB[00]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  513.430413][    C0] sd 0:0:1:0: [sg0] tag#6992 CDB[10]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  513.440002][    C0] sd 0:0:1:0: [sg0] tag#6992 CDB[20]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  513.449589][    C0] sd 0:0:1:0: [sg0] tag#6992 CDB[30]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  513.459172][    C0] sd 0:0:1:0: [sg0] tag#6992 CDB[40]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  513.468766][    C0] sd 0:0:1:0: [sg0] tag#6992 CDB[50]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  513.478361][    C0] sd 0:0:1:0: [sg0] tag#6992 CDB[60]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  513.487968][    C0] sd 0:0:1:0: [sg0] tag#6992 CDB[70]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  513.497643][    C0] sd 0:0:1:0: [sg0] tag#6992 CDB[80]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  513.507230][    C0] sd 0:0:1:0: [sg0] tag#6992 CDB[90]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  513.516826][    C0] sd 0:0:1:0: [sg0] tag#6992 CDB[a0]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  513.526427][    C0] sd 0:0:1:0: [sg0] tag#6992 CDB[b0]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  513.536021][    C0] sd 0:0:1:0: [sg0] tag#6992 CDB[c0]: 00 00 00 00 00 00 00 00
[  513.559432][   T27] audit: type=1804 audit(1597266020.542:327): pid=15686 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/282/bus" dev="sda1" ino=16358 res=1 errno=0
[  513.646136][ T6858] Bluetooth: hci7: Entering manufacturer mode failed (-110)
21:00:20 executing program 1:
r0 = syz_usb_connect(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="120100004d10c310ba45dc92ce050000000109026ae6c9a10000000904080002fe03000009050502090000000009058f1e1800000000"], 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000100)={0xac, &(0x7f0000000040)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

21:00:20 executing program 4:
perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
timer_create(0x0, &(0x7f0000000040)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, 0x0)
timer_settime(0x0, 0x0, 0x0, 0x0)
syz_open_procfs(0x0, &(0x7f0000000100)='net/packet\x00')
poll(0x0, 0x0, 0x204)
syz_genetlink_get_family_id$ipvs(0x0)
pipe(&(0x7f0000000140)={<r0=>0xffffffffffffffff})
vmsplice(r0, &(0x7f0000000000)=[{0x0}], 0x1, 0x0)

21:00:20 executing program 5:
getsockopt$inet_sctp6_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, 0x0, &(0x7f0000000200))
chmod(0x0, 0x4d)
r0 = perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x800, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x5)
ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40042409, 0x1)
r2 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(r2, &(0x7f0000002cc0), 0x1a3, 0x0)
setsockopt$inet6_mtu(r2, 0x29, 0x17, &(0x7f00000003c0)=0x5, 0x4)
write$binfmt_misc(r1, &(0x7f0000000840)=ANY=[@ANYBLOB="5300000044a6aeabc81e1520000000000000000700fff64017db9820000000000000d423ffff633b27e59aa146175dd106736d173f0fc7ec6e26560000000049d23822c013286344c03948c6801d2c0945c08ba8c552fc99a7422007653872ecb4f63acdfe80819a277d9079cc4cb5e0ab17b299b81f2d274014ae40b81d030000d2fbea75e16af8ffffffffffffff0627ec60cb274e00da971f333396d74c92fad7e34bd5522400cc36c2442eac2d224609abe062060800000200000000000000000000f390d71cc6092cddd3b056f3fc65d61c2b3c65f2f80a61ea6e457ebc93a71b20e03b86d4e999bbb53a0e786b6d985f7f04533da93f7b0ee0ceb0e80600cff8ca2996e518e3e69051f6d243e0e9b2be17f9ebfeb82ee2469fb39bdbb2768d25f19600002dc045421b94d878d0d9c2a5c74633b6cd8ae563734d4f1089a687a135308e517ac7bb2994ccc7e054d3f18cb770e4908dd3deaafaab51144c1e1b86b6291f5e73ff040000000000000000000000000000009a583b79ab00f71d85463c57c5bb1f1084e683b591fc2c8b8a38b7ee57afa01a"], 0x259)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)

[  514.106072][    C1] sd 0:0:1:0: [sg0] tag#7008 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s
[  514.116578][    C1] sd 0:0:1:0: [sg0] tag#7008 CDB: Test Unit Ready
[  514.123005][    C1] sd 0:0:1:0: [sg0] tag#7008 CDB[00]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  514.132632][    C1] sd 0:0:1:0: [sg0] tag#7008 CDB[10]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  514.142221][    C1] sd 0:0:1:0: [sg0] tag#7008 CDB[20]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  514.151825][    C1] sd 0:0:1:0: [sg0] tag#7008 CDB[30]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  514.161424][    C1] sd 0:0:1:0: [sg0] tag#7008 CDB[40]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  514.171017][    C1] sd 0:0:1:0: [sg0] tag#7008 CDB[50]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  514.180607][    C1] sd 0:0:1:0: [sg0] tag#7008 CDB[60]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  514.190188][    C1] sd 0:0:1:0: [sg0] tag#7008 CDB[70]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
21:00:21 executing program 2:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r1, 0x400455c8, 0x9)
dup2(r0, r1)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000008c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
fcntl$dupfd(r2, 0x0, r3)
syz_usb_connect(0x0, 0x0, 0x0, 0x0)

21:00:21 executing program 0:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0)
r1 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r2, 0x2007fff)
sendfile(r0, r0, 0x0, 0x8080fffffffe)
r3 = socket(0x2, 0x803, 0xff)
getsockopt$EBT_SO_GET_INIT_ENTRIES(0xffffffffffffffff, 0x0, 0x83, 0x0, 0x0)
r4 = dup(r3)
r5 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x8000fffffffe)

21:00:21 executing program 4:
perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
timer_create(0x0, &(0x7f0000000040)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, 0x0)
timer_settime(0x0, 0x0, 0x0, 0x0)
syz_open_procfs(0x0, &(0x7f0000000100)='net/packet\x00')
poll(0x0, 0x0, 0x204)
syz_genetlink_get_family_id$ipvs(0x0)
pipe(&(0x7f0000000140)={<r0=>0xffffffffffffffff})
vmsplice(r0, &(0x7f0000000000)=[{0x0}], 0x1, 0x0)

[  514.199778][    C1] sd 0:0:1:0: [sg0] tag#7008 CDB[80]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  514.209367][    C1] sd 0:0:1:0: [sg0] tag#7008 CDB[90]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  514.218974][    C1] sd 0:0:1:0: [sg0] tag#7008 CDB[a0]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  514.228570][    C1] sd 0:0:1:0: [sg0] tag#7008 CDB[b0]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  514.238177][    C1] sd 0:0:1:0: [sg0] tag#7008 CDB[c0]: 00 00 00 00 00 00 00 00
[  514.285826][   T12] usb 2-1: new high-speed USB device number 23 using dummy_hcd
[  514.410152][   T27] audit: type=1804 audit(1597266021.392:328): pid=15721 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/283/bus" dev="sda1" ino=15953 res=1 errno=0
[  514.565876][   T12] usb 2-1: Using ep0 maxpacket: 16
[  514.697787][   T12] usb 2-1: config index 0 descriptor too short (expected 58986, got 36)
[  514.710775][   T12] usb 2-1: config 161 has too many interfaces: 201, using maximum allowed: 32
[  514.725068][   T12] usb 2-1: config 161 has 1 interface, different from the descriptor's value: 201
[  514.735527][   T12] usb 2-1: config 161 has no interface number 0
[  514.742166][   T12] usb 2-1: config 161 interface 8 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 9
[  514.752413][   T12] usb 2-1: config 161 interface 8 altsetting 0 bulk endpoint 0x8F has invalid maxpacket 24
[  514.762802][   T12] usb 2-1: New USB device found, idVendor=45ba, idProduct=92dc, bcdDevice= 5.ce
[  514.772321][   T12] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  514.796855][T15707] raw-gadget gadget: fail, usb_ep_enable returned -22
[  514.803791][T15707] raw-gadget gadget: fail, usb_ep_enable returned -22
[  515.406234][ T8130] Bluetooth: hci6: command 0xfc11 tx timeout
[  515.412372][ T1546] Bluetooth: hci6: Entering manufacturer mode failed (-110)
21:00:22 executing program 3:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r1, 0x400455c8, 0x9)
dup2(r0, r1)
r2 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)

21:00:22 executing program 5:
getsockopt$inet_sctp6_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, 0x0, &(0x7f0000000200))
chmod(0x0, 0x4d)
r0 = perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x800, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x5)
ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40042409, 0x1)
r2 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(r2, &(0x7f0000002cc0), 0x1a3, 0x0)
setsockopt$inet6_mtu(r2, 0x29, 0x17, &(0x7f00000003c0)=0x5, 0x4)
write$binfmt_misc(r1, &(0x7f0000000840)=ANY=[@ANYBLOB="5300000044a6aeabc81e1520000000000000000700fff64017db9820000000000000d423ffff633b27e59aa146175dd106736d173f0fc7ec6e26560000000049d23822c013286344c03948c6801d2c0945c08ba8c552fc99a7422007653872ecb4f63acdfe80819a277d9079cc4cb5e0ab17b299b81f2d274014ae40b81d030000d2fbea75e16af8ffffffffffffff0627ec60cb274e00da971f333396d74c92fad7e34bd5522400cc36c2442eac2d224609abe062060800000200000000000000000000f390d71cc6092cddd3b056f3fc65d61c2b3c65f2f80a61ea6e457ebc93a71b20e03b86d4e999bbb53a0e786b6d985f7f04533da93f7b0ee0ceb0e80600cff8ca2996e518e3e69051f6d243e0e9b2be17f9ebfeb82ee2469fb39bdbb2768d25f19600002dc045421b94d878d0d9c2a5c74633b6cd8ae563734d4f1089a687a135308e517ac7bb2994ccc7e054d3f18cb770e4908dd3deaafaab51144c1e1b86b6291f5e73ff040000000000000000000000000000009a583b79ab00f71d85463c57c5bb1f1084e683b591fc2c8b8a38b7ee57afa01a"], 0x259)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)

21:00:22 executing program 4:
getsockopt$inet_sctp6_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, 0x0, &(0x7f0000000200))
chmod(0x0, 0x4d)
r0 = perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x800, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x5)
ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40042409, 0x1)
r2 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(r2, &(0x7f0000002cc0), 0x1a3, 0x0)
setsockopt$inet6_mtu(r2, 0x29, 0x17, &(0x7f00000003c0)=0x5, 0x4)
write$binfmt_misc(r1, &(0x7f0000000840)=ANY=[@ANYBLOB="5300000044a6aeabc81e1520000000000000000700fff64017db9820000000000000d423ffff633b27e59aa146175dd106736d173f0fc7ec6e26560000000049d23822c013286344c03948c6801d2c0945c08ba8c552fc99a7422007653872ecb4f63acdfe80819a277d9079cc4cb5e0ab17b299b81f2d274014ae40b81d030000d2fbea75e16af8ffffffffffffff0627ec60cb274e00da971f333396d74c92fad7e34bd5522400cc36c2442eac2d224609abe062060800000200000000000000000000f390d71cc6092cddd3b056f3fc65d61c2b3c65f2f80a61ea6e457ebc93a71b20e03b86d4e999bbb53a0e786b6d985f7f04533da93f7b0ee0ceb0e80600cff8ca2996e518e3e69051f6d243e0e9b2be17f9ebfeb82ee2469fb39bdbb2768d25f19600002dc045421b94d878d0d9c2a5c74633b6cd8ae563734d4f1089a687a135308e517ac7bb2994ccc7e054d3f18cb770e4908dd3deaafaab51144c1e1b86b6291f5e73ff040000000000000000000000000000009a583b79ab00f71d85463c57c5bb1f1084e683b591fc2c8b8a38b7ee57afa01a"], 0x259)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)

21:00:22 executing program 0:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0)
r1 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r2, 0x2007fff)
sendfile(r0, r0, 0x0, 0x8080fffffffe)
r3 = socket(0x2, 0x803, 0xff)
getsockopt$EBT_SO_GET_INIT_ENTRIES(0xffffffffffffffff, 0x0, 0x83, 0x0, 0x0)
r4 = dup(r3)
r5 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x8000fffffffe)

[  516.049026][    C1] sd 0:0:1:0: [sg0] tag#7014 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s
[  516.059493][    C1] sd 0:0:1:0: [sg0] tag#7014 CDB: Test Unit Ready
[  516.065990][    C1] sd 0:0:1:0: [sg0] tag#7014 CDB[00]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  516.075581][    C1] sd 0:0:1:0: [sg0] tag#7014 CDB[10]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  516.083976][    C0] sd 0:0:1:0: [sg0] tag#7016 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s
[  516.085116][    C1] sd 0:0:1:0: [sg0] tag#7014 CDB[20]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  516.085134][    C1] sd 0:0:1:0: [sg0] tag#7014 CDB[30]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  516.085155][    C1] sd 0:0:1:0: [sg0] tag#7014 CDB[40]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  516.095539][    C0] sd 0:0:1:0: [sg0] tag#7016 CDB: Test Unit Ready
[  516.095555][    C0] sd 0:0:1:0: [sg0] tag#7016 CDB[00]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  516.095571][    C0] sd 0:0:1:0: [sg0] tag#7016 CDB[10]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  516.105086][    C1] sd 0:0:1:0: [sg0] tag#7014 CDB[50]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  516.114625][    C0] sd 0:0:1:0: [sg0] tag#7016 CDB[20]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  516.124160][    C1] sd 0:0:1:0: [sg0] tag#7014 CDB[60]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  516.130599][    C0] sd 0:0:1:0: [sg0] tag#7016 CDB[30]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  516.140110][    C1] sd 0:0:1:0: [sg0] tag#7014 CDB[70]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  516.149646][    C0] sd 0:0:1:0: [sg0] tag#7016 CDB[40]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  516.159188][    C1] sd 0:0:1:0: [sg0] tag#7014 CDB[80]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  516.168715][    C0] sd 0:0:1:0: [sg0] tag#7016 CDB[50]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  516.178278][    C1] sd 0:0:1:0: [sg0] tag#7014 CDB[90]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  516.187829][    C0] sd 0:0:1:0: [sg0] tag#7016 CDB[60]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  516.197392][    C1] sd 0:0:1:0: [sg0] tag#7014 CDB[a0]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  516.206943][    C0] sd 0:0:1:0: [sg0] tag#7016 CDB[70]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  516.216479][    C1] sd 0:0:1:0: [sg0] tag#7014 CDB[b0]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  516.226018][    C0] sd 0:0:1:0: [sg0] tag#7016 CDB[80]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  516.235556][    C1] sd 0:0:1:0: [sg0] tag#7014 CDB[c0]: 00 00 00 00 00 00 00 00
[  516.245089][    C0] sd 0:0:1:0: [sg0] tag#7016 CDB[90]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  516.300453][    C0] sd 0:0:1:0: [sg0] tag#7016 CDB[a0]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  516.310037][    C0] sd 0:0:1:0: [sg0] tag#7016 CDB[b0]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  516.319619][    C0] sd 0:0:1:0: [sg0] tag#7016 CDB[c0]: 00 00 00 00 00 00 00 00
[  516.336328][   T27] audit: type=1804 audit(1597266023.312:329): pid=15751 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/284/bus" dev="sda1" ino=16367 res=1 errno=0
21:00:23 executing program 5:
getsockopt$inet_sctp6_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, 0x0, &(0x7f0000000200))
chmod(0x0, 0x4d)
r0 = perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x800, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x5)
ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40042409, 0x1)
r2 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(r2, &(0x7f0000002cc0), 0x1a3, 0x0)
setsockopt$inet6_mtu(r2, 0x29, 0x17, &(0x7f00000003c0)=0x5, 0x4)
write$binfmt_misc(r1, &(0x7f0000000840)=ANY=[@ANYBLOB="5300000044a6aeabc81e1520000000000000000700fff64017db9820000000000000d423ffff633b27e59aa146175dd106736d173f0fc7ec6e26560000000049d23822c013286344c03948c6801d2c0945c08ba8c552fc99a7422007653872ecb4f63acdfe80819a277d9079cc4cb5e0ab17b299b81f2d274014ae40b81d030000d2fbea75e16af8ffffffffffffff0627ec60cb274e00da971f333396d74c92fad7e34bd5522400cc36c2442eac2d224609abe062060800000200000000000000000000f390d71cc6092cddd3b056f3fc65d61c2b3c65f2f80a61ea6e457ebc93a71b20e03b86d4e999bbb53a0e786b6d985f7f04533da93f7b0ee0ceb0e80600cff8ca2996e518e3e69051f6d243e0e9b2be17f9ebfeb82ee2469fb39bdbb2768d25f19600002dc045421b94d878d0d9c2a5c74633b6cd8ae563734d4f1089a687a135308e517ac7bb2994ccc7e054d3f18cb770e4908dd3deaafaab51144c1e1b86b6291f5e73ff040000000000000000000000000000009a583b79ab00f71d85463c57c5bb1f1084e683b591fc2c8b8a38b7ee57afa01a"], 0x259)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)

[  516.456278][   T23] Bluetooth: hci7: command 0xfc11 tx timeout
[  516.462396][ T6858] Bluetooth: hci7: Entering manufacturer mode failed (-110)
21:00:23 executing program 4:
getsockopt$inet_sctp6_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, 0x0, &(0x7f0000000200))
chmod(0x0, 0x4d)
r0 = perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x800, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x5)
ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40042409, 0x1)
r2 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(r2, &(0x7f0000002cc0), 0x1a3, 0x0)
setsockopt$inet6_mtu(r2, 0x29, 0x17, &(0x7f00000003c0)=0x5, 0x4)
write$binfmt_misc(r1, &(0x7f0000000840)=ANY=[@ANYBLOB="5300000044a6aeabc81e1520000000000000000700fff64017db9820000000000000d423ffff633b27e59aa146175dd106736d173f0fc7ec6e26560000000049d23822c013286344c03948c6801d2c0945c08ba8c552fc99a7422007653872ecb4f63acdfe80819a277d9079cc4cb5e0ab17b299b81f2d274014ae40b81d030000d2fbea75e16af8ffffffffffffff0627ec60cb274e00da971f333396d74c92fad7e34bd5522400cc36c2442eac2d224609abe062060800000200000000000000000000f390d71cc6092cddd3b056f3fc65d61c2b3c65f2f80a61ea6e457ebc93a71b20e03b86d4e999bbb53a0e786b6d985f7f04533da93f7b0ee0ceb0e80600cff8ca2996e518e3e69051f6d243e0e9b2be17f9ebfeb82ee2469fb39bdbb2768d25f19600002dc045421b94d878d0d9c2a5c74633b6cd8ae563734d4f1089a687a135308e517ac7bb2994ccc7e054d3f18cb770e4908dd3deaafaab51144c1e1b86b6291f5e73ff040000000000000000000000000000009a583b79ab00f71d85463c57c5bb1f1084e683b591fc2c8b8a38b7ee57afa01a"], 0x259)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)

[  516.873015][    C0] sd 0:0:1:0: [sg0] tag#7028 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s
[  516.883458][    C0] sd 0:0:1:0: [sg0] tag#7028 CDB: Test Unit Ready
[  516.889952][    C0] sd 0:0:1:0: [sg0] tag#7028 CDB[00]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  516.899542][    C0] sd 0:0:1:0: [sg0] tag#7028 CDB[10]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  516.907101][   T23] usb 2-1: USB disconnect, device number 23
[  516.909119][    C0] sd 0:0:1:0: [sg0] tag#7028 CDB[20]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  516.909141][    C0] sd 0:0:1:0: [sg0] tag#7028 CDB[30]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  516.934147][    C0] sd 0:0:1:0: [sg0] tag#7028 CDB[40]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  516.943723][    C0] sd 0:0:1:0: [sg0] tag#7028 CDB[50]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  516.953303][    C0] sd 0:0:1:0: [sg0] tag#7028 CDB[60]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  516.962883][    C0] sd 0:0:1:0: [sg0] tag#7028 CDB[70]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  516.972462][    C0] sd 0:0:1:0: [sg0] tag#7028 CDB[80]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  516.982060][    C0] sd 0:0:1:0: [sg0] tag#7028 CDB[90]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  516.991677][    C0] sd 0:0:1:0: [sg0] tag#7028 CDB[a0]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  517.001254][    C0] sd 0:0:1:0: [sg0] tag#7028 CDB[b0]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  517.010836][    C0] sd 0:0:1:0: [sg0] tag#7028 CDB[c0]: 00 00 00 00 00 00 00 00
[  517.018405][    C0] sd 0:0:1:0: [sg0] tag#7030 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s
[  517.028784][    C0] sd 0:0:1:0: [sg0] tag#7030 CDB: Test Unit Ready
[  517.035210][    C0] sd 0:0:1:0: [sg0] tag#7030 CDB[00]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  517.044790][    C0] sd 0:0:1:0: [sg0] tag#7030 CDB[10]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  517.054372][    C0] sd 0:0:1:0: [sg0] tag#7030 CDB[20]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  517.063953][    C0] sd 0:0:1:0: [sg0] tag#7030 CDB[30]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
21:00:23 executing program 1:
getsockopt$inet_sctp6_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, 0x0, &(0x7f0000000200))
chmod(0x0, 0x4d)
r0 = perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x800, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x5)
ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40042409, 0x1)
r2 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(r2, &(0x7f0000002cc0), 0x1a3, 0x0)
setsockopt$inet6_mtu(r2, 0x29, 0x17, &(0x7f00000003c0)=0x5, 0x4)
write$binfmt_misc(r1, &(0x7f0000000840)=ANY=[@ANYBLOB="5300000044a6aeabc81e1520000000000000000700fff64017db9820000000000000d423ffff633b27e59aa146175dd106736d173f0fc7ec6e26560000000049d23822c013286344c03948c6801d2c0945c08ba8c552fc99a7422007653872ecb4f63acdfe80819a277d9079cc4cb5e0ab17b299b81f2d274014ae40b81d030000d2fbea75e16af8ffffffffffffff0627ec60cb274e00da971f333396d74c92fad7e34bd5522400cc36c2442eac2d224609abe062060800000200000000000000000000f390d71cc6092cddd3b056f3fc65d61c2b3c65f2f80a61ea6e457ebc93a71b20e03b86d4e999bbb53a0e786b6d985f7f04533da93f7b0ee0ceb0e80600cff8ca2996e518e3e69051f6d243e0e9b2be17f9ebfeb82ee2469fb39bdbb2768d25f19600002dc045421b94d878d0d9c2a5c74633b6cd8ae563734d4f1089a687a135308e517ac7bb2994ccc7e054d3f18cb770e4908dd3deaafaab51144c1e1b86b6291f5e73ff040000000000000000000000000000009a583b79ab00f71d85463c57c5bb1f1084e683b591fc2c8b8a38b7ee57afa01a"], 0x259)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)

21:00:23 executing program 5:
getsockopt$inet_sctp6_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, 0x0, &(0x7f0000000200))
chmod(0x0, 0x4d)
r0 = perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x800, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x5)
ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40042409, 0x1)
r2 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(r2, &(0x7f0000002cc0), 0x1a3, 0x0)
setsockopt$inet6_mtu(r2, 0x29, 0x17, &(0x7f00000003c0)=0x5, 0x4)
write$binfmt_misc(r1, &(0x7f0000000840)=ANY=[@ANYBLOB="5300000044a6aeabc81e1520000000000000000700fff64017db9820000000000000d423ffff633b27e59aa146175dd106736d173f0fc7ec6e26560000000049d23822c013286344c03948c6801d2c0945c08ba8c552fc99a7422007653872ecb4f63acdfe80819a277d9079cc4cb5e0ab17b299b81f2d274014ae40b81d030000d2fbea75e16af8ffffffffffffff0627ec60cb274e00da971f333396d74c92fad7e34bd5522400cc36c2442eac2d224609abe062060800000200000000000000000000f390d71cc6092cddd3b056f3fc65d61c2b3c65f2f80a61ea6e457ebc93a71b20e03b86d4e999bbb53a0e786b6d985f7f04533da93f7b0ee0ceb0e80600cff8ca2996e518e3e69051f6d243e0e9b2be17f9ebfeb82ee2469fb39bdbb2768d25f19600002dc045421b94d878d0d9c2a5c74633b6cd8ae563734d4f1089a687a135308e517ac7bb2994ccc7e054d3f18cb770e4908dd3deaafaab51144c1e1b86b6291f5e73ff040000000000000000000000000000009a583b79ab00f71d85463c57c5bb1f1084e683b591fc2c8b8a38b7ee57afa01a"], 0x259)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)

21:00:24 executing program 0:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0)
r1 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r2, 0x2007fff)
sendfile(r0, r0, 0x0, 0x8080fffffffe)
r3 = socket(0x2, 0x803, 0xff)
getsockopt$EBT_SO_GET_INIT_ENTRIES(0xffffffffffffffff, 0x0, 0x83, 0x0, 0x0)
r4 = dup(r3)
r5 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x8000fffffffe)

21:00:24 executing program 2:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r1, 0x400455c8, 0x9)
dup2(r0, r1)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000008c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
fcntl$dupfd(r2, 0x0, r3)
syz_usb_connect(0x0, 0x0, 0x0, 0x0)

[  517.073537][    C0] sd 0:0:1:0: [sg0] tag#7030 CDB[40]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  517.083133][    C0] sd 0:0:1:0: [sg0] tag#7030 CDB[50]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  517.092717][    C0] sd 0:0:1:0: [sg0] tag#7030 CDB[60]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  517.102304][    C0] sd 0:0:1:0: [sg0] tag#7030 CDB[70]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  517.111890][    C0] sd 0:0:1:0: [sg0] tag#7030 CDB[80]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  517.121474][    C0] sd 0:0:1:0: [sg0] tag#7030 CDB[90]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  517.131053][    C0] sd 0:0:1:0: [sg0] tag#7030 CDB[a0]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  517.140668][    C0] sd 0:0:1:0: [sg0] tag#7030 CDB[b0]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  517.150257][    C0] sd 0:0:1:0: [sg0] tag#7030 CDB[c0]: 00 00 00 00 00 00 00 00
[  517.237449][  T354] Bluetooth: hci7: Frame reassembly failed (-84)
21:00:24 executing program 4:
getsockopt$inet_sctp6_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, 0x0, &(0x7f0000000200))
chmod(0x0, 0x4d)
r0 = perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x800, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x5)
ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40042409, 0x1)
r2 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(r2, &(0x7f0000002cc0), 0x1a3, 0x0)
setsockopt$inet6_mtu(r2, 0x29, 0x17, &(0x7f00000003c0)=0x5, 0x4)
write$binfmt_misc(r1, &(0x7f0000000840)=ANY=[@ANYBLOB="5300000044a6aeabc81e1520000000000000000700fff64017db9820000000000000d423ffff633b27e59aa146175dd106736d173f0fc7ec6e26560000000049d23822c013286344c03948c6801d2c0945c08ba8c552fc99a7422007653872ecb4f63acdfe80819a277d9079cc4cb5e0ab17b299b81f2d274014ae40b81d030000d2fbea75e16af8ffffffffffffff0627ec60cb274e00da971f333396d74c92fad7e34bd5522400cc36c2442eac2d224609abe062060800000200000000000000000000f390d71cc6092cddd3b056f3fc65d61c2b3c65f2f80a61ea6e457ebc93a71b20e03b86d4e999bbb53a0e786b6d985f7f04533da93f7b0ee0ceb0e80600cff8ca2996e518e3e69051f6d243e0e9b2be17f9ebfeb82ee2469fb39bdbb2768d25f19600002dc045421b94d878d0d9c2a5c74633b6cd8ae563734d4f1089a687a135308e517ac7bb2994ccc7e054d3f18cb770e4908dd3deaafaab51144c1e1b86b6291f5e73ff040000000000000000000000000000009a583b79ab00f71d85463c57c5bb1f1084e683b591fc2c8b8a38b7ee57afa01a"], 0x259)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)

[  517.291988][   T27] audit: type=1804 audit(1597266024.272:330): pid=15786 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/285/bus" dev="sda1" ino=16355 res=1 errno=0
[  517.309784][    C0] sd 0:0:1:0: [sg0] tag#6991 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s
[  517.326082][    C0] sd 0:0:1:0: [sg0] tag#6991 CDB: Test Unit Ready
[  517.332529][    C0] sd 0:0:1:0: [sg0] tag#6991 CDB[00]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  517.342155][    C0] sd 0:0:1:0: [sg0] tag#6991 CDB[10]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  517.351762][    C0] sd 0:0:1:0: [sg0] tag#6991 CDB[20]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  517.361373][    C0] sd 0:0:1:0: [sg0] tag#6991 CDB[30]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  517.370979][    C0] sd 0:0:1:0: [sg0] tag#6991 CDB[40]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  517.380582][    C0] sd 0:0:1:0: [sg0] tag#6991 CDB[50]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  517.382594][    C1] sd 0:0:1:0: [sg0] tag#7005 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s
[  517.390202][    C0] sd 0:0:1:0: [sg0] tag#6991 CDB[60]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  517.390220][    C0] sd 0:0:1:0: [sg0] tag#6991 CDB[70]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  517.390236][    C0] sd 0:0:1:0: [sg0] tag#6991 CDB[80]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  517.390252][    C0] sd 0:0:1:0: [sg0] tag#6991 CDB[90]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  517.400595][    C1] sd 0:0:1:0: [sg0] tag#7005 CDB: Test Unit Ready
[  517.410128][    C0] sd 0:0:1:0: [sg0] tag#6991 CDB[a0]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  517.419798][    C1] sd 0:0:1:0: [sg0] tag#7005 CDB[00]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  517.429339][    C0] sd 0:0:1:0: [sg0] tag#6991 CDB[b0]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  517.429355][    C0] sd 0:0:1:0: [sg0] tag#6991 CDB[c0]: 00 00 00 00 00 00 00 00
[  517.438891][    C1] sd 0:0:1:0: [sg0] tag#7005 CDB[10]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  517.491004][    C1] sd 0:0:1:0: [sg0] tag#7005 CDB[20]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  517.500606][    C1] sd 0:0:1:0: [sg0] tag#7005 CDB[30]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  517.510230][    C1] sd 0:0:1:0: [sg0] tag#7005 CDB[40]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  517.519834][    C1] sd 0:0:1:0: [sg0] tag#7005 CDB[50]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  517.529429][    C1] sd 0:0:1:0: [sg0] tag#7005 CDB[60]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
21:00:24 executing program 1:
getsockopt$inet_sctp6_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, 0x0, &(0x7f0000000200))
chmod(0x0, 0x4d)
r0 = perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x800, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x5)
ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40042409, 0x1)
r2 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(r2, &(0x7f0000002cc0), 0x1a3, 0x0)
setsockopt$inet6_mtu(r2, 0x29, 0x17, &(0x7f00000003c0)=0x5, 0x4)
write$binfmt_misc(r1, &(0x7f0000000840)=ANY=[@ANYBLOB="5300000044a6aeabc81e1520000000000000000700fff64017db9820000000000000d423ffff633b27e59aa146175dd106736d173f0fc7ec6e26560000000049d23822c013286344c03948c6801d2c0945c08ba8c552fc99a7422007653872ecb4f63acdfe80819a277d9079cc4cb5e0ab17b299b81f2d274014ae40b81d030000d2fbea75e16af8ffffffffffffff0627ec60cb274e00da971f333396d74c92fad7e34bd5522400cc36c2442eac2d224609abe062060800000200000000000000000000f390d71cc6092cddd3b056f3fc65d61c2b3c65f2f80a61ea6e457ebc93a71b20e03b86d4e999bbb53a0e786b6d985f7f04533da93f7b0ee0ceb0e80600cff8ca2996e518e3e69051f6d243e0e9b2be17f9ebfeb82ee2469fb39bdbb2768d25f19600002dc045421b94d878d0d9c2a5c74633b6cd8ae563734d4f1089a687a135308e517ac7bb2994ccc7e054d3f18cb770e4908dd3deaafaab51144c1e1b86b6291f5e73ff040000000000000000000000000000009a583b79ab00f71d85463c57c5bb1f1084e683b591fc2c8b8a38b7ee57afa01a"], 0x259)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)

[  517.539026][    C1] sd 0:0:1:0: [sg0] tag#7005 CDB[70]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  517.548649][    C1] sd 0:0:1:0: [sg0] tag#7005 CDB[80]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  517.558251][    C1] sd 0:0:1:0: [sg0] tag#7005 CDB[90]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  517.567861][    C1] sd 0:0:1:0: [sg0] tag#7005 CDB[a0]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  517.577453][    C1] sd 0:0:1:0: [sg0] tag#7005 CDB[b0]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  517.587047][    C1] sd 0:0:1:0: [sg0] tag#7005 CDB[c0]: 00 00 00 00 00 00 00 00
[  517.774976][    C0] sd 0:0:1:0: [sg0] tag#7008 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s
[  517.785446][    C0] sd 0:0:1:0: [sg0] tag#7008 CDB: Test Unit Ready
[  517.791876][    C0] sd 0:0:1:0: [sg0] tag#7008 CDB[00]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  517.801488][    C0] sd 0:0:1:0: [sg0] tag#7008 CDB[10]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  517.811079][    C0] sd 0:0:1:0: [sg0] tag#7008 CDB[20]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  517.820692][    C0] sd 0:0:1:0: [sg0] tag#7008 CDB[30]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  517.830297][    C0] sd 0:0:1:0: [sg0] tag#7008 CDB[40]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  517.839912][    C0] sd 0:0:1:0: [sg0] tag#7008 CDB[50]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  517.849520][    C0] sd 0:0:1:0: [sg0] tag#7008 CDB[60]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  517.859132][    C0] sd 0:0:1:0: [sg0] tag#7008 CDB[70]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  517.868749][    C0] sd 0:0:1:0: [sg0] tag#7008 CDB[80]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  517.878363][    C0] sd 0:0:1:0: [sg0] tag#7008 CDB[90]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  517.887970][    C0] sd 0:0:1:0: [sg0] tag#7008 CDB[a0]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  517.897580][    C0] sd 0:0:1:0: [sg0] tag#7008 CDB[b0]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  517.907191][    C0] sd 0:0:1:0: [sg0] tag#7008 CDB[c0]: 00 00 00 00 00 00 00 00
[  518.045732][   T12] Bluetooth: hci6: command 0xfc11 tx timeout
[  518.046229][ T1546] Bluetooth: hci6: Entering manufacturer mode failed (-110)
21:00:25 executing program 3:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r1, 0x400455c8, 0x9)
dup2(r0, r1)
r2 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)

21:00:25 executing program 5:
getsockopt$inet_sctp6_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, 0x0, &(0x7f0000000200))
chmod(0x0, 0x4d)
r0 = perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x800, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x5)
ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40042409, 0x1)
r2 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(r2, &(0x7f0000002cc0), 0x1a3, 0x0)
setsockopt$inet6_mtu(r2, 0x29, 0x17, &(0x7f00000003c0)=0x5, 0x4)
write$binfmt_misc(r1, &(0x7f0000000840)=ANY=[@ANYBLOB="5300000044a6aeabc81e1520000000000000000700fff64017db9820000000000000d423ffff633b27e59aa146175dd106736d173f0fc7ec6e26560000000049d23822c013286344c03948c6801d2c0945c08ba8c552fc99a7422007653872ecb4f63acdfe80819a277d9079cc4cb5e0ab17b299b81f2d274014ae40b81d030000d2fbea75e16af8ffffffffffffff0627ec60cb274e00da971f333396d74c92fad7e34bd5522400cc36c2442eac2d224609abe062060800000200000000000000000000f390d71cc6092cddd3b056f3fc65d61c2b3c65f2f80a61ea6e457ebc93a71b20e03b86d4e999bbb53a0e786b6d985f7f04533da93f7b0ee0ceb0e80600cff8ca2996e518e3e69051f6d243e0e9b2be17f9ebfeb82ee2469fb39bdbb2768d25f19600002dc045421b94d878d0d9c2a5c74633b6cd8ae563734d4f1089a687a135308e517ac7bb2994ccc7e054d3f18cb770e4908dd3deaafaab51144c1e1b86b6291f5e73ff040000000000000000000000000000009a583b79ab00f71d85463c57c5bb1f1084e683b591fc2c8b8a38b7ee57afa01a"], 0x259)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)

21:00:25 executing program 4:
getsockopt$inet_sctp6_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, 0x0, &(0x7f0000000200))
chmod(0x0, 0x4d)
r0 = perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x800, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x5)
ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40042409, 0x1)
r2 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(r2, &(0x7f0000002cc0), 0x1a3, 0x0)
setsockopt$inet6_mtu(r2, 0x29, 0x17, &(0x7f00000003c0)=0x5, 0x4)
write$binfmt_misc(r1, &(0x7f0000000840)=ANY=[@ANYBLOB="5300000044a6aeabc81e1520000000000000000700fff64017db9820000000000000d423ffff633b27e59aa146175dd106736d173f0fc7ec6e26560000000049d23822c013286344c03948c6801d2c0945c08ba8c552fc99a7422007653872ecb4f63acdfe80819a277d9079cc4cb5e0ab17b299b81f2d274014ae40b81d030000d2fbea75e16af8ffffffffffffff0627ec60cb274e00da971f333396d74c92fad7e34bd5522400cc36c2442eac2d224609abe062060800000200000000000000000000f390d71cc6092cddd3b056f3fc65d61c2b3c65f2f80a61ea6e457ebc93a71b20e03b86d4e999bbb53a0e786b6d985f7f04533da93f7b0ee0ceb0e80600cff8ca2996e518e3e69051f6d243e0e9b2be17f9ebfeb82ee2469fb39bdbb2768d25f19600002dc045421b94d878d0d9c2a5c74633b6cd8ae563734d4f1089a687a135308e517ac7bb2994ccc7e054d3f18cb770e4908dd3deaafaab51144c1e1b86b6291f5e73ff040000000000000000000000000000009a583b79ab00f71d85463c57c5bb1f1084e683b591fc2c8b8a38b7ee57afa01a"], 0x259)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0)

21:00:25 executing program 0:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0)
r1 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r2, 0x2007fff)
sendfile(r0, r0, 0x0, 0x8080fffffffe)
r3 = socket(0x2, 0x803, 0xff)
connect$inet(r3, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r4 = dup(r3)
r5 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x8000fffffffe)

[  518.303210][    C1] scsi_io_completion_action: 1 callbacks suppressed
[  518.303292][    C1] sd 0:0:1:0: [sg0] tag#6996 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s
[  518.315659][    C0] sd 0:0:1:0: [sg0] tag#6997 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s
[  518.320363][    C1] sd 0:0:1:0: [sg0] tag#6996 CDB: Test Unit Ready
[  518.330710][    C0] sd 0:0:1:0: [sg0] tag#6997 CDB: Test Unit Ready
[  518.337133][    C1] sd 0:0:1:0: [sg0] tag#6996 CDB[00]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  518.343534][    C0] sd 0:0:1:0: [sg0] tag#6997 CDB[00]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  518.353107][    C1] sd 0:0:1:0: [sg0] tag#6996 CDB[10]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  518.362667][    C0] sd 0:0:1:0: [sg0] tag#6997 CDB[10]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  518.372281][    C1] sd 0:0:1:0: [sg0] tag#6996 CDB[20]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  518.381820][    C0] sd 0:0:1:0: [sg0] tag#6997 CDB[20]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  518.391350][    C1] sd 0:0:1:0: [sg0] tag#6996 CDB[30]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  518.400887][    C0] sd 0:0:1:0: [sg0] tag#6997 CDB[30]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  518.410421][    C1] sd 0:0:1:0: [sg0] tag#6996 CDB[40]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  518.419959][    C0] sd 0:0:1:0: [sg0] tag#6997 CDB[40]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  518.429511][    C1] sd 0:0:1:0: [sg0] tag#6996 CDB[50]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  518.439049][    C0] sd 0:0:1:0: [sg0] tag#6997 CDB[50]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  518.448599][    C1] sd 0:0:1:0: [sg0] tag#6996 CDB[60]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  518.458135][    C0] sd 0:0:1:0: [sg0] tag#6997 CDB[60]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  518.467675][    C1] sd 0:0:1:0: [sg0] tag#6996 CDB[70]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  518.477207][    C0] sd 0:0:1:0: [sg0] tag#6997 CDB[70]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  518.486740][    C1] sd 0:0:1:0: [sg0] tag#6996 CDB[80]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  518.496279][    C0] sd 0:0:1:0: [sg0] tag#6997 CDB[80]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  518.505811][    C1] sd 0:0:1:0: [sg0] tag#6996 CDB[90]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  518.505828][    C1] sd 0:0:1:0: [sg0] tag#6996 CDB[a0]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  518.515362][    C0] sd 0:0:1:0: [sg0] tag#6997 CDB[90]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  518.524872][    C1] sd 0:0:1:0: [sg0] tag#6996 CDB[b0]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
21:00:25 executing program 1:
getsockopt$inet_sctp6_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, 0x0, &(0x7f0000000200))
chmod(0x0, 0x4d)
r0 = perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x800, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x5)
ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40042409, 0x1)
r2 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(r2, &(0x7f0000002cc0), 0x1a3, 0x0)
setsockopt$inet6_mtu(r2, 0x29, 0x17, &(0x7f00000003c0)=0x5, 0x4)
write$binfmt_misc(r1, &(0x7f0000000840)=ANY=[@ANYBLOB="5300000044a6aeabc81e1520000000000000000700fff64017db9820000000000000d423ffff633b27e59aa146175dd106736d173f0fc7ec6e26560000000049d23822c013286344c03948c6801d2c0945c08ba8c552fc99a7422007653872ecb4f63acdfe80819a277d9079cc4cb5e0ab17b299b81f2d274014ae40b81d030000d2fbea75e16af8ffffffffffffff0627ec60cb274e00da971f333396d74c92fad7e34bd5522400cc36c2442eac2d224609abe062060800000200000000000000000000f390d71cc6092cddd3b056f3fc65d61c2b3c65f2f80a61ea6e457ebc93a71b20e03b86d4e999bbb53a0e786b6d985f7f04533da93f7b0ee0ceb0e80600cff8ca2996e518e3e69051f6d243e0e9b2be17f9ebfeb82ee2469fb39bdbb2768d25f19600002dc045421b94d878d0d9c2a5c74633b6cd8ae563734d4f1089a687a135308e517ac7bb2994ccc7e054d3f18cb770e4908dd3deaafaab51144c1e1b86b6291f5e73ff040000000000000000000000000000009a583b79ab00f71d85463c57c5bb1f1084e683b591fc2c8b8a38b7ee57afa01a"], 0x259)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)

[  518.534431][    C0] sd 0:0:1:0: [sg0] tag#6997 CDB[a0]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  518.543961][    C1] sd 0:0:1:0: [sg0] tag#6996 CDB[c0]: 00 00 00 00 00 00 00 00
[  518.553527][    C0] sd 0:0:1:0: [sg0] tag#6997 CDB[b0]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  518.580139][    C0] sd 0:0:1:0: [sg0] tag#6997 CDB[c0]: 00 00 00 00 00 00 00 00
21:00:25 executing program 3:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r1, 0x400455c8, 0x9)
dup2(r0, r1)
r2 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)

21:00:25 executing program 5:
getsockopt$inet_sctp6_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, 0x0, &(0x7f0000000200))
chmod(0x0, 0x4d)
r0 = perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x800, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x5)
ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40042409, 0x1)
r2 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(r2, &(0x7f0000002cc0), 0x1a3, 0x0)
setsockopt$inet6_mtu(r2, 0x29, 0x17, &(0x7f00000003c0)=0x5, 0x4)
write$binfmt_misc(r1, &(0x7f0000000840)=ANY=[@ANYBLOB="5300000044a6aeabc81e1520000000000000000700fff64017db9820000000000000d423ffff633b27e59aa146175dd106736d173f0fc7ec6e26560000000049d23822c013286344c03948c6801d2c0945c08ba8c552fc99a7422007653872ecb4f63acdfe80819a277d9079cc4cb5e0ab17b299b81f2d274014ae40b81d030000d2fbea75e16af8ffffffffffffff0627ec60cb274e00da971f333396d74c92fad7e34bd5522400cc36c2442eac2d224609abe062060800000200000000000000000000f390d71cc6092cddd3b056f3fc65d61c2b3c65f2f80a61ea6e457ebc93a71b20e03b86d4e999bbb53a0e786b6d985f7f04533da93f7b0ee0ceb0e80600cff8ca2996e518e3e69051f6d243e0e9b2be17f9ebfeb82ee2469fb39bdbb2768d25f19600002dc045421b94d878d0d9c2a5c74633b6cd8ae563734d4f1089a687a135308e517ac7bb2994ccc7e054d3f18cb770e4908dd3deaafaab51144c1e1b86b6291f5e73ff040000000000000000000000000000009a583b79ab00f71d85463c57c5bb1f1084e683b591fc2c8b8a38b7ee57afa01a"], 0x259)
r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)

[  518.695164][   T27] audit: type=1804 audit(1597266025.672:331): pid=15830 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/286/bus" dev="sda1" ino=16371 res=1 errno=0
[  518.821083][   T58] Bluetooth: hci6: Frame reassembly failed (-84)
21:00:25 executing program 4:
getsockopt$inet_sctp6_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, 0x0, &(0x7f0000000200))
chmod(0x0, 0x4d)
r0 = perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x800, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x5)
ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40042409, 0x1)
r2 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(r2, &(0x7f0000002cc0), 0x1a3, 0x0)
setsockopt$inet6_mtu(r2, 0x29, 0x17, &(0x7f00000003c0)=0x5, 0x4)
write$binfmt_misc(r1, &(0x7f0000000840)=ANY=[@ANYBLOB="5300000044a6aeabc81e1520000000000000000700fff64017db9820000000000000d423ffff633b27e59aa146175dd106736d173f0fc7ec6e26560000000049d23822c013286344c03948c6801d2c0945c08ba8c552fc99a7422007653872ecb4f63acdfe80819a277d9079cc4cb5e0ab17b299b81f2d274014ae40b81d030000d2fbea75e16af8ffffffffffffff0627ec60cb274e00da971f333396d74c92fad7e34bd5522400cc36c2442eac2d224609abe062060800000200000000000000000000f390d71cc6092cddd3b056f3fc65d61c2b3c65f2f80a61ea6e457ebc93a71b20e03b86d4e999bbb53a0e786b6d985f7f04533da93f7b0ee0ceb0e80600cff8ca2996e518e3e69051f6d243e0e9b2be17f9ebfeb82ee2469fb39bdbb2768d25f19600002dc045421b94d878d0d9c2a5c74633b6cd8ae563734d4f1089a687a135308e517ac7bb2994ccc7e054d3f18cb770e4908dd3deaafaab51144c1e1b86b6291f5e73ff040000000000000000000000000000009a583b79ab00f71d85463c57c5bb1f1084e683b591fc2c8b8a38b7ee57afa01a"], 0x259)

21:00:26 executing program 5:
getsockopt$inet_sctp6_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, 0x0, &(0x7f0000000200))
chmod(0x0, 0x4d)
r0 = perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x800, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x5)
ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40042409, 0x1)
r2 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(r2, &(0x7f0000002cc0), 0x1a3, 0x0)
setsockopt$inet6_mtu(r2, 0x29, 0x17, &(0x7f00000003c0)=0x5, 0x4)
write$binfmt_misc(r1, &(0x7f0000000840)=ANY=[@ANYBLOB="5300000044a6aeabc81e1520000000000000000700fff64017db9820000000000000d423ffff633b27e59aa146175dd106736d173f0fc7ec6e26560000000049d23822c013286344c03948c6801d2c0945c08ba8c552fc99a7422007653872ecb4f63acdfe80819a277d9079cc4cb5e0ab17b299b81f2d274014ae40b81d030000d2fbea75e16af8ffffffffffffff0627ec60cb274e00da971f333396d74c92fad7e34bd5522400cc36c2442eac2d224609abe062060800000200000000000000000000f390d71cc6092cddd3b056f3fc65d61c2b3c65f2f80a61ea6e457ebc93a71b20e03b86d4e999bbb53a0e786b6d985f7f04533da93f7b0ee0ceb0e80600cff8ca2996e518e3e69051f6d243e0e9b2be17f9ebfeb82ee2469fb39bdbb2768d25f19600002dc045421b94d878d0d9c2a5c74633b6cd8ae563734d4f1089a687a135308e517ac7bb2994ccc7e054d3f18cb770e4908dd3deaafaab51144c1e1b86b6291f5e73ff040000000000000000000000000000009a583b79ab00f71d85463c57c5bb1f1084e683b591fc2c8b8a38b7ee57afa01a"], 0x259)
r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)

[  519.248972][    C1] sd 0:0:1:0: [sg0] tag#7000 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s
[  519.259516][    C1] sd 0:0:1:0: [sg0] tag#7000 CDB: Test Unit Ready
[  519.266004][    C1] sd 0:0:1:0: [sg0] tag#7000 CDB[00]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  519.275592][    C1] sd 0:0:1:0: [sg0] tag#7000 CDB[10]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  519.285186][    C1] sd 0:0:1:0: [sg0] tag#7000 CDB[20]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  519.294742][    C1] sd 0:0:1:0: [sg0] tag#7000 CDB[30]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  519.304336][    C1] sd 0:0:1:0: [sg0] tag#7000 CDB[40]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  519.313932][    C1] sd 0:0:1:0: [sg0] tag#7000 CDB[50]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  519.323521][    C1] sd 0:0:1:0: [sg0] tag#7000 CDB[60]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  519.333114][    C1] sd 0:0:1:0: [sg0] tag#7000 CDB[70]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  519.342705][    C1] sd 0:0:1:0: [sg0] tag#7000 CDB[80]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  519.352300][    C1] sd 0:0:1:0: [sg0] tag#7000 CDB[90]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  519.361887][    C1] sd 0:0:1:0: [sg0] tag#7000 CDB[a0]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  519.371481][    C1] sd 0:0:1:0: [sg0] tag#7000 CDB[b0]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  519.381069][    C1] sd 0:0:1:0: [sg0] tag#7000 CDB[c0]: 00 00 00 00 00 00 00 00
[  519.388652][    C1] sd 0:0:1:0: [sg0] tag#7001 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s
[  519.399033][    C1] sd 0:0:1:0: [sg0] tag#7001 CDB: Test Unit Ready
[  519.405492][    C1] sd 0:0:1:0: [sg0] tag#7001 CDB[00]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  519.415040][    C1] sd 0:0:1:0: [sg0] tag#7001 CDB[10]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  519.424629][    C1] sd 0:0:1:0: [sg0] tag#7001 CDB[20]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  519.434213][    C1] sd 0:0:1:0: [sg0] tag#7001 CDB[30]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  519.443799][    C1] sd 0:0:1:0: [sg0] tag#7001 CDB[40]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  519.453390][    C1] sd 0:0:1:0: [sg0] tag#7001 CDB[50]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  519.462972][    C1] sd 0:0:1:0: [sg0] tag#7001 CDB[60]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  519.472560][    C1] sd 0:0:1:0: [sg0] tag#7001 CDB[70]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  519.482147][    C1] sd 0:0:1:0: [sg0] tag#7001 CDB[80]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  519.491734][    C1] sd 0:0:1:0: [sg0] tag#7001 CDB[90]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  519.501323][    C1] sd 0:0:1:0: [sg0] tag#7001 CDB[a0]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  519.510905][    C1] sd 0:0:1:0: [sg0] tag#7001 CDB[b0]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  519.520487][    C1] sd 0:0:1:0: [sg0] tag#7001 CDB[c0]: 00 00 00 00 00 00 00 00
[  519.528073][    C1] sd 0:0:1:0: [sg0] tag#7002 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s
[  519.538451][    C1] sd 0:0:1:0: [sg0] tag#7002 CDB: Test Unit Ready
[  519.544883][    C1] sd 0:0:1:0: [sg0] tag#7002 CDB[00]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  519.554471][    C1] sd 0:0:1:0: [sg0] tag#7002 CDB[10]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  519.564056][    C1] sd 0:0:1:0: [sg0] tag#7002 CDB[20]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  519.573638][    C1] sd 0:0:1:0: [sg0] tag#7002 CDB[30]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  519.575870][   T12] Bluetooth: hci7: command 0xfc11 tx timeout
[  519.583204][    C1] sd 0:0:1:0: [sg0] tag#7002 CDB[40]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  519.595759][ T6858] Bluetooth: hci7: Entering manufacturer mode failed (-110)
[  519.598724][    C1] sd 0:0:1:0: [sg0] tag#7002 CDB[50]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  519.598743][    C1] sd 0:0:1:0: [sg0] tag#7002 CDB[60]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  519.598762][    C1] sd 0:0:1:0: [sg0] tag#7002 CDB[70]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  519.634827][    C1] sd 0:0:1:0: [sg0] tag#7002 CDB[80]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  519.644424][    C1] sd 0:0:1:0: [sg0] tag#7002 CDB[90]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  519.654023][    C1] sd 0:0:1:0: [sg0] tag#7002 CDB[a0]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  519.663633][    C1] sd 0:0:1:0: [sg0] tag#7002 CDB[b0]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  519.673233][    C1] sd 0:0:1:0: [sg0] tag#7002 CDB[c0]: 00 00 00 00 00 00 00 00
[  519.680831][    C1] sd 0:0:1:0: [sg0] tag#7003 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s
[  519.691233][    C1] sd 0:0:1:0: [sg0] tag#7003 CDB: Test Unit Ready
[  519.697710][    C1] sd 0:0:1:0: [sg0] tag#7003 CDB[00]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  519.707302][    C1] sd 0:0:1:0: [sg0] tag#7003 CDB[10]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  519.716897][    C1] sd 0:0:1:0: [sg0] tag#7003 CDB[20]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  519.727012][    C1] sd 0:0:1:0: [sg0] tag#7003 CDB[30]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  519.736611][    C1] sd 0:0:1:0: [sg0] tag#7003 CDB[40]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  519.746206][    C1] sd 0:0:1:0: [sg0] tag#7003 CDB[50]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  519.755825][    C1] sd 0:0:1:0: [sg0] tag#7003 CDB[60]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  519.765426][    C1] sd 0:0:1:0: [sg0] tag#7003 CDB[70]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  519.774974][    C1] sd 0:0:1:0: [sg0] tag#7003 CDB[80]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  519.784571][    C1] sd 0:0:1:0: [sg0] tag#7003 CDB[90]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  519.794178][    C1] sd 0:0:1:0: [sg0] tag#7003 CDB[a0]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  519.803774][    C1] sd 0:0:1:0: [sg0] tag#7003 CDB[b0]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  519.813376][    C1] sd 0:0:1:0: [sg0] tag#7003 CDB[c0]: 00 00 00 00 00 00 00 00
21:00:27 executing program 2:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r1, 0x400455c8, 0x9)
dup2(r0, r1)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000008c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
fcntl$dupfd(r2, 0x0, r3)

21:00:27 executing program 1:
getsockopt$inet_sctp6_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, 0x0, &(0x7f0000000200))
chmod(0x0, 0x4d)
r0 = perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x800, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x5)
ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40042409, 0x1)
r2 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(r2, &(0x7f0000002cc0), 0x1a3, 0x0)
setsockopt$inet6_mtu(r2, 0x29, 0x17, &(0x7f00000003c0)=0x5, 0x4)
write$binfmt_misc(r1, &(0x7f0000000840)=ANY=[@ANYBLOB="5300000044a6aeabc81e1520000000000000000700fff64017db9820000000000000d423ffff633b27e59aa146175dd106736d173f0fc7ec6e26560000000049d23822c013286344c03948c6801d2c0945c08ba8c552fc99a7422007653872ecb4f63acdfe80819a277d9079cc4cb5e0ab17b299b81f2d274014ae40b81d030000d2fbea75e16af8ffffffffffffff0627ec60cb274e00da971f333396d74c92fad7e34bd5522400cc36c2442eac2d224609abe062060800000200000000000000000000f390d71cc6092cddd3b056f3fc65d61c2b3c65f2f80a61ea6e457ebc93a71b20e03b86d4e999bbb53a0e786b6d985f7f04533da93f7b0ee0ceb0e80600cff8ca2996e518e3e69051f6d243e0e9b2be17f9ebfeb82ee2469fb39bdbb2768d25f19600002dc045421b94d878d0d9c2a5c74633b6cd8ae563734d4f1089a687a135308e517ac7bb2994ccc7e054d3f18cb770e4908dd3deaafaab51144c1e1b86b6291f5e73ff040000000000000000000000000000009a583b79ab00f71d85463c57c5bb1f1084e683b591fc2c8b8a38b7ee57afa01a"], 0x259)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)

21:00:27 executing program 5:
getsockopt$inet_sctp6_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, 0x0, &(0x7f0000000200))
chmod(0x0, 0x4d)
r0 = perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x800, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x5)
ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40042409, 0x1)
r1 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(r1, &(0x7f0000002cc0), 0x1a3, 0x0)
setsockopt$inet6_mtu(r1, 0x29, 0x17, &(0x7f00000003c0)=0x5, 0x4)
r2 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)

21:00:27 executing program 4:
getsockopt$inet_sctp6_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, 0x0, &(0x7f0000000200))
chmod(0x0, 0x4d)
r0 = perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x800, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x5)
ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40042409, 0x1)
r1 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(r1, &(0x7f0000002cc0), 0x1a3, 0x0)
setsockopt$inet6_mtu(r1, 0x29, 0x17, &(0x7f00000003c0)=0x5, 0x4)

21:00:27 executing program 0:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0)
r1 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r2, 0x2007fff)
sendfile(r0, r0, 0x0, 0x8080fffffffe)
r3 = socket(0x2, 0x803, 0xff)
connect$inet(r3, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r4 = dup(r3)
r5 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x8000fffffffe)

[  520.249079][    C0] sd 0:0:1:0: [sg0] tag#7014 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s
[  520.259552][    C0] sd 0:0:1:0: [sg0] tag#7014 CDB: Test Unit Ready
[  520.266062][    C0] sd 0:0:1:0: [sg0] tag#7014 CDB[00]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  520.275666][    C0] sd 0:0:1:0: [sg0] tag#7014 CDB[10]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  520.285356][    C0] sd 0:0:1:0: [sg0] tag#7014 CDB[20]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  520.294951][    C0] sd 0:0:1:0: [sg0] tag#7014 CDB[30]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  520.304548][    C0] sd 0:0:1:0: [sg0] tag#7014 CDB[40]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  520.314162][    C0] sd 0:0:1:0: [sg0] tag#7014 CDB[50]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  520.323765][    C0] sd 0:0:1:0: [sg0] tag#7014 CDB[60]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  520.333486][    C0] sd 0:0:1:0: [sg0] tag#7014 CDB[70]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  520.343099][    C0] sd 0:0:1:0: [sg0] tag#7014 CDB[80]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  520.344260][   T27] audit: type=1804 audit(1597266027.333:332): pid=15868 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/287/bus" dev="sda1" ino=16359 res=1 errno=0
[  520.352689][    C0] sd 0:0:1:0: [sg0] tag#7014 CDB[90]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  520.352708][    C0] sd 0:0:1:0: [sg0] tag#7014 CDB[a0]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  520.352724][    C0] sd 0:0:1:0: [sg0] tag#7014 CDB[b0]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  520.352738][    C0] sd 0:0:1:0: [sg0] tag#7014 CDB[c0]: 00 00 00 00 00 00 00 00
21:00:27 executing program 2:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r1, 0x400455c8, 0x9)
dup2(r0, r1)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000008c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
fcntl$dupfd(r2, 0x0, r3)

21:00:27 executing program 5:
getsockopt$inet_sctp6_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, 0x0, &(0x7f0000000200))
chmod(0x0, 0x4d)
r0 = perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x800, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x5)
ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40042409, 0x1)
r1 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(r1, &(0x7f0000002cc0), 0x1a3, 0x0)
setsockopt$inet6_mtu(r1, 0x29, 0x17, &(0x7f00000003c0)=0x5, 0x4)
r2 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)

21:00:27 executing program 1:
getsockopt$inet_sctp6_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, 0x0, &(0x7f0000000200))
chmod(0x0, 0x4d)
r0 = perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x800, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x5)
ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40042409, 0x1)
r2 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(r2, &(0x7f0000002cc0), 0x1a3, 0x0)
setsockopt$inet6_mtu(r2, 0x29, 0x17, &(0x7f00000003c0)=0x5, 0x4)
write$binfmt_misc(r1, &(0x7f0000000840)=ANY=[@ANYBLOB="5300000044a6aeabc81e1520000000000000000700fff64017db9820000000000000d423ffff633b27e59aa146175dd106736d173f0fc7ec6e26560000000049d23822c013286344c03948c6801d2c0945c08ba8c552fc99a7422007653872ecb4f63acdfe80819a277d9079cc4cb5e0ab17b299b81f2d274014ae40b81d030000d2fbea75e16af8ffffffffffffff0627ec60cb274e00da971f333396d74c92fad7e34bd5522400cc36c2442eac2d224609abe062060800000200000000000000000000f390d71cc6092cddd3b056f3fc65d61c2b3c65f2f80a61ea6e457ebc93a71b20e03b86d4e999bbb53a0e786b6d985f7f04533da93f7b0ee0ceb0e80600cff8ca2996e518e3e69051f6d243e0e9b2be17f9ebfeb82ee2469fb39bdbb2768d25f19600002dc045421b94d878d0d9c2a5c74633b6cd8ae563734d4f1089a687a135308e517ac7bb2994ccc7e054d3f18cb770e4908dd3deaafaab51144c1e1b86b6291f5e73ff040000000000000000000000000000009a583b79ab00f71d85463c57c5bb1f1084e683b591fc2c8b8a38b7ee57afa01a"], 0x259)

[  520.819018][    C0] sd 0:0:1:0: [sg0] tag#6977 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s
[  520.829508][    C0] sd 0:0:1:0: [sg0] tag#6977 CDB: Test Unit Ready
[  520.836015][    C0] sd 0:0:1:0: [sg0] tag#6977 CDB[00]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  520.845619][    C0] sd 0:0:1:0: [sg0] tag#6977 CDB[10]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  520.855209][    C0] sd 0:0:1:0: [sg0] tag#6977 CDB[20]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  520.855505][ T1546] Bluetooth: hci6: Entering manufacturer mode failed (-110)
[  520.864747][    C0] sd 0:0:1:0: [sg0] tag#6977 CDB[30]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  520.864766][    C0] sd 0:0:1:0: [sg0] tag#6977 CDB[40]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  520.864784][    C0] sd 0:0:1:0: [sg0] tag#6977 CDB[50]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  520.864801][    C0] sd 0:0:1:0: [sg0] tag#6977 CDB[60]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
21:00:27 executing program 3:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r1, 0x400455c8, 0x9)
dup2(r0, r1)
fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
syz_usb_connect(0x0, 0x0, 0x0, 0x0)

21:00:27 executing program 4:
getsockopt$inet_sctp6_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, 0x0, &(0x7f0000000200))
chmod(0x0, 0x4d)
r0 = perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x800, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x5)
ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40042409, 0x1)
r1 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(r1, &(0x7f0000002cc0), 0x1a3, 0x0)
setsockopt$inet6_mtu(r1, 0x29, 0x17, &(0x7f00000003c0)=0x5, 0x4)

[  520.864824][    C0] sd 0:0:1:0: [sg0] tag#6977 CDB[70]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  520.864842][    C0] sd 0:0:1:0: [sg0] tag#6977 CDB[80]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  520.933664][    C0] sd 0:0:1:0: [sg0] tag#6977 CDB[90]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  520.943264][    C0] sd 0:0:1:0: [sg0] tag#6977 CDB[a0]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  520.952863][    C0] sd 0:0:1:0: [sg0] tag#6977 CDB[b0]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  520.962457][    C0] sd 0:0:1:0: [sg0] tag#6977 CDB[c0]: 00 00 00 00 00 00 00 00
21:00:28 executing program 5:
getsockopt$inet_sctp6_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, 0x0, &(0x7f0000000200))
chmod(0x0, 0x4d)
r0 = perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x800, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x5)
ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40042409, 0x1)
r1 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(r1, &(0x7f0000002cc0), 0x1a3, 0x0)
setsockopt$inet6_mtu(r1, 0x29, 0x17, &(0x7f00000003c0)=0x5, 0x4)
r2 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)

21:00:28 executing program 0:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0)
r1 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r2, 0x2007fff)
sendfile(r0, r0, 0x0, 0x8080fffffffe)
r3 = socket(0x2, 0x803, 0xff)
connect$inet(r3, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r4 = dup(r3)
r5 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x8000fffffffe)

21:00:28 executing program 1:
getsockopt$inet_sctp6_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, 0x0, &(0x7f0000000200))
chmod(0x0, 0x4d)
r0 = perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x800, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x5)
ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40042409, 0x1)
r2 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(r2, &(0x7f0000002cc0), 0x1a3, 0x0)
setsockopt$inet6_mtu(r2, 0x29, 0x17, &(0x7f00000003c0)=0x5, 0x4)
write$binfmt_misc(r1, &(0x7f0000000840)=ANY=[@ANYBLOB="5300000044a6aeabc81e1520000000000000000700fff64017db9820000000000000d423ffff633b27e59aa146175dd106736d173f0fc7ec6e26560000000049d23822c013286344c03948c6801d2c0945c08ba8c552fc99a7422007653872ecb4f63acdfe80819a277d9079cc4cb5e0ab17b299b81f2d274014ae40b81d030000d2fbea75e16af8ffffffffffffff0627ec60cb274e00da971f333396d74c92fad7e34bd5522400cc36c2442eac2d224609abe062060800000200000000000000000000f390d71cc6092cddd3b056f3fc65d61c2b3c65f2f80a61ea6e457ebc93a71b20e03b86d4e999bbb53a0e786b6d985f7f04533da93f7b0ee0ceb0e80600cff8ca2996e518e3e69051f6d243e0e9b2be17f9ebfeb82ee2469fb39bdbb2768d25f19600002dc045421b94d878d0d9c2a5c74633b6cd8ae563734d4f1089a687a135308e517ac7bb2994ccc7e054d3f18cb770e4908dd3deaafaab51144c1e1b86b6291f5e73ff040000000000000000000000000000009a583b79ab00f71d85463c57c5bb1f1084e683b591fc2c8b8a38b7ee57afa01a"], 0x259)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0)

21:00:28 executing program 4:
getsockopt$inet_sctp6_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, 0x0, &(0x7f0000000200))
chmod(0x0, 0x4d)
r0 = perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x800, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x5)
ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40042409, 0x1)
r1 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(r1, &(0x7f0000002cc0), 0x1a3, 0x0)
setsockopt$inet6_mtu(r1, 0x29, 0x17, &(0x7f00000003c0)=0x5, 0x4)

[  521.469032][    C0] sd 0:0:1:0: [sg0] tag#7029 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s
[  521.479502][    C0] sd 0:0:1:0: [sg0] tag#7029 CDB: Test Unit Ready
[  521.486008][    C0] sd 0:0:1:0: [sg0] tag#7029 CDB[00]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  521.495612][    C0] sd 0:0:1:0: [sg0] tag#7029 CDB[10]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  521.505206][    C0] sd 0:0:1:0: [sg0] tag#7029 CDB[20]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  521.514761][    C0] sd 0:0:1:0: [sg0] tag#7029 CDB[30]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  521.524357][    C0] sd 0:0:1:0: [sg0] tag#7029 CDB[40]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  521.533953][    C0] sd 0:0:1:0: [sg0] tag#7029 CDB[50]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  521.543552][    C0] sd 0:0:1:0: [sg0] tag#7029 CDB[60]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  521.553146][    C0] sd 0:0:1:0: [sg0] tag#7029 CDB[70]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  521.562745][    C0] sd 0:0:1:0: [sg0] tag#7029 CDB[80]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  521.572344][    C0] sd 0:0:1:0: [sg0] tag#7029 CDB[90]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  521.581938][    C0] sd 0:0:1:0: [sg0] tag#7029 CDB[a0]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  521.591539][    C0] sd 0:0:1:0: [sg0] tag#7029 CDB[b0]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  521.601131][    C0] sd 0:0:1:0: [sg0] tag#7029 CDB[c0]: 00 00 00 00 00 00 00 00
21:00:28 executing program 1:
getsockopt$inet_sctp6_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, 0x0, &(0x7f0000000200))
chmod(0x0, 0x4d)
r0 = perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x800, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x5)
ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40042409, 0x1)
r1 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(r1, &(0x7f0000002cc0), 0x1a3, 0x0)
setsockopt$inet6_mtu(r1, 0x29, 0x17, &(0x7f00000003c0)=0x5, 0x4)

[  521.619561][   T27] audit: type=1804 audit(1597266028.603:333): pid=15907 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/288/bus" dev="sda1" ino=16380 res=1 errno=0
21:00:28 executing program 5:
getsockopt$inet_sctp6_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, 0x0, &(0x7f0000000200))
chmod(0x0, 0x4d)
r0 = perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x800, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x5)
ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40042409, 0x1)
r2 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(r2, &(0x7f0000002cc0), 0x1a3, 0x0)
write$binfmt_misc(r1, &(0x7f0000000840)=ANY=[@ANYBLOB="5300000044a6aeabc81e1520000000000000000700fff64017db9820000000000000d423ffff633b27e59aa146175dd106736d173f0fc7ec6e26560000000049d23822c013286344c03948c6801d2c0945c08ba8c552fc99a7422007653872ecb4f63acdfe80819a277d9079cc4cb5e0ab17b299b81f2d274014ae40b81d030000d2fbea75e16af8ffffffffffffff0627ec60cb274e00da971f333396d74c92fad7e34bd5522400cc36c2442eac2d224609abe062060800000200000000000000000000f390d71cc6092cddd3b056f3fc65d61c2b3c65f2f80a61ea6e457ebc93a71b20e03b86d4e999bbb53a0e786b6d985f7f04533da93f7b0ee0ceb0e80600cff8ca2996e518e3e69051f6d243e0e9b2be17f9ebfeb82ee2469fb39bdbb2768d25f19600002dc045421b94d878d0d9c2a5c74633b6cd8ae563734d4f1089a687a135308e517ac7bb2994ccc7e054d3f18cb770e4908dd3deaafaab51144c1e1b86b6291f5e73ff040000000000000000000000000000009a583b79ab00f71d85463c57c5bb1f1084e683b591fc2c8b8a38b7ee57afa01a"], 0x259)
r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)

21:00:28 executing program 4:
getsockopt$inet_sctp6_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, 0x0, &(0x7f0000000200))
chmod(0x0, 0x4d)
r0 = perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x800, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x5)
ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40042409, 0x1)
r1 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(r1, &(0x7f0000002cc0), 0x1a3, 0x0)

[  522.019695][    C0] sd 0:0:1:0: [sg0] tag#6983 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s
[  522.030117][    C0] sd 0:0:1:0: [sg0] tag#6983 CDB: Test Unit Ready
[  522.036621][    C0] sd 0:0:1:0: [sg0] tag#6983 CDB[00]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  522.046216][    C0] sd 0:0:1:0: [sg0] tag#6983 CDB[10]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  522.055812][    C0] sd 0:0:1:0: [sg0] tag#6983 CDB[20]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  522.065413][    C0] sd 0:0:1:0: [sg0] tag#6983 CDB[30]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  522.075015][    C0] sd 0:0:1:0: [sg0] tag#6983 CDB[40]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  522.084576][    C0] sd 0:0:1:0: [sg0] tag#6983 CDB[50]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  522.094181][    C0] sd 0:0:1:0: [sg0] tag#6983 CDB[60]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  522.103783][    C0] sd 0:0:1:0: [sg0] tag#6983 CDB[70]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  522.113388][    C0] sd 0:0:1:0: [sg0] tag#6983 CDB[80]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  522.122994][    C0] sd 0:0:1:0: [sg0] tag#6983 CDB[90]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  522.132590][    C0] sd 0:0:1:0: [sg0] tag#6983 CDB[a0]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  522.142190][    C0] sd 0:0:1:0: [sg0] tag#6983 CDB[b0]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  522.151791][    C0] sd 0:0:1:0: [sg0] tag#6983 CDB[c0]: 00 00 00 00 00 00 00 00
21:00:29 executing program 2:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r1, 0x400455c8, 0x9)
dup2(r0, r1)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000008c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
fcntl$dupfd(r2, 0x0, r3)

21:00:29 executing program 1:
perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
timer_create(0x0, &(0x7f0000000040)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, 0x0)
timer_settime(0x0, 0x0, 0x0, 0x0)
syz_open_procfs(0x0, &(0x7f0000000100)='net/packet\x00')
poll(0x0, 0x0, 0x204)
syz_genetlink_get_family_id$ipvs(0x0)
pipe(&(0x7f0000000140)={<r0=>0xffffffffffffffff})
vmsplice(r0, &(0x7f0000000000)=[{0x0}], 0x1, 0x0)

21:00:29 executing program 5:
getsockopt$inet_sctp6_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, 0x0, &(0x7f0000000200))
chmod(0x0, 0x4d)
r0 = perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x800, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x5)
ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40042409, 0x1)
r2 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(r2, &(0x7f0000002cc0), 0x1a3, 0x0)
write$binfmt_misc(r1, &(0x7f0000000840)=ANY=[@ANYBLOB="5300000044a6aeabc81e1520000000000000000700fff64017db9820000000000000d423ffff633b27e59aa146175dd106736d173f0fc7ec6e26560000000049d23822c013286344c03948c6801d2c0945c08ba8c552fc99a7422007653872ecb4f63acdfe80819a277d9079cc4cb5e0ab17b299b81f2d274014ae40b81d030000d2fbea75e16af8ffffffffffffff0627ec60cb274e00da971f333396d74c92fad7e34bd5522400cc36c2442eac2d224609abe062060800000200000000000000000000f390d71cc6092cddd3b056f3fc65d61c2b3c65f2f80a61ea6e457ebc93a71b20e03b86d4e999bbb53a0e786b6d985f7f04533da93f7b0ee0ceb0e80600cff8ca2996e518e3e69051f6d243e0e9b2be17f9ebfeb82ee2469fb39bdbb2768d25f19600002dc045421b94d878d0d9c2a5c74633b6cd8ae563734d4f1089a687a135308e517ac7bb2994ccc7e054d3f18cb770e4908dd3deaafaab51144c1e1b86b6291f5e73ff040000000000000000000000000000009a583b79ab00f71d85463c57c5bb1f1084e683b591fc2c8b8a38b7ee57afa01a"], 0x259)
r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)

[  522.764810][ T6858] Bluetooth: hci7: Entering manufacturer mode failed (-110)
[  522.773155][   T12] Bluetooth: hci7: command tx timeout
[  522.890760][T15657] Bluetooth: hci7: sending frame failed (-49)
[  523.164720][ T7291] Bluetooth: hci6: command 0xfc11 tx timeout
[  523.164836][ T1546] Bluetooth: hci6: Entering manufacturer mode failed (-110)
21:00:30 executing program 3:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r1, 0x400455c8, 0x9)
dup2(r0, r1)
syz_usb_connect(0x0, 0x0, 0x0, 0x0)

21:00:30 executing program 0:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0)
r1 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r2, 0x2007fff)
sendfile(r0, r0, 0x0, 0x8080fffffffe)
getsockopt$EBT_SO_GET_INIT_ENTRIES(0xffffffffffffffff, 0x0, 0x83, 0x0, 0x0)
connect$inet(0xffffffffffffffff, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r3 = dup(0xffffffffffffffff)
r4 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r3, r4, 0x0, 0x8000fffffffe)

21:00:30 executing program 4:
getsockopt$inet_sctp6_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, 0x0, &(0x7f0000000200))
chmod(0x0, 0x4d)
r0 = perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x800, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x5)
ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40042409, 0x1)
r1 = socket$inet6(0xa, 0x802, 0x0)
sendmmsg(r1, &(0x7f0000002cc0), 0x1a3, 0x0)

21:00:30 executing program 1:
getsockopt$inet_sctp6_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, 0x0, &(0x7f0000000200))
chmod(0x0, 0x4d)
r0 = perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x800, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x5)
ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40042409, 0x1)
r2 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(r2, &(0x7f0000002cc0), 0x1a3, 0x0)
write$binfmt_misc(r1, &(0x7f0000000840)=ANY=[@ANYBLOB="5300000044a6aeabc81e1520000000000000000700fff64017db9820000000000000d423ffff633b27e59aa146175dd106736d173f0fc7ec6e26560000000049d23822c013286344c03948c6801d2c0945c08ba8c552fc99a7422007653872ecb4f63acdfe80819a277d9079cc4cb5e0ab17b299b81f2d274014ae40b81d030000d2fbea75e16af8ffffffffffffff0627ec60cb274e00da971f333396d74c92fad7e34bd5522400cc36c2442eac2d224609abe062060800000200000000000000000000f390d71cc6092cddd3b056f3fc65d61c2b3c65f2f80a61ea6e457ebc93a71b20e03b86d4e999bbb53a0e786b6d985f7f04533da93f7b0ee0ceb0e80600cff8ca2996e518e3e69051f6d243e0e9b2be17f9ebfeb82ee2469fb39bdbb2768d25f19600002dc045421b94d878d0d9c2a5c74633b6cd8ae563734d4f1089a687a135308e517ac7bb2994ccc7e054d3f18cb770e4908dd3deaafaab51144c1e1b86b6291f5e73ff040000000000000000000000000000009a583b79ab00f71d85463c57c5bb1f1084e683b591fc2c8b8a38b7ee57afa01a"], 0x259)
r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)

21:00:30 executing program 5:
getsockopt$inet_sctp6_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, 0x0, &(0x7f0000000200))
chmod(0x0, 0x4d)
r0 = perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x800, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x5)
ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40042409, 0x1)
r2 = socket$inet6(0xa, 0x802, 0x0)
sendmmsg(r2, &(0x7f0000002cc0), 0x1a3, 0x0)
write$binfmt_misc(r1, &(0x7f0000000840)=ANY=[@ANYBLOB="5300000044a6aeabc81e1520000000000000000700fff64017db9820000000000000d423ffff633b27e59aa146175dd106736d173f0fc7ec6e26560000000049d23822c013286344c03948c6801d2c0945c08ba8c552fc99a7422007653872ecb4f63acdfe80819a277d9079cc4cb5e0ab17b299b81f2d274014ae40b81d030000d2fbea75e16af8ffffffffffffff0627ec60cb274e00da971f333396d74c92fad7e34bd5522400cc36c2442eac2d224609abe062060800000200000000000000000000f390d71cc6092cddd3b056f3fc65d61c2b3c65f2f80a61ea6e457ebc93a71b20e03b86d4e999bbb53a0e786b6d985f7f04533da93f7b0ee0ceb0e80600cff8ca2996e518e3e69051f6d243e0e9b2be17f9ebfeb82ee2469fb39bdbb2768d25f19600002dc045421b94d878d0d9c2a5c74633b6cd8ae563734d4f1089a687a135308e517ac7bb2994ccc7e054d3f18cb770e4908dd3deaafaab51144c1e1b86b6291f5e73ff040000000000000000000000000000009a583b79ab00f71d85463c57c5bb1f1084e683b591fc2c8b8a38b7ee57afa01a"], 0x259)
r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)

[  523.761687][    C0] scsi_io_completion_action: 1 callbacks suppressed
[  523.761727][    C0] sd 0:0:1:0: [sg0] tag#6996 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s
[  523.778844][    C0] sd 0:0:1:0: [sg0] tag#6996 CDB: Test Unit Ready
[  523.785330][    C0] sd 0:0:1:0: [sg0] tag#6996 CDB[00]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  523.794942][    C0] sd 0:0:1:0: [sg0] tag#6996 CDB[10]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  523.804556][    C0] sd 0:0:1:0: [sg0] tag#6996 CDB[20]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  523.814130][    C0] sd 0:0:1:0: [sg0] tag#6996 CDB[30]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  523.823735][    C0] sd 0:0:1:0: [sg0] tag#6996 CDB[40]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  523.833344][    C0] sd 0:0:1:0: [sg0] tag#6996 CDB[50]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  523.835481][    C1] sd 0:0:1:0: [sg0] tag#6997 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s
[  523.842931][    C0] sd 0:0:1:0: [sg0] tag#6996 CDB[60]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  523.842948][    C0] sd 0:0:1:0: [sg0] tag#6996 CDB[70]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  523.853290][    C1] sd 0:0:1:0: [sg0] tag#6997 CDB: Test Unit Ready
[  523.862825][    C0] sd 0:0:1:0: [sg0] tag#6996 CDB[80]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  523.862842][    C0] sd 0:0:1:0: [sg0] tag#6996 CDB[90]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  523.872389][    C1] sd 0:0:1:0: [sg0] tag#6997 CDB[00]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  523.878791][    C0] sd 0:0:1:0: [sg0] tag#6996 CDB[a0]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  523.888329][    C1] sd 0:0:1:0: [sg0] tag#6997 CDB[10]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  523.897891][    C0] sd 0:0:1:0: [sg0] tag#6996 CDB[b0]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  523.907427][    C1] sd 0:0:1:0: [sg0] tag#6997 CDB[20]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  523.916962][    C0] sd 0:0:1:0: [sg0] tag#6996 CDB[c0]: 00 00 00 00 00 00 00 00
[  523.926503][    C1] sd 0:0:1:0: [sg0] tag#6997 CDB[30]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  523.962611][    C1] sd 0:0:1:0: [sg0] tag#6997 CDB[40]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  523.972192][    C1] sd 0:0:1:0: [sg0] tag#6997 CDB[50]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  523.981782][    C1] sd 0:0:1:0: [sg0] tag#6997 CDB[60]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  523.991363][    C1] sd 0:0:1:0: [sg0] tag#6997 CDB[70]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  524.000937][    C1] sd 0:0:1:0: [sg0] tag#6997 CDB[80]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
21:00:31 executing program 5:
getsockopt$inet_sctp6_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, 0x0, &(0x7f0000000200))
chmod(0x0, 0x4d)
r0 = perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x800, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x5)
ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40042409, 0x1)
r2 = socket$inet6(0xa, 0x802, 0x0)
sendmmsg(r2, &(0x7f0000002cc0), 0x1a3, 0x0)
write$binfmt_misc(r1, &(0x7f0000000840)=ANY=[@ANYBLOB="5300000044a6aeabc81e1520000000000000000700fff64017db9820000000000000d423ffff633b27e59aa146175dd106736d173f0fc7ec6e26560000000049d23822c013286344c03948c6801d2c0945c08ba8c552fc99a7422007653872ecb4f63acdfe80819a277d9079cc4cb5e0ab17b299b81f2d274014ae40b81d030000d2fbea75e16af8ffffffffffffff0627ec60cb274e00da971f333396d74c92fad7e34bd5522400cc36c2442eac2d224609abe062060800000200000000000000000000f390d71cc6092cddd3b056f3fc65d61c2b3c65f2f80a61ea6e457ebc93a71b20e03b86d4e999bbb53a0e786b6d985f7f04533da93f7b0ee0ceb0e80600cff8ca2996e518e3e69051f6d243e0e9b2be17f9ebfeb82ee2469fb39bdbb2768d25f19600002dc045421b94d878d0d9c2a5c74633b6cd8ae563734d4f1089a687a135308e517ac7bb2994ccc7e054d3f18cb770e4908dd3deaafaab51144c1e1b86b6291f5e73ff040000000000000000000000000000009a583b79ab00f71d85463c57c5bb1f1084e683b591fc2c8b8a38b7ee57afa01a"], 0x259)
r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)

21:00:31 executing program 4:
getsockopt$inet_sctp6_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, 0x0, &(0x7f0000000200))
chmod(0x0, 0x4d)
r0 = perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x800, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x5)
ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40042409, 0x1)
r1 = socket$inet6(0xa, 0x802, 0x0)
sendmmsg(r1, &(0x7f0000002cc0), 0x1a3, 0x0)

[  524.010526][    C1] sd 0:0:1:0: [sg0] tag#6997 CDB[90]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  524.020102][    C1] sd 0:0:1:0: [sg0] tag#6997 CDB[a0]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  524.029676][    C1] sd 0:0:1:0: [sg0] tag#6997 CDB[b0]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  524.034695][   T27] audit: type=1804 audit(1597266030.983:334): pid=15954 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/289/bus" dev="sda1" ino=16363 res=1 errno=0
[  524.039242][    C1] sd 0:0:1:0: [sg0] tag#6997 CDB[c0]: 00 00 00 00 00 00 00 00
[  524.179178][    C0] sd 0:0:1:0: [sg0] tag#7022 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s
[  524.189682][    C0] sd 0:0:1:0: [sg0] tag#7022 CDB: Test Unit Ready
[  524.196159][    C0] sd 0:0:1:0: [sg0] tag#7022 CDB[00]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  524.205741][    C0] sd 0:0:1:0: [sg0] tag#7022 CDB[10]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  524.215328][    C0] sd 0:0:1:0: [sg0] tag#7022 CDB[20]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  524.224952][    C0] sd 0:0:1:0: [sg0] tag#7022 CDB[30]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  524.234533][    C0] sd 0:0:1:0: [sg0] tag#7022 CDB[40]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  524.244080][    C0] sd 0:0:1:0: [sg0] tag#7022 CDB[50]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  524.253665][    C0] sd 0:0:1:0: [sg0] tag#7022 CDB[60]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  524.263250][    C0] sd 0:0:1:0: [sg0] tag#7022 CDB[70]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
21:00:31 executing program 1:
getsockopt$inet_sctp6_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, 0x0, &(0x7f0000000200))
chmod(0x0, 0x4d)
r0 = perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x800, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x5)
ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40042409, 0x1)
r2 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(r2, &(0x7f0000002cc0), 0x1a3, 0x0)
write$binfmt_misc(r1, &(0x7f0000000840)=ANY=[@ANYBLOB="5300000044a6aeabc81e1520000000000000000700fff64017db9820000000000000d423ffff633b27e59aa146175dd106736d173f0fc7ec6e26560000000049d23822c013286344c03948c6801d2c0945c08ba8c552fc99a7422007653872ecb4f63acdfe80819a277d9079cc4cb5e0ab17b299b81f2d274014ae40b81d030000d2fbea75e16af8ffffffffffffff0627ec60cb274e00da971f333396d74c92fad7e34bd5522400cc36c2442eac2d224609abe062060800000200000000000000000000f390d71cc6092cddd3b056f3fc65d61c2b3c65f2f80a61ea6e457ebc93a71b20e03b86d4e999bbb53a0e786b6d985f7f04533da93f7b0ee0ceb0e80600cff8ca2996e518e3e69051f6d243e0e9b2be17f9ebfeb82ee2469fb39bdbb2768d25f19600002dc045421b94d878d0d9c2a5c74633b6cd8ae563734d4f1089a687a135308e517ac7bb2994ccc7e054d3f18cb770e4908dd3deaafaab51144c1e1b86b6291f5e73ff040000000000000000000000000000009a583b79ab00f71d85463c57c5bb1f1084e683b591fc2c8b8a38b7ee57afa01a"], 0x259)
r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)

[  524.272845][    C0] sd 0:0:1:0: [sg0] tag#7022 CDB[80]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  524.282436][    C0] sd 0:0:1:0: [sg0] tag#7022 CDB[90]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  524.292019][    C0] sd 0:0:1:0: [sg0] tag#7022 CDB[a0]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  524.301603][    C0] sd 0:0:1:0: [sg0] tag#7022 CDB[b0]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  524.311283][    C0] sd 0:0:1:0: [sg0] tag#7022 CDB[c0]: 00 00 00 00 00 00 00 00
21:00:31 executing program 4:
getsockopt$inet_sctp6_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, 0x0, &(0x7f0000000200))
chmod(0x0, 0x4d)
r0 = perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x800, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x5)
ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40042409, 0x1)
r1 = socket$inet6(0xa, 0x802, 0x0)
sendmmsg(r1, &(0x7f0000002cc0), 0x1a3, 0x0)

[  524.436753][    C0] sd 0:0:1:0: [sg0] tag#6980 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s
[  524.447208][    C0] sd 0:0:1:0: [sg0] tag#6980 CDB: Test Unit Ready
[  524.453635][    C0] sd 0:0:1:0: [sg0] tag#6980 CDB[00]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  524.463240][    C0] sd 0:0:1:0: [sg0] tag#6980 CDB[10]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  524.474494][    C0] sd 0:0:1:0: [sg0] tag#6980 CDB[20]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  524.484062][    C0] sd 0:0:1:0: [sg0] tag#6980 CDB[30]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  524.493650][    C0] sd 0:0:1:0: [sg0] tag#6980 CDB[40]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  524.503241][    C0] sd 0:0:1:0: [sg0] tag#6980 CDB[50]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  524.512833][    C0] sd 0:0:1:0: [sg0] tag#6980 CDB[60]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  524.522423][    C0] sd 0:0:1:0: [sg0] tag#6980 CDB[70]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  524.532011][    C0] sd 0:0:1:0: [sg0] tag#6980 CDB[80]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  524.541596][    C0] sd 0:0:1:0: [sg0] tag#6980 CDB[90]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  524.551187][    C0] sd 0:0:1:0: [sg0] tag#6980 CDB[a0]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  524.560779][    C0] sd 0:0:1:0: [sg0] tag#6980 CDB[b0]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  524.570372][    C0] sd 0:0:1:0: [sg0] tag#6980 CDB[c0]: 00 00 00 00 00 00 00 00
21:00:31 executing program 2:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r1, 0x400455c8, 0x9)
dup2(r0, r1)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000008c0))
syz_usb_connect(0x0, 0x0, 0x0, 0x0)

21:00:31 executing program 5:
getsockopt$inet_sctp6_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, 0x0, &(0x7f0000000200))
chmod(0x0, 0x4d)
r0 = perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x800, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x5)
ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40042409, 0x1)
r2 = socket$inet6(0xa, 0x802, 0x0)
sendmmsg(r2, &(0x7f0000002cc0), 0x1a3, 0x0)
write$binfmt_misc(r1, &(0x7f0000000840)=ANY=[@ANYBLOB="5300000044a6aeabc81e1520000000000000000700fff64017db9820000000000000d423ffff633b27e59aa146175dd106736d173f0fc7ec6e26560000000049d23822c013286344c03948c6801d2c0945c08ba8c552fc99a7422007653872ecb4f63acdfe80819a277d9079cc4cb5e0ab17b299b81f2d274014ae40b81d030000d2fbea75e16af8ffffffffffffff0627ec60cb274e00da971f333396d74c92fad7e34bd5522400cc36c2442eac2d224609abe062060800000200000000000000000000f390d71cc6092cddd3b056f3fc65d61c2b3c65f2f80a61ea6e457ebc93a71b20e03b86d4e999bbb53a0e786b6d985f7f04533da93f7b0ee0ceb0e80600cff8ca2996e518e3e69051f6d243e0e9b2be17f9ebfeb82ee2469fb39bdbb2768d25f19600002dc045421b94d878d0d9c2a5c74633b6cd8ae563734d4f1089a687a135308e517ac7bb2994ccc7e054d3f18cb770e4908dd3deaafaab51144c1e1b86b6291f5e73ff040000000000000000000000000000009a583b79ab00f71d85463c57c5bb1f1084e683b591fc2c8b8a38b7ee57afa01a"], 0x259)
r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)

21:00:31 executing program 0:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0)
r1 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r2, 0x2007fff)
sendfile(r0, r0, 0x0, 0x8080fffffffe)
getsockopt$EBT_SO_GET_INIT_ENTRIES(0xffffffffffffffff, 0x0, 0x83, 0x0, 0x0)
connect$inet(0xffffffffffffffff, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r3 = dup(0xffffffffffffffff)
r4 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r3, r4, 0x0, 0x8000fffffffe)

[  524.924531][ T6858] Bluetooth: hci7: Entering manufacturer mode failed (-110)
[  524.924542][   T23] Bluetooth: hci7: command 0xfc11 tx timeout
[  525.031567][    C1] sd 0:0:1:0: [sg0] tag#7035 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s
[  525.042012][    C1] sd 0:0:1:0: [sg0] tag#7035 CDB: Test Unit Ready
[  525.048482][    C1] sd 0:0:1:0: [sg0] tag#7035 CDB[00]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  525.058078][    C1] sd 0:0:1:0: [sg0] tag#7035 CDB[10]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  525.067686][    C1] sd 0:0:1:0: [sg0] tag#7035 CDB[20]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  525.077296][    C1] sd 0:0:1:0: [sg0] tag#7035 CDB[30]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  525.086887][    C1] sd 0:0:1:0: [sg0] tag#7035 CDB[40]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  525.096476][    C1] sd 0:0:1:0: [sg0] tag#7035 CDB[50]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  525.106064][    C1] sd 0:0:1:0: [sg0] tag#7035 CDB[60]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  525.115662][    C1] sd 0:0:1:0: [sg0] tag#7035 CDB[70]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  525.125259][    C1] sd 0:0:1:0: [sg0] tag#7035 CDB[80]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  525.134846][    C1] sd 0:0:1:0: [sg0] tag#7035 CDB[90]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  525.144430][    C1] sd 0:0:1:0: [sg0] tag#7035 CDB[a0]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  525.153978][    C1] sd 0:0:1:0: [sg0] tag#7035 CDB[b0]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  525.163571][    C1] sd 0:0:1:0: [sg0] tag#7035 CDB[c0]: 00 00 00 00 00 00 00 00
[  525.231001][   T27] audit: type=1804 audit(1597266032.213:335): pid=15988 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/290/bus" dev="sda1" ino=16379 res=1 errno=0
[  526.124419][ T8237] Bluetooth: hci6: command 0xfc11 tx timeout
[  526.124444][ T1546] Bluetooth: hci6: Entering manufacturer mode failed (-110)
21:00:33 executing program 3:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0xf)
dup2(r0, r1)
syz_usb_connect(0x0, 0x0, 0x0, 0x0)

21:00:33 executing program 4:
getsockopt$inet_sctp6_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, 0x0, &(0x7f0000000200))
chmod(0x0, 0x4d)
r0 = perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x800, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x5)
ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40042409, 0x1)
connect$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(0xffffffffffffffff, &(0x7f0000002cc0), 0x1a3, 0x0)

21:00:33 executing program 1:
getsockopt$inet_sctp6_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, 0x0, &(0x7f0000000200))
chmod(0x0, 0x4d)
r0 = perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x800, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x5)
ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40042409, 0x1)
r2 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(r2, &(0x7f0000002cc0), 0x1a3, 0x0)
write$binfmt_misc(r1, &(0x7f0000000840)=ANY=[@ANYBLOB="5300000044a6aeabc81e1520000000000000000700fff64017db9820000000000000d423ffff633b27e59aa146175dd106736d173f0fc7ec6e26560000000049d23822c013286344c03948c6801d2c0945c08ba8c552fc99a7422007653872ecb4f63acdfe80819a277d9079cc4cb5e0ab17b299b81f2d274014ae40b81d030000d2fbea75e16af8ffffffffffffff0627ec60cb274e00da971f333396d74c92fad7e34bd5522400cc36c2442eac2d224609abe062060800000200000000000000000000f390d71cc6092cddd3b056f3fc65d61c2b3c65f2f80a61ea6e457ebc93a71b20e03b86d4e999bbb53a0e786b6d985f7f04533da93f7b0ee0ceb0e80600cff8ca2996e518e3e69051f6d243e0e9b2be17f9ebfeb82ee2469fb39bdbb2768d25f19600002dc045421b94d878d0d9c2a5c74633b6cd8ae563734d4f1089a687a135308e517ac7bb2994ccc7e054d3f18cb770e4908dd3deaafaab51144c1e1b86b6291f5e73ff040000000000000000000000000000009a583b79ab00f71d85463c57c5bb1f1084e683b591fc2c8b8a38b7ee57afa01a"], 0x259)
r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)

21:00:33 executing program 5:
getsockopt$inet_sctp6_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, 0x0, &(0x7f0000000200))
chmod(0x0, 0x4d)
r0 = perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x800, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x5)
ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40042409, 0x1)
connect$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(0xffffffffffffffff, &(0x7f0000002cc0), 0x1a3, 0x0)
write$binfmt_misc(r1, &(0x7f0000000840)=ANY=[@ANYBLOB="5300000044a6aeabc81e1520000000000000000700fff64017db9820000000000000d423ffff633b27e59aa146175dd106736d173f0fc7ec6e26560000000049d23822c013286344c03948c6801d2c0945c08ba8c552fc99a7422007653872ecb4f63acdfe80819a277d9079cc4cb5e0ab17b299b81f2d274014ae40b81d030000d2fbea75e16af8ffffffffffffff0627ec60cb274e00da971f333396d74c92fad7e34bd5522400cc36c2442eac2d224609abe062060800000200000000000000000000f390d71cc6092cddd3b056f3fc65d61c2b3c65f2f80a61ea6e457ebc93a71b20e03b86d4e999bbb53a0e786b6d985f7f04533da93f7b0ee0ceb0e80600cff8ca2996e518e3e69051f6d243e0e9b2be17f9ebfeb82ee2469fb39bdbb2768d25f19600002dc045421b94d878d0d9c2a5c74633b6cd8ae563734d4f1089a687a135308e517ac7bb2994ccc7e054d3f18cb770e4908dd3deaafaab51144c1e1b86b6291f5e73ff040000000000000000000000000000009a583b79ab00f71d85463c57c5bb1f1084e683b591fc2c8b8a38b7ee57afa01a"], 0x259)
r2 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)

21:00:33 executing program 0:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0)
r1 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r2, 0x2007fff)
sendfile(r0, r0, 0x0, 0x8080fffffffe)
getsockopt$EBT_SO_GET_INIT_ENTRIES(0xffffffffffffffff, 0x0, 0x83, 0x0, 0x0)
connect$inet(0xffffffffffffffff, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r3 = dup(0xffffffffffffffff)
r4 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r3, r4, 0x0, 0x8000fffffffe)

[  526.704834][    C0] sd 0:0:1:0: [sg0] tag#7039 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s
[  526.715315][    C0] sd 0:0:1:0: [sg0] tag#7039 CDB: Test Unit Ready
[  526.721743][    C0] sd 0:0:1:0: [sg0] tag#7039 CDB[00]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  526.731370][    C0] sd 0:0:1:0: [sg0] tag#7039 CDB[10]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  526.740967][    C0] sd 0:0:1:0: [sg0] tag#7039 CDB[20]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  526.750591][    C0] sd 0:0:1:0: [sg0] tag#7039 CDB[30]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  526.760185][    C0] sd 0:0:1:0: [sg0] tag#7039 CDB[40]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  526.769782][    C0] sd 0:0:1:0: [sg0] tag#7039 CDB[50]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  526.779381][    C0] sd 0:0:1:0: [sg0] tag#7039 CDB[60]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  526.788979][    C0] sd 0:0:1:0: [sg0] tag#7039 CDB[70]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
21:00:33 executing program 4:
getsockopt$inet_sctp6_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, 0x0, &(0x7f0000000200))
chmod(0x0, 0x4d)
r0 = perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x800, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x5)
ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40042409, 0x1)
connect$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(0xffffffffffffffff, &(0x7f0000002cc0), 0x1a3, 0x0)

[  526.798585][    C0] sd 0:0:1:0: [sg0] tag#7039 CDB[80]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  526.808182][    C0] sd 0:0:1:0: [sg0] tag#7039 CDB[90]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  526.817778][    C0] sd 0:0:1:0: [sg0] tag#7039 CDB[a0]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  526.827383][    C0] sd 0:0:1:0: [sg0] tag#7039 CDB[b0]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  526.836979][    C0] sd 0:0:1:0: [sg0] tag#7039 CDB[c0]: 00 00 00 00 00 00 00 00
21:00:33 executing program 5:
getsockopt$inet_sctp6_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, 0x0, &(0x7f0000000200))
chmod(0x0, 0x4d)
r0 = perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x800, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x5)
ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40042409, 0x1)
connect$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(0xffffffffffffffff, &(0x7f0000002cc0), 0x1a3, 0x0)
write$binfmt_misc(r1, &(0x7f0000000840)=ANY=[@ANYBLOB="5300000044a6aeabc81e1520000000000000000700fff64017db9820000000000000d423ffff633b27e59aa146175dd106736d173f0fc7ec6e26560000000049d23822c013286344c03948c6801d2c0945c08ba8c552fc99a7422007653872ecb4f63acdfe80819a277d9079cc4cb5e0ab17b299b81f2d274014ae40b81d030000d2fbea75e16af8ffffffffffffff0627ec60cb274e00da971f333396d74c92fad7e34bd5522400cc36c2442eac2d224609abe062060800000200000000000000000000f390d71cc6092cddd3b056f3fc65d61c2b3c65f2f80a61ea6e457ebc93a71b20e03b86d4e999bbb53a0e786b6d985f7f04533da93f7b0ee0ceb0e80600cff8ca2996e518e3e69051f6d243e0e9b2be17f9ebfeb82ee2469fb39bdbb2768d25f19600002dc045421b94d878d0d9c2a5c74633b6cd8ae563734d4f1089a687a135308e517ac7bb2994ccc7e054d3f18cb770e4908dd3deaafaab51144c1e1b86b6291f5e73ff040000000000000000000000000000009a583b79ab00f71d85463c57c5bb1f1084e683b591fc2c8b8a38b7ee57afa01a"], 0x259)
r2 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)

[  526.857023][   T27] audit: type=1804 audit(1597266033.843:336): pid=16001 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/291/bus" dev="sda1" ino=16363 res=1 errno=0
[  526.912031][    C1] sd 0:0:1:0: [sg0] tag#7000 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s
[  526.922434][    C1] sd 0:0:1:0: [sg0] tag#7000 CDB: Test Unit Ready
[  526.928904][    C1] sd 0:0:1:0: [sg0] tag#7000 CDB[00]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  526.938484][    C1] sd 0:0:1:0: [sg0] tag#7000 CDB[10]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  526.948064][    C1] sd 0:0:1:0: [sg0] tag#7000 CDB[20]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  526.957641][    C1] sd 0:0:1:0: [sg0] tag#7000 CDB[30]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  526.967222][    C1] sd 0:0:1:0: [sg0] tag#7000 CDB[40]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  526.976799][    C1] sd 0:0:1:0: [sg0] tag#7000 CDB[50]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  526.986377][    C1] sd 0:0:1:0: [sg0] tag#7000 CDB[60]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  526.995970][    C1] sd 0:0:1:0: [sg0] tag#7000 CDB[70]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
21:00:34 executing program 5:
getsockopt$inet_sctp6_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, 0x0, &(0x7f0000000200))
chmod(0x0, 0x4d)
r0 = perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x800, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x5)
ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40042409, 0x1)
connect$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(0xffffffffffffffff, &(0x7f0000002cc0), 0x1a3, 0x0)
write$binfmt_misc(r1, &(0x7f0000000840)=ANY=[@ANYBLOB="5300000044a6aeabc81e1520000000000000000700fff64017db9820000000000000d423ffff633b27e59aa146175dd106736d173f0fc7ec6e26560000000049d23822c013286344c03948c6801d2c0945c08ba8c552fc99a7422007653872ecb4f63acdfe80819a277d9079cc4cb5e0ab17b299b81f2d274014ae40b81d030000d2fbea75e16af8ffffffffffffff0627ec60cb274e00da971f333396d74c92fad7e34bd5522400cc36c2442eac2d224609abe062060800000200000000000000000000f390d71cc6092cddd3b056f3fc65d61c2b3c65f2f80a61ea6e457ebc93a71b20e03b86d4e999bbb53a0e786b6d985f7f04533da93f7b0ee0ceb0e80600cff8ca2996e518e3e69051f6d243e0e9b2be17f9ebfeb82ee2469fb39bdbb2768d25f19600002dc045421b94d878d0d9c2a5c74633b6cd8ae563734d4f1089a687a135308e517ac7bb2994ccc7e054d3f18cb770e4908dd3deaafaab51144c1e1b86b6291f5e73ff040000000000000000000000000000009a583b79ab00f71d85463c57c5bb1f1084e683b591fc2c8b8a38b7ee57afa01a"], 0x259)
r2 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)

21:00:34 executing program 4:
getsockopt$inet_sctp6_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, 0x0, &(0x7f0000000200))
chmod(0x0, 0x4d)
r0 = perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x800, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x5)
ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40042409, 0x1)
connect$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(0xffffffffffffffff, &(0x7f0000002cc0), 0x1a3, 0x0)

[  527.005553][    C1] sd 0:0:1:0: [sg0] tag#7000 CDB[80]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  527.015244][    C1] sd 0:0:1:0: [sg0] tag#7000 CDB[90]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  527.024823][    C1] sd 0:0:1:0: [sg0] tag#7000 CDB[a0]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  527.034397][    C1] sd 0:0:1:0: [sg0] tag#7000 CDB[b0]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  527.043942][    C1] sd 0:0:1:0: [sg0] tag#7000 CDB[c0]: 00 00 00 00 00 00 00 00
[  527.075883][    C0] sd 0:0:1:0: [sg0] tag#7001 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s
[  527.086317][    C0] sd 0:0:1:0: [sg0] tag#7001 CDB: Test Unit Ready
[  527.092745][    C0] sd 0:0:1:0: [sg0] tag#7001 CDB[00]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  527.102381][    C0] sd 0:0:1:0: [sg0] tag#7001 CDB[10]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  527.111974][    C0] sd 0:0:1:0: [sg0] tag#7001 CDB[20]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  527.121561][    C0] sd 0:0:1:0: [sg0] tag#7001 CDB[30]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  527.131145][    C0] sd 0:0:1:0: [sg0] tag#7001 CDB[40]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  527.140734][    C0] sd 0:0:1:0: [sg0] tag#7001 CDB[50]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  527.150325][    C0] sd 0:0:1:0: [sg0] tag#7001 CDB[60]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  527.159929][    C0] sd 0:0:1:0: [sg0] tag#7001 CDB[70]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  527.169530][    C0] sd 0:0:1:0: [sg0] tag#7001 CDB[80]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  527.179126][    C0] sd 0:0:1:0: [sg0] tag#7001 CDB[90]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  527.188828][    C0] sd 0:0:1:0: [sg0] tag#7001 CDB[a0]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  527.198422][    C0] sd 0:0:1:0: [sg0] tag#7001 CDB[b0]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  527.208009][    C0] sd 0:0:1:0: [sg0] tag#7001 CDB[c0]: 00 00 00 00 00 00 00 00
[  527.265553][ T6858] Bluetooth: hci7: Entering manufacturer mode failed (-110)
[  527.274035][T10323] Bluetooth: hci7: command tx timeout
[  527.395694][    C1] sd 0:0:1:0: [sg0] tag#7003 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s
[  527.406110][    C1] sd 0:0:1:0: [sg0] tag#7003 CDB: Test Unit Ready
[  527.412537][    C1] sd 0:0:1:0: [sg0] tag#7003 CDB[00]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  527.422135][    C1] sd 0:0:1:0: [sg0] tag#7003 CDB[10]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  527.431751][    C1] sd 0:0:1:0: [sg0] tag#7003 CDB[20]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  527.441475][    C1] sd 0:0:1:0: [sg0] tag#7003 CDB[30]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  527.451086][    C1] sd 0:0:1:0: [sg0] tag#7003 CDB[40]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  527.460687][    C1] sd 0:0:1:0: [sg0] tag#7003 CDB[50]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  527.470290][    C1] sd 0:0:1:0: [sg0] tag#7003 CDB[60]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  527.479886][    C1] sd 0:0:1:0: [sg0] tag#7003 CDB[70]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  527.489483][    C1] sd 0:0:1:0: [sg0] tag#7003 CDB[80]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  527.499076][    C1] sd 0:0:1:0: [sg0] tag#7003 CDB[90]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  527.508668][    C1] sd 0:0:1:0: [sg0] tag#7003 CDB[a0]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  527.518275][    C1] sd 0:0:1:0: [sg0] tag#7003 CDB[b0]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  527.527866][    C1] sd 0:0:1:0: [sg0] tag#7003 CDB[c0]: 00 00 00 00 00 00 00 00
21:00:34 executing program 2:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r1, 0x400455c8, 0x9)
dup2(r0, r1)
syz_usb_connect(0x0, 0x0, 0x0, 0x0)

21:00:34 executing program 1:
getsockopt$inet_sctp6_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, 0x0, &(0x7f0000000200))
chmod(0x0, 0x4d)
r0 = perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x800, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x5)
ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40042409, 0x1)
r2 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(r2, &(0x7f0000002cc0), 0x1a3, 0x0)
write$binfmt_misc(r1, &(0x7f0000000840)=ANY=[@ANYBLOB="5300000044a6aeabc81e1520000000000000000700fff64017db9820000000000000d423ffff633b27e59aa146175dd106736d173f0fc7ec6e26560000000049d23822c013286344c03948c6801d2c0945c08ba8c552fc99a7422007653872ecb4f63acdfe80819a277d9079cc4cb5e0ab17b299b81f2d274014ae40b81d030000d2fbea75e16af8ffffffffffffff0627ec60cb274e00da971f333396d74c92fad7e34bd5522400cc36c2442eac2d224609abe062060800000200000000000000000000f390d71cc6092cddd3b056f3fc65d61c2b3c65f2f80a61ea6e457ebc93a71b20e03b86d4e999bbb53a0e786b6d985f7f04533da93f7b0ee0ceb0e80600cff8ca2996e518e3e69051f6d243e0e9b2be17f9ebfeb82ee2469fb39bdbb2768d25f19600002dc045421b94d878d0d9c2a5c74633b6cd8ae563734d4f1089a687a135308e517ac7bb2994ccc7e054d3f18cb770e4908dd3deaafaab51144c1e1b86b6291f5e73ff040000000000000000000000000000009a583b79ab00f71d85463c57c5bb1f1084e683b591fc2c8b8a38b7ee57afa01a"], 0x259)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)

21:00:34 executing program 5:
getsockopt$inet_sctp6_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, 0x0, &(0x7f0000000200))
chmod(0x0, 0x4d)
perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x800, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x5)
r1 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(r1, &(0x7f0000002cc0), 0x1a3, 0x0)
write$binfmt_misc(r0, &(0x7f0000000840)=ANY=[@ANYBLOB="5300000044a6aeabc81e1520000000000000000700fff64017db9820000000000000d423ffff633b27e59aa146175dd106736d173f0fc7ec6e26560000000049d23822c013286344c03948c6801d2c0945c08ba8c552fc99a7422007653872ecb4f63acdfe80819a277d9079cc4cb5e0ab17b299b81f2d274014ae40b81d030000d2fbea75e16af8ffffffffffffff0627ec60cb274e00da971f333396d74c92fad7e34bd5522400cc36c2442eac2d224609abe062060800000200000000000000000000f390d71cc6092cddd3b056f3fc65d61c2b3c65f2f80a61ea6e457ebc93a71b20e03b86d4e999bbb53a0e786b6d985f7f04533da93f7b0ee0ceb0e80600cff8ca2996e518e3e69051f6d243e0e9b2be17f9ebfeb82ee2469fb39bdbb2768d25f19600002dc045421b94d878d0d9c2a5c74633b6cd8ae563734d4f1089a687a135308e517ac7bb2994ccc7e054d3f18cb770e4908dd3deaafaab51144c1e1b86b6291f5e73ff040000000000000000000000000000009a583b79ab00f71d85463c57c5bb1f1084e683b591fc2c8b8a38b7ee57afa01a"], 0x259)
r2 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)

21:00:34 executing program 4:
getsockopt$inet_sctp6_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, 0x0, &(0x7f0000000200))
chmod(0x0, 0x4d)
perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x800, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x5)
r0 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(r0, &(0x7f0000002cc0), 0x1a3, 0x0)

21:00:34 executing program 3:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0xf)
dup2(r0, r1)
syz_usb_connect(0x0, 0x0, 0x0, 0x0)

21:00:34 executing program 0:
open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0)
r0 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r1, 0x2007fff)
r2 = socket(0x2, 0x803, 0xff)
getsockopt$EBT_SO_GET_INIT_ENTRIES(0xffffffffffffffff, 0x0, 0x83, 0x0, 0x0)
connect$inet(r2, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r3 = dup(r2)
r4 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r3, r4, 0x0, 0x8000fffffffe)

[  527.883840][   T27] audit: type=1804 audit(1597266034.864:337): pid=16030 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/292/bus" dev="sda1" ino=16020 res=1 errno=0
[  527.916023][    C0] sd 0:0:1:0: [sg0] tag#7024 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s
[  527.926496][    C0] sd 0:0:1:0: [sg0] tag#7024 CDB: Test Unit Ready
[  527.932957][    C0] sd 0:0:1:0: [sg0] tag#7024 CDB[00]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  527.942564][    C0] sd 0:0:1:0: [sg0] tag#7024 CDB[10]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  527.952263][    C0] sd 0:0:1:0: [sg0] tag#7024 CDB[20]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  527.961875][    C0] sd 0:0:1:0: [sg0] tag#7024 CDB[30]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  527.971467][    C0] sd 0:0:1:0: [sg0] tag#7024 CDB[40]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  527.981047][    C0] sd 0:0:1:0: [sg0] tag#7024 CDB[50]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  527.990637][    C0] sd 0:0:1:0: [sg0] tag#7024 CDB[60]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  528.000219][    C0] sd 0:0:1:0: [sg0] tag#7024 CDB[70]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  528.009801][    C0] sd 0:0:1:0: [sg0] tag#7024 CDB[80]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  528.019389][    C0] sd 0:0:1:0: [sg0] tag#7024 CDB[90]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  528.028962][    C0] sd 0:0:1:0: [sg0] tag#7024 CDB[a0]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  528.038553][    C0] sd 0:0:1:0: [sg0] tag#7024 CDB[b0]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  528.048146][    C0] sd 0:0:1:0: [sg0] tag#7024 CDB[c0]: 00 00 00 00 00 00 00 00
[  528.057377][ T1546] Bluetooth: hci6: sending frame failed (-49)
21:00:35 executing program 4:
getsockopt$inet_sctp6_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, 0x0, &(0x7f0000000200))
chmod(0x0, 0x4d)
perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x800, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x5)
r0 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(r0, &(0x7f0000002cc0), 0x1a3, 0x0)

21:00:35 executing program 5:
getsockopt$inet_sctp6_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, 0x0, &(0x7f0000000200))
chmod(0x0, 0x4d)
perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x800, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x5)
r1 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(r1, &(0x7f0000002cc0), 0x1a3, 0x0)
write$binfmt_misc(r0, &(0x7f0000000840)=ANY=[@ANYBLOB="5300000044a6aeabc81e1520000000000000000700fff64017db9820000000000000d423ffff633b27e59aa146175dd106736d173f0fc7ec6e26560000000049d23822c013286344c03948c6801d2c0945c08ba8c552fc99a7422007653872ecb4f63acdfe80819a277d9079cc4cb5e0ab17b299b81f2d274014ae40b81d030000d2fbea75e16af8ffffffffffffff0627ec60cb274e00da971f333396d74c92fad7e34bd5522400cc36c2442eac2d224609abe062060800000200000000000000000000f390d71cc6092cddd3b056f3fc65d61c2b3c65f2f80a61ea6e457ebc93a71b20e03b86d4e999bbb53a0e786b6d985f7f04533da93f7b0ee0ceb0e80600cff8ca2996e518e3e69051f6d243e0e9b2be17f9ebfeb82ee2469fb39bdbb2768d25f19600002dc045421b94d878d0d9c2a5c74633b6cd8ae563734d4f1089a687a135308e517ac7bb2994ccc7e054d3f18cb770e4908dd3deaafaab51144c1e1b86b6291f5e73ff040000000000000000000000000000009a583b79ab00f71d85463c57c5bb1f1084e683b591fc2c8b8a38b7ee57afa01a"], 0x259)
r2 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)

21:00:35 executing program 1:
getsockopt$inet_sctp6_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, 0x0, &(0x7f0000000200))
chmod(0x0, 0x4d)
r0 = perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x800, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x5)
ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40042409, 0x1)
r2 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(r2, &(0x7f0000002cc0), 0x1a3, 0x0)
write$binfmt_misc(r1, &(0x7f0000000840)=ANY=[@ANYBLOB="5300000044a6aeabc81e1520000000000000000700fff64017db9820000000000000d423ffff633b27e59aa146175dd106736d173f0fc7ec6e26560000000049d23822c013286344c03948c6801d2c0945c08ba8c552fc99a7422007653872ecb4f63acdfe80819a277d9079cc4cb5e0ab17b299b81f2d274014ae40b81d030000d2fbea75e16af8ffffffffffffff0627ec60cb274e00da971f333396d74c92fad7e34bd5522400cc36c2442eac2d224609abe062060800000200000000000000000000f390d71cc6092cddd3b056f3fc65d61c2b3c65f2f80a61ea6e457ebc93a71b20e03b86d4e999bbb53a0e786b6d985f7f04533da93f7b0ee0ceb0e80600cff8ca2996e518e3e69051f6d243e0e9b2be17f9ebfeb82ee2469fb39bdbb2768d25f19600002dc045421b94d878d0d9c2a5c74633b6cd8ae563734d4f1089a687a135308e517ac7bb2994ccc7e054d3f18cb770e4908dd3deaafaab51144c1e1b86b6291f5e73ff040000000000000000000000000000009a583b79ab00f71d85463c57c5bb1f1084e683b591fc2c8b8a38b7ee57afa01a"], 0x259)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)

21:00:35 executing program 3:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0xf)
dup2(r0, r1)
syz_usb_connect(0x0, 0x0, 0x0, 0x0)

21:00:35 executing program 4:
getsockopt$inet_sctp6_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, 0x0, &(0x7f0000000200))
chmod(0x0, 0x4d)
perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x800, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(r0, &(0x7f0000002cc0), 0x1a3, 0x0)

21:00:35 executing program 1:
getsockopt$inet_sctp6_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, 0x0, &(0x7f0000000200))
chmod(0x0, 0x4d)
r0 = perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x800, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x5)
ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40042409, 0x1)
r2 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(r2, &(0x7f0000002cc0), 0x1a3, 0x0)
write$binfmt_misc(r1, &(0x7f0000000840)=ANY=[@ANYBLOB="5300000044a6aeabc81e1520000000000000000700fff64017db9820000000000000d423ffff633b27e59aa146175dd106736d173f0fc7ec6e26560000000049d23822c013286344c03948c6801d2c0945c08ba8c552fc99a7422007653872ecb4f63acdfe80819a277d9079cc4cb5e0ab17b299b81f2d274014ae40b81d030000d2fbea75e16af8ffffffffffffff0627ec60cb274e00da971f333396d74c92fad7e34bd5522400cc36c2442eac2d224609abe062060800000200000000000000000000f390d71cc6092cddd3b056f3fc65d61c2b3c65f2f80a61ea6e457ebc93a71b20e03b86d4e999bbb53a0e786b6d985f7f04533da93f7b0ee0ceb0e80600cff8ca2996e518e3e69051f6d243e0e9b2be17f9ebfeb82ee2469fb39bdbb2768d25f19600002dc045421b94d878d0d9c2a5c74633b6cd8ae563734d4f1089a687a135308e517ac7bb2994ccc7e054d3f18cb770e4908dd3deaafaab51144c1e1b86b6291f5e73ff040000000000000000000000000000009a583b79ab00f71d85463c57c5bb1f1084e683b591fc2c8b8a38b7ee57afa01a"], 0x259)

[  528.906801][    C0] scsi_io_completion_action: 3 callbacks suppressed
[  528.906840][    C0] sd 0:0:1:0: [sg0] tag#7028 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s
[  528.923924][    C0] sd 0:0:1:0: [sg0] tag#7028 CDB: Test Unit Ready
[  528.930346][    C0] sd 0:0:1:0: [sg0] tag#7028 CDB[00]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  528.939952][    C0] sd 0:0:1:0: [sg0] tag#7028 CDB[10]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  528.949538][    C0] sd 0:0:1:0: [sg0] tag#7028 CDB[20]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  528.959123][    C0] sd 0:0:1:0: [sg0] tag#7028 CDB[30]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  528.968710][    C0] sd 0:0:1:0: [sg0] tag#7028 CDB[40]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  528.978298][    C0] sd 0:0:1:0: [sg0] tag#7028 CDB[50]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  528.988834][    C0] sd 0:0:1:0: [sg0] tag#7028 CDB[60]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  528.998416][    C0] sd 0:0:1:0: [sg0] tag#7028 CDB[70]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  529.008017][    C0] sd 0:0:1:0: [sg0] tag#7028 CDB[80]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  529.017600][    C0] sd 0:0:1:0: [sg0] tag#7028 CDB[90]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  529.027190][    C0] sd 0:0:1:0: [sg0] tag#7028 CDB[a0]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  529.036768][    C0] sd 0:0:1:0: [sg0] tag#7028 CDB[b0]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  529.046344][    C0] sd 0:0:1:0: [sg0] tag#7028 CDB[c0]: 00 00 00 00 00 00 00 00
[  530.043893][ T6858] Bluetooth: hci6: Entering manufacturer mode failed (-110)
21:00:37 executing program 5:
getsockopt$inet_sctp6_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, 0x0, &(0x7f0000000200))
chmod(0x0, 0x4d)
perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x800, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x5)
r1 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(r1, &(0x7f0000002cc0), 0x1a3, 0x0)
write$binfmt_misc(r0, &(0x7f0000000840)=ANY=[@ANYBLOB="5300000044a6aeabc81e1520000000000000000700fff64017db9820000000000000d423ffff633b27e59aa146175dd106736d173f0fc7ec6e26560000000049d23822c013286344c03948c6801d2c0945c08ba8c552fc99a7422007653872ecb4f63acdfe80819a277d9079cc4cb5e0ab17b299b81f2d274014ae40b81d030000d2fbea75e16af8ffffffffffffff0627ec60cb274e00da971f333396d74c92fad7e34bd5522400cc36c2442eac2d224609abe062060800000200000000000000000000f390d71cc6092cddd3b056f3fc65d61c2b3c65f2f80a61ea6e457ebc93a71b20e03b86d4e999bbb53a0e786b6d985f7f04533da93f7b0ee0ceb0e80600cff8ca2996e518e3e69051f6d243e0e9b2be17f9ebfeb82ee2469fb39bdbb2768d25f19600002dc045421b94d878d0d9c2a5c74633b6cd8ae563734d4f1089a687a135308e517ac7bb2994ccc7e054d3f18cb770e4908dd3deaafaab51144c1e1b86b6291f5e73ff040000000000000000000000000000009a583b79ab00f71d85463c57c5bb1f1084e683b591fc2c8b8a38b7ee57afa01a"], 0x259)
r2 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)

21:00:37 executing program 0:
open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0)
r0 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r1, 0x2007fff)
r2 = socket(0x2, 0x803, 0xff)
getsockopt$EBT_SO_GET_INIT_ENTRIES(0xffffffffffffffff, 0x0, 0x83, 0x0, 0x0)
connect$inet(r2, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r3 = dup(r2)
r4 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r3, r4, 0x0, 0x8000fffffffe)

21:00:37 executing program 4:
getsockopt$inet_sctp6_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, 0x0, &(0x7f0000000200))
chmod(0x0, 0x4d)
r0 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(r0, &(0x7f0000002cc0), 0x1a3, 0x0)

21:00:37 executing program 1:
getsockopt$inet_sctp6_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, 0x0, &(0x7f0000000200))
chmod(0x0, 0x4d)
r0 = perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x800, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x5)
ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40042409, 0x1)
r1 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(r1, &(0x7f0000002cc0), 0x1a3, 0x0)

21:00:37 executing program 2:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0xf)
dup2(r0, r1)
syz_usb_connect(0x0, 0x0, 0x0, 0x0)

21:00:37 executing program 3:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$KDADDIO(r1, 0x400455c8, 0x9)
dup2(r0, r1)
syz_usb_connect(0x0, 0x0, 0x0, 0x0)

[  530.678786][   T27] audit: type=1804 audit(1597266037.654:338): pid=16075 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/293/bus" dev="sda1" ino=16276 res=1 errno=0
[  530.714835][    C0] sd 0:0:1:0: [sg0] tag#7029 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s
[  530.725395][    C0] sd 0:0:1:0: [sg0] tag#7029 CDB: Test Unit Ready
[  530.731851][    C0] sd 0:0:1:0: [sg0] tag#7029 CDB[00]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  530.741467][    C0] sd 0:0:1:0: [sg0] tag#7029 CDB[10]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  530.751080][    C0] sd 0:0:1:0: [sg0] tag#7029 CDB[20]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  530.760663][    C0] sd 0:0:1:0: [sg0] tag#7029 CDB[30]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  530.770242][    C0] sd 0:0:1:0: [sg0] tag#7029 CDB[40]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  530.779825][    C0] sd 0:0:1:0: [sg0] tag#7029 CDB[50]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  530.789425][    C0] sd 0:0:1:0: [sg0] tag#7029 CDB[60]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  530.799019][    C0] sd 0:0:1:0: [sg0] tag#7029 CDB[70]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  530.808601][    C0] sd 0:0:1:0: [sg0] tag#7029 CDB[80]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  530.818182][    C0] sd 0:0:1:0: [sg0] tag#7029 CDB[90]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  530.827849][    C0] sd 0:0:1:0: [sg0] tag#7029 CDB[a0]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  530.837430][    C0] sd 0:0:1:0: [sg0] tag#7029 CDB[b0]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  530.847011][    C0] sd 0:0:1:0: [sg0] tag#7029 CDB[c0]: 00 00 00 00 00 00 00 00
21:00:37 executing program 1:
getsockopt$inet_sctp6_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, 0x0, &(0x7f0000000200))
chmod(0x0, 0x4d)
r0 = perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x800, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x5)
ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40042409, 0x1)
r1 = socket$inet6(0xa, 0x802, 0x0)
sendmmsg(r1, &(0x7f0000002cc0), 0x1a3, 0x0)

21:00:38 executing program 4:
getsockopt$inet_sctp6_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, 0x0, &(0x7f0000000200))
chmod(0x0, 0x4d)
r0 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(r0, &(0x7f0000002cc0), 0x1a3, 0x0)

21:00:38 executing program 5:
getsockopt$inet_sctp6_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, 0x0, &(0x7f0000000200))
chmod(0x0, 0x4d)
r0 = perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x800, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40042409, 0x1)
r1 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(r1, &(0x7f0000002cc0), 0x1a3, 0x0)
write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000840)=ANY=[@ANYBLOB="5300000044a6aeabc81e1520000000000000000700fff64017db9820000000000000d423ffff633b27e59aa146175dd106736d173f0fc7ec6e26560000000049d23822c013286344c03948c6801d2c0945c08ba8c552fc99a7422007653872ecb4f63acdfe80819a277d9079cc4cb5e0ab17b299b81f2d274014ae40b81d030000d2fbea75e16af8ffffffffffffff0627ec60cb274e00da971f333396d74c92fad7e34bd5522400cc36c2442eac2d224609abe062060800000200000000000000000000f390d71cc6092cddd3b056f3fc65d61c2b3c65f2f80a61ea6e457ebc93a71b20e03b86d4e999bbb53a0e786b6d985f7f04533da93f7b0ee0ceb0e80600cff8ca2996e518e3e69051f6d243e0e9b2be17f9ebfeb82ee2469fb39bdbb2768d25f19600002dc045421b94d878d0d9c2a5c74633b6cd8ae563734d4f1089a687a135308e517ac7bb2994ccc7e054d3f18cb770e4908dd3deaafaab51144c1e1b86b6291f5e73ff040000000000000000000000000000009a583b79ab00f71d85463c57c5bb1f1084e683b591fc2c8b8a38b7ee57afa01a"], 0x259)
r2 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)

21:00:38 executing program 1:
getsockopt$inet_sctp6_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, 0x0, &(0x7f0000000200))
chmod(0x0, 0x4d)
r0 = perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x800, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x5)
ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40042409, 0x1)
r1 = socket$inet6(0xa, 0x802, 0x0)
sendmmsg(r1, &(0x7f0000002cc0), 0x1a3, 0x0)

21:00:38 executing program 3:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$KDADDIO(r1, 0x400455c8, 0x9)
dup2(r0, r1)
syz_usb_connect(0x0, 0x0, 0x0, 0x0)

21:00:38 executing program 2:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0xf)
dup2(r0, r1)
syz_usb_connect(0x0, 0x0, 0x0, 0x0)

21:00:38 executing program 4:
getsockopt$inet_sctp6_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, 0x0, &(0x7f0000000200))
chmod(0x0, 0x4d)
r0 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(r0, &(0x7f0000002cc0), 0x1a3, 0x0)

21:00:38 executing program 0:
open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0)
r0 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r1, 0x2007fff)
r2 = socket(0x2, 0x803, 0xff)
getsockopt$EBT_SO_GET_INIT_ENTRIES(0xffffffffffffffff, 0x0, 0x83, 0x0, 0x0)
connect$inet(r2, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r3 = dup(r2)
r4 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r3, r4, 0x0, 0x8000fffffffe)

21:00:38 executing program 5:
getsockopt$inet_sctp6_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, 0x0, &(0x7f0000000200))
chmod(0x0, 0x4d)
r0 = perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x800, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40042409, 0x1)
r1 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(r1, &(0x7f0000002cc0), 0x1a3, 0x0)
write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000840)=ANY=[@ANYBLOB="5300000044a6aeabc81e1520000000000000000700fff64017db9820000000000000d423ffff633b27e59aa146175dd106736d173f0fc7ec6e26560000000049d23822c013286344c03948c6801d2c0945c08ba8c552fc99a7422007653872ecb4f63acdfe80819a277d9079cc4cb5e0ab17b299b81f2d274014ae40b81d030000d2fbea75e16af8ffffffffffffff0627ec60cb274e00da971f333396d74c92fad7e34bd5522400cc36c2442eac2d224609abe062060800000200000000000000000000f390d71cc6092cddd3b056f3fc65d61c2b3c65f2f80a61ea6e457ebc93a71b20e03b86d4e999bbb53a0e786b6d985f7f04533da93f7b0ee0ceb0e80600cff8ca2996e518e3e69051f6d243e0e9b2be17f9ebfeb82ee2469fb39bdbb2768d25f19600002dc045421b94d878d0d9c2a5c74633b6cd8ae563734d4f1089a687a135308e517ac7bb2994ccc7e054d3f18cb770e4908dd3deaafaab51144c1e1b86b6291f5e73ff040000000000000000000000000000009a583b79ab00f71d85463c57c5bb1f1084e683b591fc2c8b8a38b7ee57afa01a"], 0x259)
r2 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)

21:00:38 executing program 1:
getsockopt$inet_sctp6_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, 0x0, &(0x7f0000000200))
chmod(0x0, 0x4d)
r0 = perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x800, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x5)
ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40042409, 0x1)
r1 = socket$inet6(0xa, 0x802, 0x0)
sendmmsg(r1, &(0x7f0000002cc0), 0x1a3, 0x0)

21:00:38 executing program 4:
getsockopt$inet_sctp6_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, 0x0, &(0x7f0000000200))
perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x800, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(r0, &(0x7f0000002cc0), 0x1a3, 0x0)

21:00:38 executing program 1:
getsockopt$inet_sctp6_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, 0x0, &(0x7f0000000200))
chmod(0x0, 0x4d)
r0 = perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x800, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x5)
ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40042409, 0x1)
connect$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(0xffffffffffffffff, &(0x7f0000002cc0), 0x1a3, 0x0)

[  531.597204][   T27] audit: type=1804 audit(1597266038.584:339): pid=16102 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/294/bus" dev="sda1" ino=16179 res=1 errno=0
21:00:38 executing program 1:
getsockopt$inet_sctp6_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, 0x0, &(0x7f0000000200))
chmod(0x0, 0x4d)
r0 = perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x800, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x5)
ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40042409, 0x1)
connect$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(0xffffffffffffffff, &(0x7f0000002cc0), 0x1a3, 0x0)

21:00:38 executing program 5:
getsockopt$inet_sctp6_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, 0x0, &(0x7f0000000200))
chmod(0x0, 0x4d)
r0 = perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x800, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40042409, 0x1)
r1 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(r1, &(0x7f0000002cc0), 0x1a3, 0x0)
write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000840)=ANY=[@ANYBLOB="5300000044a6aeabc81e1520000000000000000700fff64017db9820000000000000d423ffff633b27e59aa146175dd106736d173f0fc7ec6e26560000000049d23822c013286344c03948c6801d2c0945c08ba8c552fc99a7422007653872ecb4f63acdfe80819a277d9079cc4cb5e0ab17b299b81f2d274014ae40b81d030000d2fbea75e16af8ffffffffffffff0627ec60cb274e00da971f333396d74c92fad7e34bd5522400cc36c2442eac2d224609abe062060800000200000000000000000000f390d71cc6092cddd3b056f3fc65d61c2b3c65f2f80a61ea6e457ebc93a71b20e03b86d4e999bbb53a0e786b6d985f7f04533da93f7b0ee0ceb0e80600cff8ca2996e518e3e69051f6d243e0e9b2be17f9ebfeb82ee2469fb39bdbb2768d25f19600002dc045421b94d878d0d9c2a5c74633b6cd8ae563734d4f1089a687a135308e517ac7bb2994ccc7e054d3f18cb770e4908dd3deaafaab51144c1e1b86b6291f5e73ff040000000000000000000000000000009a583b79ab00f71d85463c57c5bb1f1084e683b591fc2c8b8a38b7ee57afa01a"], 0x259)
r2 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)

21:00:38 executing program 1:
getsockopt$inet_sctp6_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, 0x0, &(0x7f0000000200))
chmod(0x0, 0x4d)
r0 = perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x800, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x5)
ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40042409, 0x1)
connect$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(0xffffffffffffffff, &(0x7f0000002cc0), 0x1a3, 0x0)

21:00:38 executing program 4:
perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x800, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(r0, &(0x7f0000002cc0), 0x1a3, 0x0)

21:00:38 executing program 3:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$KDADDIO(r1, 0x400455c8, 0x9)
dup2(r0, r1)
syz_usb_connect(0x0, 0x0, 0x0, 0x0)

21:00:39 executing program 2:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0xf)
dup2(r0, r1)
syz_usb_connect(0x0, 0x0, 0x0, 0x0)

21:00:39 executing program 1:
getsockopt$inet_sctp6_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, 0x0, &(0x7f0000000200))
chmod(0x0, 0x4d)
perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x800, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x5)
r0 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(r0, &(0x7f0000002cc0), 0x1a3, 0x0)

21:00:39 executing program 0:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0)
r1 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
sendfile(r0, r0, 0x0, 0x8080fffffffe)
r2 = socket(0x2, 0x803, 0xff)
getsockopt$EBT_SO_GET_INIT_ENTRIES(0xffffffffffffffff, 0x0, 0x83, 0x0, 0x0)
connect$inet(r2, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r3 = dup(r2)
r4 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r3, r4, 0x0, 0x8000fffffffe)

21:00:39 executing program 5:
getsockopt$inet_sctp6_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, 0x0, &(0x7f0000000200))
chmod(0x0, 0x4d)
r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x5)
ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(0xffffffffffffffff, 0x40042409, 0x1)
r1 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(r1, &(0x7f0000002cc0), 0x1a3, 0x0)
write$binfmt_misc(r0, &(0x7f0000000840)=ANY=[@ANYBLOB="5300000044a6aeabc81e1520000000000000000700fff64017db9820000000000000d423ffff633b27e59aa146175dd106736d173f0fc7ec6e26560000000049d23822c013286344c03948c6801d2c0945c08ba8c552fc99a7422007653872ecb4f63acdfe80819a277d9079cc4cb5e0ab17b299b81f2d274014ae40b81d030000d2fbea75e16af8ffffffffffffff0627ec60cb274e00da971f333396d74c92fad7e34bd5522400cc36c2442eac2d224609abe062060800000200000000000000000000f390d71cc6092cddd3b056f3fc65d61c2b3c65f2f80a61ea6e457ebc93a71b20e03b86d4e999bbb53a0e786b6d985f7f04533da93f7b0ee0ceb0e80600cff8ca2996e518e3e69051f6d243e0e9b2be17f9ebfeb82ee2469fb39bdbb2768d25f19600002dc045421b94d878d0d9c2a5c74633b6cd8ae563734d4f1089a687a135308e517ac7bb2994ccc7e054d3f18cb770e4908dd3deaafaab51144c1e1b86b6291f5e73ff040000000000000000000000000000009a583b79ab00f71d85463c57c5bb1f1084e683b591fc2c8b8a38b7ee57afa01a"], 0x259)
r2 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)

21:00:39 executing program 4:
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(r0, &(0x7f0000002cc0), 0x1a3, 0x0)

21:00:39 executing program 1:
getsockopt$inet_sctp6_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, 0x0, &(0x7f0000000200))
chmod(0x0, 0x4d)
perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x800, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x5)
r0 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(r0, &(0x7f0000002cc0), 0x1a3, 0x0)

21:00:39 executing program 3:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(0xffffffffffffffff, 0x400455c8, 0x9)
dup2(r0, 0xffffffffffffffff)
syz_usb_connect(0x0, 0x0, 0x0, 0x0)

[  532.511797][    C1] sd 0:0:1:0: [sg0] tag#7030 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s
[  532.522268][    C1] sd 0:0:1:0: [sg0] tag#7030 CDB: Test Unit Ready
[  532.528763][    C1] sd 0:0:1:0: [sg0] tag#7030 CDB[00]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  532.538369][    C1] sd 0:0:1:0: [sg0] tag#7030 CDB[10]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  532.547977][    C1] sd 0:0:1:0: [sg0] tag#7030 CDB[20]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  532.557577][    C1] sd 0:0:1:0: [sg0] tag#7030 CDB[30]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  532.567187][    C1] sd 0:0:1:0: [sg0] tag#7030 CDB[40]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  532.576796][    C1] sd 0:0:1:0: [sg0] tag#7030 CDB[50]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  532.586406][    C1] sd 0:0:1:0: [sg0] tag#7030 CDB[60]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  532.595996][    C1] sd 0:0:1:0: [sg0] tag#7030 CDB[70]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  532.605583][    C1] sd 0:0:1:0: [sg0] tag#7030 CDB[80]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  532.615183][    C1] sd 0:0:1:0: [sg0] tag#7030 CDB[90]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  532.624858][    C1] sd 0:0:1:0: [sg0] tag#7030 CDB[a0]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  532.634444][    C1] sd 0:0:1:0: [sg0] tag#7030 CDB[b0]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  532.644034][    C1] sd 0:0:1:0: [sg0] tag#7030 CDB[c0]: 00 00 00 00 00 00 00 00
21:00:39 executing program 5:
getsockopt$inet_sctp6_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, 0x0, &(0x7f0000000200))
chmod(0x0, 0x4d)
r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x5)
ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(0xffffffffffffffff, 0x40042409, 0x1)
r1 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(r1, &(0x7f0000002cc0), 0x1a3, 0x0)
write$binfmt_misc(r0, &(0x7f0000000840)=ANY=[@ANYBLOB="5300000044a6aeabc81e1520000000000000000700fff64017db9820000000000000d423ffff633b27e59aa146175dd106736d173f0fc7ec6e26560000000049d23822c013286344c03948c6801d2c0945c08ba8c552fc99a7422007653872ecb4f63acdfe80819a277d9079cc4cb5e0ab17b299b81f2d274014ae40b81d030000d2fbea75e16af8ffffffffffffff0627ec60cb274e00da971f333396d74c92fad7e34bd5522400cc36c2442eac2d224609abe062060800000200000000000000000000f390d71cc6092cddd3b056f3fc65d61c2b3c65f2f80a61ea6e457ebc93a71b20e03b86d4e999bbb53a0e786b6d985f7f04533da93f7b0ee0ceb0e80600cff8ca2996e518e3e69051f6d243e0e9b2be17f9ebfeb82ee2469fb39bdbb2768d25f19600002dc045421b94d878d0d9c2a5c74633b6cd8ae563734d4f1089a687a135308e517ac7bb2994ccc7e054d3f18cb770e4908dd3deaafaab51144c1e1b86b6291f5e73ff040000000000000000000000000000009a583b79ab00f71d85463c57c5bb1f1084e683b591fc2c8b8a38b7ee57afa01a"], 0x259)
r2 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)

21:00:39 executing program 2:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$KDADDIO(r1, 0x400455c8, 0x9)
dup2(r0, r1)
syz_usb_connect(0x0, 0x0, 0x0, 0x0)

21:00:39 executing program 4:
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(r0, &(0x7f0000002cc0), 0x1a3, 0x0)

21:00:39 executing program 0:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0)
r1 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
sendfile(r0, r0, 0x0, 0x8080fffffffe)
r2 = socket(0x2, 0x803, 0xff)
getsockopt$EBT_SO_GET_INIT_ENTRIES(0xffffffffffffffff, 0x0, 0x83, 0x0, 0x0)
connect$inet(r2, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r3 = dup(r2)
r4 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r3, r4, 0x0, 0x8000fffffffe)

[  532.701359][   T27] audit: type=1804 audit(1597266039.684:340): pid=16133 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/295/bus" dev="sda1" ino=16225 res=1 errno=0
21:00:39 executing program 1:
getsockopt$inet_sctp6_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, 0x0, &(0x7f0000000200))
chmod(0x0, 0x4d)
perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x800, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(r0, &(0x7f0000002cc0), 0x1a3, 0x0)

[  532.904698][   T27] audit: type=1804 audit(1597266039.894:341): pid=16142 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/296/bus" dev="sda1" ino=16384 res=1 errno=0
[  532.942402][    C1] sd 0:0:1:0: [sg0] tag#7031 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s
[  532.952834][    C1] sd 0:0:1:0: [sg0] tag#7031 CDB: Test Unit Ready
[  532.959325][    C1] sd 0:0:1:0: [sg0] tag#7031 CDB[00]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  532.968940][    C1] sd 0:0:1:0: [sg0] tag#7031 CDB[10]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  532.978538][    C1] sd 0:0:1:0: [sg0] tag#7031 CDB[20]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  532.988139][    C1] sd 0:0:1:0: [sg0] tag#7031 CDB[30]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
21:00:40 executing program 1:
getsockopt$inet_sctp6_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, 0x0, &(0x7f0000000200))
chmod(0x0, 0x4d)
r0 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(r0, &(0x7f0000002cc0), 0x1a3, 0x0)

[  532.997742][    C1] sd 0:0:1:0: [sg0] tag#7031 CDB[40]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  533.007367][    C1] sd 0:0:1:0: [sg0] tag#7031 CDB[50]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  533.016967][    C1] sd 0:0:1:0: [sg0] tag#7031 CDB[60]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  533.026576][    C1] sd 0:0:1:0: [sg0] tag#7031 CDB[70]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  533.036172][    C1] sd 0:0:1:0: [sg0] tag#7031 CDB[80]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  533.045773][    C1] sd 0:0:1:0: [sg0] tag#7031 CDB[90]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
21:00:40 executing program 3:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(0xffffffffffffffff, 0x400455c8, 0x9)
dup2(r0, 0xffffffffffffffff)
syz_usb_connect(0x0, 0x0, 0x0, 0x0)

21:00:40 executing program 5:
getsockopt$inet_sctp6_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, 0x0, &(0x7f0000000200))
chmod(0x0, 0x4d)
r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x5)
ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(0xffffffffffffffff, 0x40042409, 0x1)
r1 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(r1, &(0x7f0000002cc0), 0x1a3, 0x0)
write$binfmt_misc(r0, &(0x7f0000000840)=ANY=[@ANYBLOB="5300000044a6aeabc81e1520000000000000000700fff64017db9820000000000000d423ffff633b27e59aa146175dd106736d173f0fc7ec6e26560000000049d23822c013286344c03948c6801d2c0945c08ba8c552fc99a7422007653872ecb4f63acdfe80819a277d9079cc4cb5e0ab17b299b81f2d274014ae40b81d030000d2fbea75e16af8ffffffffffffff0627ec60cb274e00da971f333396d74c92fad7e34bd5522400cc36c2442eac2d224609abe062060800000200000000000000000000f390d71cc6092cddd3b056f3fc65d61c2b3c65f2f80a61ea6e457ebc93a71b20e03b86d4e999bbb53a0e786b6d985f7f04533da93f7b0ee0ceb0e80600cff8ca2996e518e3e69051f6d243e0e9b2be17f9ebfeb82ee2469fb39bdbb2768d25f19600002dc045421b94d878d0d9c2a5c74633b6cd8ae563734d4f1089a687a135308e517ac7bb2994ccc7e054d3f18cb770e4908dd3deaafaab51144c1e1b86b6291f5e73ff040000000000000000000000000000009a583b79ab00f71d85463c57c5bb1f1084e683b591fc2c8b8a38b7ee57afa01a"], 0x259)
r2 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)

[  533.055383][    C1] sd 0:0:1:0: [sg0] tag#7031 CDB[a0]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  533.064977][    C1] sd 0:0:1:0: [sg0] tag#7031 CDB[b0]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  533.074568][    C1] sd 0:0:1:0: [sg0] tag#7031 CDB[c0]: 00 00 00 00 00 00 00 00
21:00:40 executing program 0:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0)
r1 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
sendfile(r0, r0, 0x0, 0x8080fffffffe)
r2 = socket(0x2, 0x803, 0xff)
getsockopt$EBT_SO_GET_INIT_ENTRIES(0xffffffffffffffff, 0x0, 0x83, 0x0, 0x0)
connect$inet(r2, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r3 = dup(r2)
r4 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r3, r4, 0x0, 0x8000fffffffe)

21:00:40 executing program 4:
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(r0, &(0x7f0000002cc0), 0x1a3, 0x0)

21:00:40 executing program 1:
getsockopt$inet_sctp6_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, 0x0, &(0x7f0000000200))
chmod(0x0, 0x4d)
r0 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(r0, &(0x7f0000002cc0), 0x1a3, 0x0)

[  533.288078][   T27] audit: type=1804 audit(1597266040.274:342): pid=16153 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/297/bus" dev="sda1" ino=16383 res=1 errno=0
[  533.316694][    C0] sd 0:0:1:0: [sg0] tag#7032 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s
[  533.327205][    C0] sd 0:0:1:0: [sg0] tag#7032 CDB: Test Unit Ready
[  533.333693][    C0] sd 0:0:1:0: [sg0] tag#7032 CDB[00]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  533.343240][    C0] sd 0:0:1:0: [sg0] tag#7032 CDB[10]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  533.352831][    C0] sd 0:0:1:0: [sg0] tag#7032 CDB[20]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  533.362432][    C0] sd 0:0:1:0: [sg0] tag#7032 CDB[30]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  533.372016][    C0] sd 0:0:1:0: [sg0] tag#7032 CDB[40]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
21:00:40 executing program 0:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0)
r1 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(0xffffffffffffffff, 0x2007fff)
sendfile(r0, r0, 0x0, 0x8080fffffffe)
r2 = socket(0x2, 0x803, 0xff)
getsockopt$EBT_SO_GET_INIT_ENTRIES(0xffffffffffffffff, 0x0, 0x83, 0x0, 0x0)
connect$inet(r2, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r3 = dup(r2)
r4 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r3, r4, 0x0, 0x8000fffffffe)

[  533.381603][    C0] sd 0:0:1:0: [sg0] tag#7032 CDB[50]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  533.391191][    C0] sd 0:0:1:0: [sg0] tag#7032 CDB[60]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  533.400772][    C0] sd 0:0:1:0: [sg0] tag#7032 CDB[70]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  533.410351][    C0] sd 0:0:1:0: [sg0] tag#7032 CDB[80]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  533.420027][    C0] sd 0:0:1:0: [sg0] tag#7032 CDB[90]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  533.429615][    C0] sd 0:0:1:0: [sg0] tag#7032 CDB[a0]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  533.439193][    C0] sd 0:0:1:0: [sg0] tag#7032 CDB[b0]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  533.448788][    C0] sd 0:0:1:0: [sg0] tag#7032 CDB[c0]: 00 00 00 00 00 00 00 00
21:00:40 executing program 0:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0)
r1 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(0xffffffffffffffff, 0x2007fff)
sendfile(r0, r0, 0x0, 0x8080fffffffe)
r2 = socket(0x2, 0x803, 0xff)
getsockopt$EBT_SO_GET_INIT_ENTRIES(0xffffffffffffffff, 0x0, 0x83, 0x0, 0x0)
connect$inet(r2, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r3 = dup(r2)
r4 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r3, r4, 0x0, 0x8000fffffffe)

[  533.478647][   T27] audit: type=1804 audit(1597266040.464:343): pid=16159 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/298/bus" dev="sda1" ino=16383 res=1 errno=0
21:00:40 executing program 2:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$KDADDIO(r1, 0x400455c8, 0x9)
dup2(r0, r1)
syz_usb_connect(0x0, 0x0, 0x0, 0x0)

21:00:40 executing program 1:
getsockopt$inet_sctp6_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, 0x0, &(0x7f0000000200))
chmod(0x0, 0x4d)
r0 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(r0, &(0x7f0000002cc0), 0x1a3, 0x0)

21:00:40 executing program 4:
perf_event_open(&(0x7f0000000240)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x800, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(r0, &(0x7f0000002cc0), 0x1a3, 0x0)

21:00:40 executing program 5:
getsockopt$inet_sctp6_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, 0x0, &(0x7f0000000200))
r0 = perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x800, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x5)
ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40042409, 0x1)
r2 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(r2, &(0x7f0000002cc0), 0x1a3, 0x0)
write$binfmt_misc(r1, &(0x7f0000000840)=ANY=[@ANYBLOB="5300000044a6aeabc81e1520000000000000000700fff64017db9820000000000000d423ffff633b27e59aa146175dd106736d173f0fc7ec6e26560000000049d23822c013286344c03948c6801d2c0945c08ba8c552fc99a7422007653872ecb4f63acdfe80819a277d9079cc4cb5e0ab17b299b81f2d274014ae40b81d030000d2fbea75e16af8ffffffffffffff0627ec60cb274e00da971f333396d74c92fad7e34bd5522400cc36c2442eac2d224609abe062060800000200000000000000000000f390d71cc6092cddd3b056f3fc65d61c2b3c65f2f80a61ea6e457ebc93a71b20e03b86d4e999bbb53a0e786b6d985f7f04533da93f7b0ee0ceb0e80600cff8ca2996e518e3e69051f6d243e0e9b2be17f9ebfeb82ee2469fb39bdbb2768d25f19600002dc045421b94d878d0d9c2a5c74633b6cd8ae563734d4f1089a687a135308e517ac7bb2994ccc7e054d3f18cb770e4908dd3deaafaab51144c1e1b86b6291f5e73ff040000000000000000000000000000009a583b79ab00f71d85463c57c5bb1f1084e683b591fc2c8b8a38b7ee57afa01a"], 0x259)
r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)

[  533.643317][   T27] audit: type=1804 audit(1597266040.624:344): pid=16161 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/299/bus" dev="sda1" ino=16276 res=1 errno=0
21:00:40 executing program 0:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0)
r1 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(0xffffffffffffffff, 0x2007fff)
sendfile(r0, r0, 0x0, 0x8080fffffffe)
r2 = socket(0x2, 0x803, 0xff)
getsockopt$EBT_SO_GET_INIT_ENTRIES(0xffffffffffffffff, 0x0, 0x83, 0x0, 0x0)
connect$inet(r2, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r3 = dup(r2)
r4 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r3, r4, 0x0, 0x8000fffffffe)

21:00:40 executing program 3:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(0xffffffffffffffff, 0x400455c8, 0x9)
dup2(r0, 0xffffffffffffffff)
syz_usb_connect(0x0, 0x0, 0x0, 0x0)

21:00:40 executing program 1:
getsockopt$inet_sctp6_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, 0x0, &(0x7f0000000200))
perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x800, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(r0, &(0x7f0000002cc0), 0x1a3, 0x0)

21:00:40 executing program 4:
perf_event_open(&(0x7f0000000240)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x800, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(r0, &(0x7f0000002cc0), 0x1a3, 0x0)

[  533.818442][   T27] audit: type=1804 audit(1597266040.804:345): pid=16171 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/300/bus" dev="sda1" ino=16114 res=1 errno=0
[  533.850582][    C0] sd 0:0:1:0: [sg0] tag#7033 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s
[  533.861001][    C0] sd 0:0:1:0: [sg0] tag#7033 CDB: Test Unit Ready
[  533.867485][    C0] sd 0:0:1:0: [sg0] tag#7033 CDB[00]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  533.877064][    C0] sd 0:0:1:0: [sg0] tag#7033 CDB[10]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  533.886640][    C0] sd 0:0:1:0: [sg0] tag#7033 CDB[20]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  533.896234][    C0] sd 0:0:1:0: [sg0] tag#7033 CDB[30]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  533.905809][    C0] sd 0:0:1:0: [sg0] tag#7033 CDB[40]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
21:00:40 executing program 0:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0)
getpgid(0x0)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r1, 0x2007fff)
sendfile(r0, r0, 0x0, 0x8080fffffffe)
r2 = socket(0x2, 0x803, 0xff)
getsockopt$EBT_SO_GET_INIT_ENTRIES(0xffffffffffffffff, 0x0, 0x83, 0x0, 0x0)
connect$inet(r2, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r3 = dup(r2)
r4 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r3, r4, 0x0, 0x8000fffffffe)

[  533.915388][    C0] sd 0:0:1:0: [sg0] tag#7033 CDB[50]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  533.924980][    C0] sd 0:0:1:0: [sg0] tag#7033 CDB[60]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  533.934572][    C0] sd 0:0:1:0: [sg0] tag#7033 CDB[70]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  533.944166][    C0] sd 0:0:1:0: [sg0] tag#7033 CDB[80]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  533.953754][    C0] sd 0:0:1:0: [sg0] tag#7033 CDB[90]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  533.963345][    C0] sd 0:0:1:0: [sg0] tag#7033 CDB[a0]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  533.972895][    C0] sd 0:0:1:0: [sg0] tag#7033 CDB[b0]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  533.982496][    C0] sd 0:0:1:0: [sg0] tag#7033 CDB[c0]: 00 00 00 00 00 00 00 00
21:00:41 executing program 5:
getsockopt$inet_sctp6_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, 0x0, &(0x7f0000000200))
r0 = perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x800, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x5)
ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40042409, 0x1)
r2 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(r2, &(0x7f0000002cc0), 0x1a3, 0x0)
write$binfmt_misc(r1, &(0x7f0000000840)=ANY=[@ANYBLOB="5300000044a6aeabc81e1520000000000000000700fff64017db9820000000000000d423ffff633b27e59aa146175dd106736d173f0fc7ec6e26560000000049d23822c013286344c03948c6801d2c0945c08ba8c552fc99a7422007653872ecb4f63acdfe80819a277d9079cc4cb5e0ab17b299b81f2d274014ae40b81d030000d2fbea75e16af8ffffffffffffff0627ec60cb274e00da971f333396d74c92fad7e34bd5522400cc36c2442eac2d224609abe062060800000200000000000000000000f390d71cc6092cddd3b056f3fc65d61c2b3c65f2f80a61ea6e457ebc93a71b20e03b86d4e999bbb53a0e786b6d985f7f04533da93f7b0ee0ceb0e80600cff8ca2996e518e3e69051f6d243e0e9b2be17f9ebfeb82ee2469fb39bdbb2768d25f19600002dc045421b94d878d0d9c2a5c74633b6cd8ae563734d4f1089a687a135308e517ac7bb2994ccc7e054d3f18cb770e4908dd3deaafaab51144c1e1b86b6291f5e73ff040000000000000000000000000000009a583b79ab00f71d85463c57c5bb1f1084e683b591fc2c8b8a38b7ee57afa01a"], 0x259)
r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)

21:00:41 executing program 1:
perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x800, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(r0, &(0x7f0000002cc0), 0x1a3, 0x0)

[  534.144900][   T27] audit: type=1804 audit(1597266041.134:346): pid=16183 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/301/bus" dev="sda1" ino=16371 res=1 errno=0
21:00:41 executing program 2:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$KDADDIO(r1, 0x400455c8, 0x9)
dup2(r0, r1)
syz_usb_connect(0x0, 0x0, 0x0, 0x0)

21:00:41 executing program 4:
perf_event_open(&(0x7f0000000240)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x800, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(r0, &(0x7f0000002cc0), 0x1a3, 0x0)

[  534.320046][    C0] sd 0:0:1:0: [sg0] tag#7012 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s
[  534.330508][    C0] sd 0:0:1:0: [sg0] tag#7012 CDB: Test Unit Ready
[  534.337091][    C0] sd 0:0:1:0: [sg0] tag#7012 CDB[00]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  534.346705][    C0] sd 0:0:1:0: [sg0] tag#7012 CDB[10]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  534.356325][    C0] sd 0:0:1:0: [sg0] tag#7012 CDB[20]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  534.365924][    C0] sd 0:0:1:0: [sg0] tag#7012 CDB[30]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  534.375521][    C0] sd 0:0:1:0: [sg0] tag#7012 CDB[40]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  534.385134][    C0] sd 0:0:1:0: [sg0] tag#7012 CDB[50]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  534.394730][    C0] sd 0:0:1:0: [sg0] tag#7012 CDB[60]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  534.404332][    C0] sd 0:0:1:0: [sg0] tag#7012 CDB[70]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  534.413931][    C0] sd 0:0:1:0: [sg0] tag#7012 CDB[80]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  534.423528][    C0] sd 0:0:1:0: [sg0] tag#7012 CDB[90]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  534.433084][    C0] sd 0:0:1:0: [sg0] tag#7012 CDB[a0]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  534.442691][    C0] sd 0:0:1:0: [sg0] tag#7012 CDB[b0]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  534.452277][    C0] sd 0:0:1:0: [sg0] tag#7012 CDB[c0]: 00 00 00 00 00 00 00 00
21:00:41 executing program 5:
getsockopt$inet_sctp6_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, 0x0, &(0x7f0000000200))
r0 = perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x800, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x5)
ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40042409, 0x1)
r2 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(r2, &(0x7f0000002cc0), 0x1a3, 0x0)
write$binfmt_misc(r1, &(0x7f0000000840)=ANY=[@ANYBLOB="5300000044a6aeabc81e1520000000000000000700fff64017db9820000000000000d423ffff633b27e59aa146175dd106736d173f0fc7ec6e26560000000049d23822c013286344c03948c6801d2c0945c08ba8c552fc99a7422007653872ecb4f63acdfe80819a277d9079cc4cb5e0ab17b299b81f2d274014ae40b81d030000d2fbea75e16af8ffffffffffffff0627ec60cb274e00da971f333396d74c92fad7e34bd5522400cc36c2442eac2d224609abe062060800000200000000000000000000f390d71cc6092cddd3b056f3fc65d61c2b3c65f2f80a61ea6e457ebc93a71b20e03b86d4e999bbb53a0e786b6d985f7f04533da93f7b0ee0ceb0e80600cff8ca2996e518e3e69051f6d243e0e9b2be17f9ebfeb82ee2469fb39bdbb2768d25f19600002dc045421b94d878d0d9c2a5c74633b6cd8ae563734d4f1089a687a135308e517ac7bb2994ccc7e054d3f18cb770e4908dd3deaafaab51144c1e1b86b6291f5e73ff040000000000000000000000000000009a583b79ab00f71d85463c57c5bb1f1084e683b591fc2c8b8a38b7ee57afa01a"], 0x259)
r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)

21:00:41 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x9)
dup2(0xffffffffffffffff, r0)
syz_usb_connect(0x0, 0x0, 0x0, 0x0)

21:00:41 executing program 4:
perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x800, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(r0, &(0x7f0000002cc0), 0x1a3, 0x0)

[  534.762157][    C1] sd 0:0:1:0: [sg0] tag#6996 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s
[  534.772643][    C1] sd 0:0:1:0: [sg0] tag#6996 CDB: Test Unit Ready
[  534.779144][    C1] sd 0:0:1:0: [sg0] tag#6996 CDB[00]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  534.788755][    C1] sd 0:0:1:0: [sg0] tag#6996 CDB[10]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  534.798343][    C1] sd 0:0:1:0: [sg0] tag#6996 CDB[20]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  534.807945][    C1] sd 0:0:1:0: [sg0] tag#6996 CDB[30]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  534.817536][    C1] sd 0:0:1:0: [sg0] tag#6996 CDB[40]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  534.827127][    C1] sd 0:0:1:0: [sg0] tag#6996 CDB[50]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  534.836713][    C1] sd 0:0:1:0: [sg0] tag#6996 CDB[60]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  534.846303][    C1] sd 0:0:1:0: [sg0] tag#6996 CDB[70]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  534.855893][    C1] sd 0:0:1:0: [sg0] tag#6996 CDB[80]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  534.865481][    C1] sd 0:0:1:0: [sg0] tag#6996 CDB[90]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  534.875065][    C1] sd 0:0:1:0: [sg0] tag#6996 CDB[a0]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  534.884643][    C1] sd 0:0:1:0: [sg0] tag#6996 CDB[b0]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  534.894236][    C1] sd 0:0:1:0: [sg0] tag#6996 CDB[c0]: 00 00 00 00 00 00 00 00
21:00:41 executing program 0:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0)
getpgid(0x0)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r1, 0x2007fff)
sendfile(r0, r0, 0x0, 0x8080fffffffe)
r2 = socket(0x2, 0x803, 0xff)
getsockopt$EBT_SO_GET_INIT_ENTRIES(0xffffffffffffffff, 0x0, 0x83, 0x0, 0x0)
connect$inet(r2, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r3 = dup(r2)
r4 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r3, r4, 0x0, 0x8000fffffffe)

21:00:41 executing program 5:
chmod(0x0, 0x4d)
r0 = perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x800, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x5)
ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40042409, 0x1)
r2 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(r2, &(0x7f0000002cc0), 0x1a3, 0x0)
write$binfmt_misc(r1, &(0x7f0000000840)=ANY=[@ANYBLOB="5300000044a6aeabc81e1520000000000000000700fff64017db9820000000000000d423ffff633b27e59aa146175dd106736d173f0fc7ec6e26560000000049d23822c013286344c03948c6801d2c0945c08ba8c552fc99a7422007653872ecb4f63acdfe80819a277d9079cc4cb5e0ab17b299b81f2d274014ae40b81d030000d2fbea75e16af8ffffffffffffff0627ec60cb274e00da971f333396d74c92fad7e34bd5522400cc36c2442eac2d224609abe062060800000200000000000000000000f390d71cc6092cddd3b056f3fc65d61c2b3c65f2f80a61ea6e457ebc93a71b20e03b86d4e999bbb53a0e786b6d985f7f04533da93f7b0ee0ceb0e80600cff8ca2996e518e3e69051f6d243e0e9b2be17f9ebfeb82ee2469fb39bdbb2768d25f19600002dc045421b94d878d0d9c2a5c74633b6cd8ae563734d4f1089a687a135308e517ac7bb2994ccc7e054d3f18cb770e4908dd3deaafaab51144c1e1b86b6291f5e73ff040000000000000000000000000000009a583b79ab00f71d85463c57c5bb1f1084e683b591fc2c8b8a38b7ee57afa01a"], 0x259)
r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)

21:00:42 executing program 1:
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(r0, &(0x7f0000002cc0), 0x1a3, 0x0)

21:00:42 executing program 2:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(0xffffffffffffffff, 0x400455c8, 0x9)
dup2(r0, 0xffffffffffffffff)
syz_usb_connect(0x0, 0x0, 0x0, 0x0)

[  535.086807][    C0] sd 0:0:1:0: [sg0] tag#6998 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s
[  535.097282][    C0] sd 0:0:1:0: [sg0] tag#6998 CDB: Test Unit Ready
[  535.103795][    C0] sd 0:0:1:0: [sg0] tag#6998 CDB[00]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  535.113408][    C0] sd 0:0:1:0: [sg0] tag#6998 CDB[10]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  535.122994][    C0] sd 0:0:1:0: [sg0] tag#6998 CDB[20]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  535.132595][    C0] sd 0:0:1:0: [sg0] tag#6998 CDB[30]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  535.142207][    C0] sd 0:0:1:0: [sg0] tag#6998 CDB[40]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  535.151809][    C0] sd 0:0:1:0: [sg0] tag#6998 CDB[50]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  535.161521][    C0] sd 0:0:1:0: [sg0] tag#6998 CDB[60]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  535.171119][    C0] sd 0:0:1:0: [sg0] tag#6998 CDB[70]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
21:00:42 executing program 4:
perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x800, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(r0, &(0x7f0000002cc0), 0x1a3, 0x0)

[  535.180727][    C0] sd 0:0:1:0: [sg0] tag#6998 CDB[80]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  535.190327][    C0] sd 0:0:1:0: [sg0] tag#6998 CDB[90]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  535.199919][    C0] sd 0:0:1:0: [sg0] tag#6998 CDB[a0]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  535.209514][    C0] sd 0:0:1:0: [sg0] tag#6998 CDB[b0]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  535.219106][    C0] sd 0:0:1:0: [sg0] tag#6998 CDB[c0]: 00 00 00 00 00 00 00 00
21:00:42 executing program 5:
chmod(0x0, 0x4d)
r0 = perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x800, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x5)
ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40042409, 0x1)
r2 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(r2, &(0x7f0000002cc0), 0x1a3, 0x0)
write$binfmt_misc(r1, &(0x7f0000000840)=ANY=[@ANYBLOB="5300000044a6aeabc81e1520000000000000000700fff64017db9820000000000000d423ffff633b27e59aa146175dd106736d173f0fc7ec6e26560000000049d23822c013286344c03948c6801d2c0945c08ba8c552fc99a7422007653872ecb4f63acdfe80819a277d9079cc4cb5e0ab17b299b81f2d274014ae40b81d030000d2fbea75e16af8ffffffffffffff0627ec60cb274e00da971f333396d74c92fad7e34bd5522400cc36c2442eac2d224609abe062060800000200000000000000000000f390d71cc6092cddd3b056f3fc65d61c2b3c65f2f80a61ea6e457ebc93a71b20e03b86d4e999bbb53a0e786b6d985f7f04533da93f7b0ee0ceb0e80600cff8ca2996e518e3e69051f6d243e0e9b2be17f9ebfeb82ee2469fb39bdbb2768d25f19600002dc045421b94d878d0d9c2a5c74633b6cd8ae563734d4f1089a687a135308e517ac7bb2994ccc7e054d3f18cb770e4908dd3deaafaab51144c1e1b86b6291f5e73ff040000000000000000000000000000009a583b79ab00f71d85463c57c5bb1f1084e683b591fc2c8b8a38b7ee57afa01a"], 0x259)
r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)

[  535.360041][   T27] audit: type=1804 audit(1597266042.344:347): pid=16218 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/302/bus" dev="sda1" ino=16381 res=1 errno=0
21:00:42 executing program 1:
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(r0, &(0x7f0000002cc0), 0x1a3, 0x0)

21:00:42 executing program 4:
perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x800, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(r0, &(0x7f0000002cc0), 0x1a3, 0x0)

[  535.542951][    C0] sd 0:0:1:0: [sg0] tag#7035 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s
[  535.553393][    C0] sd 0:0:1:0: [sg0] tag#7035 CDB: Test Unit Ready
[  535.559824][    C0] sd 0:0:1:0: [sg0] tag#7035 CDB[00]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  535.569429][    C0] sd 0:0:1:0: [sg0] tag#7035 CDB[10]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  535.579041][    C0] sd 0:0:1:0: [sg0] tag#7035 CDB[20]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  535.588630][    C0] sd 0:0:1:0: [sg0] tag#7035 CDB[30]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  535.598228][    C0] sd 0:0:1:0: [sg0] tag#7035 CDB[40]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  535.607813][    C0] sd 0:0:1:0: [sg0] tag#7035 CDB[50]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  535.617398][    C0] sd 0:0:1:0: [sg0] tag#7035 CDB[60]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  535.626992][    C0] sd 0:0:1:0: [sg0] tag#7035 CDB[70]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  535.636593][    C0] sd 0:0:1:0: [sg0] tag#7035 CDB[80]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  535.646206][    C0] sd 0:0:1:0: [sg0] tag#7035 CDB[90]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  535.655789][    C0] sd 0:0:1:0: [sg0] tag#7035 CDB[a0]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  535.665373][    C0] sd 0:0:1:0: [sg0] tag#7035 CDB[b0]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  535.674967][    C0] sd 0:0:1:0: [sg0] tag#7035 CDB[c0]: 00 00 00 00 00 00 00 00
21:00:42 executing program 2:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(0xffffffffffffffff, 0x400455c8, 0x9)
dup2(r0, 0xffffffffffffffff)
syz_usb_connect(0x0, 0x0, 0x0, 0x0)

21:00:42 executing program 4:
perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x800, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(r0, &(0x7f0000002cc0), 0x1a3, 0x0)

[  536.923137][ T7291] Bluetooth: hci6: command 0xfc11 tx timeout
[  536.928582][ T6858] Bluetooth: hci6: Entering manufacturer mode failed (-110)
21:00:44 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x9)
dup2(0xffffffffffffffff, r0)
syz_usb_connect(0x0, 0x0, 0x0, 0x0)

21:00:44 executing program 5:
chmod(0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x800, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x5)
ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40042409, 0x1)
r2 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(r2, &(0x7f0000002cc0), 0x1a3, 0x0)
write$binfmt_misc(r1, &(0x7f0000000840)=ANY=[@ANYBLOB="5300000044a6aeabc81e1520000000000000000700fff64017db9820000000000000d423ffff633b27e59aa146175dd106736d173f0fc7ec6e26560000000049d23822c013286344c03948c6801d2c0945c08ba8c552fc99a7422007653872ecb4f63acdfe80819a277d9079cc4cb5e0ab17b299b81f2d274014ae40b81d030000d2fbea75e16af8ffffffffffffff0627ec60cb274e00da971f333396d74c92fad7e34bd5522400cc36c2442eac2d224609abe062060800000200000000000000000000f390d71cc6092cddd3b056f3fc65d61c2b3c65f2f80a61ea6e457ebc93a71b20e03b86d4e999bbb53a0e786b6d985f7f04533da93f7b0ee0ceb0e80600cff8ca2996e518e3e69051f6d243e0e9b2be17f9ebfeb82ee2469fb39bdbb2768d25f19600002dc045421b94d878d0d9c2a5c74633b6cd8ae563734d4f1089a687a135308e517ac7bb2994ccc7e054d3f18cb770e4908dd3deaafaab51144c1e1b86b6291f5e73ff040000000000000000000000000000009a583b79ab00f71d85463c57c5bb1f1084e683b591fc2c8b8a38b7ee57afa01a"], 0x259)
r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)

21:00:44 executing program 1:
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(r0, &(0x7f0000002cc0), 0x1a3, 0x0)

21:00:44 executing program 4:
perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x800, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(r0, &(0x7f0000002cc0), 0x1a3, 0x0)

21:00:44 executing program 0:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0)
getpgid(0x0)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r1, 0x2007fff)
sendfile(r0, r0, 0x0, 0x8080fffffffe)
r2 = socket(0x2, 0x803, 0xff)
getsockopt$EBT_SO_GET_INIT_ENTRIES(0xffffffffffffffff, 0x0, 0x83, 0x0, 0x0)
connect$inet(r2, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r3 = dup(r2)
r4 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r3, r4, 0x0, 0x8000fffffffe)

21:00:44 executing program 2:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(0xffffffffffffffff, 0x400455c8, 0x9)
dup2(r0, 0xffffffffffffffff)
syz_usb_connect(0x0, 0x0, 0x0, 0x0)

[  537.545815][    C0] sd 0:0:1:0: [sg0] tag#7034 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s
[  537.556288][    C0] sd 0:0:1:0: [sg0] tag#7034 CDB: Test Unit Ready
[  537.562716][    C0] sd 0:0:1:0: [sg0] tag#7034 CDB[00]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  537.572321][    C0] sd 0:0:1:0: [sg0] tag#7034 CDB[10]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  537.581897][    C0] sd 0:0:1:0: [sg0] tag#7034 CDB[20]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  537.591491][    C0] sd 0:0:1:0: [sg0] tag#7034 CDB[30]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  537.601069][    C0] sd 0:0:1:0: [sg0] tag#7034 CDB[40]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  537.610645][    C0] sd 0:0:1:0: [sg0] tag#7034 CDB[50]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  537.620225][    C0] sd 0:0:1:0: [sg0] tag#7034 CDB[60]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  537.629798][    C0] sd 0:0:1:0: [sg0] tag#7034 CDB[70]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  537.639389][    C0] sd 0:0:1:0: [sg0] tag#7034 CDB[80]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  537.648971][    C0] sd 0:0:1:0: [sg0] tag#7034 CDB[90]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  537.658549][    C0] sd 0:0:1:0: [sg0] tag#7034 CDB[a0]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  537.668121][    C0] sd 0:0:1:0: [sg0] tag#7034 CDB[b0]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  537.677716][    C0] sd 0:0:1:0: [sg0] tag#7034 CDB[c0]: 00 00 00 00 00 00 00 00
[  537.685411][   T27] audit: type=1804 audit(1597266044.595:348): pid=16248 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/303/bus" dev="sda1" ino=16357 res=1 errno=0
[  537.720599][   T58] Bluetooth: hci6: Frame reassembly failed (-84)
21:00:44 executing program 1:
perf_event_open(&(0x7f0000000240)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x800, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(r0, &(0x7f0000002cc0), 0x1a3, 0x0)

21:00:44 executing program 5:
chmod(0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x800, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x5)
ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40042409, 0x1)
r2 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(r2, &(0x7f0000002cc0), 0x1a3, 0x0)
write$binfmt_misc(r1, &(0x7f0000000840)=ANY=[@ANYBLOB="5300000044a6aeabc81e1520000000000000000700fff64017db9820000000000000d423ffff633b27e59aa146175dd106736d173f0fc7ec6e26560000000049d23822c013286344c03948c6801d2c0945c08ba8c552fc99a7422007653872ecb4f63acdfe80819a277d9079cc4cb5e0ab17b299b81f2d274014ae40b81d030000d2fbea75e16af8ffffffffffffff0627ec60cb274e00da971f333396d74c92fad7e34bd5522400cc36c2442eac2d224609abe062060800000200000000000000000000f390d71cc6092cddd3b056f3fc65d61c2b3c65f2f80a61ea6e457ebc93a71b20e03b86d4e999bbb53a0e786b6d985f7f04533da93f7b0ee0ceb0e80600cff8ca2996e518e3e69051f6d243e0e9b2be17f9ebfeb82ee2469fb39bdbb2768d25f19600002dc045421b94d878d0d9c2a5c74633b6cd8ae563734d4f1089a687a135308e517ac7bb2994ccc7e054d3f18cb770e4908dd3deaafaab51144c1e1b86b6291f5e73ff040000000000000000000000000000009a583b79ab00f71d85463c57c5bb1f1084e683b591fc2c8b8a38b7ee57afa01a"], 0x259)
r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)

21:00:44 executing program 4:
perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x800, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(r0, &(0x7f0000002cc0), 0x1a3, 0x0)

21:00:45 executing program 1:
perf_event_open(&(0x7f0000000240)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x800, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(r0, &(0x7f0000002cc0), 0x1a3, 0x0)

[  538.027165][    C0] sd 0:0:1:0: [sg0] tag#7026 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s
[  538.037668][    C0] sd 0:0:1:0: [sg0] tag#7026 CDB: Test Unit Ready
[  538.044150][    C0] sd 0:0:1:0: [sg0] tag#7026 CDB[00]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  538.053735][    C0] sd 0:0:1:0: [sg0] tag#7026 CDB[10]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  538.063426][    C0] sd 0:0:1:0: [sg0] tag#7026 CDB[20]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  538.073010][    C0] sd 0:0:1:0: [sg0] tag#7026 CDB[30]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  538.082567][    C0] sd 0:0:1:0: [sg0] tag#7026 CDB[40]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  538.092160][    C0] sd 0:0:1:0: [sg0] tag#7026 CDB[50]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  538.101747][    C0] sd 0:0:1:0: [sg0] tag#7026 CDB[60]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  538.111353][    C0] sd 0:0:1:0: [sg0] tag#7026 CDB[70]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
21:00:45 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x9)
dup2(0xffffffffffffffff, r0)
syz_usb_connect(0x0, 0x0, 0x0, 0x0)

[  538.120944][    C0] sd 0:0:1:0: [sg0] tag#7026 CDB[80]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  538.130532][    C0] sd 0:0:1:0: [sg0] tag#7026 CDB[90]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  538.140125][    C0] sd 0:0:1:0: [sg0] tag#7026 CDB[a0]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  538.149709][    C0] sd 0:0:1:0: [sg0] tag#7026 CDB[b0]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  538.159292][    C0] sd 0:0:1:0: [sg0] tag#7026 CDB[c0]: 00 00 00 00 00 00 00 00
21:00:45 executing program 5:
chmod(0x0, 0x0)
r0 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x5)
ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40042409, 0x1)
r2 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(r2, &(0x7f0000002cc0), 0x1a3, 0x0)
write$binfmt_misc(r1, &(0x7f0000000840)=ANY=[@ANYBLOB="5300000044a6aeabc81e1520000000000000000700fff64017db9820000000000000d423ffff633b27e59aa146175dd106736d173f0fc7ec6e26560000000049d23822c013286344c03948c6801d2c0945c08ba8c552fc99a7422007653872ecb4f63acdfe80819a277d9079cc4cb5e0ab17b299b81f2d274014ae40b81d030000d2fbea75e16af8ffffffffffffff0627ec60cb274e00da971f333396d74c92fad7e34bd5522400cc36c2442eac2d224609abe062060800000200000000000000000000f390d71cc6092cddd3b056f3fc65d61c2b3c65f2f80a61ea6e457ebc93a71b20e03b86d4e999bbb53a0e786b6d985f7f04533da93f7b0ee0ceb0e80600cff8ca2996e518e3e69051f6d243e0e9b2be17f9ebfeb82ee2469fb39bdbb2768d25f19600002dc045421b94d878d0d9c2a5c74633b6cd8ae563734d4f1089a687a135308e517ac7bb2994ccc7e054d3f18cb770e4908dd3deaafaab51144c1e1b86b6291f5e73ff040000000000000000000000000000009a583b79ab00f71d85463c57c5bb1f1084e683b591fc2c8b8a38b7ee57afa01a"], 0x259)
r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)

[  538.344074][   T58] Bluetooth: hci7: Frame reassembly failed (-84)
[  538.459729][    C0] sd 0:0:1:0: [sg0] tag#7039 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s
[  538.470201][    C0] sd 0:0:1:0: [sg0] tag#7039 CDB: Test Unit Ready
[  538.476686][    C0] sd 0:0:1:0: [sg0] tag#7039 CDB[00]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  538.486271][    C0] sd 0:0:1:0: [sg0] tag#7039 CDB[10]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  538.495857][    C0] sd 0:0:1:0: [sg0] tag#7039 CDB[20]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  538.505471][    C0] sd 0:0:1:0: [sg0] tag#7039 CDB[30]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  538.515059][    C0] sd 0:0:1:0: [sg0] tag#7039 CDB[40]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  538.524639][    C0] sd 0:0:1:0: [sg0] tag#7039 CDB[50]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  538.534219][    C0] sd 0:0:1:0: [sg0] tag#7039 CDB[60]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  538.543807][    C0] sd 0:0:1:0: [sg0] tag#7039 CDB[70]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  538.553398][    C0] sd 0:0:1:0: [sg0] tag#7039 CDB[80]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  538.562984][    C0] sd 0:0:1:0: [sg0] tag#7039 CDB[90]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  538.572535][    C0] sd 0:0:1:0: [sg0] tag#7039 CDB[a0]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  538.582124][    C0] sd 0:0:1:0: [sg0] tag#7039 CDB[b0]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  538.591735][    C0] sd 0:0:1:0: [sg0] tag#7039 CDB[c0]: 00 00 00 00 00 00 00 00
[  539.722685][T10323] Bluetooth: hci6: command 0xfc11 tx timeout
[  539.722789][ T6858] Bluetooth: hci6: Entering manufacturer mode failed (-110)
21:00:47 executing program 1:
perf_event_open(&(0x7f0000000240)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x800, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(r0, &(0x7f0000002cc0), 0x1a3, 0x0)

21:00:47 executing program 0:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r1, 0x2007fff)
sendfile(r0, r0, 0x0, 0x8080fffffffe)
r2 = socket(0x2, 0x803, 0xff)
getsockopt$EBT_SO_GET_INIT_ENTRIES(0xffffffffffffffff, 0x0, 0x83, 0x0, 0x0)
connect$inet(r2, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r3 = dup(r2)
r4 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r3, r4, 0x0, 0x8000fffffffe)

21:00:47 executing program 4:
perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x800, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(r0, &(0x7f0000002cc0), 0x1a3, 0x0)

21:00:47 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x9)
dup2(0xffffffffffffffff, r0)
syz_usb_connect(0x0, 0x0, 0x0, 0x0)

21:00:47 executing program 5:
chmod(0x0, 0x0)
r0 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x5)
ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40042409, 0x1)
r2 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(r2, &(0x7f0000002cc0), 0x1a3, 0x0)
write$binfmt_misc(r1, &(0x7f0000000840)=ANY=[@ANYBLOB="5300000044a6aeabc81e1520000000000000000700fff64017db9820000000000000d423ffff633b27e59aa146175dd106736d173f0fc7ec6e26560000000049d23822c013286344c03948c6801d2c0945c08ba8c552fc99a7422007653872ecb4f63acdfe80819a277d9079cc4cb5e0ab17b299b81f2d274014ae40b81d030000d2fbea75e16af8ffffffffffffff0627ec60cb274e00da971f333396d74c92fad7e34bd5522400cc36c2442eac2d224609abe062060800000200000000000000000000f390d71cc6092cddd3b056f3fc65d61c2b3c65f2f80a61ea6e457ebc93a71b20e03b86d4e999bbb53a0e786b6d985f7f04533da93f7b0ee0ceb0e80600cff8ca2996e518e3e69051f6d243e0e9b2be17f9ebfeb82ee2469fb39bdbb2768d25f19600002dc045421b94d878d0d9c2a5c74633b6cd8ae563734d4f1089a687a135308e517ac7bb2994ccc7e054d3f18cb770e4908dd3deaafaab51144c1e1b86b6291f5e73ff040000000000000000000000000000009a583b79ab00f71d85463c57c5bb1f1084e683b591fc2c8b8a38b7ee57afa01a"], 0x259)
r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)

[  540.369473][    C0] sd 0:0:1:0: [sg0] tag#6976 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s
[  540.379939][    C0] sd 0:0:1:0: [sg0] tag#6976 CDB: Test Unit Ready
[  540.386448][    C0] sd 0:0:1:0: [sg0] tag#6976 CDB[00]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  540.396048][    C0] sd 0:0:1:0: [sg0] tag#6976 CDB[10]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  540.405654][    C0] sd 0:0:1:0: [sg0] tag#6976 CDB[20]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  540.415249][    C0] sd 0:0:1:0: [sg0] tag#6976 CDB[30]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  540.424839][    C0] sd 0:0:1:0: [sg0] tag#6976 CDB[40]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  540.434427][    C0] sd 0:0:1:0: [sg0] tag#6976 CDB[50]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  540.444022][    C0] sd 0:0:1:0: [sg0] tag#6976 CDB[60]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  540.453615][    C0] sd 0:0:1:0: [sg0] tag#6976 CDB[70]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
21:00:47 executing program 1:
perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x800, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(r0, &(0x7f0000002cc0), 0x1a3, 0x0)

[  540.463208][    C0] sd 0:0:1:0: [sg0] tag#6976 CDB[80]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  540.472795][    C0] sd 0:0:1:0: [sg0] tag#6976 CDB[90]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  540.482565][    C0] sd 0:0:1:0: [sg0] tag#6976 CDB[a0]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  540.492119][    C0] sd 0:0:1:0: [sg0] tag#6976 CDB[b0]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  540.501717][    C0] sd 0:0:1:0: [sg0] tag#6976 CDB[c0]: 00 00 00 00 00 00 00 00
[  540.528172][   T27] audit: type=1804 audit(1597266047.515:349): pid=16286 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/304/bus" dev="sda1" ino=16359 res=1 errno=0
[  540.778065][T10323] Bluetooth: hci7: command 0xfc11 tx timeout
[  540.784251][ T1546] Bluetooth: hci7: Entering manufacturer mode failed (-110)
21:00:47 executing program 5:
chmod(0x0, 0x0)
r0 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x5)
ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40042409, 0x1)
r2 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(r2, &(0x7f0000002cc0), 0x1a3, 0x0)
write$binfmt_misc(r1, &(0x7f0000000840)=ANY=[@ANYBLOB="5300000044a6aeabc81e1520000000000000000700fff64017db9820000000000000d423ffff633b27e59aa146175dd106736d173f0fc7ec6e26560000000049d23822c013286344c03948c6801d2c0945c08ba8c552fc99a7422007653872ecb4f63acdfe80819a277d9079cc4cb5e0ab17b299b81f2d274014ae40b81d030000d2fbea75e16af8ffffffffffffff0627ec60cb274e00da971f333396d74c92fad7e34bd5522400cc36c2442eac2d224609abe062060800000200000000000000000000f390d71cc6092cddd3b056f3fc65d61c2b3c65f2f80a61ea6e457ebc93a71b20e03b86d4e999bbb53a0e786b6d985f7f04533da93f7b0ee0ceb0e80600cff8ca2996e518e3e69051f6d243e0e9b2be17f9ebfeb82ee2469fb39bdbb2768d25f19600002dc045421b94d878d0d9c2a5c74633b6cd8ae563734d4f1089a687a135308e517ac7bb2994ccc7e054d3f18cb770e4908dd3deaafaab51144c1e1b86b6291f5e73ff040000000000000000000000000000009a583b79ab00f71d85463c57c5bb1f1084e683b591fc2c8b8a38b7ee57afa01a"], 0x259)
r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)

21:00:47 executing program 4:
perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x800, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(r0, &(0x7f0000002cc0), 0x1a3, 0x0)

[  541.118494][    C1] sd 0:0:1:0: [sg0] tag#7013 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s
[  541.128975][    C1] sd 0:0:1:0: [sg0] tag#7013 CDB: Test Unit Ready
[  541.135504][    C1] sd 0:0:1:0: [sg0] tag#7013 CDB[00]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  541.145244][    C1] sd 0:0:1:0: [sg0] tag#7013 CDB[10]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  541.154876][    C1] sd 0:0:1:0: [sg0] tag#7013 CDB[20]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  541.164606][    C1] sd 0:0:1:0: [sg0] tag#7013 CDB[30]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  541.174226][    C1] sd 0:0:1:0: [sg0] tag#7013 CDB[40]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  541.183841][    C1] sd 0:0:1:0: [sg0] tag#7013 CDB[50]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  541.193465][    C1] sd 0:0:1:0: [sg0] tag#7013 CDB[60]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  541.203078][    C1] sd 0:0:1:0: [sg0] tag#7013 CDB[70]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
21:00:48 executing program 0:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r1, 0x2007fff)
sendfile(r0, r0, 0x0, 0x8080fffffffe)
r2 = socket(0x2, 0x803, 0xff)
getsockopt$EBT_SO_GET_INIT_ENTRIES(0xffffffffffffffff, 0x0, 0x83, 0x0, 0x0)
connect$inet(r2, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r3 = dup(r2)
r4 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r3, r4, 0x0, 0x8000fffffffe)

[  541.212714][    C1] sd 0:0:1:0: [sg0] tag#7013 CDB[80]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  541.222281][    C1] sd 0:0:1:0: [sg0] tag#7013 CDB[90]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  541.231908][    C1] sd 0:0:1:0: [sg0] tag#7013 CDB[a0]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  541.241530][    C1] sd 0:0:1:0: [sg0] tag#7013 CDB[b0]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  541.251166][    C1] sd 0:0:1:0: [sg0] tag#7013 CDB[c0]: 00 00 00 00 00 00 00 00
21:00:48 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x9)
dup2(0xffffffffffffffff, r0)
syz_usb_connect(0x0, 0x0, 0x0, 0x0)

21:00:48 executing program 5:
chmod(0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000240)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x800, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x5)
ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40042409, 0x1)
r2 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(r2, &(0x7f0000002cc0), 0x1a3, 0x0)
write$binfmt_misc(r1, &(0x7f0000000840)=ANY=[@ANYBLOB="5300000044a6aeabc81e1520000000000000000700fff64017db9820000000000000d423ffff633b27e59aa146175dd106736d173f0fc7ec6e26560000000049d23822c013286344c03948c6801d2c0945c08ba8c552fc99a7422007653872ecb4f63acdfe80819a277d9079cc4cb5e0ab17b299b81f2d274014ae40b81d030000d2fbea75e16af8ffffffffffffff0627ec60cb274e00da971f333396d74c92fad7e34bd5522400cc36c2442eac2d224609abe062060800000200000000000000000000f390d71cc6092cddd3b056f3fc65d61c2b3c65f2f80a61ea6e457ebc93a71b20e03b86d4e999bbb53a0e786b6d985f7f04533da93f7b0ee0ceb0e80600cff8ca2996e518e3e69051f6d243e0e9b2be17f9ebfeb82ee2469fb39bdbb2768d25f19600002dc045421b94d878d0d9c2a5c74633b6cd8ae563734d4f1089a687a135308e517ac7bb2994ccc7e054d3f18cb770e4908dd3deaafaab51144c1e1b86b6291f5e73ff040000000000000000000000000000009a583b79ab00f71d85463c57c5bb1f1084e683b591fc2c8b8a38b7ee57afa01a"], 0x259)
r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)

21:00:48 executing program 4:
perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x800, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(r0, &(0x7f0000002cc0), 0x1a3, 0x0)

21:00:48 executing program 1:
perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x800, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(r0, &(0x7f0000002cc0), 0x1a3, 0x0)

21:00:48 executing program 3:
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r1, 0x400455c8, 0x9)
dup2(r0, r1)
syz_usb_connect(0x0, 0x0, 0x0, 0x0)

[  541.523062][    C1] sd 0:0:1:0: [sg0] tag#7014 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s
[  541.533533][    C1] sd 0:0:1:0: [sg0] tag#7014 CDB: Test Unit Ready
[  541.539972][    C1] sd 0:0:1:0: [sg0] tag#7014 CDB[00]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  541.549612][    C1] sd 0:0:1:0: [sg0] tag#7014 CDB[10]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  541.559251][    C1] sd 0:0:1:0: [sg0] tag#7014 CDB[20]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  541.568894][    C1] sd 0:0:1:0: [sg0] tag#7014 CDB[30]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  541.578517][    C1] sd 0:0:1:0: [sg0] tag#7014 CDB[40]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  541.588136][    C1] sd 0:0:1:0: [sg0] tag#7014 CDB[50]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  541.597754][    C1] sd 0:0:1:0: [sg0] tag#7014 CDB[60]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  541.607373][    C1] sd 0:0:1:0: [sg0] tag#7014 CDB[70]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  541.616991][    C1] sd 0:0:1:0: [sg0] tag#7014 CDB[80]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  541.626607][    C1] sd 0:0:1:0: [sg0] tag#7014 CDB[90]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  541.635251][   T21] Bluetooth: hci6: Frame reassembly failed (-84)
[  541.636203][    C1] sd 0:0:1:0: [sg0] tag#7014 CDB[a0]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  541.652064][    C1] sd 0:0:1:0: [sg0] tag#7014 CDB[b0]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  541.661694][    C1] sd 0:0:1:0: [sg0] tag#7014 CDB[c0]: 00 00 00 00 00 00 00 00
21:00:48 executing program 1:
perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x800, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(r0, &(0x7f0000002cc0), 0x1a3, 0x0)

[  541.705352][   T27] audit: type=1804 audit(1597266048.695:350): pid=16308 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/305/bus" dev="sda1" ino=16354 res=1 errno=0
[  541.789878][T15657] Bluetooth: hci7: sending frame failed (-49)
21:00:49 executing program 5:
chmod(0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000240)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x800, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x5)
ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40042409, 0x1)
r2 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(r2, &(0x7f0000002cc0), 0x1a3, 0x0)
write$binfmt_misc(r1, &(0x7f0000000840)=ANY=[@ANYBLOB="5300000044a6aeabc81e1520000000000000000700fff64017db9820000000000000d423ffff633b27e59aa146175dd106736d173f0fc7ec6e26560000000049d23822c013286344c03948c6801d2c0945c08ba8c552fc99a7422007653872ecb4f63acdfe80819a277d9079cc4cb5e0ab17b299b81f2d274014ae40b81d030000d2fbea75e16af8ffffffffffffff0627ec60cb274e00da971f333396d74c92fad7e34bd5522400cc36c2442eac2d224609abe062060800000200000000000000000000f390d71cc6092cddd3b056f3fc65d61c2b3c65f2f80a61ea6e457ebc93a71b20e03b86d4e999bbb53a0e786b6d985f7f04533da93f7b0ee0ceb0e80600cff8ca2996e518e3e69051f6d243e0e9b2be17f9ebfeb82ee2469fb39bdbb2768d25f19600002dc045421b94d878d0d9c2a5c74633b6cd8ae563734d4f1089a687a135308e517ac7bb2994ccc7e054d3f18cb770e4908dd3deaafaab51144c1e1b86b6291f5e73ff040000000000000000000000000000009a583b79ab00f71d85463c57c5bb1f1084e683b591fc2c8b8a38b7ee57afa01a"], 0x259)
r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)

21:00:49 executing program 4:
perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(r0, &(0x7f0000002cc0), 0x1a3, 0x0)

21:00:49 executing program 1:
perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x800, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(r0, &(0x7f0000002cc0), 0x1a3, 0x0)

[  542.233427][    C0] sd 0:0:1:0: [sg0] tag#7007 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s
[  542.243904][    C0] sd 0:0:1:0: [sg0] tag#7007 CDB: Test Unit Ready
[  542.250343][    C0] sd 0:0:1:0: [sg0] tag#7007 CDB[00]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  542.259968][    C0] sd 0:0:1:0: [sg0] tag#7007 CDB[10]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  542.269590][    C0] sd 0:0:1:0: [sg0] tag#7007 CDB[20]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  542.279216][    C0] sd 0:0:1:0: [sg0] tag#7007 CDB[30]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  542.288838][    C0] sd 0:0:1:0: [sg0] tag#7007 CDB[40]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  542.298463][    C0] sd 0:0:1:0: [sg0] tag#7007 CDB[50]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  542.308078][    C0] sd 0:0:1:0: [sg0] tag#7007 CDB[60]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  542.317707][    C0] sd 0:0:1:0: [sg0] tag#7007 CDB[70]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
21:00:49 executing program 5:
chmod(0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000240)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x800, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x5)
ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40042409, 0x1)
r2 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(r2, &(0x7f0000002cc0), 0x1a3, 0x0)
write$binfmt_misc(r1, &(0x7f0000000840)=ANY=[@ANYBLOB="5300000044a6aeabc81e1520000000000000000700fff64017db9820000000000000d423ffff633b27e59aa146175dd106736d173f0fc7ec6e26560000000049d23822c013286344c03948c6801d2c0945c08ba8c552fc99a7422007653872ecb4f63acdfe80819a277d9079cc4cb5e0ab17b299b81f2d274014ae40b81d030000d2fbea75e16af8ffffffffffffff0627ec60cb274e00da971f333396d74c92fad7e34bd5522400cc36c2442eac2d224609abe062060800000200000000000000000000f390d71cc6092cddd3b056f3fc65d61c2b3c65f2f80a61ea6e457ebc93a71b20e03b86d4e999bbb53a0e786b6d985f7f04533da93f7b0ee0ceb0e80600cff8ca2996e518e3e69051f6d243e0e9b2be17f9ebfeb82ee2469fb39bdbb2768d25f19600002dc045421b94d878d0d9c2a5c74633b6cd8ae563734d4f1089a687a135308e517ac7bb2994ccc7e054d3f18cb770e4908dd3deaafaab51144c1e1b86b6291f5e73ff040000000000000000000000000000009a583b79ab00f71d85463c57c5bb1f1084e683b591fc2c8b8a38b7ee57afa01a"], 0x259)
r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)

[  542.327329][    C0] sd 0:0:1:0: [sg0] tag#7007 CDB[80]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  542.336949][    C0] sd 0:0:1:0: [sg0] tag#7007 CDB[90]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  542.346568][    C0] sd 0:0:1:0: [sg0] tag#7007 CDB[a0]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  542.356184][    C0] sd 0:0:1:0: [sg0] tag#7007 CDB[b0]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  542.365791][    C0] sd 0:0:1:0: [sg0] tag#7007 CDB[c0]: 00 00 00 00 00 00 00 00
21:00:49 executing program 0:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r1, 0x2007fff)
sendfile(r0, r0, 0x0, 0x8080fffffffe)
r2 = socket(0x2, 0x803, 0xff)
getsockopt$EBT_SO_GET_INIT_ENTRIES(0xffffffffffffffff, 0x0, 0x83, 0x0, 0x0)
connect$inet(r2, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r3 = dup(r2)
r4 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r3, r4, 0x0, 0x8000fffffffe)

21:00:49 executing program 1:
perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x800, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(r0, &(0x7f0000002cc0), 0x1a3, 0x0)

[  542.622235][    C0] sd 0:0:1:0: [sg0] tag#6980 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s
[  542.632739][    C0] sd 0:0:1:0: [sg0] tag#6980 CDB: Test Unit Ready
[  542.639173][    C0] sd 0:0:1:0: [sg0] tag#6980 CDB[00]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  542.648792][    C0] sd 0:0:1:0: [sg0] tag#6980 CDB[10]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  542.658409][    C0] sd 0:0:1:0: [sg0] tag#6980 CDB[20]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  542.668039][    C0] sd 0:0:1:0: [sg0] tag#6980 CDB[30]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  542.677659][    C0] sd 0:0:1:0: [sg0] tag#6980 CDB[40]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  542.687289][    C0] sd 0:0:1:0: [sg0] tag#6980 CDB[50]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  542.697519][    C0] sd 0:0:1:0: [sg0] tag#6980 CDB[60]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  542.707136][    C0] sd 0:0:1:0: [sg0] tag#6980 CDB[70]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  542.716763][    C0] sd 0:0:1:0: [sg0] tag#6980 CDB[80]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  542.726370][    C0] sd 0:0:1:0: [sg0] tag#6980 CDB[90]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  542.735977][    C0] sd 0:0:1:0: [sg0] tag#6980 CDB[a0]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  542.745590][    C0] sd 0:0:1:0: [sg0] tag#6980 CDB[b0]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  542.755203][    C0] sd 0:0:1:0: [sg0] tag#6980 CDB[c0]: 00 00 00 00 00 00 00 00
[  542.846140][   T27] audit: type=1804 audit(1597266049.835:351): pid=16336 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/306/bus" dev="sda1" ino=16377 res=1 errno=0
[  543.572356][ T1546] Bluetooth: hci6: Entering manufacturer mode failed (-110)
[  543.802349][ T7291] Bluetooth: hci7: command 0xfc11 tx timeout
[  543.808157][ T6858] Bluetooth: hci7: Entering manufacturer mode failed (-110)
21:00:51 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x9)
dup2(0xffffffffffffffff, r0)
syz_usb_connect(0x0, 0x0, 0x0, 0x0)

21:00:51 executing program 4:
perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(r0, &(0x7f0000002cc0), 0x1a3, 0x0)

21:00:51 executing program 5:
chmod(0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x800, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x5)
ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40042409, 0x1)
r2 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(r2, &(0x7f0000002cc0), 0x1a3, 0x0)
write$binfmt_misc(r1, &(0x7f0000000840)=ANY=[@ANYBLOB="5300000044a6aeabc81e1520000000000000000700fff64017db9820000000000000d423ffff633b27e59aa146175dd106736d173f0fc7ec6e26560000000049d23822c013286344c03948c6801d2c0945c08ba8c552fc99a7422007653872ecb4f63acdfe80819a277d9079cc4cb5e0ab17b299b81f2d274014ae40b81d030000d2fbea75e16af8ffffffffffffff0627ec60cb274e00da971f333396d74c92fad7e34bd5522400cc36c2442eac2d224609abe062060800000200000000000000000000f390d71cc6092cddd3b056f3fc65d61c2b3c65f2f80a61ea6e457ebc93a71b20e03b86d4e999bbb53a0e786b6d985f7f04533da93f7b0ee0ceb0e80600cff8ca2996e518e3e69051f6d243e0e9b2be17f9ebfeb82ee2469fb39bdbb2768d25f19600002dc045421b94d878d0d9c2a5c74633b6cd8ae563734d4f1089a687a135308e517ac7bb2994ccc7e054d3f18cb770e4908dd3deaafaab51144c1e1b86b6291f5e73ff040000000000000000000000000000009a583b79ab00f71d85463c57c5bb1f1084e683b591fc2c8b8a38b7ee57afa01a"], 0x259)
r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)

21:00:51 executing program 1:
perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x800, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(r0, &(0x7f0000002cc0), 0x1a3, 0x0)

[  544.239155][   T21] Bluetooth: hci6: Frame reassembly failed (-84)
[  544.248469][    C0] sd 0:0:1:0: [sg0] tag#6998 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s
[  544.258931][    C0] sd 0:0:1:0: [sg0] tag#6998 CDB: Test Unit Ready
[  544.265427][    C0] sd 0:0:1:0: [sg0] tag#6998 CDB[00]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  544.275015][    C0] sd 0:0:1:0: [sg0] tag#6998 CDB[10]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  544.284607][    C0] sd 0:0:1:0: [sg0] tag#6998 CDB[20]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  544.294199][    C0] sd 0:0:1:0: [sg0] tag#6998 CDB[30]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  544.303788][    C0] sd 0:0:1:0: [sg0] tag#6998 CDB[40]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  544.313364][    C0] sd 0:0:1:0: [sg0] tag#6998 CDB[50]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  544.322989][    C0] sd 0:0:1:0: [sg0] tag#6998 CDB[60]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
21:00:51 executing program 3:
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r1, 0x400455c8, 0x9)
dup2(r0, r1)
syz_usb_connect(0x0, 0x0, 0x0, 0x0)

21:00:51 executing program 0:
r0 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r1, 0x2007fff)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x8080fffffffe)
r2 = socket(0x2, 0x803, 0xff)
getsockopt$EBT_SO_GET_INIT_ENTRIES(0xffffffffffffffff, 0x0, 0x83, 0x0, 0x0)
connect$inet(r2, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r3 = dup(r2)
r4 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r3, r4, 0x0, 0x8000fffffffe)

21:00:51 executing program 1:
perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x800, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(r0, &(0x7f0000002cc0), 0x1a3, 0x0)

[  544.332563][    C0] sd 0:0:1:0: [sg0] tag#6998 CDB[70]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  544.342162][    C0] sd 0:0:1:0: [sg0] tag#6998 CDB[80]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  544.351734][    C0] sd 0:0:1:0: [sg0] tag#6998 CDB[90]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  544.361311][    C0] sd 0:0:1:0: [sg0] tag#6998 CDB[a0]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  544.370913][    C0] sd 0:0:1:0: [sg0] tag#6998 CDB[b0]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  544.380526][    C0] sd 0:0:1:0: [sg0] tag#6998 CDB[c0]: 00 00 00 00 00 00 00 00
21:00:51 executing program 5:
chmod(0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x800, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x5)
ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40042409, 0x1)
r2 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(r2, &(0x7f0000002cc0), 0x1a3, 0x0)
write$binfmt_misc(r1, &(0x7f0000000840)=ANY=[@ANYBLOB="5300000044a6aeabc81e1520000000000000000700fff64017db9820000000000000d423ffff633b27e59aa146175dd106736d173f0fc7ec6e26560000000049d23822c013286344c03948c6801d2c0945c08ba8c552fc99a7422007653872ecb4f63acdfe80819a277d9079cc4cb5e0ab17b299b81f2d274014ae40b81d030000d2fbea75e16af8ffffffffffffff0627ec60cb274e00da971f333396d74c92fad7e34bd5522400cc36c2442eac2d224609abe062060800000200000000000000000000f390d71cc6092cddd3b056f3fc65d61c2b3c65f2f80a61ea6e457ebc93a71b20e03b86d4e999bbb53a0e786b6d985f7f04533da93f7b0ee0ceb0e80600cff8ca2996e518e3e69051f6d243e0e9b2be17f9ebfeb82ee2469fb39bdbb2768d25f19600002dc045421b94d878d0d9c2a5c74633b6cd8ae563734d4f1089a687a135308e517ac7bb2994ccc7e054d3f18cb770e4908dd3deaafaab51144c1e1b86b6291f5e73ff040000000000000000000000000000009a583b79ab00f71d85463c57c5bb1f1084e683b591fc2c8b8a38b7ee57afa01a"], 0x259)
r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)

[  544.492006][   T27] audit: type=1804 audit(1597266051.475:352): pid=16358 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/307/bus" dev="sda1" ino=16372 res=1 errno=0
21:00:51 executing program 4:
perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(r0, &(0x7f0000002cc0), 0x1a3, 0x0)

21:00:51 executing program 5:
chmod(0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x800, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x5)
ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40042409, 0x1)
r2 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(r2, &(0x7f0000002cc0), 0x1a3, 0x0)
write$binfmt_misc(r1, &(0x7f0000000840)=ANY=[@ANYBLOB="5300000044a6aeabc81e1520000000000000000700fff64017db9820000000000000d423ffff633b27e59aa146175dd106736d173f0fc7ec6e26560000000049d23822c013286344c03948c6801d2c0945c08ba8c552fc99a7422007653872ecb4f63acdfe80819a277d9079cc4cb5e0ab17b299b81f2d274014ae40b81d030000d2fbea75e16af8ffffffffffffff0627ec60cb274e00da971f333396d74c92fad7e34bd5522400cc36c2442eac2d224609abe062060800000200000000000000000000f390d71cc6092cddd3b056f3fc65d61c2b3c65f2f80a61ea6e457ebc93a71b20e03b86d4e999bbb53a0e786b6d985f7f04533da93f7b0ee0ceb0e80600cff8ca2996e518e3e69051f6d243e0e9b2be17f9ebfeb82ee2469fb39bdbb2768d25f19600002dc045421b94d878d0d9c2a5c74633b6cd8ae563734d4f1089a687a135308e517ac7bb2994ccc7e054d3f18cb770e4908dd3deaafaab51144c1e1b86b6291f5e73ff040000000000000000000000000000009a583b79ab00f71d85463c57c5bb1f1084e683b591fc2c8b8a38b7ee57afa01a"], 0x259)
r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)

21:00:51 executing program 1:
perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(r0, &(0x7f0000002cc0), 0x1a3, 0x0)

[  544.910182][    C0] sd 0:0:1:0: [sg0] tag#6999 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s
[  544.920624][    C0] sd 0:0:1:0: [sg0] tag#6999 CDB: Test Unit Ready
[  544.927138][    C0] sd 0:0:1:0: [sg0] tag#6999 CDB[00]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  544.936759][    C0] sd 0:0:1:0: [sg0] tag#6999 CDB[10]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  544.946386][    C0] sd 0:0:1:0: [sg0] tag#6999 CDB[20]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  544.956003][    C0] sd 0:0:1:0: [sg0] tag#6999 CDB[30]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  544.965610][    C0] sd 0:0:1:0: [sg0] tag#6999 CDB[40]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  544.975221][    C0] sd 0:0:1:0: [sg0] tag#6999 CDB[50]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  544.984829][    C0] sd 0:0:1:0: [sg0] tag#6999 CDB[60]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  544.994440][    C0] sd 0:0:1:0: [sg0] tag#6999 CDB[70]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  545.004051][    C0] sd 0:0:1:0: [sg0] tag#6999 CDB[80]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  545.013668][    C0] sd 0:0:1:0: [sg0] tag#6999 CDB[90]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  545.023276][    C0] sd 0:0:1:0: [sg0] tag#6999 CDB[a0]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  545.032893][    C0] sd 0:0:1:0: [sg0] tag#6999 CDB[b0]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  545.042504][    C0] sd 0:0:1:0: [sg0] tag#6999 CDB[c0]: 00 00 00 00 00 00 00 00
[  545.054443][    C0] sd 0:0:1:0: [sg0] tag#7000 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s
[  545.064900][    C0] sd 0:0:1:0: [sg0] tag#7000 CDB: Test Unit Ready
[  545.071339][    C0] sd 0:0:1:0: [sg0] tag#7000 CDB[00]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  545.080951][    C0] sd 0:0:1:0: [sg0] tag#7000 CDB[10]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  545.090567][    C0] sd 0:0:1:0: [sg0] tag#7000 CDB[20]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  545.100208][    C0] sd 0:0:1:0: [sg0] tag#7000 CDB[30]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  545.109824][    C0] sd 0:0:1:0: [sg0] tag#7000 CDB[40]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  545.119435][    C0] sd 0:0:1:0: [sg0] tag#7000 CDB[50]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  545.129063][    C0] sd 0:0:1:0: [sg0] tag#7000 CDB[60]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  545.138681][    C0] sd 0:0:1:0: [sg0] tag#7000 CDB[70]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  545.148296][    C0] sd 0:0:1:0: [sg0] tag#7000 CDB[80]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
21:00:52 executing program 1:
perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(r0, &(0x7f0000002cc0), 0x1a3, 0x0)

[  545.157911][    C0] sd 0:0:1:0: [sg0] tag#7000 CDB[90]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  545.167532][    C0] sd 0:0:1:0: [sg0] tag#7000 CDB[a0]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  545.177150][    C0] sd 0:0:1:0: [sg0] tag#7000 CDB[b0]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  545.186764][    C0] sd 0:0:1:0: [sg0] tag#7000 CDB[c0]: 00 00 00 00 00 00 00 00
[  546.282410][ T6858] Bluetooth: hci6: Entering manufacturer mode failed (-110)
[  546.290714][ T8130] Bluetooth: hci6: command tx timeout
[  546.602054][T10323] Bluetooth: hci7: command 0xfc11 tx timeout
[  546.602117][ T1546] Bluetooth: hci7: Entering manufacturer mode failed (-110)
21:00:53 executing program 2:
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r1, 0x400455c8, 0x9)
dup2(r0, r1)
syz_usb_connect(0x0, 0x0, 0x0, 0x0)

21:00:53 executing program 5:
chmod(0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x800, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x5)
ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40042409, 0x1)
r2 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(r2, &(0x7f0000002cc0), 0x1a3, 0x0)
write$binfmt_misc(r1, &(0x7f0000000840)=ANY=[@ANYBLOB="5300000044a6aeabc81e1520000000000000000700fff64017db9820000000000000d423ffff633b27e59aa146175dd106736d173f0fc7ec6e26560000000049d23822c013286344c03948c6801d2c0945c08ba8c552fc99a7422007653872ecb4f63acdfe80819a277d9079cc4cb5e0ab17b299b81f2d274014ae40b81d030000d2fbea75e16af8ffffffffffffff0627ec60cb274e00da971f333396d74c92fad7e34bd5522400cc36c2442eac2d224609abe062060800000200000000000000000000f390d71cc6092cddd3b056f3fc65d61c2b3c65f2f80a61ea6e457ebc93a71b20e03b86d4e999bbb53a0e786b6d985f7f04533da93f7b0ee0ceb0e80600cff8ca2996e518e3e69051f6d243e0e9b2be17f9ebfeb82ee2469fb39bdbb2768d25f19600002dc045421b94d878d0d9c2a5c74633b6cd8ae563734d4f1089a687a135308e517ac7bb2994ccc7e054d3f18cb770e4908dd3deaafaab51144c1e1b86b6291f5e73ff040000000000000000000000000000009a583b79ab00f71d85463c57c5bb1f1084e683b591fc2c8b8a38b7ee57afa01a"], 0x259)
r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)

21:00:53 executing program 4:
perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x0, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(r0, &(0x7f0000002cc0), 0x1a3, 0x0)

21:00:53 executing program 0:
r0 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r1, 0x2007fff)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x8080fffffffe)
r2 = socket(0x2, 0x803, 0xff)
getsockopt$EBT_SO_GET_INIT_ENTRIES(0xffffffffffffffff, 0x0, 0x83, 0x0, 0x0)
connect$inet(r2, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r3 = dup(r2)
r4 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r3, r4, 0x0, 0x8000fffffffe)

[  546.859760][   T27] audit: type=1804 audit(1597266053.846:353): pid=16389 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/308/bus" dev="sda1" ino=16380 res=1 errno=0
[  546.962672][    C0] sd 0:0:1:0: [sg0] tag#7001 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s
[  546.973145][    C0] sd 0:0:1:0: [sg0] tag#7001 CDB: Test Unit Ready
[  546.979586][    C0] sd 0:0:1:0: [sg0] tag#7001 CDB[00]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  546.989227][    C0] sd 0:0:1:0: [sg0] tag#7001 CDB[10]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  546.998859][    C0] sd 0:0:1:0: [sg0] tag#7001 CDB[20]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  547.008469][    C0] sd 0:0:1:0: [sg0] tag#7001 CDB[30]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  547.018090][    C0] sd 0:0:1:0: [sg0] tag#7001 CDB[40]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  547.027762][    C0] sd 0:0:1:0: [sg0] tag#7001 CDB[50]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  547.037380][    C0] sd 0:0:1:0: [sg0] tag#7001 CDB[60]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  547.047009][    C0] sd 0:0:1:0: [sg0] tag#7001 CDB[70]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  547.056617][    C0] sd 0:0:1:0: [sg0] tag#7001 CDB[80]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  547.066321][    C0] sd 0:0:1:0: [sg0] tag#7001 CDB[90]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  547.075941][    C0] sd 0:0:1:0: [sg0] tag#7001 CDB[a0]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  547.085555][    C0] sd 0:0:1:0: [sg0] tag#7001 CDB[b0]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  547.095170][    C0] sd 0:0:1:0: [sg0] tag#7001 CDB[c0]: 00 00 00 00 00 00 00 00
21:00:54 executing program 3:
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r1, 0x400455c8, 0x9)
dup2(r0, r1)
syz_usb_connect(0x0, 0x0, 0x0, 0x0)

21:00:54 executing program 1:
perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(r0, &(0x7f0000002cc0), 0x1a3, 0x0)

21:00:54 executing program 4:
perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x0, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(r0, &(0x7f0000002cc0), 0x1a3, 0x0)

21:00:54 executing program 5:
chmod(0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x800, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x5)
ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40042409, 0x1)
r2 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(r2, &(0x7f0000002cc0), 0x1a3, 0x0)
write$binfmt_misc(r1, &(0x7f0000000840)=ANY=[@ANYBLOB="5300000044a6aeabc81e1520000000000000000700fff64017db9820000000000000d423ffff633b27e59aa146175dd106736d173f0fc7ec6e26560000000049d23822c013286344c03948c6801d2c0945c08ba8c552fc99a7422007653872ecb4f63acdfe80819a277d9079cc4cb5e0ab17b299b81f2d274014ae40b81d030000d2fbea75e16af8ffffffffffffff0627ec60cb274e00da971f333396d74c92fad7e34bd5522400cc36c2442eac2d224609abe062060800000200000000000000000000f390d71cc6092cddd3b056f3fc65d61c2b3c65f2f80a61ea6e457ebc93a71b20e03b86d4e999bbb53a0e786b6d985f7f04533da93f7b0ee0ceb0e80600cff8ca2996e518e3e69051f6d243e0e9b2be17f9ebfeb82ee2469fb39bdbb2768d25f19600002dc045421b94d878d0d9c2a5c74633b6cd8ae563734d4f1089a687a135308e517ac7bb2994ccc7e054d3f18cb770e4908dd3deaafaab51144c1e1b86b6291f5e73ff040000000000000000000000000000009a583b79ab00f71d85463c57c5bb1f1084e683b591fc2c8b8a38b7ee57afa01a"], 0x259)
r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)

[  547.470996][    C1] sd 0:0:1:0: [sg0] tag#7002 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s
[  547.481505][    C1] sd 0:0:1:0: [sg0] tag#7002 CDB: Test Unit Ready
[  547.488026][    C1] sd 0:0:1:0: [sg0] tag#7002 CDB[00]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  547.497639][    C1] sd 0:0:1:0: [sg0] tag#7002 CDB[10]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  547.507272][    C1] sd 0:0:1:0: [sg0] tag#7002 CDB[20]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  547.516887][    C1] sd 0:0:1:0: [sg0] tag#7002 CDB[30]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  547.526513][    C1] sd 0:0:1:0: [sg0] tag#7002 CDB[40]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  547.536119][    C1] sd 0:0:1:0: [sg0] tag#7002 CDB[50]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  547.545728][    C1] sd 0:0:1:0: [sg0] tag#7002 CDB[60]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  547.555371][    C1] sd 0:0:1:0: [sg0] tag#7002 CDB[70]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
21:00:54 executing program 4:
perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x0, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(r0, &(0x7f0000002cc0), 0x1a3, 0x0)

[  547.564984][    C1] sd 0:0:1:0: [sg0] tag#7002 CDB[80]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  547.574595][    C1] sd 0:0:1:0: [sg0] tag#7002 CDB[90]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  547.584203][    C1] sd 0:0:1:0: [sg0] tag#7002 CDB[a0]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  547.593816][    C1] sd 0:0:1:0: [sg0] tag#7002 CDB[b0]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  547.603432][    C1] sd 0:0:1:0: [sg0] tag#7002 CDB[c0]: 00 00 00 00 00 00 00 00
21:00:54 executing program 4:
perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(r0, &(0x7f0000002cc0), 0x1a3, 0x0)

21:00:54 executing program 1:
perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(r0, &(0x7f0000002cc0), 0x1a3, 0x0)

21:00:54 executing program 0:
r0 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r1, 0x2007fff)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x8080fffffffe)
r2 = socket(0x2, 0x803, 0xff)
getsockopt$EBT_SO_GET_INIT_ENTRIES(0xffffffffffffffff, 0x0, 0x83, 0x0, 0x0)
connect$inet(r2, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r3 = dup(r2)
r4 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r3, r4, 0x0, 0x8000fffffffe)

[  547.907789][   T27] audit: type=1804 audit(1597266054.896:354): pid=16427 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/309/bus" dev="sda1" ino=16372 res=1 errno=0
[  549.002036][ T8237] Bluetooth: hci6: command 0xfc11 tx timeout
[  549.002713][ T1546] Bluetooth: hci6: Entering manufacturer mode failed (-110)
21:00:56 executing program 2:
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r1, 0x400455c8, 0x9)
dup2(r0, r1)
syz_usb_connect(0x0, 0x0, 0x0, 0x0)

21:00:56 executing program 5:
chmod(0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x800, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x5)
ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40042409, 0x1)
r2 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(r2, &(0x7f0000002cc0), 0x1a3, 0x0)
write$binfmt_misc(r1, &(0x7f0000000840)=ANY=[@ANYBLOB="5300000044a6aeabc81e1520000000000000000700fff64017db9820000000000000d423ffff633b27e59aa146175dd106736d173f0fc7ec6e26560000000049d23822c013286344c03948c6801d2c0945c08ba8c552fc99a7422007653872ecb4f63acdfe80819a277d9079cc4cb5e0ab17b299b81f2d274014ae40b81d030000d2fbea75e16af8ffffffffffffff0627ec60cb274e00da971f333396d74c92fad7e34bd5522400cc36c2442eac2d224609abe062060800000200000000000000000000f390d71cc6092cddd3b056f3fc65d61c2b3c65f2f80a61ea6e457ebc93a71b20e03b86d4e999bbb53a0e786b6d985f7f04533da93f7b0ee0ceb0e80600cff8ca2996e518e3e69051f6d243e0e9b2be17f9ebfeb82ee2469fb39bdbb2768d25f19600002dc045421b94d878d0d9c2a5c74633b6cd8ae563734d4f1089a687a135308e517ac7bb2994ccc7e054d3f18cb770e4908dd3deaafaab51144c1e1b86b6291f5e73ff040000000000000000000000000000009a583b79ab00f71d85463c57c5bb1f1084e683b591fc2c8b8a38b7ee57afa01a"], 0x259)
r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)

21:00:56 executing program 4:
perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(r0, &(0x7f0000002cc0), 0x1a3, 0x0)

21:00:56 executing program 1:
perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(r0, &(0x7f0000002cc0), 0x1a3, 0x0)

[  549.481650][ T6858] Bluetooth: hci7: Entering manufacturer mode failed (-110)
[  549.598442][   T21] Bluetooth: hci6: Frame reassembly failed (-84)
[  549.648863][    C0] sd 0:0:1:0: [sg0] tag#7008 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s
[  549.659336][    C0] sd 0:0:1:0: [sg0] tag#7008 CDB: Test Unit Ready
[  549.665831][    C0] sd 0:0:1:0: [sg0] tag#7008 CDB[00]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  549.675440][    C0] sd 0:0:1:0: [sg0] tag#7008 CDB[10]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  549.685064][    C0] sd 0:0:1:0: [sg0] tag#7008 CDB[20]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  549.694710][    C0] sd 0:0:1:0: [sg0] tag#7008 CDB[30]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  549.704326][    C0] sd 0:0:1:0: [sg0] tag#7008 CDB[40]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  549.713946][    C0] sd 0:0:1:0: [sg0] tag#7008 CDB[50]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  549.723561][    C0] sd 0:0:1:0: [sg0] tag#7008 CDB[60]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  549.733173][    C0] sd 0:0:1:0: [sg0] tag#7008 CDB[70]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  549.742786][    C0] sd 0:0:1:0: [sg0] tag#7008 CDB[80]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  549.752400][    C0] sd 0:0:1:0: [sg0] tag#7008 CDB[90]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  549.762016][    C0] sd 0:0:1:0: [sg0] tag#7008 CDB[a0]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  549.771610][    C0] sd 0:0:1:0: [sg0] tag#7008 CDB[b0]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  549.781170][    C0] sd 0:0:1:0: [sg0] tag#7008 CDB[c0]: 00 00 00 00 00 00 00 00
21:00:57 executing program 3:
socketpair$unix(0x1, 0x1, 0x0, 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x9)
dup2(0xffffffffffffffff, r0)
syz_usb_connect(0x0, 0x0, 0x0, 0x0)

21:00:57 executing program 0:
r0 = open(0x0, 0x1031fe, 0x0)
r1 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r2, 0x2007fff)
sendfile(r0, r0, 0x0, 0x8080fffffffe)
r3 = socket(0x2, 0x803, 0xff)
getsockopt$EBT_SO_GET_INIT_ENTRIES(0xffffffffffffffff, 0x0, 0x83, 0x0, 0x0)
connect$inet(r3, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r4 = dup(r3)
r5 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x8000fffffffe)

21:00:57 executing program 4:
perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(r0, &(0x7f0000002cc0), 0x1a3, 0x0)

21:00:57 executing program 5:
chmod(0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x800, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x5)
ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40042409, 0x1)
r2 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(r2, &(0x7f0000002cc0), 0x1a3, 0x0)
write$binfmt_misc(r1, &(0x7f0000000840)=ANY=[@ANYBLOB="5300000044a6aeabc81e1520000000000000000700fff64017db9820000000000000d423ffff633b27e59aa146175dd106736d173f0fc7ec6e26560000000049d23822c013286344c03948c6801d2c0945c08ba8c552fc99a7422007653872ecb4f63acdfe80819a277d9079cc4cb5e0ab17b299b81f2d274014ae40b81d030000d2fbea75e16af8ffffffffffffff0627ec60cb274e00da971f333396d74c92fad7e34bd5522400cc36c2442eac2d224609abe062060800000200000000000000000000f390d71cc6092cddd3b056f3fc65d61c2b3c65f2f80a61ea6e457ebc93a71b20e03b86d4e999bbb53a0e786b6d985f7f04533da93f7b0ee0ceb0e80600cff8ca2996e518e3e69051f6d243e0e9b2be17f9ebfeb82ee2469fb39bdbb2768d25f19600002dc045421b94d878d0d9c2a5c74633b6cd8ae563734d4f1089a687a135308e517ac7bb2994ccc7e054d3f18cb770e4908dd3deaafaab51144c1e1b86b6291f5e73ff040000000000000000000000000000009a583b79ab00f71d85463c57c5bb1f1084e683b591fc2c8b8a38b7ee57afa01a"], 0x259)
r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)

21:00:57 executing program 1:
perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x0, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(r0, &(0x7f0000002cc0), 0x1a3, 0x0)

[  550.169951][    C1] sd 0:0:1:0: [sg0] tag#7009 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s
[  550.180425][    C1] sd 0:0:1:0: [sg0] tag#7009 CDB: Test Unit Ready
[  550.183233][   T27] audit: type=1804 audit(1597266057.166:355): pid=16453 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/310/bus" dev="sda1" ino=16359 res=1 errno=0
[  550.186914][    C1] sd 0:0:1:0: [sg0] tag#7009 CDB[00]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  550.220124][    C1] sd 0:0:1:0: [sg0] tag#7009 CDB[10]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  550.229736][    C1] sd 0:0:1:0: [sg0] tag#7009 CDB[20]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  550.239350][    C1] sd 0:0:1:0: [sg0] tag#7009 CDB[30]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  550.248959][    C1] sd 0:0:1:0: [sg0] tag#7009 CDB[40]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  550.258570][    C1] sd 0:0:1:0: [sg0] tag#7009 CDB[50]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
21:00:57 executing program 4:
perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r0, 0x0, 0x0)
sendmmsg(r0, &(0x7f0000002cc0), 0x1a3, 0x0)

[  550.268180][    C1] sd 0:0:1:0: [sg0] tag#7009 CDB[60]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  550.277795][    C1] sd 0:0:1:0: [sg0] tag#7009 CDB[70]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  550.287410][    C1] sd 0:0:1:0: [sg0] tag#7009 CDB[80]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  550.297023][    C1] sd 0:0:1:0: [sg0] tag#7009 CDB[90]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  550.306646][    C1] sd 0:0:1:0: [sg0] tag#7009 CDB[a0]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
21:00:57 executing program 4:
perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r0, 0x0, 0x0)
sendmmsg(r0, &(0x7f0000002cc0), 0x1a3, 0x0)

21:00:57 executing program 1:
perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x0, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(r0, &(0x7f0000002cc0), 0x1a3, 0x0)

[  550.316261][    C1] sd 0:0:1:0: [sg0] tag#7009 CDB[b0]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  550.325901][    C1] sd 0:0:1:0: [sg0] tag#7009 CDB[c0]: 00 00 00 00 00 00 00 00
[  550.419636][  T198] Bluetooth: hci7: Frame reassembly failed (-84)
[  551.641448][ T2545] Bluetooth: hci6: command 0xfc11 tx timeout
[  551.641468][ T6858] Bluetooth: hci6: Entering manufacturer mode failed (-110)
21:00:59 executing program 1:
perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x0, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(r0, &(0x7f0000002cc0), 0x1a3, 0x0)

21:00:59 executing program 4:
perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r0, 0x0, 0x0)
sendmmsg(r0, &(0x7f0000002cc0), 0x1a3, 0x0)

21:00:59 executing program 5:
chmod(0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x800, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x5)
ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40042409, 0x1)
r2 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(r2, &(0x7f0000002cc0), 0x1a3, 0x0)
write$binfmt_misc(r1, &(0x7f0000000840)=ANY=[@ANYBLOB="5300000044a6aeabc81e1520000000000000000700fff64017db9820000000000000d423ffff633b27e59aa146175dd106736d173f0fc7ec6e26560000000049d23822c013286344c03948c6801d2c0945c08ba8c552fc99a7422007653872ecb4f63acdfe80819a277d9079cc4cb5e0ab17b299b81f2d274014ae40b81d030000d2fbea75e16af8ffffffffffffff0627ec60cb274e00da971f333396d74c92fad7e34bd5522400cc36c2442eac2d224609abe062060800000200000000000000000000f390d71cc6092cddd3b056f3fc65d61c2b3c65f2f80a61ea6e457ebc93a71b20e03b86d4e999bbb53a0e786b6d985f7f04533da93f7b0ee0ceb0e80600cff8ca2996e518e3e69051f6d243e0e9b2be17f9ebfeb82ee2469fb39bdbb2768d25f19600002dc045421b94d878d0d9c2a5c74633b6cd8ae563734d4f1089a687a135308e517ac7bb2994ccc7e054d3f18cb770e4908dd3deaafaab51144c1e1b86b6291f5e73ff040000000000000000000000000000009a583b79ab00f71d85463c57c5bb1f1084e683b591fc2c8b8a38b7ee57afa01a"], 0x259)
r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)

21:00:59 executing program 2:
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r1, 0x400455c8, 0x9)
dup2(r0, r1)
syz_usb_connect(0x0, 0x0, 0x0, 0x0)

[  552.288632][    C1] sd 0:0:1:0: [sg0] tag#7010 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s
[  552.299266][    C1] sd 0:0:1:0: [sg0] tag#7010 CDB: Test Unit Ready
[  552.305807][    C1] sd 0:0:1:0: [sg0] tag#7010 CDB[00]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  552.315430][    C1] sd 0:0:1:0: [sg0] tag#7010 CDB[10]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  552.325396][    C1] sd 0:0:1:0: [sg0] tag#7010 CDB[20]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  552.335037][    C1] sd 0:0:1:0: [sg0] tag#7010 CDB[30]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  552.344660][    C1] sd 0:0:1:0: [sg0] tag#7010 CDB[40]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  552.354459][    C1] sd 0:0:1:0: [sg0] tag#7010 CDB[50]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  552.364200][    C1] sd 0:0:1:0: [sg0] tag#7010 CDB[60]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  552.373823][    C1] sd 0:0:1:0: [sg0] tag#7010 CDB[70]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  552.383447][    C1] sd 0:0:1:0: [sg0] tag#7010 CDB[80]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  552.393185][    C1] sd 0:0:1:0: [sg0] tag#7010 CDB[90]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  552.402945][    C1] sd 0:0:1:0: [sg0] tag#7010 CDB[a0]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  552.412571][    C1] sd 0:0:1:0: [sg0] tag#7010 CDB[b0]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  552.422386][    C1] sd 0:0:1:0: [sg0] tag#7010 CDB[c0]: 00 00 00 00 00 00 00 00
[  552.432722][  T198] Bluetooth: hci6: Frame reassembly failed (-84)
[  552.441349][ T1546] Bluetooth: hci7: Entering manufacturer mode failed (-110)
21:00:59 executing program 3:
socketpair$unix(0x1, 0x1, 0x0, 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x9)
dup2(0xffffffffffffffff, r0)
syz_usb_connect(0x0, 0x0, 0x0, 0x0)

21:00:59 executing program 0:
r0 = open(0x0, 0x1031fe, 0x0)
r1 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r2, 0x2007fff)
sendfile(r0, r0, 0x0, 0x8080fffffffe)
r3 = socket(0x2, 0x803, 0xff)
getsockopt$EBT_SO_GET_INIT_ENTRIES(0xffffffffffffffff, 0x0, 0x83, 0x0, 0x0)
connect$inet(r3, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r4 = dup(r3)
r5 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x8000fffffffe)

21:00:59 executing program 1:
perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(r0, &(0x7f0000002cc0), 0x1a3, 0x0)

21:00:59 executing program 4:
perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @local}, 0x1c)
sendmmsg(r0, &(0x7f0000002cc0), 0x1a3, 0x0)

21:00:59 executing program 5:
chmod(0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x800, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x5)
ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40042409, 0x1)
r2 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(r2, &(0x7f0000002cc0), 0x1a3, 0x0)
write$binfmt_misc(r1, &(0x7f0000000840)=ANY=[@ANYBLOB="5300000044a6aeabc81e1520000000000000000700fff64017db9820000000000000d423ffff633b27e59aa146175dd106736d173f0fc7ec6e26560000000049d23822c013286344c03948c6801d2c0945c08ba8c552fc99a7422007653872ecb4f63acdfe80819a277d9079cc4cb5e0ab17b299b81f2d274014ae40b81d030000d2fbea75e16af8ffffffffffffff0627ec60cb274e00da971f333396d74c92fad7e34bd5522400cc36c2442eac2d224609abe062060800000200000000000000000000f390d71cc6092cddd3b056f3fc65d61c2b3c65f2f80a61ea6e457ebc93a71b20e03b86d4e999bbb53a0e786b6d985f7f04533da93f7b0ee0ceb0e80600cff8ca2996e518e3e69051f6d243e0e9b2be17f9ebfeb82ee2469fb39bdbb2768d25f19600002dc045421b94d878d0d9c2a5c74633b6cd8ae563734d4f1089a687a135308e517ac7bb2994ccc7e054d3f18cb770e4908dd3deaafaab51144c1e1b86b6291f5e73ff040000000000000000000000000000009a583b79ab00f71d85463c57c5bb1f1084e683b591fc2c8b8a38b7ee57afa01a"], 0x259)
r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)

[  553.039788][   T27] audit: type=1804 audit(1597266060.016:356): pid=16501 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/311/bus" dev="sda1" ino=16367 res=1 errno=0
[  553.079606][    C0] sd 0:0:1:0: [sg0] tag#7011 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s
[  553.090209][    C0] sd 0:0:1:0: [sg0] tag#7011 CDB: Test Unit Ready
[  553.096874][    C0] sd 0:0:1:0: [sg0] tag#7011 CDB[00]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  553.106855][    C0] sd 0:0:1:0: [sg0] tag#7011 CDB[10]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  553.116588][    C0] sd 0:0:1:0: [sg0] tag#7011 CDB[20]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  553.126214][    C0] sd 0:0:1:0: [sg0] tag#7011 CDB[30]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  553.136021][    C0] sd 0:0:1:0: [sg0] tag#7011 CDB[40]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  553.145628][    C0] sd 0:0:1:0: [sg0] tag#7011 CDB[50]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  553.155569][    C0] sd 0:0:1:0: [sg0] tag#7011 CDB[60]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  553.165584][    C0] sd 0:0:1:0: [sg0] tag#7011 CDB[70]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  553.175273][    C0] sd 0:0:1:0: [sg0] tag#7011 CDB[80]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
21:01:00 executing program 1:
perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(r0, &(0x7f0000002cc0), 0x1a3, 0x0)

21:01:00 executing program 4:
perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @local}, 0x1c)
sendmmsg(r0, &(0x7f0000002cc0), 0x1a3, 0x0)

[  553.185057][    C0] sd 0:0:1:0: [sg0] tag#7011 CDB[90]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  553.194681][    C0] sd 0:0:1:0: [sg0] tag#7011 CDB[a0]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  553.204304][    C0] sd 0:0:1:0: [sg0] tag#7011 CDB[b0]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  553.214176][    C0] sd 0:0:1:0: [sg0] tag#7011 CDB[c0]: 00 00 00 00 00 00 00 00
21:01:00 executing program 5:
chmod(0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x800, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x5)
ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40042409, 0x1)
r2 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(r2, &(0x7f0000002cc0), 0x1a3, 0x0)
write$binfmt_misc(r1, &(0x7f0000000840)=ANY=[@ANYBLOB="5300000044a6aeabc81e1520000000000000000700fff64017db9820000000000000d423ffff633b27e59aa146175dd106736d173f0fc7ec6e26560000000049d23822c013286344c03948c6801d2c0945c08ba8c552fc99a7422007653872ecb4f63acdfe80819a277d9079cc4cb5e0ab17b299b81f2d274014ae40b81d030000d2fbea75e16af8ffffffffffffff0627ec60cb274e00da971f333396d74c92fad7e34bd5522400cc36c2442eac2d224609abe062060800000200000000000000000000f390d71cc6092cddd3b056f3fc65d61c2b3c65f2f80a61ea6e457ebc93a71b20e03b86d4e999bbb53a0e786b6d985f7f04533da93f7b0ee0ceb0e80600cff8ca2996e518e3e69051f6d243e0e9b2be17f9ebfeb82ee2469fb39bdbb2768d25f19600002dc045421b94d878d0d9c2a5c74633b6cd8ae563734d4f1089a687a135308e517ac7bb2994ccc7e054d3f18cb770e4908dd3deaafaab51144c1e1b86b6291f5e73ff040000000000000000000000000000009a583b79ab00f71d85463c57c5bb1f1084e683b591fc2c8b8a38b7ee57afa01a"], 0x259)
r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)

21:01:00 executing program 4:
perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @local}, 0x1c)
sendmmsg(r0, &(0x7f0000002cc0), 0x1a3, 0x0)

[  553.267511][   T58] Bluetooth: hci7: Frame reassembly failed (-84)
21:01:00 executing program 1:
perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(r0, &(0x7f0000002cc0), 0x1a3, 0x0)

21:01:00 executing program 4:
perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(0xffffffffffffffff, &(0x7f0000002cc0), 0x1a3, 0x0)

[  553.548733][    C1] sd 0:0:1:0: [sg0] tag#7012 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s
[  553.559398][    C1] sd 0:0:1:0: [sg0] tag#7012 CDB: Test Unit Ready
[  553.565913][    C1] sd 0:0:1:0: [sg0] tag#7012 CDB[00]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  553.575528][    C1] sd 0:0:1:0: [sg0] tag#7012 CDB[10]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  553.585135][    C1] sd 0:0:1:0: [sg0] tag#7012 CDB[20]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  553.594766][    C1] sd 0:0:1:0: [sg0] tag#7012 CDB[30]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  553.604506][    C1] sd 0:0:1:0: [sg0] tag#7012 CDB[40]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  553.614123][    C1] sd 0:0:1:0: [sg0] tag#7012 CDB[50]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  553.623762][    C1] sd 0:0:1:0: [sg0] tag#7012 CDB[60]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  553.633379][    C1] sd 0:0:1:0: [sg0] tag#7012 CDB[70]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  553.643137][    C1] sd 0:0:1:0: [sg0] tag#7012 CDB[80]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  553.652750][    C1] sd 0:0:1:0: [sg0] tag#7012 CDB[90]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  553.662366][    C1] sd 0:0:1:0: [sg0] tag#7012 CDB[a0]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  553.671977][    C1] sd 0:0:1:0: [sg0] tag#7012 CDB[b0]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  553.681623][    C1] sd 0:0:1:0: [sg0] tag#7012 CDB[c0]: 00 00 00 00 00 00 00 00
[  554.441176][ T6858] Bluetooth: hci6: Entering manufacturer mode failed (-110)
[  554.449467][ T8237] Bluetooth: hci6: command tx timeout
21:01:01 executing program 2:
socketpair$unix(0x1, 0x1, 0x0, 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x9)
dup2(0xffffffffffffffff, r0)
syz_usb_connect(0x0, 0x0, 0x0, 0x0)

[  555.013168][T15657] Bluetooth: hci6: sending frame failed (-49)
[  555.320986][   T23] Bluetooth: hci7: command 0xfc11 tx timeout
[  555.331069][ T1546] Bluetooth: hci7: Entering manufacturer mode failed (-110)
21:01:02 executing program 3:
socketpair$unix(0x1, 0x1, 0x0, 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x9)
dup2(0xffffffffffffffff, r0)
syz_usb_connect(0x0, 0x0, 0x0, 0x0)

21:01:02 executing program 1:
perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r0, 0x0, 0x0)
sendmmsg(r0, &(0x7f0000002cc0), 0x1a3, 0x0)

21:01:02 executing program 4:
perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(0xffffffffffffffff, &(0x7f0000002cc0), 0x1a3, 0x0)

21:01:02 executing program 5:
chmod(0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x5)
ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40042409, 0x1)
r2 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(r2, &(0x7f0000002cc0), 0x1a3, 0x0)
write$binfmt_misc(r1, &(0x7f0000000840)=ANY=[@ANYBLOB="5300000044a6aeabc81e1520000000000000000700fff64017db9820000000000000d423ffff633b27e59aa146175dd106736d173f0fc7ec6e26560000000049d23822c013286344c03948c6801d2c0945c08ba8c552fc99a7422007653872ecb4f63acdfe80819a277d9079cc4cb5e0ab17b299b81f2d274014ae40b81d030000d2fbea75e16af8ffffffffffffff0627ec60cb274e00da971f333396d74c92fad7e34bd5522400cc36c2442eac2d224609abe062060800000200000000000000000000f390d71cc6092cddd3b056f3fc65d61c2b3c65f2f80a61ea6e457ebc93a71b20e03b86d4e999bbb53a0e786b6d985f7f04533da93f7b0ee0ceb0e80600cff8ca2996e518e3e69051f6d243e0e9b2be17f9ebfeb82ee2469fb39bdbb2768d25f19600002dc045421b94d878d0d9c2a5c74633b6cd8ae563734d4f1089a687a135308e517ac7bb2994ccc7e054d3f18cb770e4908dd3deaafaab51144c1e1b86b6291f5e73ff040000000000000000000000000000009a583b79ab00f71d85463c57c5bb1f1084e683b591fc2c8b8a38b7ee57afa01a"], 0x259)
r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)

21:01:02 executing program 0:
r0 = open(0x0, 0x1031fe, 0x0)
r1 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r2, 0x2007fff)
sendfile(r0, r0, 0x0, 0x8080fffffffe)
r3 = socket(0x2, 0x803, 0xff)
getsockopt$EBT_SO_GET_INIT_ENTRIES(0xffffffffffffffff, 0x0, 0x83, 0x0, 0x0)
connect$inet(r3, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r4 = dup(r3)
r5 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x8000fffffffe)

21:01:02 executing program 4:
perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(0xffffffffffffffff, &(0x7f0000002cc0), 0x1a3, 0x0)

[  555.926078][   T27] audit: type=1804 audit(1597266062.907:357): pid=16540 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/312/bus" dev="sda1" ino=16369 res=1 errno=0
[  556.019301][   T21] Bluetooth: hci7: Frame reassembly failed (-84)
[  556.032403][    C1] sd 0:0:1:0: [sg0] tag#7013 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s
[  556.042881][    C1] sd 0:0:1:0: [sg0] tag#7013 CDB: Test Unit Ready
[  556.049482][    C1] sd 0:0:1:0: [sg0] tag#7013 CDB[00]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  556.059413][    C1] sd 0:0:1:0: [sg0] tag#7013 CDB[10]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  556.069032][    C1] sd 0:0:1:0: [sg0] tag#7013 CDB[20]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  556.078671][    C1] sd 0:0:1:0: [sg0] tag#7013 CDB[30]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  556.088446][    C1] sd 0:0:1:0: [sg0] tag#7013 CDB[40]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  556.098183][    C1] sd 0:0:1:0: [sg0] tag#7013 CDB[50]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  556.108039][    C1] sd 0:0:1:0: [sg0] tag#7013 CDB[60]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
21:01:03 executing program 1:
perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r0, 0x0, 0x0)
sendmmsg(r0, &(0x7f0000002cc0), 0x1a3, 0x0)

[  556.117670][    C1] sd 0:0:1:0: [sg0] tag#7013 CDB[70]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  556.127305][    C1] sd 0:0:1:0: [sg0] tag#7013 CDB[80]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  556.137259][    C1] sd 0:0:1:0: [sg0] tag#7013 CDB[90]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  556.146876][    C1] sd 0:0:1:0: [sg0] tag#7013 CDB[a0]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  556.156584][    C1] sd 0:0:1:0: [sg0] tag#7013 CDB[b0]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
21:01:03 executing program 4:
perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(r0, 0x0, 0x0, 0x0)

[  556.166202][    C1] sd 0:0:1:0: [sg0] tag#7013 CDB[c0]: 00 00 00 00 00 00 00 00
21:01:03 executing program 5:
chmod(0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x5)
ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40042409, 0x1)
r2 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(r2, &(0x7f0000002cc0), 0x1a3, 0x0)
write$binfmt_misc(r1, &(0x7f0000000840)=ANY=[@ANYBLOB="5300000044a6aeabc81e1520000000000000000700fff64017db9820000000000000d423ffff633b27e59aa146175dd106736d173f0fc7ec6e26560000000049d23822c013286344c03948c6801d2c0945c08ba8c552fc99a7422007653872ecb4f63acdfe80819a277d9079cc4cb5e0ab17b299b81f2d274014ae40b81d030000d2fbea75e16af8ffffffffffffff0627ec60cb274e00da971f333396d74c92fad7e34bd5522400cc36c2442eac2d224609abe062060800000200000000000000000000f390d71cc6092cddd3b056f3fc65d61c2b3c65f2f80a61ea6e457ebc93a71b20e03b86d4e999bbb53a0e786b6d985f7f04533da93f7b0ee0ceb0e80600cff8ca2996e518e3e69051f6d243e0e9b2be17f9ebfeb82ee2469fb39bdbb2768d25f19600002dc045421b94d878d0d9c2a5c74633b6cd8ae563734d4f1089a687a135308e517ac7bb2994ccc7e054d3f18cb770e4908dd3deaafaab51144c1e1b86b6291f5e73ff040000000000000000000000000000009a583b79ab00f71d85463c57c5bb1f1084e683b591fc2c8b8a38b7ee57afa01a"], 0x259)
r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)

21:01:03 executing program 1:
perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r0, 0x0, 0x0)
sendmmsg(r0, &(0x7f0000002cc0), 0x1a3, 0x0)

21:01:03 executing program 4:
perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(r0, 0x0, 0x0, 0x0)

[  556.494360][    C1] sd 0:0:1:0: [sg0] tag#7014 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s
[  556.505015][    C1] sd 0:0:1:0: [sg0] tag#7014 CDB: Test Unit Ready
[  556.511523][    C1] sd 0:0:1:0: [sg0] tag#7014 CDB[00]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  556.521154][    C1] sd 0:0:1:0: [sg0] tag#7014 CDB[10]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  556.530772][    C1] sd 0:0:1:0: [sg0] tag#7014 CDB[20]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  556.540335][    C1] sd 0:0:1:0: [sg0] tag#7014 CDB[30]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  556.549961][    C1] sd 0:0:1:0: [sg0] tag#7014 CDB[40]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  556.559574][    C1] sd 0:0:1:0: [sg0] tag#7014 CDB[50]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  556.569179][    C1] sd 0:0:1:0: [sg0] tag#7014 CDB[60]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  556.578799][    C1] sd 0:0:1:0: [sg0] tag#7014 CDB[70]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  556.588420][    C1] sd 0:0:1:0: [sg0] tag#7014 CDB[80]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  556.598040][    C1] sd 0:0:1:0: [sg0] tag#7014 CDB[90]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  556.607655][    C1] sd 0:0:1:0: [sg0] tag#7014 CDB[a0]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  556.617280][    C1] sd 0:0:1:0: [sg0] tag#7014 CDB[b0]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  556.626907][    C1] sd 0:0:1:0: [sg0] tag#7014 CDB[c0]: 00 00 00 00 00 00 00 00
[  557.080920][ T8130] Bluetooth: hci6: command 0xfc11 tx timeout
[  557.086580][ T6858] Bluetooth: hci6: Entering manufacturer mode failed (-110)
21:01:04 executing program 2:
socketpair$unix(0x1, 0x1, 0x0, 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x9)
dup2(0xffffffffffffffff, r0)
syz_usb_connect(0x0, 0x0, 0x0, 0x0)

[  557.645560][   T58] Bluetooth: hci6: Frame reassembly failed (-84)
[  558.040944][ T8237] Bluetooth: hci7: command 0xfc11 tx timeout
[  558.041025][ T1546] Bluetooth: hci7: Entering manufacturer mode failed (-110)
21:01:05 executing program 4:
perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(r0, 0x0, 0x0, 0x0)

21:01:05 executing program 1:
perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @local}, 0x1c)
sendmmsg(r0, &(0x7f0000002cc0), 0x1a3, 0x0)

21:01:05 executing program 5:
chmod(0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x5)
ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40042409, 0x1)
r2 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(r2, &(0x7f0000002cc0), 0x1a3, 0x0)
write$binfmt_misc(r1, &(0x7f0000000840)=ANY=[@ANYBLOB="5300000044a6aeabc81e1520000000000000000700fff64017db9820000000000000d423ffff633b27e59aa146175dd106736d173f0fc7ec6e26560000000049d23822c013286344c03948c6801d2c0945c08ba8c552fc99a7422007653872ecb4f63acdfe80819a277d9079cc4cb5e0ab17b299b81f2d274014ae40b81d030000d2fbea75e16af8ffffffffffffff0627ec60cb274e00da971f333396d74c92fad7e34bd5522400cc36c2442eac2d224609abe062060800000200000000000000000000f390d71cc6092cddd3b056f3fc65d61c2b3c65f2f80a61ea6e457ebc93a71b20e03b86d4e999bbb53a0e786b6d985f7f04533da93f7b0ee0ceb0e80600cff8ca2996e518e3e69051f6d243e0e9b2be17f9ebfeb82ee2469fb39bdbb2768d25f19600002dc045421b94d878d0d9c2a5c74633b6cd8ae563734d4f1089a687a135308e517ac7bb2994ccc7e054d3f18cb770e4908dd3deaafaab51144c1e1b86b6291f5e73ff040000000000000000000000000000009a583b79ab00f71d85463c57c5bb1f1084e683b591fc2c8b8a38b7ee57afa01a"], 0x259)
r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)

21:01:05 executing program 3:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r1, 0x400455c8, 0x9)
dup2(r0, r1)
syz_usb_connect(0x0, 0x0, 0x0, 0x0)

21:01:05 executing program 0:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x0, 0x0)
r1 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r2, 0x2007fff)
sendfile(r0, r0, 0x0, 0x8080fffffffe)
r3 = socket(0x2, 0x803, 0xff)
getsockopt$EBT_SO_GET_INIT_ENTRIES(0xffffffffffffffff, 0x0, 0x83, 0x0, 0x0)
connect$inet(r3, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r4 = dup(r3)
r5 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x8000fffffffe)

[  558.674304][   T27] audit: type=1804 audit(1597266065.657:358): pid=16582 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/313/bus" dev="sda1" ino=16357 res=1 errno=0
[  558.688767][    C0] sd 0:0:1:0: [sg0] tag#7015 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s
[  558.708848][    C0] sd 0:0:1:0: [sg0] tag#7015 CDB: Test Unit Ready
[  558.715558][    C0] sd 0:0:1:0: [sg0] tag#7015 CDB[00]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  558.725263][    C0] sd 0:0:1:0: [sg0] tag#7015 CDB[10]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  558.734971][    C0] sd 0:0:1:0: [sg0] tag#7015 CDB[20]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  558.744594][    C0] sd 0:0:1:0: [sg0] tag#7015 CDB[30]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  558.754222][    C0] sd 0:0:1:0: [sg0] tag#7015 CDB[40]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  558.763952][    C0] sd 0:0:1:0: [sg0] tag#7015 CDB[50]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
21:01:05 executing program 1:
perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @local}, 0x1c)
sendmmsg(r0, &(0x7f0000002cc0), 0x1a3, 0x0)

21:01:05 executing program 4:
chmod(0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x800, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x5)
ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40042409, 0x1)
r2 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(r2, &(0x7f0000002cc0), 0x1a3, 0x0)
write$binfmt_misc(r1, &(0x7f0000000840)=ANY=[@ANYBLOB="5300000044a6aeabc81e1520000000000000000700fff64017db9820000000000000d423ffff633b27e59aa146175dd106736d173f0fc7ec6e26560000000049d23822c013286344c03948c6801d2c0945c08ba8c552fc99a7422007653872ecb4f63acdfe80819a277d9079cc4cb5e0ab17b299b81f2d274014ae40b81d030000d2fbea75e16af8ffffffffffffff0627ec60cb274e00da971f333396d74c92fad7e34bd5522400cc36c2442eac2d224609abe062060800000200000000000000000000f390d71cc6092cddd3b056f3fc65d61c2b3c65f2f80a61ea6e457ebc93a71b20e03b86d4e999bbb53a0e786b6d985f7f04533da93f7b0ee0ceb0e80600cff8ca2996e518e3e69051f6d243e0e9b2be17f9ebfeb82ee2469fb39bdbb2768d25f19600002dc045421b94d878d0d9c2a5c74633b6cd8ae563734d4f1089a687a135308e517ac7bb2994ccc7e054d3f18cb770e4908dd3deaafaab51144c1e1b86b6291f5e73ff040000000000000000000000000000009a583b79ab00f71d85463c57c5bb1f1084e683b591fc2c8b8a38b7ee57afa01a"], 0x259)
r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)

[  558.773572][    C0] sd 0:0:1:0: [sg0] tag#7015 CDB[60]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  558.783174][    C0] sd 0:0:1:0: [sg0] tag#7015 CDB[70]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  558.792775][    C0] sd 0:0:1:0: [sg0] tag#7015 CDB[80]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  558.802377][    C0] sd 0:0:1:0: [sg0] tag#7015 CDB[90]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  558.811976][    C0] sd 0:0:1:0: [sg0] tag#7015 CDB[a0]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
21:01:05 executing program 1:
perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @local}, 0x1c)
sendmmsg(r0, &(0x7f0000002cc0), 0x1a3, 0x0)

[  558.821574][    C0] sd 0:0:1:0: [sg0] tag#7015 CDB[b0]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  558.831173][    C0] sd 0:0:1:0: [sg0] tag#7015 CDB[c0]: 00 00 00 00 00 00 00 00
[  558.946068][    C0] sd 0:0:1:0: [sg0] tag#7036 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s
[  558.956717][    C0] sd 0:0:1:0: [sg0] tag#7036 CDB: Test Unit Ready
[  558.963198][    C0] sd 0:0:1:0: [sg0] tag#7036 CDB[00]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  558.972875][    C0] sd 0:0:1:0: [sg0] tag#7036 CDB[10]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  558.982505][    C0] sd 0:0:1:0: [sg0] tag#7036 CDB[20]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  558.992104][    C0] sd 0:0:1:0: [sg0] tag#7036 CDB[30]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  559.001704][    C0] sd 0:0:1:0: [sg0] tag#7036 CDB[40]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  559.011302][    C0] sd 0:0:1:0: [sg0] tag#7036 CDB[50]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  559.021142][    C0] sd 0:0:1:0: [sg0] tag#7036 CDB[60]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  559.030737][    C0] sd 0:0:1:0: [sg0] tag#7036 CDB[70]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
21:01:06 executing program 1:
perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(0xffffffffffffffff, &(0x7f0000002cc0), 0x1a3, 0x0)

21:01:06 executing program 5:
chmod(0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x800}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x5)
ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40042409, 0x1)
r2 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(r2, &(0x7f0000002cc0), 0x1a3, 0x0)
write$binfmt_misc(r1, &(0x7f0000000840)=ANY=[@ANYBLOB="5300000044a6aeabc81e1520000000000000000700fff64017db9820000000000000d423ffff633b27e59aa146175dd106736d173f0fc7ec6e26560000000049d23822c013286344c03948c6801d2c0945c08ba8c552fc99a7422007653872ecb4f63acdfe80819a277d9079cc4cb5e0ab17b299b81f2d274014ae40b81d030000d2fbea75e16af8ffffffffffffff0627ec60cb274e00da971f333396d74c92fad7e34bd5522400cc36c2442eac2d224609abe062060800000200000000000000000000f390d71cc6092cddd3b056f3fc65d61c2b3c65f2f80a61ea6e457ebc93a71b20e03b86d4e999bbb53a0e786b6d985f7f04533da93f7b0ee0ceb0e80600cff8ca2996e518e3e69051f6d243e0e9b2be17f9ebfeb82ee2469fb39bdbb2768d25f19600002dc045421b94d878d0d9c2a5c74633b6cd8ae563734d4f1089a687a135308e517ac7bb2994ccc7e054d3f18cb770e4908dd3deaafaab51144c1e1b86b6291f5e73ff040000000000000000000000000000009a583b79ab00f71d85463c57c5bb1f1084e683b591fc2c8b8a38b7ee57afa01a"], 0x259)
r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)

[  559.040323][    C0] sd 0:0:1:0: [sg0] tag#7036 CDB[80]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  559.050049][    C0] sd 0:0:1:0: [sg0] tag#7036 CDB[90]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  559.059646][    C0] sd 0:0:1:0: [sg0] tag#7036 CDB[a0]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  559.069240][    C0] sd 0:0:1:0: [sg0] tag#7036 CDB[b0]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  559.078833][    C0] sd 0:0:1:0: [sg0] tag#7036 CDB[c0]: 00 00 00 00 00 00 00 00
21:01:06 executing program 1:
perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(0xffffffffffffffff, &(0x7f0000002cc0), 0x1a3, 0x0)

[  559.270835][    C0] sd 0:0:1:0: [sg0] tag#7037 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s
[  559.281466][    C0] sd 0:0:1:0: [sg0] tag#7037 CDB: Test Unit Ready
[  559.287907][    C0] sd 0:0:1:0: [sg0] tag#7037 CDB[00]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  559.297532][    C0] sd 0:0:1:0: [sg0] tag#7037 CDB[10]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  559.307146][    C0] sd 0:0:1:0: [sg0] tag#7037 CDB[20]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  559.316843][    C0] sd 0:0:1:0: [sg0] tag#7037 CDB[30]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  559.326443][    C0] sd 0:0:1:0: [sg0] tag#7037 CDB[40]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  559.336199][    C0] sd 0:0:1:0: [sg0] tag#7037 CDB[50]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  559.345947][    C0] sd 0:0:1:0: [sg0] tag#7037 CDB[60]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  559.355555][    C0] sd 0:0:1:0: [sg0] tag#7037 CDB[70]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  559.365161][    C0] sd 0:0:1:0: [sg0] tag#7037 CDB[80]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  559.374757][    C0] sd 0:0:1:0: [sg0] tag#7037 CDB[90]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  559.384348][    C0] sd 0:0:1:0: [sg0] tag#7037 CDB[a0]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  559.394028][    C0] sd 0:0:1:0: [sg0] tag#7037 CDB[b0]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  559.403626][    C0] sd 0:0:1:0: [sg0] tag#7037 CDB[c0]: 00 00 00 00 00 00 00 00
[  559.640620][ T6858] Bluetooth: hci6: Entering manufacturer mode failed (-110)
21:01:07 executing program 2:
socketpair$unix(0x1, 0x1, 0x0, 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x9)
dup2(0xffffffffffffffff, r0)
syz_usb_connect(0x0, 0x0, 0x0, 0x0)

21:01:07 executing program 3:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r1, 0x400455c8, 0x9)
dup2(r0, r1)
syz_usb_connect(0x0, 0x0, 0x0, 0x0)

21:01:07 executing program 1:
perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(0xffffffffffffffff, &(0x7f0000002cc0), 0x1a3, 0x0)

21:01:07 executing program 4:
perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(0xffffffffffffffff, &(0x7f0000002cc0), 0x1a3, 0x0)

21:01:07 executing program 0:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x0, 0x0)
r1 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r2, 0x2007fff)
sendfile(r0, r0, 0x0, 0x8080fffffffe)
r3 = socket(0x2, 0x803, 0xff)
getsockopt$EBT_SO_GET_INIT_ENTRIES(0xffffffffffffffff, 0x0, 0x83, 0x0, 0x0)
connect$inet(r3, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r4 = dup(r3)
r5 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x8000fffffffe)

21:01:07 executing program 5:
chmod(0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x800}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x5)
ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40042409, 0x1)
r2 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(r2, &(0x7f0000002cc0), 0x1a3, 0x0)
write$binfmt_misc(r1, &(0x7f0000000840)=ANY=[@ANYBLOB="5300000044a6aeabc81e1520000000000000000700fff64017db9820000000000000d423ffff633b27e59aa146175dd106736d173f0fc7ec6e26560000000049d23822c013286344c03948c6801d2c0945c08ba8c552fc99a7422007653872ecb4f63acdfe80819a277d9079cc4cb5e0ab17b299b81f2d274014ae40b81d030000d2fbea75e16af8ffffffffffffff0627ec60cb274e00da971f333396d74c92fad7e34bd5522400cc36c2442eac2d224609abe062060800000200000000000000000000f390d71cc6092cddd3b056f3fc65d61c2b3c65f2f80a61ea6e457ebc93a71b20e03b86d4e999bbb53a0e786b6d985f7f04533da93f7b0ee0ceb0e80600cff8ca2996e518e3e69051f6d243e0e9b2be17f9ebfeb82ee2469fb39bdbb2768d25f19600002dc045421b94d878d0d9c2a5c74633b6cd8ae563734d4f1089a687a135308e517ac7bb2994ccc7e054d3f18cb770e4908dd3deaafaab51144c1e1b86b6291f5e73ff040000000000000000000000000000009a583b79ab00f71d85463c57c5bb1f1084e683b591fc2c8b8a38b7ee57afa01a"], 0x259)
r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)

21:01:07 executing program 4:
chmod(0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x800}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x5)
ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40042409, 0x1)
r2 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(r2, &(0x7f0000002cc0), 0x1a3, 0x0)
write$binfmt_misc(r1, &(0x7f0000000840)=ANY=[@ANYBLOB="5300000044a6aeabc81e1520000000000000000700fff64017db9820000000000000d423ffff633b27e59aa146175dd106736d173f0fc7ec6e26560000000049d23822c013286344c03948c6801d2c0945c08ba8c552fc99a7422007653872ecb4f63acdfe80819a277d9079cc4cb5e0ab17b299b81f2d274014ae40b81d030000d2fbea75e16af8ffffffffffffff0627ec60cb274e00da971f333396d74c92fad7e34bd5522400cc36c2442eac2d224609abe062060800000200000000000000000000f390d71cc6092cddd3b056f3fc65d61c2b3c65f2f80a61ea6e457ebc93a71b20e03b86d4e999bbb53a0e786b6d985f7f04533da93f7b0ee0ceb0e80600cff8ca2996e518e3e69051f6d243e0e9b2be17f9ebfeb82ee2469fb39bdbb2768d25f19600002dc045421b94d878d0d9c2a5c74633b6cd8ae563734d4f1089a687a135308e517ac7bb2994ccc7e054d3f18cb770e4908dd3deaafaab51144c1e1b86b6291f5e73ff040000000000000000000000000000009a583b79ab00f71d85463c57c5bb1f1084e683b591fc2c8b8a38b7ee57afa01a"], 0x259)
r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)

[  560.228284][   T27] audit: type=1804 audit(1597266067.207:359): pid=16614 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/314/bus" dev="sda1" ino=16085 res=1 errno=0
[  560.307181][    C0] sd 0:0:1:0: [sg0] tag#7038 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s
[  560.317654][    C0] sd 0:0:1:0: [sg0] tag#7038 CDB: Test Unit Ready
[  560.324416][    C0] sd 0:0:1:0: [sg0] tag#7038 CDB[00]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  560.334345][    C0] sd 0:0:1:0: [sg0] tag#7038 CDB[10]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  560.343947][    C0] sd 0:0:1:0: [sg0] tag#7038 CDB[20]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  560.353543][    C0] sd 0:0:1:0: [sg0] tag#7038 CDB[30]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  560.363138][    C0] sd 0:0:1:0: [sg0] tag#7038 CDB[40]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  560.372728][    C0] sd 0:0:1:0: [sg0] tag#7038 CDB[50]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  560.382331][    C0] sd 0:0:1:0: [sg0] tag#7038 CDB[60]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  560.391942][    C0] sd 0:0:1:0: [sg0] tag#7038 CDB[70]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
21:01:07 executing program 1:
perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(r0, 0x0, 0x0, 0x0)

[  560.401540][    C0] sd 0:0:1:0: [sg0] tag#7038 CDB[80]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  560.411382][    C0] sd 0:0:1:0: [sg0] tag#7038 CDB[90]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  560.421152][    C0] sd 0:0:1:0: [sg0] tag#7038 CDB[a0]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  560.430947][    C0] sd 0:0:1:0: [sg0] tag#7038 CDB[b0]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  560.440543][    C0] sd 0:0:1:0: [sg0] tag#7038 CDB[c0]: 00 00 00 00 00 00 00 00
[  560.456488][   T58] Bluetooth: hci6: Frame reassembly failed (-84)
[  560.475905][   T58] Bluetooth: hci6: Frame reassembly failed (-84)
[  560.476234][    C1] sd 0:0:1:0: [sg0] tag#7039 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s
[  560.492939][    C1] sd 0:0:1:0: [sg0] tag#7039 CDB: Test Unit Ready
[  560.499380][    C1] sd 0:0:1:0: [sg0] tag#7039 CDB[00]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  560.509006][    C1] sd 0:0:1:0: [sg0] tag#7039 CDB[10]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  560.518628][    C1] sd 0:0:1:0: [sg0] tag#7039 CDB[20]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  560.528240][    C1] sd 0:0:1:0: [sg0] tag#7039 CDB[30]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  560.537861][    C1] sd 0:0:1:0: [sg0] tag#7039 CDB[40]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  560.547632][    C1] sd 0:0:1:0: [sg0] tag#7039 CDB[50]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
21:01:07 executing program 1:
perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(r0, 0x0, 0x0, 0x0)

[  560.557257][    C1] sd 0:0:1:0: [sg0] tag#7039 CDB[60]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  560.566886][    C1] sd 0:0:1:0: [sg0] tag#7039 CDB[70]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  560.576597][    C1] sd 0:0:1:0: [sg0] tag#7039 CDB[80]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  560.586373][    C1] sd 0:0:1:0: [sg0] tag#7039 CDB[90]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  560.595987][    C1] sd 0:0:1:0: [sg0] tag#7039 CDB[a0]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
21:01:07 executing program 5:
chmod(0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x800}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x5)
ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40042409, 0x1)
r2 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(r2, &(0x7f0000002cc0), 0x1a3, 0x0)
write$binfmt_misc(r1, &(0x7f0000000840)=ANY=[@ANYBLOB="5300000044a6aeabc81e1520000000000000000700fff64017db9820000000000000d423ffff633b27e59aa146175dd106736d173f0fc7ec6e26560000000049d23822c013286344c03948c6801d2c0945c08ba8c552fc99a7422007653872ecb4f63acdfe80819a277d9079cc4cb5e0ab17b299b81f2d274014ae40b81d030000d2fbea75e16af8ffffffffffffff0627ec60cb274e00da971f333396d74c92fad7e34bd5522400cc36c2442eac2d224609abe062060800000200000000000000000000f390d71cc6092cddd3b056f3fc65d61c2b3c65f2f80a61ea6e457ebc93a71b20e03b86d4e999bbb53a0e786b6d985f7f04533da93f7b0ee0ceb0e80600cff8ca2996e518e3e69051f6d243e0e9b2be17f9ebfeb82ee2469fb39bdbb2768d25f19600002dc045421b94d878d0d9c2a5c74633b6cd8ae563734d4f1089a687a135308e517ac7bb2994ccc7e054d3f18cb770e4908dd3deaafaab51144c1e1b86b6291f5e73ff040000000000000000000000000000009a583b79ab00f71d85463c57c5bb1f1084e683b591fc2c8b8a38b7ee57afa01a"], 0x259)
r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)

[  560.605605][    C1] sd 0:0:1:0: [sg0] tag#7039 CDB[b0]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  560.615245][    C1] sd 0:0:1:0: [sg0] tag#7039 CDB[c0]: 00 00 00 00 00 00 00 00
21:01:07 executing program 1:
perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(r0, 0x0, 0x0, 0x0)

21:01:07 executing program 3:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r1, 0x400455c8, 0x9)
dup2(r0, r1)
syz_usb_connect(0x0, 0x0, 0x0, 0x0)

[  560.837668][    C1] sd 0:0:1:0: [sg0] tag#6976 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s
[  560.848351][    C1] sd 0:0:1:0: [sg0] tag#6976 CDB: Test Unit Ready
[  560.854865][    C1] sd 0:0:1:0: [sg0] tag#6976 CDB[00]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  560.864467][    C1] sd 0:0:1:0: [sg0] tag#6976 CDB[10]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  560.874256][    C1] sd 0:0:1:0: [sg0] tag#6976 CDB[20]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  560.883859][    C1] sd 0:0:1:0: [sg0] tag#6976 CDB[30]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  560.893712][    C1] sd 0:0:1:0: [sg0] tag#6976 CDB[40]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  560.903320][    C1] sd 0:0:1:0: [sg0] tag#6976 CDB[50]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  560.912920][    C1] sd 0:0:1:0: [sg0] tag#6976 CDB[60]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  560.922670][    C1] sd 0:0:1:0: [sg0] tag#6976 CDB[70]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  560.932277][    C1] sd 0:0:1:0: [sg0] tag#6976 CDB[80]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  560.941886][    C1] sd 0:0:1:0: [sg0] tag#6976 CDB[90]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  560.951494][    C1] sd 0:0:1:0: [sg0] tag#6976 CDB[a0]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  560.961095][    C1] sd 0:0:1:0: [sg0] tag#6976 CDB[b0]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  560.970695][    C1] sd 0:0:1:0: [sg0] tag#6976 CDB[c0]: 00 00 00 00 00 00 00 00
[  562.440211][ T6858] Bluetooth: hci6: Entering manufacturer mode failed (-110)
21:01:09 executing program 2:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r1, 0x400455c8, 0x9)
dup2(r0, r1)
syz_usb_connect(0x0, 0x0, 0x0, 0x0)

21:01:09 executing program 4:
chmod(0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x800, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x5)
ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40042409, 0x1)
r2 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(r2, &(0x7f0000002cc0), 0x1a3, 0x0)
write$binfmt_misc(r1, &(0x7f0000000840)=ANY=[@ANYBLOB="5300000044a6aeabc81e1520000000000000000700fff64017db9820000000000000d423ffff633b27e59aa146175dd106736d173f0fc7ec6e26560000000049d23822c013286344c03948c6801d2c0945c08ba8c552fc99a7422007653872ecb4f63acdfe80819a277d9079cc4cb5e0ab17b299b81f2d274014ae40b81d030000d2fbea75e16af8ffffffffffffff0627ec60cb274e00da971f333396d74c92fad7e34bd5522400cc36c2442eac2d224609abe062060800000200000000000000000000f390d71cc6092cddd3b056f3fc65d61c2b3c65f2f80a61ea6e457ebc93a71b20e03b86d4e999bbb53a0e786b6d985f7f04533da93f7b0ee0ceb0e80600cff8ca2996e518e3e69051f6d243e0e9b2be17f9ebfeb82ee2469fb39bdbb2768d25f19600002dc045421b94d878d0d9c2a5c74633b6cd8ae563734d4f1089a687a135308e517ac7bb2994ccc7e054d3f18cb770e4908dd3deaafaab51144c1e1b86b6291f5e73ff040000000000000000000000000000009a583b79ab00f71d85463c57c5bb1f1084e683b591fc2c8b8a38b7ee57afa01a"], 0x259)
r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)

21:01:09 executing program 1:
chmod(0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x800, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x5)
ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40042409, 0x1)
r2 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(r2, &(0x7f0000002cc0), 0x1a3, 0x0)
write$binfmt_misc(r1, &(0x7f0000000840)=ANY=[@ANYBLOB="5300000044a6aeabc81e1520000000000000000700fff64017db9820000000000000d423ffff633b27e59aa146175dd106736d173f0fc7ec6e26560000000049d23822c013286344c03948c6801d2c0945c08ba8c552fc99a7422007653872ecb4f63acdfe80819a277d9079cc4cb5e0ab17b299b81f2d274014ae40b81d030000d2fbea75e16af8ffffffffffffff0627ec60cb274e00da971f333396d74c92fad7e34bd5522400cc36c2442eac2d224609abe062060800000200000000000000000000f390d71cc6092cddd3b056f3fc65d61c2b3c65f2f80a61ea6e457ebc93a71b20e03b86d4e999bbb53a0e786b6d985f7f04533da93f7b0ee0ceb0e80600cff8ca2996e518e3e69051f6d243e0e9b2be17f9ebfeb82ee2469fb39bdbb2768d25f19600002dc045421b94d878d0d9c2a5c74633b6cd8ae563734d4f1089a687a135308e517ac7bb2994ccc7e054d3f18cb770e4908dd3deaafaab51144c1e1b86b6291f5e73ff040000000000000000000000000000009a583b79ab00f71d85463c57c5bb1f1084e683b591fc2c8b8a38b7ee57afa01a"], 0x259)
r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)

21:01:09 executing program 0:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x0, 0x0)
r1 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r2, 0x2007fff)
sendfile(r0, r0, 0x0, 0x8080fffffffe)
r3 = socket(0x2, 0x803, 0xff)
getsockopt$EBT_SO_GET_INIT_ENTRIES(0xffffffffffffffff, 0x0, 0x83, 0x0, 0x0)
connect$inet(r3, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r4 = dup(r3)
r5 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x8000fffffffe)

21:01:09 executing program 5:
chmod(0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x800}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x5)
ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40042409, 0x1)
r2 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(r2, &(0x7f0000002cc0), 0x1a3, 0x0)
write$binfmt_misc(r1, &(0x7f0000000840)=ANY=[@ANYBLOB="5300000044a6aeabc81e1520000000000000000700fff64017db9820000000000000d423ffff633b27e59aa146175dd106736d173f0fc7ec6e26560000000049d23822c013286344c03948c6801d2c0945c08ba8c552fc99a7422007653872ecb4f63acdfe80819a277d9079cc4cb5e0ab17b299b81f2d274014ae40b81d030000d2fbea75e16af8ffffffffffffff0627ec60cb274e00da971f333396d74c92fad7e34bd5522400cc36c2442eac2d224609abe062060800000200000000000000000000f390d71cc6092cddd3b056f3fc65d61c2b3c65f2f80a61ea6e457ebc93a71b20e03b86d4e999bbb53a0e786b6d985f7f04533da93f7b0ee0ceb0e80600cff8ca2996e518e3e69051f6d243e0e9b2be17f9ebfeb82ee2469fb39bdbb2768d25f19600002dc045421b94d878d0d9c2a5c74633b6cd8ae563734d4f1089a687a135308e517ac7bb2994ccc7e054d3f18cb770e4908dd3deaafaab51144c1e1b86b6291f5e73ff040000000000000000000000000000009a583b79ab00f71d85463c57c5bb1f1084e683b591fc2c8b8a38b7ee57afa01a"], 0x259)
r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)

21:01:09 executing program 3:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r1, 0x400455c8, 0x9)
dup2(r0, r1)
syz_usb_connect(0x0, 0x0, 0x0, 0x0)

[  563.058226][    C1] sd 0:0:1:0: [sg0] tag#6977 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s
[  563.068654][    C1] sd 0:0:1:0: [sg0] tag#6977 CDB: Test Unit Ready
[  563.075153][    C1] sd 0:0:1:0: [sg0] tag#6977 CDB[00]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  563.084759][    C1] sd 0:0:1:0: [sg0] tag#6977 CDB[10]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  563.094371][    C1] sd 0:0:1:0: [sg0] tag#6977 CDB[20]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  563.103991][    C1] sd 0:0:1:0: [sg0] tag#6977 CDB[30]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  563.113588][    C1] sd 0:0:1:0: [sg0] tag#6977 CDB[40]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  563.120690][    C0] sd 0:0:1:0: [sg0] tag#6978 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s
[  563.123170][    C1] sd 0:0:1:0: [sg0] tag#6977 CDB[50]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  563.123189][    C1] sd 0:0:1:0: [sg0] tag#6977 CDB[60]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  563.123206][    C1] sd 0:0:1:0: [sg0] tag#6977 CDB[70]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  563.133575][    C0] sd 0:0:1:0: [sg0] tag#6978 CDB: Test Unit Ready
[  563.143134][    C1] sd 0:0:1:0: [sg0] tag#6977 CDB[80]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  563.152717][    C0] sd 0:0:1:0: [sg0] tag#6978 CDB[00]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  563.162276][    C1] sd 0:0:1:0: [sg0] tag#6977 CDB[90]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  563.162294][    C1] sd 0:0:1:0: [sg0] tag#6977 CDB[a0]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  563.168683][    C0] sd 0:0:1:0: [sg0] tag#6978 CDB[10]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  563.178233][    C1] sd 0:0:1:0: [sg0] tag#6977 CDB[b0]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  563.187772][    C0] sd 0:0:1:0: [sg0] tag#6978 CDB[20]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  563.197311][    C1] sd 0:0:1:0: [sg0] tag#6977 CDB[c0]: 00 00 00 00 00 00 00 00
[  563.206849][    C0] sd 0:0:1:0: [sg0] tag#6978 CDB[30]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  563.250365][   T27] audit: type=1804 audit(1597266070.228:360): pid=16653 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/315/bus" dev="sda1" ino=16379 res=1 errno=0
[  563.252522][    C0] sd 0:0:1:0: [sg0] tag#6978 CDB[40]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  563.285709][    C0] sd 0:0:1:0: [sg0] tag#6978 CDB[50]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  563.295304][    C0] sd 0:0:1:0: [sg0] tag#6978 CDB[60]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  563.304907][    C0] sd 0:0:1:0: [sg0] tag#6978 CDB[70]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  563.314504][    C0] sd 0:0:1:0: [sg0] tag#6978 CDB[80]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  563.324107][    C0] sd 0:0:1:0: [sg0] tag#6978 CDB[90]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  563.333724][    C0] sd 0:0:1:0: [sg0] tag#6978 CDB[a0]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  563.343323][    C0] sd 0:0:1:0: [sg0] tag#6978 CDB[b0]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  563.352924][    C0] sd 0:0:1:0: [sg0] tag#6978 CDB[c0]: 00 00 00 00 00 00 00 00
21:01:10 executing program 4:
perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(r0, &(0x7f0000002cc0), 0x1a3, 0x0)

21:01:10 executing program 1:
perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x800, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(r0, &(0x7f0000002cc0), 0x1a3, 0x0)

21:01:10 executing program 5:
chmod(0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x800}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x5)
ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40042409, 0x1)
r2 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(r2, &(0x7f0000002cc0), 0x1a3, 0x0)
write$binfmt_misc(r1, &(0x7f0000000840)=ANY=[@ANYBLOB="5300000044a6aeabc81e1520000000000000000700fff64017db9820000000000000d423ffff633b27e59aa146175dd106736d173f0fc7ec6e26560000000049d23822c013286344c03948c6801d2c0945c08ba8c552fc99a7422007653872ecb4f63acdfe80819a277d9079cc4cb5e0ab17b299b81f2d274014ae40b81d030000d2fbea75e16af8ffffffffffffff0627ec60cb274e00da971f333396d74c92fad7e34bd5522400cc36c2442eac2d224609abe062060800000200000000000000000000f390d71cc6092cddd3b056f3fc65d61c2b3c65f2f80a61ea6e457ebc93a71b20e03b86d4e999bbb53a0e786b6d985f7f04533da93f7b0ee0ceb0e80600cff8ca2996e518e3e69051f6d243e0e9b2be17f9ebfeb82ee2469fb39bdbb2768d25f19600002dc045421b94d878d0d9c2a5c74633b6cd8ae563734d4f1089a687a135308e517ac7bb2994ccc7e054d3f18cb770e4908dd3deaafaab51144c1e1b86b6291f5e73ff040000000000000000000000000000009a583b79ab00f71d85463c57c5bb1f1084e683b591fc2c8b8a38b7ee57afa01a"], 0x259)
r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)

[  563.789077][    C0] sd 0:0:1:0: [sg0] tag#6980 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s
[  563.799608][    C0] sd 0:0:1:0: [sg0] tag#6980 CDB: Test Unit Ready
[  563.806099][    C0] sd 0:0:1:0: [sg0] tag#6980 CDB[00]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  563.815696][    C0] sd 0:0:1:0: [sg0] tag#6980 CDB[10]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  563.825289][    C0] sd 0:0:1:0: [sg0] tag#6980 CDB[20]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  563.834896][    C0] sd 0:0:1:0: [sg0] tag#6980 CDB[30]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  563.844495][    C0] sd 0:0:1:0: [sg0] tag#6980 CDB[40]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  563.854089][    C0] sd 0:0:1:0: [sg0] tag#6980 CDB[50]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  563.863683][    C0] sd 0:0:1:0: [sg0] tag#6980 CDB[60]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  563.873280][    C0] sd 0:0:1:0: [sg0] tag#6980 CDB[70]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  563.882877][    C0] sd 0:0:1:0: [sg0] tag#6980 CDB[80]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  563.892479][    C0] sd 0:0:1:0: [sg0] tag#6980 CDB[90]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  563.899045][    C1] sd 0:0:1:0: [sg0] tag#6979 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s
[  563.902057][    C0] sd 0:0:1:0: [sg0] tag#6980 CDB[a0]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  563.912398][    C1] sd 0:0:1:0: [sg0] tag#6979 CDB: Test Unit Ready
[  563.921919][    C0] sd 0:0:1:0: [sg0] tag#6980 CDB[b0]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  563.928310][    C1] sd 0:0:1:0: [sg0] tag#6979 CDB[00]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  563.937845][    C0] sd 0:0:1:0: [sg0] tag#6980 CDB[c0]: 00 00 00 00 00 00 00 00
[  563.947384][    C1] sd 0:0:1:0: [sg0] tag#6979 CDB[10]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  563.964404][    C1] sd 0:0:1:0: [sg0] tag#6979 CDB[20]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  563.973999][    C1] sd 0:0:1:0: [sg0] tag#6979 CDB[30]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  563.983594][    C1] sd 0:0:1:0: [sg0] tag#6979 CDB[40]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  563.993189][    C1] sd 0:0:1:0: [sg0] tag#6979 CDB[50]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  564.002788][    C1] sd 0:0:1:0: [sg0] tag#6979 CDB[60]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  564.012387][    C1] sd 0:0:1:0: [sg0] tag#6979 CDB[70]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  564.021988][    C1] sd 0:0:1:0: [sg0] tag#6979 CDB[80]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
21:01:11 executing program 3:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r1, 0x400455c8, 0x9)
dup2(r0, r1)
syz_usb_connect(0x0, 0x0, 0x0, 0x0)

21:01:11 executing program 2:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r1, 0x400455c8, 0x9)
dup2(r0, r1)
syz_usb_connect(0x0, 0x0, 0x0, 0x0)

21:01:11 executing program 0:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0)
r1 = getpgid(0x0)
perf_event_open(0x0, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r2, 0x2007fff)
sendfile(r0, r0, 0x0, 0x8080fffffffe)
r3 = socket(0x2, 0x803, 0xff)
getsockopt$EBT_SO_GET_INIT_ENTRIES(0xffffffffffffffff, 0x0, 0x83, 0x0, 0x0)
connect$inet(r3, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r4 = dup(r3)
r5 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x8000fffffffe)

21:01:11 executing program 5:
chmod(0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x800}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x5)
ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40042409, 0x1)
r2 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(r2, &(0x7f0000002cc0), 0x1a3, 0x0)
write$binfmt_misc(r1, &(0x7f0000000840)=ANY=[@ANYBLOB="5300000044a6aeabc81e1520000000000000000700fff64017db9820000000000000d423ffff633b27e59aa146175dd106736d173f0fc7ec6e26560000000049d23822c013286344c03948c6801d2c0945c08ba8c552fc99a7422007653872ecb4f63acdfe80819a277d9079cc4cb5e0ab17b299b81f2d274014ae40b81d030000d2fbea75e16af8ffffffffffffff0627ec60cb274e00da971f333396d74c92fad7e34bd5522400cc36c2442eac2d224609abe062060800000200000000000000000000f390d71cc6092cddd3b056f3fc65d61c2b3c65f2f80a61ea6e457ebc93a71b20e03b86d4e999bbb53a0e786b6d985f7f04533da93f7b0ee0ceb0e80600cff8ca2996e518e3e69051f6d243e0e9b2be17f9ebfeb82ee2469fb39bdbb2768d25f19600002dc045421b94d878d0d9c2a5c74633b6cd8ae563734d4f1089a687a135308e517ac7bb2994ccc7e054d3f18cb770e4908dd3deaafaab51144c1e1b86b6291f5e73ff040000000000000000000000000000009a583b79ab00f71d85463c57c5bb1f1084e683b591fc2c8b8a38b7ee57afa01a"], 0x259)
r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)

[  564.031592][    C1] sd 0:0:1:0: [sg0] tag#6979 CDB[90]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  564.041188][    C1] sd 0:0:1:0: [sg0] tag#6979 CDB[a0]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  564.050789][    C1] sd 0:0:1:0: [sg0] tag#6979 CDB[b0]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  564.060372][    C1] sd 0:0:1:0: [sg0] tag#6979 CDB[c0]: 00 00 00 00 00 00 00 00
21:01:11 executing program 4:
perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(r0, &(0x7f0000002cc0), 0x1a3, 0x0)

21:01:11 executing program 1:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r1, 0x2007fff)
sendfile(r0, r0, 0x0, 0x8080fffffffe)
r2 = socket(0x2, 0x803, 0xff)
getsockopt$EBT_SO_GET_INIT_ENTRIES(0xffffffffffffffff, 0x0, 0x83, 0x0, 0x0)
connect$inet(r2, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r3 = dup(r2)
r4 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r3, r4, 0x0, 0x8000fffffffe)

[  564.384932][    C1] sd 0:0:1:0: [sg0] tag#6982 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s
[  564.395430][    C1] sd 0:0:1:0: [sg0] tag#6982 CDB: Test Unit Ready
[  564.401962][    C1] sd 0:0:1:0: [sg0] tag#6982 CDB[00]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  564.411560][    C1] sd 0:0:1:0: [sg0] tag#6982 CDB[10]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  564.421153][    C1] sd 0:0:1:0: [sg0] tag#6982 CDB[20]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  564.430786][    C1] sd 0:0:1:0: [sg0] tag#6982 CDB[30]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  564.440375][    C1] sd 0:0:1:0: [sg0] tag#6982 CDB[40]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  564.449965][    C1] sd 0:0:1:0: [sg0] tag#6982 CDB[50]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  564.459511][    C1] sd 0:0:1:0: [sg0] tag#6982 CDB[60]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  564.469106][    C1] sd 0:0:1:0: [sg0] tag#6982 CDB[70]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
21:01:11 executing program 4:
chmod(0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000240)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x800, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x5)
ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40042409, 0x1)
r2 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(r2, &(0x7f0000002cc0), 0x1a3, 0x0)
write$binfmt_misc(r1, &(0x7f0000000840)=ANY=[@ANYBLOB="5300000044a6aeabc81e1520000000000000000700fff64017db9820000000000000d423ffff633b27e59aa146175dd106736d173f0fc7ec6e26560000000049d23822c013286344c03948c6801d2c0945c08ba8c552fc99a7422007653872ecb4f63acdfe80819a277d9079cc4cb5e0ab17b299b81f2d274014ae40b81d030000d2fbea75e16af8ffffffffffffff0627ec60cb274e00da971f333396d74c92fad7e34bd5522400cc36c2442eac2d224609abe062060800000200000000000000000000f390d71cc6092cddd3b056f3fc65d61c2b3c65f2f80a61ea6e457ebc93a71b20e03b86d4e999bbb53a0e786b6d985f7f04533da93f7b0ee0ceb0e80600cff8ca2996e518e3e69051f6d243e0e9b2be17f9ebfeb82ee2469fb39bdbb2768d25f19600002dc045421b94d878d0d9c2a5c74633b6cd8ae563734d4f1089a687a135308e517ac7bb2994ccc7e054d3f18cb770e4908dd3deaafaab51144c1e1b86b6291f5e73ff040000000000000000000000000000009a583b79ab00f71d85463c57c5bb1f1084e683b591fc2c8b8a38b7ee57afa01a"], 0x259)
r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)

[  564.478700][    C1] sd 0:0:1:0: [sg0] tag#6982 CDB[80]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  564.488299][    C1] sd 0:0:1:0: [sg0] tag#6982 CDB[90]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  564.497905][    C1] sd 0:0:1:0: [sg0] tag#6982 CDB[a0]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  564.507506][    C1] sd 0:0:1:0: [sg0] tag#6982 CDB[b0]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  564.517108][    C1] sd 0:0:1:0: [sg0] tag#6982 CDB[c0]: 00 00 00 00 00 00 00 00
21:01:11 executing program 5:
chmod(0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x800}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$sg(0x0, 0x0, 0x5)
ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40042409, 0x1)
r2 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(r2, &(0x7f0000002cc0), 0x1a3, 0x0)
write$binfmt_misc(r1, &(0x7f0000000840)=ANY=[@ANYBLOB="5300000044a6aeabc81e1520000000000000000700fff64017db9820000000000000d423ffff633b27e59aa146175dd106736d173f0fc7ec6e26560000000049d23822c013286344c03948c6801d2c0945c08ba8c552fc99a7422007653872ecb4f63acdfe80819a277d9079cc4cb5e0ab17b299b81f2d274014ae40b81d030000d2fbea75e16af8ffffffffffffff0627ec60cb274e00da971f333396d74c92fad7e34bd5522400cc36c2442eac2d224609abe062060800000200000000000000000000f390d71cc6092cddd3b056f3fc65d61c2b3c65f2f80a61ea6e457ebc93a71b20e03b86d4e999bbb53a0e786b6d985f7f04533da93f7b0ee0ceb0e80600cff8ca2996e518e3e69051f6d243e0e9b2be17f9ebfeb82ee2469fb39bdbb2768d25f19600002dc045421b94d878d0d9c2a5c74633b6cd8ae563734d4f1089a687a135308e517ac7bb2994ccc7e054d3f18cb770e4908dd3deaafaab51144c1e1b86b6291f5e73ff040000000000000000000000000000009a583b79ab00f71d85463c57c5bb1f1084e683b591fc2c8b8a38b7ee57afa01a"], 0x259)
r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)

[  564.540534][   T27] audit: type=1804 audit(1597266071.418:361): pid=16685 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/316/bus" dev="sda1" ino=16369 res=1 errno=0
[  564.579960][   T27] audit: type=1804 audit(1597266071.528:362): pid=16687 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir504584553/syzkaller.tMLelO/348/bus" dev="sda1" ino=16367 res=1 errno=0
[  564.700382][    C0] sd 0:0:1:0: [sg0] tag#7010 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s
[  564.710921][    C0] sd 0:0:1:0: [sg0] tag#7010 CDB: Test Unit Ready
[  564.717358][    C0] sd 0:0:1:0: [sg0] tag#7010 CDB[00]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  564.727005][    C0] sd 0:0:1:0: [sg0] tag#7010 CDB[10]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  564.736631][    C0] sd 0:0:1:0: [sg0] tag#7010 CDB[20]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  564.746267][    C0] sd 0:0:1:0: [sg0] tag#7010 CDB[30]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  564.755872][    C0] sd 0:0:1:0: [sg0] tag#7010 CDB[40]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  564.765491][    C0] sd 0:0:1:0: [sg0] tag#7010 CDB[50]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  564.775104][    C0] sd 0:0:1:0: [sg0] tag#7010 CDB[60]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  564.784711][    C0] sd 0:0:1:0: [sg0] tag#7010 CDB[70]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
21:01:11 executing program 3:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r1, 0x400455c8, 0x9)
dup2(r0, r1)
syz_usb_connect(0x0, 0x0, 0x0, 0x0)

[  564.794321][    C0] sd 0:0:1:0: [sg0] tag#7010 CDB[80]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  564.803928][    C0] sd 0:0:1:0: [sg0] tag#7010 CDB[90]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  564.813536][    C0] sd 0:0:1:0: [sg0] tag#7010 CDB[a0]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  564.823150][    C0] sd 0:0:1:0: [sg0] tag#7010 CDB[b0]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  564.832760][    C0] sd 0:0:1:0: [sg0] tag#7010 CDB[c0]: 00 00 00 00 00 00 00 00
21:01:12 executing program 2:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r1, 0x400455c8, 0x9)
dup2(r0, r1)
syz_usb_connect(0x0, 0x0, 0x0, 0x0)

21:01:12 executing program 0:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0)
r1 = getpgid(0x0)
perf_event_open(0x0, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r2, 0x2007fff)
sendfile(r0, r0, 0x0, 0x8080fffffffe)
r3 = socket(0x2, 0x803, 0xff)
getsockopt$EBT_SO_GET_INIT_ENTRIES(0xffffffffffffffff, 0x0, 0x83, 0x0, 0x0)
connect$inet(r3, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r4 = dup(r3)
r5 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x8000fffffffe)

21:01:12 executing program 4:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r1, 0x2007fff)
sendfile(r0, r0, 0x0, 0x8080fffffffe)
r2 = socket(0x2, 0x803, 0xff)
getsockopt$EBT_SO_GET_INIT_ENTRIES(0xffffffffffffffff, 0x0, 0x83, 0x0, 0x0)
connect$inet(r2, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r3 = dup(r2)
r4 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r3, r4, 0x0, 0x8000fffffffe)

21:01:12 executing program 5:
chmod(0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x800}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$sg(0x0, 0x0, 0x5)
ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40042409, 0x1)
r2 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(r2, &(0x7f0000002cc0), 0x1a3, 0x0)
write$binfmt_misc(r1, &(0x7f0000000840)=ANY=[@ANYBLOB="5300000044a6aeabc81e1520000000000000000700fff64017db9820000000000000d423ffff633b27e59aa146175dd106736d173f0fc7ec6e26560000000049d23822c013286344c03948c6801d2c0945c08ba8c552fc99a7422007653872ecb4f63acdfe80819a277d9079cc4cb5e0ab17b299b81f2d274014ae40b81d030000d2fbea75e16af8ffffffffffffff0627ec60cb274e00da971f333396d74c92fad7e34bd5522400cc36c2442eac2d224609abe062060800000200000000000000000000f390d71cc6092cddd3b056f3fc65d61c2b3c65f2f80a61ea6e457ebc93a71b20e03b86d4e999bbb53a0e786b6d985f7f04533da93f7b0ee0ceb0e80600cff8ca2996e518e3e69051f6d243e0e9b2be17f9ebfeb82ee2469fb39bdbb2768d25f19600002dc045421b94d878d0d9c2a5c74633b6cd8ae563734d4f1089a687a135308e517ac7bb2994ccc7e054d3f18cb770e4908dd3deaafaab51144c1e1b86b6291f5e73ff040000000000000000000000000000009a583b79ab00f71d85463c57c5bb1f1084e683b591fc2c8b8a38b7ee57afa01a"], 0x259)
r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)

21:01:12 executing program 1:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r1, 0x2007fff)
sendfile(r0, r0, 0x0, 0x8080fffffffe)
r2 = socket(0x2, 0x803, 0xff)
getsockopt$EBT_SO_GET_INIT_ENTRIES(0xffffffffffffffff, 0x0, 0x83, 0x0, 0x0)
connect$inet(r2, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r3 = dup(r2)
r4 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r3, r4, 0x0, 0x8000fffffffe)

21:01:12 executing program 3:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, 0x0)
ioctl$KDADDIO(r1, 0x400455c8, 0x9)
dup2(r0, r1)
syz_usb_connect(0x0, 0x0, 0x0, 0x0)

[  565.549905][   T27] audit: type=1804 audit(1597266072.528:363): pid=16706 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/317/bus" dev="sda1" ino=16373 res=1 errno=0
[  565.696405][   T27] audit: type=1804 audit(1597266072.588:364): pid=16707 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.4" name="/root/syzkaller-testdir524528604/syzkaller.wgtRSl/217/bus" dev="sda1" ino=16384 res=1 errno=0
21:01:12 executing program 2:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r1, 0x400455c8, 0x9)
dup2(r0, r1)
syz_usb_connect(0x0, 0x0, 0x0, 0x0)

21:01:12 executing program 5:
chmod(0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x800}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$sg(0x0, 0x0, 0x5)
ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40042409, 0x1)
r2 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(r2, &(0x7f0000002cc0), 0x1a3, 0x0)
write$binfmt_misc(r1, &(0x7f0000000840)=ANY=[@ANYBLOB="5300000044a6aeabc81e1520000000000000000700fff64017db9820000000000000d423ffff633b27e59aa146175dd106736d173f0fc7ec6e26560000000049d23822c013286344c03948c6801d2c0945c08ba8c552fc99a7422007653872ecb4f63acdfe80819a277d9079cc4cb5e0ab17b299b81f2d274014ae40b81d030000d2fbea75e16af8ffffffffffffff0627ec60cb274e00da971f333396d74c92fad7e34bd5522400cc36c2442eac2d224609abe062060800000200000000000000000000f390d71cc6092cddd3b056f3fc65d61c2b3c65f2f80a61ea6e457ebc93a71b20e03b86d4e999bbb53a0e786b6d985f7f04533da93f7b0ee0ceb0e80600cff8ca2996e518e3e69051f6d243e0e9b2be17f9ebfeb82ee2469fb39bdbb2768d25f19600002dc045421b94d878d0d9c2a5c74633b6cd8ae563734d4f1089a687a135308e517ac7bb2994ccc7e054d3f18cb770e4908dd3deaafaab51144c1e1b86b6291f5e73ff040000000000000000000000000000009a583b79ab00f71d85463c57c5bb1f1084e683b591fc2c8b8a38b7ee57afa01a"], 0x259)
r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)

[  565.992361][   T27] audit: type=1804 audit(1597266072.968:365): pid=16716 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir504584553/syzkaller.tMLelO/349/bus" dev="sda1" ino=16380 res=1 errno=0
21:01:13 executing program 0:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0)
r1 = getpgid(0x0)
perf_event_open(0x0, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r2, 0x2007fff)
sendfile(r0, r0, 0x0, 0x8080fffffffe)
r3 = socket(0x2, 0x803, 0xff)
getsockopt$EBT_SO_GET_INIT_ENTRIES(0xffffffffffffffff, 0x0, 0x83, 0x0, 0x0)
connect$inet(r3, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r4 = dup(r3)
r5 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x8000fffffffe)

21:01:13 executing program 3:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, 0x0)
ioctl$KDADDIO(r1, 0x400455c8, 0x9)
dup2(r0, r1)
syz_usb_connect(0x0, 0x0, 0x0, 0x0)

21:01:13 executing program 5:
chmod(0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x800}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$sg(0x0, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40042409, 0x1)
r2 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(r2, &(0x7f0000002cc0), 0x1a3, 0x0)
write$binfmt_misc(r1, &(0x7f0000000840)=ANY=[@ANYBLOB="5300000044a6aeabc81e1520000000000000000700fff64017db9820000000000000d423ffff633b27e59aa146175dd106736d173f0fc7ec6e26560000000049d23822c013286344c03948c6801d2c0945c08ba8c552fc99a7422007653872ecb4f63acdfe80819a277d9079cc4cb5e0ab17b299b81f2d274014ae40b81d030000d2fbea75e16af8ffffffffffffff0627ec60cb274e00da971f333396d74c92fad7e34bd5522400cc36c2442eac2d224609abe062060800000200000000000000000000f390d71cc6092cddd3b056f3fc65d61c2b3c65f2f80a61ea6e457ebc93a71b20e03b86d4e999bbb53a0e786b6d985f7f04533da93f7b0ee0ceb0e80600cff8ca2996e518e3e69051f6d243e0e9b2be17f9ebfeb82ee2469fb39bdbb2768d25f19600002dc045421b94d878d0d9c2a5c74633b6cd8ae563734d4f1089a687a135308e517ac7bb2994ccc7e054d3f18cb770e4908dd3deaafaab51144c1e1b86b6291f5e73ff040000000000000000000000000000009a583b79ab00f71d85463c57c5bb1f1084e683b591fc2c8b8a38b7ee57afa01a"], 0x259)
r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)

21:01:13 executing program 4:
chmod(0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x800, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x5)
ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40042409, 0x1)
r2 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(r2, &(0x7f0000002cc0), 0x1a3, 0x0)
write$binfmt_misc(r1, &(0x7f0000000840)=ANY=[@ANYBLOB="5300000044a6aeabc81e1520000000000000000700fff64017db9820000000000000d423ffff633b27e59aa146175dd106736d173f0fc7ec6e26560000000049d23822c013286344c03948c6801d2c0945c08ba8c552fc99a7422007653872ecb4f63acdfe80819a277d9079cc4cb5e0ab17b299b81f2d274014ae40b81d030000d2fbea75e16af8ffffffffffffff0627ec60cb274e00da971f333396d74c92fad7e34bd5522400cc36c2442eac2d224609abe062060800000200000000000000000000f390d71cc6092cddd3b056f3fc65d61c2b3c65f2f80a61ea6e457ebc93a71b20e03b86d4e999bbb53a0e786b6d985f7f04533da93f7b0ee0ceb0e80600cff8ca2996e518e3e69051f6d243e0e9b2be17f9ebfeb82ee2469fb39bdbb2768d25f19600002dc045421b94d878d0d9c2a5c74633b6cd8ae563734d4f1089a687a135308e517ac7bb2994ccc7e054d3f18cb770e4908dd3deaafaab51144c1e1b86b6291f5e73ff040000000000000000000000000000009a583b79ab00f71d85463c57c5bb1f1084e683b591fc2c8b8a38b7ee57afa01a"], 0x259)
r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)

21:01:13 executing program 2:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r1, 0x400455c8, 0x9)
dup2(r0, r1)
syz_usb_connect(0x0, 0x0, 0x0, 0x0)

21:01:13 executing program 1:
getsockopt$inet_sctp6_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, 0x0, &(0x7f0000000200))
r0 = perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x800, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x5)
ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40042409, 0x1)
r2 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(r2, &(0x7f0000002cc0), 0x1a3, 0x0)
write$binfmt_misc(r1, &(0x7f0000000840)=ANY=[@ANYBLOB="5300000044a6aeabc81e1520000000000000000700fff64017db9820000000000000d423ffff633b27e59aa146175dd106736d173f0fc7ec6e26560000000049d23822c013286344c03948c6801d2c0945c08ba8c552fc99a7422007653872ecb4f63acdfe80819a277d9079cc4cb5e0ab17b299b81f2d274014ae40b81d030000d2fbea75e16af8ffffffffffffff0627ec60cb274e00da971f333396d74c92fad7e34bd5522400cc36c2442eac2d224609abe062060800000200000000000000000000f390d71cc6092cddd3b056f3fc65d61c2b3c65f2f80a61ea6e457ebc93a71b20e03b86d4e999bbb53a0e786b6d985f7f04533da93f7b0ee0ceb0e80600cff8ca2996e518e3e69051f6d243e0e9b2be17f9ebfeb82ee2469fb39bdbb2768d25f19600002dc045421b94d878d0d9c2a5c74633b6cd8ae563734d4f1089a687a135308e517ac7bb2994ccc7e054d3f18cb770e4908dd3deaafaab51144c1e1b86b6291f5e73ff040000000000000000000000000000009a583b79ab00f71d85463c57c5bb1f1084e683b591fc2c8b8a38b7ee57afa01a"], 0x259)
r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)

[  566.811456][   T27] audit: type=1804 audit(1597266073.798:366): pid=16729 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/318/bus" dev="sda1" ino=16371 res=1 errno=0
[  566.907425][    C0] sd 0:0:1:0: [sg0] tag#7022 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s
[  566.917966][    C0] sd 0:0:1:0: [sg0] tag#7022 CDB: Test Unit Ready
[  566.924449][    C0] sd 0:0:1:0: [sg0] tag#7022 CDB[00]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  566.934068][    C0] sd 0:0:1:0: [sg0] tag#7022 CDB[10]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  566.943680][    C0] sd 0:0:1:0: [sg0] tag#7022 CDB[20]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  566.953315][    C0] sd 0:0:1:0: [sg0] tag#7022 CDB[30]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  566.962925][    C0] sd 0:0:1:0: [sg0] tag#7022 CDB[40]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  566.972530][    C0] sd 0:0:1:0: [sg0] tag#7022 CDB[50]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  566.982225][    C0] sd 0:0:1:0: [sg0] tag#7022 CDB[60]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  566.991831][    C0] sd 0:0:1:0: [sg0] tag#7022 CDB[70]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
21:01:13 executing program 5:
chmod(0x0, 0x0)
perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x800}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(0x0, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(0xffffffffffffffff, 0x40042409, 0x1)
r1 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(r1, &(0x7f0000002cc0), 0x1a3, 0x0)
write$binfmt_misc(r0, &(0x7f0000000840)=ANY=[@ANYBLOB="5300000044a6aeabc81e1520000000000000000700fff64017db9820000000000000d423ffff633b27e59aa146175dd106736d173f0fc7ec6e26560000000049d23822c013286344c03948c6801d2c0945c08ba8c552fc99a7422007653872ecb4f63acdfe80819a277d9079cc4cb5e0ab17b299b81f2d274014ae40b81d030000d2fbea75e16af8ffffffffffffff0627ec60cb274e00da971f333396d74c92fad7e34bd5522400cc36c2442eac2d224609abe062060800000200000000000000000000f390d71cc6092cddd3b056f3fc65d61c2b3c65f2f80a61ea6e457ebc93a71b20e03b86d4e999bbb53a0e786b6d985f7f04533da93f7b0ee0ceb0e80600cff8ca2996e518e3e69051f6d243e0e9b2be17f9ebfeb82ee2469fb39bdbb2768d25f19600002dc045421b94d878d0d9c2a5c74633b6cd8ae563734d4f1089a687a135308e517ac7bb2994ccc7e054d3f18cb770e4908dd3deaafaab51144c1e1b86b6291f5e73ff040000000000000000000000000000009a583b79ab00f71d85463c57c5bb1f1084e683b591fc2c8b8a38b7ee57afa01a"], 0x259)
r2 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)

[  567.001435][    C0] sd 0:0:1:0: [sg0] tag#7022 CDB[80]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  567.011032][    C0] sd 0:0:1:0: [sg0] tag#7022 CDB[90]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  567.015034][    C1] sd 0:0:1:0: [sg0] tag#7000 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s
[  567.020611][    C0] sd 0:0:1:0: [sg0] tag#7022 CDB[a0]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  567.030953][    C1] sd 0:0:1:0: [sg0] tag#7000 CDB: Test Unit Ready
[  567.040474][    C0] sd 0:0:1:0: [sg0] tag#7022 CDB[b0]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  567.046996][    C1] sd 0:0:1:0: [sg0] tag#7000 CDB[00]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  567.056512][    C0] sd 0:0:1:0: [sg0] tag#7022 CDB[c0]: 00 00 00 00 00 00 00 00
[  567.066069][    C1] sd 0:0:1:0: [sg0] tag#7000 CDB[10]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  567.083081][    C1] sd 0:0:1:0: [sg0] tag#7000 CDB[20]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  567.092669][    C1] sd 0:0:1:0: [sg0] tag#7000 CDB[30]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  567.102263][    C1] sd 0:0:1:0: [sg0] tag#7000 CDB[40]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  567.111871][    C1] sd 0:0:1:0: [sg0] tag#7000 CDB[50]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  567.121467][    C1] sd 0:0:1:0: [sg0] tag#7000 CDB[60]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  567.131055][    C1] sd 0:0:1:0: [sg0] tag#7000 CDB[70]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  567.140651][    C1] sd 0:0:1:0: [sg0] tag#7000 CDB[80]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  567.150252][    C1] sd 0:0:1:0: [sg0] tag#7000 CDB[90]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  567.159857][    C1] sd 0:0:1:0: [sg0] tag#7000 CDB[a0]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  567.169412][    C1] sd 0:0:1:0: [sg0] tag#7000 CDB[b0]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  567.179010][    C1] sd 0:0:1:0: [sg0] tag#7000 CDB[c0]: 00 00 00 00 00 00 00 00
21:01:14 executing program 3:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, 0x0)
ioctl$KDADDIO(r1, 0x400455c8, 0x9)
dup2(r0, r1)
syz_usb_connect(0x0, 0x0, 0x0, 0x0)

21:01:14 executing program 1:
getsockopt$inet_sctp6_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, 0x0, &(0x7f0000000200))
chmod(0x0, 0x4d)
perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x800, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x5)
r0 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(r0, &(0x7f0000002cc0), 0x1a3, 0x0)

21:01:14 executing program 5:
chmod(0x0, 0x0)
perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x800}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(0x0, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(0xffffffffffffffff, 0x40042409, 0x1)
r1 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(r1, &(0x7f0000002cc0), 0x1a3, 0x0)
write$binfmt_misc(r0, &(0x7f0000000840)=ANY=[@ANYBLOB="5300000044a6aeabc81e1520000000000000000700fff64017db9820000000000000d423ffff633b27e59aa146175dd106736d173f0fc7ec6e26560000000049d23822c013286344c03948c6801d2c0945c08ba8c552fc99a7422007653872ecb4f63acdfe80819a277d9079cc4cb5e0ab17b299b81f2d274014ae40b81d030000d2fbea75e16af8ffffffffffffff0627ec60cb274e00da971f333396d74c92fad7e34bd5522400cc36c2442eac2d224609abe062060800000200000000000000000000f390d71cc6092cddd3b056f3fc65d61c2b3c65f2f80a61ea6e457ebc93a71b20e03b86d4e999bbb53a0e786b6d985f7f04533da93f7b0ee0ceb0e80600cff8ca2996e518e3e69051f6d243e0e9b2be17f9ebfeb82ee2469fb39bdbb2768d25f19600002dc045421b94d878d0d9c2a5c74633b6cd8ae563734d4f1089a687a135308e517ac7bb2994ccc7e054d3f18cb770e4908dd3deaafaab51144c1e1b86b6291f5e73ff040000000000000000000000000000009a583b79ab00f71d85463c57c5bb1f1084e683b591fc2c8b8a38b7ee57afa01a"], 0x259)
r2 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)

21:01:14 executing program 4:
getsockopt$inet_sctp6_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, 0x0, &(0x7f0000000200))
chmod(0x0, 0x4d)
perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x800, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x5)
r0 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(r0, &(0x7f0000002cc0), 0x1a3, 0x0)

21:01:14 executing program 2:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r1, 0x400455c8, 0x9)
dup2(r0, r1)
syz_usb_connect(0x0, 0x0, 0x0, 0x0)

21:01:14 executing program 0:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0)
r1 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r2, 0x2007fff)
sendfile(r0, r0, 0x0, 0x8080fffffffe)
r3 = socket(0x2, 0x803, 0xff)
getsockopt$EBT_SO_GET_INIT_ENTRIES(0xffffffffffffffff, 0x0, 0x83, 0x0, 0x0)
connect$inet(r3, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r4 = dup(r3)
r5 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x8000fffffffe)

21:01:14 executing program 1:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r1, 0x400455c8, 0x9)
dup2(r0, r1)
syz_usb_connect(0x0, 0x0, 0x0, 0x0)

21:01:14 executing program 5:
chmod(0x0, 0x0)
perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x800}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(0x0, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(0xffffffffffffffff, 0x40042409, 0x0)
r1 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(r1, &(0x7f0000002cc0), 0x1a3, 0x0)
write$binfmt_misc(r0, &(0x7f0000000840)=ANY=[@ANYBLOB="5300000044a6aeabc81e1520000000000000000700fff64017db9820000000000000d423ffff633b27e59aa146175dd106736d173f0fc7ec6e26560000000049d23822c013286344c03948c6801d2c0945c08ba8c552fc99a7422007653872ecb4f63acdfe80819a277d9079cc4cb5e0ab17b299b81f2d274014ae40b81d030000d2fbea75e16af8ffffffffffffff0627ec60cb274e00da971f333396d74c92fad7e34bd5522400cc36c2442eac2d224609abe062060800000200000000000000000000f390d71cc6092cddd3b056f3fc65d61c2b3c65f2f80a61ea6e457ebc93a71b20e03b86d4e999bbb53a0e786b6d985f7f04533da93f7b0ee0ceb0e80600cff8ca2996e518e3e69051f6d243e0e9b2be17f9ebfeb82ee2469fb39bdbb2768d25f19600002dc045421b94d878d0d9c2a5c74633b6cd8ae563734d4f1089a687a135308e517ac7bb2994ccc7e054d3f18cb770e4908dd3deaafaab51144c1e1b86b6291f5e73ff040000000000000000000000000000009a583b79ab00f71d85463c57c5bb1f1084e683b591fc2c8b8a38b7ee57afa01a"], 0x259)
r2 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)

[  567.900935][   T21] Bluetooth: hci6: Frame reassembly failed (-84)
[  567.909193][   T27] audit: type=1804 audit(1597266074.888:367): pid=16756 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/319/bus" dev="sda1" ino=16371 res=1 errno=0
21:01:15 executing program 3:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040))
ioctl$KDADDIO(r1, 0x400455c8, 0x9)
dup2(r0, r1)
syz_usb_connect(0x0, 0x0, 0x0, 0x0)

21:01:15 executing program 4:
chmod(0x0, 0x0)
perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x800}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(0x0, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(0xffffffffffffffff, 0x40042409, 0x1)
r1 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(r1, &(0x7f0000002cc0), 0x1a3, 0x0)
write$binfmt_misc(r0, &(0x7f0000000840)=ANY=[@ANYBLOB="5300000044a6aeabc81e1520000000000000000700fff64017db9820000000000000d423ffff633b27e59aa146175dd106736d173f0fc7ec6e26560000000049d23822c013286344c03948c6801d2c0945c08ba8c552fc99a7422007653872ecb4f63acdfe80819a277d9079cc4cb5e0ab17b299b81f2d274014ae40b81d030000d2fbea75e16af8ffffffffffffff0627ec60cb274e00da971f333396d74c92fad7e34bd5522400cc36c2442eac2d224609abe062060800000200000000000000000000f390d71cc6092cddd3b056f3fc65d61c2b3c65f2f80a61ea6e457ebc93a71b20e03b86d4e999bbb53a0e786b6d985f7f04533da93f7b0ee0ceb0e80600cff8ca2996e518e3e69051f6d243e0e9b2be17f9ebfeb82ee2469fb39bdbb2768d25f19600002dc045421b94d878d0d9c2a5c74633b6cd8ae563734d4f1089a687a135308e517ac7bb2994ccc7e054d3f18cb770e4908dd3deaafaab51144c1e1b86b6291f5e73ff040000000000000000000000000000009a583b79ab00f71d85463c57c5bb1f1084e683b591fc2c8b8a38b7ee57afa01a"], 0x259)
r2 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)

21:01:15 executing program 2:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, 0x0)
ioctl$KDADDIO(r1, 0x400455c8, 0x9)
dup2(r0, r1)
syz_usb_connect(0x0, 0x0, 0x0, 0x0)

21:01:15 executing program 5:
chmod(0x0, 0x0)
perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x800}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(0x0, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(0xffffffffffffffff, 0x40042409, 0x0)
r1 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(r1, &(0x7f0000002cc0), 0x1a3, 0x0)
write$binfmt_misc(r0, &(0x7f0000000840)=ANY=[@ANYBLOB="5300000044a6aeabc81e1520000000000000000700fff64017db9820000000000000d423ffff633b27e59aa146175dd106736d173f0fc7ec6e26560000000049d23822c013286344c03948c6801d2c0945c08ba8c552fc99a7422007653872ecb4f63acdfe80819a277d9079cc4cb5e0ab17b299b81f2d274014ae40b81d030000d2fbea75e16af8ffffffffffffff0627ec60cb274e00da971f333396d74c92fad7e34bd5522400cc36c2442eac2d224609abe062060800000200000000000000000000f390d71cc6092cddd3b056f3fc65d61c2b3c65f2f80a61ea6e457ebc93a71b20e03b86d4e999bbb53a0e786b6d985f7f04533da93f7b0ee0ceb0e80600cff8ca2996e518e3e69051f6d243e0e9b2be17f9ebfeb82ee2469fb39bdbb2768d25f19600002dc045421b94d878d0d9c2a5c74633b6cd8ae563734d4f1089a687a135308e517ac7bb2994ccc7e054d3f18cb770e4908dd3deaafaab51144c1e1b86b6291f5e73ff040000000000000000000000000000009a583b79ab00f71d85463c57c5bb1f1084e683b591fc2c8b8a38b7ee57afa01a"], 0x259)
r2 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)

21:01:15 executing program 4:
r0 = creat(&(0x7f0000000280)='./file0\x00', 0x1)
write$binfmt_script(r0, &(0x7f0000000380)=ANY=[@ANYBLOB='#! ./file0 '], 0x191)
close(r0)
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r2 = dup(r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
execve(&(0x7f00000000c0)='./file0\x00', 0x0, &(0x7f00000005c0))
execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)

21:01:15 executing program 0:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0)
r1 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r2, 0x2007fff)
sendfile(r0, r0, 0x0, 0x8080fffffffe)
r3 = socket(0x2, 0x803, 0xff)
getsockopt$EBT_SO_GET_INIT_ENTRIES(0xffffffffffffffff, 0x0, 0x83, 0x0, 0x0)
connect$inet(r3, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r4 = dup(r3)
r5 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x8000fffffffe)

21:01:15 executing program 5:
chmod(0x0, 0x0)
perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x800}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(0x0, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(0xffffffffffffffff, 0x40042409, 0x0)
r1 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(r1, &(0x7f0000002cc0), 0x1a3, 0x0)
write$binfmt_misc(r0, &(0x7f0000000840)=ANY=[@ANYBLOB="5300000044a6aeabc81e1520000000000000000700fff64017db9820000000000000d423ffff633b27e59aa146175dd106736d173f0fc7ec6e26560000000049d23822c013286344c03948c6801d2c0945c08ba8c552fc99a7422007653872ecb4f63acdfe80819a277d9079cc4cb5e0ab17b299b81f2d274014ae40b81d030000d2fbea75e16af8ffffffffffffff0627ec60cb274e00da971f333396d74c92fad7e34bd5522400cc36c2442eac2d224609abe062060800000200000000000000000000f390d71cc6092cddd3b056f3fc65d61c2b3c65f2f80a61ea6e457ebc93a71b20e03b86d4e999bbb53a0e786b6d985f7f04533da93f7b0ee0ceb0e80600cff8ca2996e518e3e69051f6d243e0e9b2be17f9ebfeb82ee2469fb39bdbb2768d25f19600002dc045421b94d878d0d9c2a5c74633b6cd8ae563734d4f1089a687a135308e517ac7bb2994ccc7e054d3f18cb770e4908dd3deaafaab51144c1e1b86b6291f5e73ff040000000000000000000000000000009a583b79ab00f71d85463c57c5bb1f1084e683b591fc2c8b8a38b7ee57afa01a"], 0x259)
r2 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)

21:01:15 executing program 4:
r0 = socket$kcm(0x10, 0x2, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x2800, 0x0)
sendmsg$kcm(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000100)="d800000018008109e00f80ecdb4cb904021d65effd02fc05e8fe55a10a000700ac14142603000e1208000400300000000300040008000300e558f030035c3b61c1d67f6f94007134cf6efb80002007a290457f0189b316277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1ddd322fe7c9f8775730d16a4683e4f6d0200003f5aeb4edbb57a5025ccca9e00360db798262f3d40fad9566701800000000000005ce3bb9ad809d5e1cace81ed0b7fece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92954b43370e9703", 0xd8}], 0x1}, 0x0)

21:01:15 executing program 3:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040))
ioctl$KDADDIO(r1, 0x400455c8, 0x9)
dup2(r0, r1)
syz_usb_connect(0x0, 0x0, 0x0, 0x0)

[  568.812735][   T27] audit: type=1804 audit(1597266075.798:368): pid=16780 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/320/bus" dev="sda1" ino=16366 res=1 errno=0
21:01:15 executing program 2:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, 0x0)
ioctl$KDADDIO(r1, 0x400455c8, 0x9)
dup2(r0, r1)
syz_usb_connect(0x0, 0x0, 0x0, 0x0)

[  568.873411][T16784] netlink: 'syz-executor.4': attribute type 7 has an invalid length.
[  568.893065][T16784] netlink: 168 bytes leftover after parsing attributes in process `syz-executor.4'.
[  568.941244][T16788] netlink: 'syz-executor.4': attribute type 7 has an invalid length.
[  568.956563][T16788] netlink: 168 bytes leftover after parsing attributes in process `syz-executor.4'.
[  569.959515][ T6858] Bluetooth: hci6: Entering manufacturer mode failed (-110)
[  569.968120][   T23] Bluetooth: hci6: command tx timeout
21:01:17 executing program 1:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r1, 0x400455c8, 0x9)
dup2(r0, r1)
syz_usb_connect(0x0, 0x0, 0x0, 0x0)

21:01:17 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_XSAVE(r2, 0x5000aea5, &(0x7f00000001c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80]})

21:01:17 executing program 5:
chmod(0x0, 0x0)
perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x800}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(0x0, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(0xffffffffffffffff, 0x40042409, 0x0)
r1 = socket$inet6(0xa, 0x0, 0x0)
connect$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(r1, &(0x7f0000002cc0), 0x1a3, 0x0)
write$binfmt_misc(r0, &(0x7f0000000840)=ANY=[@ANYBLOB="5300000044a6aeabc81e1520000000000000000700fff64017db9820000000000000d423ffff633b27e59aa146175dd106736d173f0fc7ec6e26560000000049d23822c013286344c03948c6801d2c0945c08ba8c552fc99a7422007653872ecb4f63acdfe80819a277d9079cc4cb5e0ab17b299b81f2d274014ae40b81d030000d2fbea75e16af8ffffffffffffff0627ec60cb274e00da971f333396d74c92fad7e34bd5522400cc36c2442eac2d224609abe062060800000200000000000000000000f390d71cc6092cddd3b056f3fc65d61c2b3c65f2f80a61ea6e457ebc93a71b20e03b86d4e999bbb53a0e786b6d985f7f04533da93f7b0ee0ceb0e80600cff8ca2996e518e3e69051f6d243e0e9b2be17f9ebfeb82ee2469fb39bdbb2768d25f19600002dc045421b94d878d0d9c2a5c74633b6cd8ae563734d4f1089a687a135308e517ac7bb2994ccc7e054d3f18cb770e4908dd3deaafaab51144c1e1b86b6291f5e73ff040000000000000000000000000000009a583b79ab00f71d85463c57c5bb1f1084e683b591fc2c8b8a38b7ee57afa01a"], 0x259)
r2 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)

21:01:17 executing program 3:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040))
ioctl$KDADDIO(r1, 0x400455c8, 0x9)
dup2(r0, r1)
syz_usb_connect(0x0, 0x0, 0x0, 0x0)

21:01:17 executing program 2:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, 0x0)
ioctl$KDADDIO(r1, 0x400455c8, 0x9)
dup2(r0, r1)
syz_usb_connect(0x0, 0x0, 0x0, 0x0)

21:01:17 executing program 0:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0)
r1 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r2, 0x2007fff)
sendfile(r0, r0, 0x0, 0x8080fffffffe)
r3 = socket(0x2, 0x803, 0xff)
getsockopt$EBT_SO_GET_INIT_ENTRIES(0xffffffffffffffff, 0x0, 0x83, 0x0, 0x0)
connect$inet(r3, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r4 = dup(r3)
r5 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x8000fffffffe)

21:01:17 executing program 5:
chmod(0x0, 0x0)
perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x800}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(0x0, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(0xffffffffffffffff, 0x40042409, 0x0)
r1 = socket$inet6(0xa, 0x0, 0x0)
connect$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(r1, &(0x7f0000002cc0), 0x1a3, 0x0)
write$binfmt_misc(r0, &(0x7f0000000840)=ANY=[@ANYBLOB="5300000044a6aeabc81e1520000000000000000700fff64017db9820000000000000d423ffff633b27e59aa146175dd106736d173f0fc7ec6e26560000000049d23822c013286344c03948c6801d2c0945c08ba8c552fc99a7422007653872ecb4f63acdfe80819a277d9079cc4cb5e0ab17b299b81f2d274014ae40b81d030000d2fbea75e16af8ffffffffffffff0627ec60cb274e00da971f333396d74c92fad7e34bd5522400cc36c2442eac2d224609abe062060800000200000000000000000000f390d71cc6092cddd3b056f3fc65d61c2b3c65f2f80a61ea6e457ebc93a71b20e03b86d4e999bbb53a0e786b6d985f7f04533da93f7b0ee0ceb0e80600cff8ca2996e518e3e69051f6d243e0e9b2be17f9ebfeb82ee2469fb39bdbb2768d25f19600002dc045421b94d878d0d9c2a5c74633b6cd8ae563734d4f1089a687a135308e517ac7bb2994ccc7e054d3f18cb770e4908dd3deaafaab51144c1e1b86b6291f5e73ff040000000000000000000000000000009a583b79ab00f71d85463c57c5bb1f1084e683b591fc2c8b8a38b7ee57afa01a"], 0x259)
r2 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)

[  570.661870][   T27] audit: type=1804 audit(1597266077.648:369): pid=16811 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/321/bus" dev="sda1" ino=16371 res=1 errno=0
21:01:17 executing program 4:
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$IP6T_SO_SET_ADD_COUNTERS(r0, 0x29, 0x41, &(0x7f0000000180)={'mangle\x00', 0x2, [{}, {}]}, 0x48)

[  570.732242][   T58] Bluetooth: hci6: Frame reassembly failed (-84)
21:01:17 executing program 5:
chmod(0x0, 0x0)
perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x800}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(0x0, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(0xffffffffffffffff, 0x40042409, 0x0)
r1 = socket$inet6(0xa, 0x0, 0x0)
connect$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(r1, &(0x7f0000002cc0), 0x1a3, 0x0)
write$binfmt_misc(r0, &(0x7f0000000840)=ANY=[@ANYBLOB="5300000044a6aeabc81e1520000000000000000700fff64017db9820000000000000d423ffff633b27e59aa146175dd106736d173f0fc7ec6e26560000000049d23822c013286344c03948c6801d2c0945c08ba8c552fc99a7422007653872ecb4f63acdfe80819a277d9079cc4cb5e0ab17b299b81f2d274014ae40b81d030000d2fbea75e16af8ffffffffffffff0627ec60cb274e00da971f333396d74c92fad7e34bd5522400cc36c2442eac2d224609abe062060800000200000000000000000000f390d71cc6092cddd3b056f3fc65d61c2b3c65f2f80a61ea6e457ebc93a71b20e03b86d4e999bbb53a0e786b6d985f7f04533da93f7b0ee0ceb0e80600cff8ca2996e518e3e69051f6d243e0e9b2be17f9ebfeb82ee2469fb39bdbb2768d25f19600002dc045421b94d878d0d9c2a5c74633b6cd8ae563734d4f1089a687a135308e517ac7bb2994ccc7e054d3f18cb770e4908dd3deaafaab51144c1e1b86b6291f5e73ff040000000000000000000000000000009a583b79ab00f71d85463c57c5bb1f1084e683b591fc2c8b8a38b7ee57afa01a"], 0x259)
r2 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)

21:01:17 executing program 4:
bpf$BPF_LINK_UPDATE(0x1d, &(0x7f0000000280), 0x10)

21:01:18 executing program 3:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(0xffffffffffffffff, 0x400455c8, 0x9)
dup2(r0, r1)
syz_usb_connect(0x0, 0x0, 0x0, 0x0)

21:01:18 executing program 5:
chmod(0x0, 0x0)
perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x800}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(0x0, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(0xffffffffffffffff, 0x40042409, 0x0)
r1 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(r1, &(0x7f0000002cc0), 0x1a3, 0x0)
write$binfmt_misc(r0, &(0x7f0000000840)=ANY=[@ANYBLOB="5300000044a6aeabc81e1520000000000000000700fff64017db9820000000000000d423ffff633b27e59aa146175dd106736d173f0fc7ec6e26560000000049d23822c013286344c03948c6801d2c0945c08ba8c552fc99a7422007653872ecb4f63acdfe80819a277d9079cc4cb5e0ab17b299b81f2d274014ae40b81d030000d2fbea75e16af8ffffffffffffff0627ec60cb274e00da971f333396d74c92fad7e34bd5522400cc36c2442eac2d224609abe062060800000200000000000000000000f390d71cc6092cddd3b056f3fc65d61c2b3c65f2f80a61ea6e457ebc93a71b20e03b86d4e999bbb53a0e786b6d985f7f04533da93f7b0ee0ceb0e80600cff8ca2996e518e3e69051f6d243e0e9b2be17f9ebfeb82ee2469fb39bdbb2768d25f19600002dc045421b94d878d0d9c2a5c74633b6cd8ae563734d4f1089a687a135308e517ac7bb2994ccc7e054d3f18cb770e4908dd3deaafaab51144c1e1b86b6291f5e73ff040000000000000000000000000000009a583b79ab00f71d85463c57c5bb1f1084e683b591fc2c8b8a38b7ee57afa01a"], 0x259)
r2 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)

[  572.759170][   T23] Bluetooth: hci6: command 0xfc11 tx timeout
[  572.759198][ T6858] Bluetooth: hci6: Entering manufacturer mode failed (-110)
21:01:20 executing program 1:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r1, 0x400455c8, 0x9)
dup2(r0, r1)
syz_usb_connect(0x0, 0x0, 0x0, 0x0)

21:01:20 executing program 4:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f00000006c0)=@raw={'raw\x00', 0x8, 0x3, 0x460, 0x0, 0x0, 0xd0e0000, 0x0, 0x100, 0x3c8, 0x1d8, 0x1d8, 0x3c8, 0x1d8, 0x3, 0x0, {[{{@ip={@multicast1, @loopback, 0x0, 0x0, 'veth0_macvtap\x00', '\x00', {}, {}, 0x1}, 0x0, 0x2c8, 0x2f0, 0x0, {}, [@common=@icmp={{0x28, 'icmp\x00'}, {0x0, "a7a9"}}, @common=@unspec=@bpf0={{0x230, 'bpf\x00'}}]}, @common=@unspec=@NFQUEUE1={0x28, 'NFQUEUE\x00', 0x3}}, {{@uncond=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6e], 0x0, 0x70, 0xd8}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'netbios-ns\x00', 'syz1\x00'}}}], {{[], 0x0, 0x70, 0x98}, {0x28}}}}, 0x4c0)

21:01:20 executing program 2:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040))
ioctl$KDADDIO(r1, 0x400455c8, 0x9)
dup2(r0, r1)
syz_usb_connect(0x0, 0x0, 0x0, 0x0)

21:01:20 executing program 5:
chmod(0x0, 0x0)
perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x800}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(0x0, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(0xffffffffffffffff, 0x40042409, 0x0)
r1 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(r1, &(0x7f0000002cc0), 0x1a3, 0x0)
write$binfmt_misc(r0, &(0x7f0000000840)=ANY=[@ANYBLOB="5300000044a6aeabc81e1520000000000000000700fff64017db9820000000000000d423ffff633b27e59aa146175dd106736d173f0fc7ec6e26560000000049d23822c013286344c03948c6801d2c0945c08ba8c552fc99a7422007653872ecb4f63acdfe80819a277d9079cc4cb5e0ab17b299b81f2d274014ae40b81d030000d2fbea75e16af8ffffffffffffff0627ec60cb274e00da971f333396d74c92fad7e34bd5522400cc36c2442eac2d224609abe062060800000200000000000000000000f390d71cc6092cddd3b056f3fc65d61c2b3c65f2f80a61ea6e457ebc93a71b20e03b86d4e999bbb53a0e786b6d985f7f04533da93f7b0ee0ceb0e80600cff8ca2996e518e3e69051f6d243e0e9b2be17f9ebfeb82ee2469fb39bdbb2768d25f19600002dc045421b94d878d0d9c2a5c74633b6cd8ae563734d4f1089a687a135308e517ac7bb2994ccc7e054d3f18cb770e4908dd3deaafaab51144c1e1b86b6291f5e73ff040000000000000000000000000000009a583b79ab00f71d85463c57c5bb1f1084e683b591fc2c8b8a38b7ee57afa01a"], 0x259)
r2 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)

21:01:20 executing program 0:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0)
r1 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r2, 0x2007fff)
sendfile(r0, r0, 0x0, 0x8080fffffffe)
r3 = socket(0x2, 0x803, 0xff)
getsockopt$EBT_SO_GET_INIT_ENTRIES(0xffffffffffffffff, 0x0, 0x83, 0x0, 0x0)
connect$inet(r3, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r4 = dup(r3)
r5 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x8000fffffffe)

21:01:20 executing program 3:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(0xffffffffffffffff, 0x400455c8, 0x9)
dup2(r0, r1)
syz_usb_connect(0x0, 0x0, 0x0, 0x0)

21:01:20 executing program 4:
r0 = socket$inet6(0xa, 0x80002, 0x88)
bind$inet6(r0, &(0x7f00000001c0)={0xa, 0x10010000004e20}, 0x1c)
connect$inet6(r0, &(0x7f0000000180)={0xa, 0x4e22, 0x0, @local, 0x7}, 0x1c)
syz_emit_ethernet(0x83, &(0x7f0000000200)=ANY=[@ANYBLOB="aaaaaaaaaaaaaabfaaaaaaaa86dd601b11bb004d8880fe800001087a1d2f0000000000000600ff02000000000000000000000000000101004e20004d90"], 0x0)

[  573.353918][T16850] xt_bpf: check failed: parse error
[  573.404457][   T21] Bluetooth: hci6: Frame reassembly failed (-84)
21:01:20 executing program 5:
chmod(0x0, 0x0)
perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x800}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(0x0, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(0xffffffffffffffff, 0x40042409, 0x0)
r1 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(r1, &(0x7f0000002cc0), 0x1a3, 0x0)
write$binfmt_misc(r0, &(0x7f0000000840)=ANY=[@ANYBLOB="5300000044a6aeabc81e1520000000000000000700fff64017db9820000000000000d423ffff633b27e59aa146175dd106736d173f0fc7ec6e26560000000049d23822c013286344c03948c6801d2c0945c08ba8c552fc99a7422007653872ecb4f63acdfe80819a277d9079cc4cb5e0ab17b299b81f2d274014ae40b81d030000d2fbea75e16af8ffffffffffffff0627ec60cb274e00da971f333396d74c92fad7e34bd5522400cc36c2442eac2d224609abe062060800000200000000000000000000f390d71cc6092cddd3b056f3fc65d61c2b3c65f2f80a61ea6e457ebc93a71b20e03b86d4e999bbb53a0e786b6d985f7f04533da93f7b0ee0ceb0e80600cff8ca2996e518e3e69051f6d243e0e9b2be17f9ebfeb82ee2469fb39bdbb2768d25f19600002dc045421b94d878d0d9c2a5c74633b6cd8ae563734d4f1089a687a135308e517ac7bb2994ccc7e054d3f18cb770e4908dd3deaafaab51144c1e1b86b6291f5e73ff040000000000000000000000000000009a583b79ab00f71d85463c57c5bb1f1084e683b591fc2c8b8a38b7ee57afa01a"], 0x259)
r2 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)

[  573.445392][   T27] audit: type=1804 audit(1597266080.429:370): pid=16857 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/322/bus" dev="sda1" ino=16357 res=1 errno=0
21:01:20 executing program 5:
chmod(0x0, 0x0)
perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x800}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(0x0, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(0xffffffffffffffff, 0x40042409, 0x0)
r1 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r1, 0x0, 0x0)
sendmmsg(r1, &(0x7f0000002cc0), 0x1a3, 0x0)
write$binfmt_misc(r0, &(0x7f0000000840)=ANY=[@ANYBLOB="5300000044a6aeabc81e1520000000000000000700fff64017db9820000000000000d423ffff633b27e59aa146175dd106736d173f0fc7ec6e26560000000049d23822c013286344c03948c6801d2c0945c08ba8c552fc99a7422007653872ecb4f63acdfe80819a277d9079cc4cb5e0ab17b299b81f2d274014ae40b81d030000d2fbea75e16af8ffffffffffffff0627ec60cb274e00da971f333396d74c92fad7e34bd5522400cc36c2442eac2d224609abe062060800000200000000000000000000f390d71cc6092cddd3b056f3fc65d61c2b3c65f2f80a61ea6e457ebc93a71b20e03b86d4e999bbb53a0e786b6d985f7f04533da93f7b0ee0ceb0e80600cff8ca2996e518e3e69051f6d243e0e9b2be17f9ebfeb82ee2469fb39bdbb2768d25f19600002dc045421b94d878d0d9c2a5c74633b6cd8ae563734d4f1089a687a135308e517ac7bb2994ccc7e054d3f18cb770e4908dd3deaafaab51144c1e1b86b6291f5e73ff040000000000000000000000000000009a583b79ab00f71d85463c57c5bb1f1084e683b591fc2c8b8a38b7ee57afa01a"], 0x259)
r2 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)

21:01:20 executing program 4:
r0 = socket$inet6(0xa, 0x80002, 0x88)
bind$inet6(r0, &(0x7f00000001c0)={0xa, 0x10010000004e20}, 0x1c)
connect$inet6(r0, &(0x7f0000000180)={0xa, 0x4e22, 0x0, @local, 0x7}, 0x1c)
syz_emit_ethernet(0x83, &(0x7f0000000200)=ANY=[@ANYBLOB="aaaaaaaaaaaaaabfaaaaaaaa86dd601b11bb004d8880fe800001087a1d2f0000000000000600ff02000000000000000000000000000101004e20004d90"], 0x0)

21:01:20 executing program 5:
chmod(0x0, 0x0)
perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x800}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(0x0, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(0xffffffffffffffff, 0x40042409, 0x0)
r1 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r1, 0x0, 0x0)
sendmmsg(r1, &(0x7f0000002cc0), 0x1a3, 0x0)
write$binfmt_misc(r0, &(0x7f0000000840)=ANY=[@ANYBLOB="5300000044a6aeabc81e1520000000000000000700fff64017db9820000000000000d423ffff633b27e59aa146175dd106736d173f0fc7ec6e26560000000049d23822c013286344c03948c6801d2c0945c08ba8c552fc99a7422007653872ecb4f63acdfe80819a277d9079cc4cb5e0ab17b299b81f2d274014ae40b81d030000d2fbea75e16af8ffffffffffffff0627ec60cb274e00da971f333396d74c92fad7e34bd5522400cc36c2442eac2d224609abe062060800000200000000000000000000f390d71cc6092cddd3b056f3fc65d61c2b3c65f2f80a61ea6e457ebc93a71b20e03b86d4e999bbb53a0e786b6d985f7f04533da93f7b0ee0ceb0e80600cff8ca2996e518e3e69051f6d243e0e9b2be17f9ebfeb82ee2469fb39bdbb2768d25f19600002dc045421b94d878d0d9c2a5c74633b6cd8ae563734d4f1089a687a135308e517ac7bb2994ccc7e054d3f18cb770e4908dd3deaafaab51144c1e1b86b6291f5e73ff040000000000000000000000000000009a583b79ab00f71d85463c57c5bb1f1084e683b591fc2c8b8a38b7ee57afa01a"], 0x259)
r2 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)

21:01:20 executing program 4:
r0 = socket$inet6(0xa, 0x80002, 0x88)
bind$inet6(r0, &(0x7f00000001c0)={0xa, 0x10010000004e20}, 0x1c)
connect$inet6(r0, &(0x7f0000000180)={0xa, 0x4e22, 0x0, @local, 0x7}, 0x1c)
syz_emit_ethernet(0x83, &(0x7f0000000200)=ANY=[@ANYBLOB="aaaaaaaaaaaaaabfaaaaaaaa86dd601b11bb004d8880fe800001087a1d2f0000000000000600ff02000000000000000000000000000101004e20004d90"], 0x0)

[  575.405929][    T0] NOHZ: local_softirq_pending 08
[  575.488893][ T6858] Bluetooth: hci6: Entering manufacturer mode failed (-110)
[  575.497261][ T2545] Bluetooth: hci6: command tx timeout
21:01:23 executing program 1:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r1, 0x400455c8, 0x9)
dup2(r0, r1)

21:01:23 executing program 5:
chmod(0x0, 0x0)
perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x800}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(0x0, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(0xffffffffffffffff, 0x40042409, 0x0)
r1 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r1, 0x0, 0x0)
sendmmsg(r1, &(0x7f0000002cc0), 0x1a3, 0x0)
write$binfmt_misc(r0, &(0x7f0000000840)=ANY=[@ANYBLOB="5300000044a6aeabc81e1520000000000000000700fff64017db9820000000000000d423ffff633b27e59aa146175dd106736d173f0fc7ec6e26560000000049d23822c013286344c03948c6801d2c0945c08ba8c552fc99a7422007653872ecb4f63acdfe80819a277d9079cc4cb5e0ab17b299b81f2d274014ae40b81d030000d2fbea75e16af8ffffffffffffff0627ec60cb274e00da971f333396d74c92fad7e34bd5522400cc36c2442eac2d224609abe062060800000200000000000000000000f390d71cc6092cddd3b056f3fc65d61c2b3c65f2f80a61ea6e457ebc93a71b20e03b86d4e999bbb53a0e786b6d985f7f04533da93f7b0ee0ceb0e80600cff8ca2996e518e3e69051f6d243e0e9b2be17f9ebfeb82ee2469fb39bdbb2768d25f19600002dc045421b94d878d0d9c2a5c74633b6cd8ae563734d4f1089a687a135308e517ac7bb2994ccc7e054d3f18cb770e4908dd3deaafaab51144c1e1b86b6291f5e73ff040000000000000000000000000000009a583b79ab00f71d85463c57c5bb1f1084e683b591fc2c8b8a38b7ee57afa01a"], 0x259)
r2 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)

21:01:23 executing program 4:
r0 = socket$inet6(0xa, 0x80002, 0x88)
bind$inet6(r0, &(0x7f00000001c0)={0xa, 0x10010000004e20}, 0x1c)
connect$inet6(r0, &(0x7f0000000180)={0xa, 0x4e22, 0x0, @local, 0x7}, 0x1c)
syz_emit_ethernet(0x83, &(0x7f0000000200)=ANY=[@ANYBLOB="aaaaaaaaaaaaaabfaaaaaaaa86dd601b11bb004d8880fe800001087a1d2f0000000000000600ff02000000000000000000000000000101004e20004d90"], 0x0)

21:01:23 executing program 2:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040))
ioctl$KDADDIO(r1, 0x400455c8, 0x9)
dup2(r0, r1)
syz_usb_connect(0x0, 0x0, 0x0, 0x0)

21:01:23 executing program 3:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(0xffffffffffffffff, 0x400455c8, 0x9)
dup2(r0, r1)
syz_usb_connect(0x0, 0x0, 0x0, 0x0)

21:01:23 executing program 0:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0)
r1 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r2, 0x2007fff)
sendfile(r0, r0, 0x0, 0x8080fffffffe)
r3 = socket(0x2, 0x803, 0xff)
getsockopt$EBT_SO_GET_INIT_ENTRIES(0xffffffffffffffff, 0x0, 0x83, 0x0, 0x0)
connect$inet(r3, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r4 = dup(r3)
r5 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x8000fffffffe)

21:01:23 executing program 5:
chmod(0x0, 0x0)
perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x800}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(0x0, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(0xffffffffffffffff, 0x40042409, 0x0)
r1 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @local}, 0x1c)
sendmmsg(r1, &(0x7f0000002cc0), 0x1a3, 0x0)
write$binfmt_misc(r0, &(0x7f0000000840)=ANY=[@ANYBLOB="5300000044a6aeabc81e1520000000000000000700fff64017db9820000000000000d423ffff633b27e59aa146175dd106736d173f0fc7ec6e26560000000049d23822c013286344c03948c6801d2c0945c08ba8c552fc99a7422007653872ecb4f63acdfe80819a277d9079cc4cb5e0ab17b299b81f2d274014ae40b81d030000d2fbea75e16af8ffffffffffffff0627ec60cb274e00da971f333396d74c92fad7e34bd5522400cc36c2442eac2d224609abe062060800000200000000000000000000f390d71cc6092cddd3b056f3fc65d61c2b3c65f2f80a61ea6e457ebc93a71b20e03b86d4e999bbb53a0e786b6d985f7f04533da93f7b0ee0ceb0e80600cff8ca2996e518e3e69051f6d243e0e9b2be17f9ebfeb82ee2469fb39bdbb2768d25f19600002dc045421b94d878d0d9c2a5c74633b6cd8ae563734d4f1089a687a135308e517ac7bb2994ccc7e054d3f18cb770e4908dd3deaafaab51144c1e1b86b6291f5e73ff040000000000000000000000000000009a583b79ab00f71d85463c57c5bb1f1084e683b591fc2c8b8a38b7ee57afa01a"], 0x259)
r2 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)

21:01:23 executing program 4:
r0 = socket$inet6(0xa, 0x80002, 0x88)
bind$inet6(r0, &(0x7f00000001c0)={0xa, 0x10010000004e20}, 0x1c)
syz_emit_ethernet(0x83, &(0x7f0000000200)=ANY=[@ANYBLOB="aaaaaaaaaaaaaabfaaaaaaaa86dd601b11bb004d8880fe800001087a1d2f0000000000000600ff02000000000000000000000000000101004e20004d90"], 0x0)

[  576.192990][   T27] audit: type=1804 audit(1597266083.179:371): pid=16890 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/323/bus" dev="sda1" ino=16354 res=1 errno=0
21:01:23 executing program 4:
r0 = socket$inet6(0xa, 0x80002, 0x88)
bind$inet6(r0, &(0x7f00000001c0)={0xa, 0x10010000004e20}, 0x1c)
syz_emit_ethernet(0x83, &(0x7f0000000200)=ANY=[@ANYBLOB="aaaaaaaaaaaaaabfaaaaaaaa86dd601b11bb004d8880fe800001087a1d2f0000000000000600ff02000000000000000000000000000101004e20004d90"], 0x0)

21:01:23 executing program 5:
chmod(0x0, 0x0)
perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x800}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(0x0, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(0xffffffffffffffff, 0x40042409, 0x0)
r1 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @local}, 0x1c)
sendmmsg(r1, &(0x7f0000002cc0), 0x1a3, 0x0)
write$binfmt_misc(r0, &(0x7f0000000840)=ANY=[@ANYBLOB="5300000044a6aeabc81e1520000000000000000700fff64017db9820000000000000d423ffff633b27e59aa146175dd106736d173f0fc7ec6e26560000000049d23822c013286344c03948c6801d2c0945c08ba8c552fc99a7422007653872ecb4f63acdfe80819a277d9079cc4cb5e0ab17b299b81f2d274014ae40b81d030000d2fbea75e16af8ffffffffffffff0627ec60cb274e00da971f333396d74c92fad7e34bd5522400cc36c2442eac2d224609abe062060800000200000000000000000000f390d71cc6092cddd3b056f3fc65d61c2b3c65f2f80a61ea6e457ebc93a71b20e03b86d4e999bbb53a0e786b6d985f7f04533da93f7b0ee0ceb0e80600cff8ca2996e518e3e69051f6d243e0e9b2be17f9ebfeb82ee2469fb39bdbb2768d25f19600002dc045421b94d878d0d9c2a5c74633b6cd8ae563734d4f1089a687a135308e517ac7bb2994ccc7e054d3f18cb770e4908dd3deaafaab51144c1e1b86b6291f5e73ff040000000000000000000000000000009a583b79ab00f71d85463c57c5bb1f1084e683b591fc2c8b8a38b7ee57afa01a"], 0x259)
r2 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)

21:01:23 executing program 4:
r0 = socket$inet6(0xa, 0x80002, 0x88)
bind$inet6(r0, &(0x7f00000001c0)={0xa, 0x10010000004e20}, 0x1c)
syz_emit_ethernet(0x83, &(0x7f0000000200)=ANY=[@ANYBLOB="aaaaaaaaaaaaaabfaaaaaaaa86dd601b11bb004d8880fe800001087a1d2f0000000000000600ff02000000000000000000000000000101004e20004d90"], 0x0)

21:01:23 executing program 5:
chmod(0x0, 0x0)
perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x800}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(0x0, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(0xffffffffffffffff, 0x40042409, 0x0)
r1 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @local}, 0x1c)
sendmmsg(r1, &(0x7f0000002cc0), 0x1a3, 0x0)
write$binfmt_misc(r0, &(0x7f0000000840)=ANY=[@ANYBLOB="5300000044a6aeabc81e1520000000000000000700fff64017db9820000000000000d423ffff633b27e59aa146175dd106736d173f0fc7ec6e26560000000049d23822c013286344c03948c6801d2c0945c08ba8c552fc99a7422007653872ecb4f63acdfe80819a277d9079cc4cb5e0ab17b299b81f2d274014ae40b81d030000d2fbea75e16af8ffffffffffffff0627ec60cb274e00da971f333396d74c92fad7e34bd5522400cc36c2442eac2d224609abe062060800000200000000000000000000f390d71cc6092cddd3b056f3fc65d61c2b3c65f2f80a61ea6e457ebc93a71b20e03b86d4e999bbb53a0e786b6d985f7f04533da93f7b0ee0ceb0e80600cff8ca2996e518e3e69051f6d243e0e9b2be17f9ebfeb82ee2469fb39bdbb2768d25f19600002dc045421b94d878d0d9c2a5c74633b6cd8ae563734d4f1089a687a135308e517ac7bb2994ccc7e054d3f18cb770e4908dd3deaafaab51144c1e1b86b6291f5e73ff040000000000000000000000000000009a583b79ab00f71d85463c57c5bb1f1084e683b591fc2c8b8a38b7ee57afa01a"], 0x259)
r2 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)

21:01:25 executing program 1:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r1, 0x400455c8, 0x9)
dup2(r0, r1)

21:01:25 executing program 4:
r0 = socket$inet6(0xa, 0x80002, 0x88)
connect$inet6(r0, &(0x7f0000000180)={0xa, 0x4e22, 0x0, @local, 0x7}, 0x1c)
syz_emit_ethernet(0x83, &(0x7f0000000200)=ANY=[@ANYBLOB="aaaaaaaaaaaaaabfaaaaaaaa86dd601b11bb004d8880fe800001087a1d2f0000000000000600ff02000000000000000000000000000101004e20004d90"], 0x0)

21:01:25 executing program 5:
chmod(0x0, 0x0)
perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x800}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(0x0, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(0xffffffffffffffff, 0x40042409, 0x0)
r1 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(0xffffffffffffffff, &(0x7f0000002cc0), 0x1a3, 0x0)
write$binfmt_misc(r0, &(0x7f0000000840)=ANY=[@ANYBLOB="5300000044a6aeabc81e1520000000000000000700fff64017db9820000000000000d423ffff633b27e59aa146175dd106736d173f0fc7ec6e26560000000049d23822c013286344c03948c6801d2c0945c08ba8c552fc99a7422007653872ecb4f63acdfe80819a277d9079cc4cb5e0ab17b299b81f2d274014ae40b81d030000d2fbea75e16af8ffffffffffffff0627ec60cb274e00da971f333396d74c92fad7e34bd5522400cc36c2442eac2d224609abe062060800000200000000000000000000f390d71cc6092cddd3b056f3fc65d61c2b3c65f2f80a61ea6e457ebc93a71b20e03b86d4e999bbb53a0e786b6d985f7f04533da93f7b0ee0ceb0e80600cff8ca2996e518e3e69051f6d243e0e9b2be17f9ebfeb82ee2469fb39bdbb2768d25f19600002dc045421b94d878d0d9c2a5c74633b6cd8ae563734d4f1089a687a135308e517ac7bb2994ccc7e054d3f18cb770e4908dd3deaafaab51144c1e1b86b6291f5e73ff040000000000000000000000000000009a583b79ab00f71d85463c57c5bb1f1084e683b591fc2c8b8a38b7ee57afa01a"], 0x259)
r2 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)

21:01:25 executing program 2:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040))
ioctl$KDADDIO(r1, 0x400455c8, 0x9)
dup2(r0, r1)
syz_usb_connect(0x0, 0x0, 0x0, 0x0)

21:01:25 executing program 3:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r1, 0x400455c8, 0x0)
dup2(r0, r1)
syz_usb_connect(0x0, 0x0, 0x0, 0x0)

21:01:25 executing program 0:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0)
r1 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r2, 0x2007fff)
sendfile(r0, r0, 0x0, 0x8080fffffffe)
r3 = socket(0x2, 0x803, 0xff)
getsockopt$EBT_SO_GET_INIT_ENTRIES(0xffffffffffffffff, 0x0, 0x83, 0x0, 0x0)
connect$inet(r3, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r4 = dup(r3)
r5 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x8000fffffffe)

[  578.198650][ T6858] Bluetooth: hci6: Entering manufacturer mode failed (-110)
[  578.206959][ T2545] Bluetooth: hci6: command tx timeout
21:01:25 executing program 5:
chmod(0x0, 0x0)
perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x800}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(0x0, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(0xffffffffffffffff, 0x40042409, 0x0)
r1 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(0xffffffffffffffff, &(0x7f0000002cc0), 0x1a3, 0x0)
write$binfmt_misc(r0, &(0x7f0000000840)=ANY=[@ANYBLOB="5300000044a6aeabc81e1520000000000000000700fff64017db9820000000000000d423ffff633b27e59aa146175dd106736d173f0fc7ec6e26560000000049d23822c013286344c03948c6801d2c0945c08ba8c552fc99a7422007653872ecb4f63acdfe80819a277d9079cc4cb5e0ab17b299b81f2d274014ae40b81d030000d2fbea75e16af8ffffffffffffff0627ec60cb274e00da971f333396d74c92fad7e34bd5522400cc36c2442eac2d224609abe062060800000200000000000000000000f390d71cc6092cddd3b056f3fc65d61c2b3c65f2f80a61ea6e457ebc93a71b20e03b86d4e999bbb53a0e786b6d985f7f04533da93f7b0ee0ceb0e80600cff8ca2996e518e3e69051f6d243e0e9b2be17f9ebfeb82ee2469fb39bdbb2768d25f19600002dc045421b94d878d0d9c2a5c74633b6cd8ae563734d4f1089a687a135308e517ac7bb2994ccc7e054d3f18cb770e4908dd3deaafaab51144c1e1b86b6291f5e73ff040000000000000000000000000000009a583b79ab00f71d85463c57c5bb1f1084e683b591fc2c8b8a38b7ee57afa01a"], 0x259)
r2 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)

[  578.343214][   T58] Bluetooth: hci6: Frame reassembly failed (-84)
21:01:25 executing program 4:
connect$inet6(0xffffffffffffffff, &(0x7f0000000180)={0xa, 0x4e22, 0x0, @local, 0x7}, 0x1c)
syz_emit_ethernet(0x83, &(0x7f0000000200)=ANY=[@ANYBLOB="aaaaaaaaaaaaaabfaaaaaaaa86dd601b11bb004d8880fe800001087a1d2f0000000000000600ff02000000000000000000000000000101004e20004d90"], 0x0)

[  578.393153][T15657] Bluetooth: hci7: sending frame failed (-49)
21:01:25 executing program 5:
chmod(0x0, 0x0)
perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x800}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(0x0, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(0xffffffffffffffff, 0x40042409, 0x0)
r1 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(0xffffffffffffffff, &(0x7f0000002cc0), 0x1a3, 0x0)
write$binfmt_misc(r0, &(0x7f0000000840)=ANY=[@ANYBLOB="5300000044a6aeabc81e1520000000000000000700fff64017db9820000000000000d423ffff633b27e59aa146175dd106736d173f0fc7ec6e26560000000049d23822c013286344c03948c6801d2c0945c08ba8c552fc99a7422007653872ecb4f63acdfe80819a277d9079cc4cb5e0ab17b299b81f2d274014ae40b81d030000d2fbea75e16af8ffffffffffffff0627ec60cb274e00da971f333396d74c92fad7e34bd5522400cc36c2442eac2d224609abe062060800000200000000000000000000f390d71cc6092cddd3b056f3fc65d61c2b3c65f2f80a61ea6e457ebc93a71b20e03b86d4e999bbb53a0e786b6d985f7f04533da93f7b0ee0ceb0e80600cff8ca2996e518e3e69051f6d243e0e9b2be17f9ebfeb82ee2469fb39bdbb2768d25f19600002dc045421b94d878d0d9c2a5c74633b6cd8ae563734d4f1089a687a135308e517ac7bb2994ccc7e054d3f18cb770e4908dd3deaafaab51144c1e1b86b6291f5e73ff040000000000000000000000000000009a583b79ab00f71d85463c57c5bb1f1084e683b591fc2c8b8a38b7ee57afa01a"], 0x259)
r2 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)

[  578.463296][   T27] audit: type=1804 audit(1597266085.449:372): pid=16927 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/324/bus" dev="sda1" ino=16357 res=1 errno=0
21:01:25 executing program 4:
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
syz_emit_ethernet(0x83, &(0x7f0000000200)=ANY=[@ANYBLOB="aaaaaaaaaaaaaabfaaaaaaaa86dd601b11bb004d8880fe800001087a1d2f0000000000000600ff02000000000000000000000000000101004e20004d90"], 0x0)

21:01:25 executing program 5:
chmod(0x0, 0x0)
perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x800}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(0x0, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(0xffffffffffffffff, 0x40042409, 0x0)
r1 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(r1, 0x0, 0x0, 0x0)
write$binfmt_misc(r0, &(0x7f0000000840)=ANY=[@ANYBLOB="5300000044a6aeabc81e1520000000000000000700fff64017db9820000000000000d423ffff633b27e59aa146175dd106736d173f0fc7ec6e26560000000049d23822c013286344c03948c6801d2c0945c08ba8c552fc99a7422007653872ecb4f63acdfe80819a277d9079cc4cb5e0ab17b299b81f2d274014ae40b81d030000d2fbea75e16af8ffffffffffffff0627ec60cb274e00da971f333396d74c92fad7e34bd5522400cc36c2442eac2d224609abe062060800000200000000000000000000f390d71cc6092cddd3b056f3fc65d61c2b3c65f2f80a61ea6e457ebc93a71b20e03b86d4e999bbb53a0e786b6d985f7f04533da93f7b0ee0ceb0e80600cff8ca2996e518e3e69051f6d243e0e9b2be17f9ebfeb82ee2469fb39bdbb2768d25f19600002dc045421b94d878d0d9c2a5c74633b6cd8ae563734d4f1089a687a135308e517ac7bb2994ccc7e054d3f18cb770e4908dd3deaafaab51144c1e1b86b6291f5e73ff040000000000000000000000000000009a583b79ab00f71d85463c57c5bb1f1084e683b591fc2c8b8a38b7ee57afa01a"], 0x259)
r2 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)

21:01:25 executing program 4:
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
syz_emit_ethernet(0x83, 0x0, 0x0)

21:01:27 executing program 1:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r1, 0x400455c8, 0x9)
dup2(r0, r1)

21:01:27 executing program 5:
chmod(0x0, 0x0)
perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x800}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(0x0, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(0xffffffffffffffff, 0x40042409, 0x0)
r1 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(r1, 0x0, 0x0, 0x0)
write$binfmt_misc(r0, &(0x7f0000000840)=ANY=[@ANYBLOB="5300000044a6aeabc81e1520000000000000000700fff64017db9820000000000000d423ffff633b27e59aa146175dd106736d173f0fc7ec6e26560000000049d23822c013286344c03948c6801d2c0945c08ba8c552fc99a7422007653872ecb4f63acdfe80819a277d9079cc4cb5e0ab17b299b81f2d274014ae40b81d030000d2fbea75e16af8ffffffffffffff0627ec60cb274e00da971f333396d74c92fad7e34bd5522400cc36c2442eac2d224609abe062060800000200000000000000000000f390d71cc6092cddd3b056f3fc65d61c2b3c65f2f80a61ea6e457ebc93a71b20e03b86d4e999bbb53a0e786b6d985f7f04533da93f7b0ee0ceb0e80600cff8ca2996e518e3e69051f6d243e0e9b2be17f9ebfeb82ee2469fb39bdbb2768d25f19600002dc045421b94d878d0d9c2a5c74633b6cd8ae563734d4f1089a687a135308e517ac7bb2994ccc7e054d3f18cb770e4908dd3deaafaab51144c1e1b86b6291f5e73ff040000000000000000000000000000009a583b79ab00f71d85463c57c5bb1f1084e683b591fc2c8b8a38b7ee57afa01a"], 0x259)
r2 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)

21:01:27 executing program 4:
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
syz_emit_ethernet(0x83, 0x0, 0x0)

21:01:27 executing program 2:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(0xffffffffffffffff, 0x400455c8, 0x9)
dup2(r0, r1)
syz_usb_connect(0x0, 0x0, 0x0, 0x0)

[  580.358417][ T6858] Bluetooth: hci6: Entering manufacturer mode failed (-110)
[  580.438522][T10323] Bluetooth: hci7: command 0x1003 tx timeout
[  580.444866][ T6858] Bluetooth: hci7: sending frame failed (-49)
[  580.493358][  T198] Bluetooth: hci6: Frame reassembly failed (-84)
[  582.518178][ T6858] Bluetooth: hci6: Entering manufacturer mode failed (-110)
[  582.526663][ T2545] Bluetooth: hci6: command tx timeout
[  582.532220][ T2545] Bluetooth: hci7: command 0x1001 tx timeout
[  582.542195][ T6858] Bluetooth: hci7: sending frame failed (-49)
[  584.598043][ T2545] Bluetooth: hci7: command 0x1009 tx timeout
21:01:35 executing program 3:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r1, 0x400455c8, 0x0)
dup2(r0, r1)
syz_usb_connect(0x0, 0x0, 0x0, 0x0)

21:01:35 executing program 0:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0)
r1 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r2, 0x2007fff)
sendfile(r0, r0, 0x0, 0x8080fffffffe)
r3 = socket(0x2, 0x803, 0xff)
getsockopt$EBT_SO_GET_INIT_ENTRIES(0xffffffffffffffff, 0x0, 0x83, 0x0, 0x0)
connect$inet(r3, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r4 = dup(r3)
r5 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x8000fffffffe)

21:01:35 executing program 4:
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
syz_emit_ethernet(0x83, 0x0, 0x0)

21:01:35 executing program 5:
chmod(0x0, 0x0)
perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x800}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(0x0, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(0xffffffffffffffff, 0x40042409, 0x0)
r1 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(r1, 0x0, 0x0, 0x0)
write$binfmt_misc(r0, &(0x7f0000000840)=ANY=[@ANYBLOB="5300000044a6aeabc81e1520000000000000000700fff64017db9820000000000000d423ffff633b27e59aa146175dd106736d173f0fc7ec6e26560000000049d23822c013286344c03948c6801d2c0945c08ba8c552fc99a7422007653872ecb4f63acdfe80819a277d9079cc4cb5e0ab17b299b81f2d274014ae40b81d030000d2fbea75e16af8ffffffffffffff0627ec60cb274e00da971f333396d74c92fad7e34bd5522400cc36c2442eac2d224609abe062060800000200000000000000000000f390d71cc6092cddd3b056f3fc65d61c2b3c65f2f80a61ea6e457ebc93a71b20e03b86d4e999bbb53a0e786b6d985f7f04533da93f7b0ee0ceb0e80600cff8ca2996e518e3e69051f6d243e0e9b2be17f9ebfeb82ee2469fb39bdbb2768d25f19600002dc045421b94d878d0d9c2a5c74633b6cd8ae563734d4f1089a687a135308e517ac7bb2994ccc7e054d3f18cb770e4908dd3deaafaab51144c1e1b86b6291f5e73ff040000000000000000000000000000009a583b79ab00f71d85463c57c5bb1f1084e683b591fc2c8b8a38b7ee57afa01a"], 0x259)
r2 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)

21:01:35 executing program 2:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(0xffffffffffffffff, 0x400455c8, 0x9)
dup2(r0, r1)
syz_usb_connect(0x0, 0x0, 0x0, 0x0)

21:01:35 executing program 1:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0xf)
dup2(r0, r1)
syz_usb_connect(0x0, 0x0, 0x0, 0x0)

21:01:36 executing program 4:
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
syz_emit_ethernet(0x83, &(0x7f0000000200)=ANY=[], 0x0)

[  588.990336][  T354] Bluetooth: hci6: Frame reassembly failed (-84)
21:01:36 executing program 5:
chmod(0x0, 0x0)
perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x800}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_open_dev$sg(0x0, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(0xffffffffffffffff, 0x40042409, 0x0)
r0 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(r0, &(0x7f0000002cc0), 0x1a3, 0x0)
write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000840)=ANY=[@ANYBLOB="5300000044a6aeabc81e1520000000000000000700fff64017db9820000000000000d423ffff633b27e59aa146175dd106736d173f0fc7ec6e26560000000049d23822c013286344c03948c6801d2c0945c08ba8c552fc99a7422007653872ecb4f63acdfe80819a277d9079cc4cb5e0ab17b299b81f2d274014ae40b81d030000d2fbea75e16af8ffffffffffffff0627ec60cb274e00da971f333396d74c92fad7e34bd5522400cc36c2442eac2d224609abe062060800000200000000000000000000f390d71cc6092cddd3b056f3fc65d61c2b3c65f2f80a61ea6e457ebc93a71b20e03b86d4e999bbb53a0e786b6d985f7f04533da93f7b0ee0ceb0e80600cff8ca2996e518e3e69051f6d243e0e9b2be17f9ebfeb82ee2469fb39bdbb2768d25f19600002dc045421b94d878d0d9c2a5c74633b6cd8ae563734d4f1089a687a135308e517ac7bb2994ccc7e054d3f18cb770e4908dd3deaafaab51144c1e1b86b6291f5e73ff040000000000000000000000000000009a583b79ab00f71d85463c57c5bb1f1084e683b591fc2c8b8a38b7ee57afa01a"], 0x259)
r1 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)

[  589.077725][   T27] audit: type=1804 audit(1597266096.060:373): pid=16976 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/325/bus" dev="sda1" ino=16366 res=1 errno=0
21:01:36 executing program 4:
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
syz_emit_ethernet(0x83, &(0x7f0000000200)=ANY=[], 0x0)

21:01:36 executing program 4:
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
syz_emit_ethernet(0x83, &(0x7f0000000200)=ANY=[], 0x0)

21:01:36 executing program 4:
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
syz_emit_ethernet(0x83, &(0x7f0000000200)=ANY=[@ANYBLOB], 0x0)

21:01:36 executing program 4:
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
syz_emit_ethernet(0x83, &(0x7f0000000200)=ANY=[@ANYBLOB], 0x0)

[  590.997300][ T7291] Bluetooth: hci6: command 0x1003 tx timeout
[  591.004343][ T6858] Bluetooth: hci6: sending frame failed (-49)
[  593.077126][ T7291] Bluetooth: hci6: command 0x1001 tx timeout
[  593.083599][ T6858] Bluetooth: hci6: sending frame failed (-49)
[  595.156987][ T7291] Bluetooth: hci6: command 0x1009 tx timeout
21:01:46 executing program 3:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r1, 0x400455c8, 0x0)
dup2(r0, r1)
syz_usb_connect(0x0, 0x0, 0x0, 0x0)

21:01:46 executing program 5:
chmod(0x0, 0x0)
perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x800}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_open_dev$sg(0x0, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(0xffffffffffffffff, 0x40042409, 0x0)
r0 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(r0, &(0x7f0000002cc0), 0x1a3, 0x0)
write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000840)=ANY=[@ANYBLOB="5300000044a6aeabc81e1520000000000000000700fff64017db9820000000000000d423ffff633b27e59aa146175dd106736d173f0fc7ec6e26560000000049d23822c013286344c03948c6801d2c0945c08ba8c552fc99a7422007653872ecb4f63acdfe80819a277d9079cc4cb5e0ab17b299b81f2d274014ae40b81d030000d2fbea75e16af8ffffffffffffff0627ec60cb274e00da971f333396d74c92fad7e34bd5522400cc36c2442eac2d224609abe062060800000200000000000000000000f390d71cc6092cddd3b056f3fc65d61c2b3c65f2f80a61ea6e457ebc93a71b20e03b86d4e999bbb53a0e786b6d985f7f04533da93f7b0ee0ceb0e80600cff8ca2996e518e3e69051f6d243e0e9b2be17f9ebfeb82ee2469fb39bdbb2768d25f19600002dc045421b94d878d0d9c2a5c74633b6cd8ae563734d4f1089a687a135308e517ac7bb2994ccc7e054d3f18cb770e4908dd3deaafaab51144c1e1b86b6291f5e73ff040000000000000000000000000000009a583b79ab00f71d85463c57c5bb1f1084e683b591fc2c8b8a38b7ee57afa01a"], 0x259)
r1 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)

21:01:46 executing program 1:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0xf)
dup2(r0, r1)
syz_usb_connect(0x0, 0x0, 0x0, 0x0)

21:01:46 executing program 2:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(0xffffffffffffffff, 0x400455c8, 0x9)
dup2(r0, r1)
syz_usb_connect(0x0, 0x0, 0x0, 0x0)

21:01:46 executing program 4:
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
syz_emit_ethernet(0x83, &(0x7f0000000200)=ANY=[@ANYBLOB], 0x0)

21:01:46 executing program 0:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0)
r1 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r2, 0x2007fff)
sendfile(r0, r0, 0x0, 0x8080fffffffe)
r3 = socket(0x2, 0x803, 0xff)
getsockopt$EBT_SO_GET_INIT_ENTRIES(0xffffffffffffffff, 0x0, 0x83, 0x0, 0x0)
connect$inet(r3, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r4 = dup(r3)
r5 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x8000fffffffe)

21:01:46 executing program 4:
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
syz_emit_ethernet(0x83, &(0x7f0000000200)=ANY=[@ANYBLOB="aaaaaaaaaaaaaabfaaaaaaaa86dd601b11bb004d8880fe800001087a1d2f00"], 0x0)

21:01:46 executing program 5:
chmod(0x0, 0x0)
perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x800}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_open_dev$sg(0x0, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(0xffffffffffffffff, 0x40042409, 0x0)
r0 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(r0, &(0x7f0000002cc0), 0x1a3, 0x0)
write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000840)=ANY=[@ANYBLOB="5300000044a6aeabc81e1520000000000000000700fff64017db9820000000000000d423ffff633b27e59aa146175dd106736d173f0fc7ec6e26560000000049d23822c013286344c03948c6801d2c0945c08ba8c552fc99a7422007653872ecb4f63acdfe80819a277d9079cc4cb5e0ab17b299b81f2d274014ae40b81d030000d2fbea75e16af8ffffffffffffff0627ec60cb274e00da971f333396d74c92fad7e34bd5522400cc36c2442eac2d224609abe062060800000200000000000000000000f390d71cc6092cddd3b056f3fc65d61c2b3c65f2f80a61ea6e457ebc93a71b20e03b86d4e999bbb53a0e786b6d985f7f04533da93f7b0ee0ceb0e80600cff8ca2996e518e3e69051f6d243e0e9b2be17f9ebfeb82ee2469fb39bdbb2768d25f19600002dc045421b94d878d0d9c2a5c74633b6cd8ae563734d4f1089a687a135308e517ac7bb2994ccc7e054d3f18cb770e4908dd3deaafaab51144c1e1b86b6291f5e73ff040000000000000000000000000000009a583b79ab00f71d85463c57c5bb1f1084e683b591fc2c8b8a38b7ee57afa01a"], 0x259)
r1 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)

[  599.314673][   T27] audit: type=1804 audit(1597266106.301:374): pid=17011 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/326/bus" dev="sda1" ino=15816 res=1 errno=0
21:01:46 executing program 4:
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
syz_emit_ethernet(0x83, &(0x7f0000000200)=ANY=[@ANYBLOB="aaaaaaaaaaaaaabfaaaaaaaa86dd601b11bb004d8880fe800001087a1d2f00"], 0x0)

21:01:46 executing program 4:
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
syz_emit_ethernet(0x83, &(0x7f0000000200)=ANY=[@ANYBLOB="aaaaaaaaaaaaaabfaaaaaaaa86dd601b11bb004d8880fe800001087a1d2f00"], 0x0)

21:01:46 executing program 5:
chmod(0x0, 0x0)
perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x800}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_open_dev$sg(0x0, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(0xffffffffffffffff, 0x40042409, 0x0)
r0 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(r0, &(0x7f0000002cc0), 0x1a3, 0x0)
write$binfmt_misc(0xffffffffffffffff, 0x0, 0x259)
r1 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)

21:01:46 executing program 4:
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
syz_emit_ethernet(0x83, &(0x7f0000000200)=ANY=[@ANYBLOB="aaaaaaaaaaaaaabfaaaaaaaa86dd601b11bb004d8880fe800001087a1d2f0000000000000600ff02000000000000"], 0x0)

[  601.326587][T10323] Bluetooth: hci6: command 0x1003 tx timeout
[  601.333462][ T6858] Bluetooth: hci6: sending frame failed (-49)
[  603.406259][ T2545] Bluetooth: hci6: command 0x1001 tx timeout
[  603.413109][ T6858] Bluetooth: hci6: sending frame failed (-49)
[  605.476391][ T8237] Bluetooth: hci6: command 0x1009 tx timeout
21:01:56 executing program 3:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200))
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x9)
dup2(0xffffffffffffffff, r0)
syz_usb_connect(0x0, 0x0, 0x0, 0x0)

21:01:56 executing program 1:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0xf)
dup2(r0, r1)
syz_usb_connect(0x0, 0x0, 0x0, 0x0)

21:01:56 executing program 2:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r1, 0x400455c8, 0x0)
dup2(r0, r1)
syz_usb_connect(0x0, 0x0, 0x0, 0x0)

21:01:56 executing program 4:
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
syz_emit_ethernet(0x83, &(0x7f0000000200)=ANY=[@ANYBLOB="aaaaaaaaaaaaaabfaaaaaaaa86dd601b11bb004d8880fe800001087a1d2f0000000000000600ff02000000000000"], 0x0)

21:01:56 executing program 5:
chmod(0x0, 0x0)
perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x800}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_open_dev$sg(0x0, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(0xffffffffffffffff, 0x40042409, 0x0)
r0 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(r0, &(0x7f0000002cc0), 0x1a3, 0x0)
write$binfmt_misc(0xffffffffffffffff, 0x0, 0x259)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)

21:01:56 executing program 0:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0)
r1 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r2, 0x2007fff)
sendfile(r0, r0, 0x0, 0x8080fffffffe)
r3 = socket(0x2, 0x803, 0xff)
getsockopt$EBT_SO_GET_INIT_ENTRIES(0xffffffffffffffff, 0x0, 0x83, 0x0, 0x0)
connect$inet(r3, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r4 = dup(r3)
r5 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x8000fffffffe)

21:01:56 executing program 4:
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
syz_emit_ethernet(0x83, &(0x7f0000000200)=ANY=[@ANYBLOB="aaaaaaaaaaaaaabfaaaaaaaa86dd601b11bb004d8880fe800001087a1d2f0000000000000600ff02000000000000"], 0x0)

[  609.529865][   T27] audit: type=1804 audit(1597266116.522:375): pid=17050 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/327/bus" dev="sda1" ino=15830 res=1 errno=0
21:01:56 executing program 4:
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
syz_emit_ethernet(0x83, &(0x7f0000000200)=ANY=[@ANYBLOB="aaaaaaaaaaaaaabfaaaaaaaa86dd601b11bb004d8880fe800001087a1d2f0000000000000600ff020000000000000000000000000001"], 0x0)

21:01:56 executing program 5:
chmod(0x0, 0x0)
perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x800}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_open_dev$sg(0x0, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(0xffffffffffffffff, 0x40042409, 0x0)
r0 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(r0, &(0x7f0000002cc0), 0x1a3, 0x0)
write$binfmt_misc(0xffffffffffffffff, 0x0, 0x259)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)

21:01:56 executing program 4:
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
syz_emit_ethernet(0x83, &(0x7f0000000200)=ANY=[@ANYBLOB="aaaaaaaaaaaaaabfaaaaaaaa86dd601b11bb004d8880fe800001087a1d2f0000000000000600ff020000000000000000000000000001"], 0x0)

21:01:56 executing program 4:
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
syz_emit_ethernet(0x83, &(0x7f0000000200)=ANY=[@ANYBLOB="aaaaaaaaaaaaaabfaaaaaaaa86dd601b11bb004d8880fe800001087a1d2f0000000000000600ff020000000000000000000000000001"], 0x0)

21:01:56 executing program 4:
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
syz_emit_ethernet(0x83, &(0x7f0000000200)=ANY=[@ANYBLOB="aaaaaaaaaaaaaabfaaaaaaaa86dd601b11bb004d8880fe800001087a1d2f0000000000000600ff02000000000000000000000000000101004e20"], 0x0)

[  611.475433][   T23] Bluetooth: hci6: command 0x1003 tx timeout
[  611.482363][T15657] Bluetooth: hci6: sending frame failed (-49)
[  611.555511][ T6858] Bluetooth: hci7: Entering manufacturer mode failed (-110)
21:01:59 executing program 3:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200))
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x9)
dup2(0xffffffffffffffff, r0)
syz_usb_connect(0x0, 0x0, 0x0, 0x0)

21:01:59 executing program 1:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$KDADDIO(r1, 0x400455c8, 0x9)
dup2(r0, r1)
syz_usb_connect(0x0, 0x0, 0x0, 0x0)

[  613.555254][ T7291] Bluetooth: hci6: command 0x1001 tx timeout
[  613.561385][T15657] Bluetooth: hci6: sending frame failed (-49)
[  614.205254][ T6858] Bluetooth: hci7: Entering manufacturer mode failed (-110)
[  614.205272][T10323] Bluetooth: hci7: command 0xfc11 tx timeout
[  615.635140][   T23] Bluetooth: hci6: command 0x1009 tx timeout
21:02:06 executing program 2:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r1, 0x400455c8, 0x0)
dup2(r0, r1)
syz_usb_connect(0x0, 0x0, 0x0, 0x0)

21:02:06 executing program 4:
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
syz_emit_ethernet(0x83, &(0x7f0000000200)=ANY=[@ANYBLOB="aaaaaaaaaaaaaabfaaaaaaaa86dd601b11bb004d8880fe800001087a1d2f0000000000000600ff02000000000000000000000000000101004e20"], 0x0)

21:02:06 executing program 5:
chmod(0x0, 0x0)
perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x800}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_open_dev$sg(0x0, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(0xffffffffffffffff, 0x40042409, 0x0)
r0 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg(r0, &(0x7f0000002cc0), 0x1a3, 0x0)
write$binfmt_misc(0xffffffffffffffff, 0x0, 0x259)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)

21:02:06 executing program 0:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0)
getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r1, 0x2007fff)
sendfile(r0, r0, 0x0, 0x8080fffffffe)
r2 = socket(0x2, 0x803, 0xff)
getsockopt$EBT_SO_GET_INIT_ENTRIES(0xffffffffffffffff, 0x0, 0x83, 0x0, 0x0)
connect$inet(r2, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r3 = dup(r2)
r4 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r3, r4, 0x0, 0x8000fffffffe)

21:02:06 executing program 1:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$KDADDIO(r1, 0x400455c8, 0x9)
dup2(r0, r1)
syz_usb_connect(0x0, 0x0, 0x0, 0x0)

21:02:06 executing program 3:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200))
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x9)
dup2(0xffffffffffffffff, r0)
syz_usb_connect(0x0, 0x0, 0x0, 0x0)

[  619.689719][   T58] Bluetooth: hci6: Frame reassembly failed (-84)
21:02:06 executing program 4:
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
syz_emit_ethernet(0x83, &(0x7f0000000200)=ANY=[@ANYBLOB="aaaaaaaaaaaaaabfaaaaaaaa86dd601b11bb004d8880fe800001087a1d2f0000000000000600ff02000000000000000000000000000101004e20"], 0x0)

[  619.759824][   T27] audit: type=1804 audit(1597266126.753:376): pid=17101 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/328/bus" dev="sda1" ino=15853 res=1 errno=0
[  619.795007][T15657] Bluetooth: hci7: sending frame failed (-49)
21:02:06 executing program 4:
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
syz_emit_ethernet(0x83, &(0x7f0000000200)=ANY=[@ANYBLOB="aaaaaaaaaaaaaabfaaaaaaaa86dd601b11bb004d8880fe800001087a1d2f0000000000000600ff02000000000000000000000000000101004e20004d"], 0x0)

21:02:07 executing program 5:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP_VS_SO_SET_STARTDAEMON(0xffffffffffffffff, 0x0, 0x48b, 0x0, 0x0)
bind$inet6(r1, &(0x7f0000000500)={0xa, 0x2}, 0x1c)
listen(r1, 0x0)
accept(r1, 0x0, 0x0)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x2, @local}, 0x10)
getsockopt$inet_tcp_buf(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)

21:02:07 executing program 4:
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
syz_emit_ethernet(0x83, &(0x7f0000000200)=ANY=[@ANYBLOB="aaaaaaaaaaaaaabfaaaaaaaa86dd601b11bb004d8880fe800001087a1d2f0000000000000600ff02000000000000000000000000000101004e20004d"], 0x0)

21:02:07 executing program 4:
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
syz_emit_ethernet(0x83, &(0x7f0000000200)=ANY=[@ANYBLOB="aaaaaaaaaaaaaabfaaaaaaaa86dd601b11bb004d8880fe800001087a1d2f0000000000000600ff02000000000000000000000000000101004e20004d"], 0x0)

21:02:07 executing program 5:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000240)={0x26, 'hash\x00', 0x0, 0x0, 'xxhash64\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)

[  620.110500][    C0] TCP: request_sock_TCP: Possible SYN flooding on port 2. Sending cookies.  Check SNMP counters.
[  620.128298][    C0] TCP: request_sock_TCP: Possible SYN flooding on port 2. Sending cookies.  Check SNMP counters.
[  621.714602][ T1546] Bluetooth: hci6: Entering manufacturer mode failed (-110)
[  621.722962][ T2545] Bluetooth: hci6: command tx timeout
[  621.874542][ T2545] Bluetooth: hci7: command 0x1003 tx timeout
[  621.882008][ T1546] Bluetooth: hci7: sending frame failed (-49)
[  623.954364][ T2545] Bluetooth: hci7: command 0x1001 tx timeout
[  623.960932][ T1546] Bluetooth: hci7: sending frame failed (-49)
[  626.034241][T10323] Bluetooth: hci7: command 0x1009 tx timeout
21:02:16 executing program 2:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r1, 0x400455c8, 0x0)
dup2(r0, r1)
syz_usb_connect(0x0, 0x0, 0x0, 0x0)

21:02:16 executing program 1:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$KDADDIO(r1, 0x400455c8, 0x9)
dup2(r0, r1)
syz_usb_connect(0x0, 0x0, 0x0, 0x0)

21:02:16 executing program 4:
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x0, @multicast2}, 0x10)

21:02:16 executing program 5:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000240)={0x26, 'hash\x00', 0x0, 0x0, 'xxhash64\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)

21:02:16 executing program 0:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0)
getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r1, 0x2007fff)
sendfile(r0, r0, 0x0, 0x8080fffffffe)
r2 = socket(0x2, 0x803, 0xff)
getsockopt$EBT_SO_GET_INIT_ENTRIES(0xffffffffffffffff, 0x0, 0x83, 0x0, 0x0)
connect$inet(r2, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r3 = dup(r2)
r4 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r3, r4, 0x0, 0x8000fffffffe)

21:02:16 executing program 3:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r1, 0x400455c8, 0x9)
dup2(r0, 0xffffffffffffffff)
syz_usb_connect(0x0, 0x0, 0x0, 0x0)

21:02:16 executing program 5:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000240)={0x26, 'hash\x00', 0x0, 0x0, 'xxhash64\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)

21:02:16 executing program 4:
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff7ffffffffffb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x2000000000000074, 0x25d)
bind$inet(r0, &(0x7f0000000280)={0x2, 0x4e23, @multicast1}, 0x10)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000400)=[{0x6, 0x0, 0x0, 0xe1}]}, 0x10)
socket$inet_icmp_raw(0x2, 0x3, 0x1)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000000)='bbr\x00', 0x3)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000600), 0x4)
sendto$inet(r0, &(0x7f00000012c0)="20048a927f1f6588b927481241ba7860f46ef65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95c25a3a07e758044ab4ea6f7ae55d88fecf9221a750fbf746bec66ba", 0xfe6a, 0xe, 0x0, 0xfffffffffffffe2b)

[  629.965239][  T354] Bluetooth: hci6: Frame reassembly failed (-84)
[  629.991136][T15657] Bluetooth: hci7: sending frame failed (-49)
21:02:17 executing program 5:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000240)={0x26, 'hash\x00', 0x0, 0x0, 'xxhash64\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)

[  630.091436][   T27] audit: type=1804 audit(1597266137.084:377): pid=17150 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/329/bus" dev="sda1" ino=15878 res=1 errno=0
21:02:17 executing program 5:
r0 = socket$alg(0x26, 0x5, 0x0)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)

21:02:17 executing program 4:
syz_usb_connect(0x0, 0x2d, &(0x7f0000000000)=ANY=[@ANYBLOB="1201fe0009003c0800240042ef420000000109021b000176006e0009"], 0x0)

21:02:17 executing program 5:
r0 = socket$alg(0x26, 0x5, 0x0)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)

[  630.674099][ T7291] usb 5-1: new high-speed USB device number 47 using dummy_hcd
[  630.933755][ T7291] usb 5-1: Using ep0 maxpacket: 8
[  631.063812][ T7291] usb 5-1: config 118 has an invalid descriptor of length 0, skipping remainder of the config
[  631.074267][ T7291] usb 5-1: config 118 has 0 interfaces, different from the descriptor's value: 1
[  631.083428][ T7291] usb 5-1: New USB device found, idVendor=2400, idProduct=4200, bcdDevice=42.ef
[  631.093794][ T7291] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  631.348903][ T2545] usb 5-1: USB disconnect, device number 47
[  632.033732][ T7291] Bluetooth: hci7: command 0x1003 tx timeout
[  632.039059][ T6858] Bluetooth: hci6: Entering manufacturer mode failed (-110)
[  632.039810][T15657] Bluetooth: hci7: sending frame failed (-49)
[  632.039874][ T7291] Bluetooth: hci6: command 0xfc11 tx timeout
[  632.143695][ T8130] usb 5-1: new high-speed USB device number 48 using dummy_hcd
[  632.413598][ T8130] usb 5-1: Using ep0 maxpacket: 8
[  632.533982][ T8130] usb 5-1: config 118 has an invalid descriptor of length 0, skipping remainder of the config
[  632.544450][ T8130] usb 5-1: config 118 has 0 interfaces, different from the descriptor's value: 1
[  632.554098][ T8130] usb 5-1: New USB device found, idVendor=2400, idProduct=4200, bcdDevice=42.ef
[  632.563149][ T8130] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  632.834671][ T7291] usb 5-1: USB disconnect, device number 48
[  634.113482][ T2545] Bluetooth: hci7: command 0x1001 tx timeout
[  634.120274][ T6858] Bluetooth: hci7: sending frame failed (-49)
[  636.193515][ T8130] Bluetooth: hci7: command 0x1009 tx timeout
21:02:27 executing program 2:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200))
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x9)
dup2(0xffffffffffffffff, r0)
syz_usb_connect(0x0, 0x0, 0x0, 0x0)

21:02:27 executing program 1:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(0xffffffffffffffff, 0x400455c8, 0x9)
dup2(r0, 0xffffffffffffffff)
syz_usb_connect(0x0, 0x0, 0x0, 0x0)

21:02:27 executing program 5:
r0 = socket$alg(0x26, 0x5, 0x0)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)

21:02:27 executing program 0:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0)
getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r1, 0x2007fff)
sendfile(r0, r0, 0x0, 0x8080fffffffe)
r2 = socket(0x2, 0x803, 0xff)
getsockopt$EBT_SO_GET_INIT_ENTRIES(0xffffffffffffffff, 0x0, 0x83, 0x0, 0x0)
connect$inet(r2, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r3 = dup(r2)
r4 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r3, r4, 0x0, 0x8000fffffffe)

21:02:27 executing program 3:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r1, 0x400455c8, 0x9)
dup2(r0, 0xffffffffffffffff)
syz_usb_connect(0x0, 0x0, 0x0, 0x0)

21:02:27 executing program 4:
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000100)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x2bf, 0x0, 0x32}, 0x9c)
bind$inet6(r0, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendto$inet6(r0, &(0x7f0000847fff)='X', 0x34000, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
shutdown(r0, 0x2)

[  640.185740][  T354] Bluetooth: hci6: Frame reassembly failed (-84)
21:02:27 executing program 5:
bind$alg(0xffffffffffffffff, &(0x7f0000000240)={0x26, 'hash\x00', 0x0, 0x0, 'xxhash64\x00'}, 0x58)
setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, 0x0, 0x0)

[  640.227461][   T27] audit: type=1804 audit(1597266147.225:378): pid=17211 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/330/bus" dev="sda1" ino=15904 res=1 errno=0
21:02:27 executing program 5:
bind$alg(0xffffffffffffffff, &(0x7f0000000240)={0x26, 'hash\x00', 0x0, 0x0, 'xxhash64\x00'}, 0x58)
setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, 0x0, 0x0)

21:02:27 executing program 4:

21:02:27 executing program 4:

21:02:27 executing program 5:
bind$alg(0xffffffffffffffff, &(0x7f0000000240)={0x26, 'hash\x00', 0x0, 0x0, 'xxhash64\x00'}, 0x58)
setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, 0x0, 0x0)

21:02:27 executing program 1:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(0xffffffffffffffff, 0x400455c8, 0x9)
dup2(r0, 0xffffffffffffffff)
syz_usb_connect(0x0, 0x0, 0x0, 0x0)

[  642.202838][ T1546] Bluetooth: hci6: Entering manufacturer mode failed (-110)
[  642.211256][   T12] Bluetooth: hci6: command tx timeout
[  642.272826][   T12] Bluetooth: hci7: command 0xfc11 tx timeout
[  642.273136][ T6858] Bluetooth: hci7: Entering manufacturer mode failed (-110)
21:02:29 executing program 2:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200))
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x9)
dup2(0xffffffffffffffff, r0)
syz_usb_connect(0x0, 0x0, 0x0, 0x0)

21:02:29 executing program 4:

21:02:29 executing program 5:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(0xffffffffffffffff, &(0x7f0000000240)={0x26, 'hash\x00', 0x0, 0x0, 'xxhash64\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)

21:02:29 executing program 0:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0)
r1 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r1, 0x0, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r2, 0x2007fff)
sendfile(r0, r0, 0x0, 0x8080fffffffe)
r3 = socket(0x2, 0x803, 0xff)
getsockopt$EBT_SO_GET_INIT_ENTRIES(0xffffffffffffffff, 0x0, 0x83, 0x0, 0x0)
connect$inet(r3, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r4 = dup(r3)
r5 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x8000fffffffe)

21:02:29 executing program 1:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(0xffffffffffffffff, 0x400455c8, 0x9)
dup2(r0, 0xffffffffffffffff)
syz_usb_connect(0x0, 0x0, 0x0, 0x0)

21:02:29 executing program 3:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r1, 0x400455c8, 0x9)
dup2(r0, 0xffffffffffffffff)
syz_usb_connect(0x0, 0x0, 0x0, 0x0)

21:02:29 executing program 4:

21:02:29 executing program 5:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(0xffffffffffffffff, &(0x7f0000000240)={0x26, 'hash\x00', 0x0, 0x0, 'xxhash64\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)

[  642.867247][  T354] Bluetooth: hci6: Frame reassembly failed (-84)
[  642.958090][   T27] audit: type=1804 audit(1597266149.955:379): pid=17248 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/331/bus" dev="sda1" ino=15929 res=1 errno=0
21:02:30 executing program 4:

21:02:30 executing program 5:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(0xffffffffffffffff, &(0x7f0000000240)={0x26, 'hash\x00', 0x0, 0x0, 'xxhash64\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)

21:02:30 executing program 4:

21:02:30 executing program 5:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, 0x0, 0x0)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)

[  644.912647][ T7291] Bluetooth: hci6: command 0xfc11 tx timeout
[  644.912667][ T6858] Bluetooth: hci6: Entering manufacturer mode failed (-110)
[  644.992844][ T7291] Bluetooth: hci7: command 0xfc11 tx timeout
[  644.994198][ T1546] Bluetooth: hci7: Entering manufacturer mode failed (-110)
21:02:32 executing program 2:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200))
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x9)
dup2(0xffffffffffffffff, r0)
syz_usb_connect(0x0, 0x0, 0x0, 0x0)

21:02:32 executing program 5:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, 0x0, 0x0)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)

21:02:32 executing program 4:

21:02:32 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x9)
dup2(0xffffffffffffffff, r0)
syz_usb_connect(0x0, 0x0, 0x0, 0x0)

21:02:32 executing program 0:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0)
r1 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r1, 0x0, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r2, 0x2007fff)
sendfile(r0, r0, 0x0, 0x8080fffffffe)
r3 = socket(0x2, 0x803, 0xff)
getsockopt$EBT_SO_GET_INIT_ENTRIES(0xffffffffffffffff, 0x0, 0x83, 0x0, 0x0)
connect$inet(r3, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r4 = dup(r3)
r5 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x8000fffffffe)

21:02:32 executing program 3:

21:02:32 executing program 4:

21:02:32 executing program 5:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, 0x0, 0x0)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)

21:02:32 executing program 3:

[  645.624138][   T58] Bluetooth: hci6: Frame reassembly failed (-84)
21:02:32 executing program 4:

[  645.687288][   T58] Bluetooth: hci7: Frame reassembly failed (-84)
[  645.709591][   T27] audit: type=1804 audit(1597266152.705:380): pid=17280 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/332/bus" dev="sda1" ino=15942 res=1 errno=0
21:02:32 executing program 3:

21:02:32 executing program 5:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000240)={0x26, 'hash\x00', 0x0, 0x0, 'xxhash64\x00'}, 0x58)
setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, 0x0, 0x0)

[  647.632410][   T12] Bluetooth: hci6: command 0xfc11 tx timeout
[  647.632450][ T1546] Bluetooth: hci6: Entering manufacturer mode failed (-110)
[  647.712622][ T6858] Bluetooth: hci7: Entering manufacturer mode failed (-110)
21:02:35 executing program 2:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r1, 0x400455c8, 0x9)
dup2(r0, 0xffffffffffffffff)
syz_usb_connect(0x0, 0x0, 0x0, 0x0)

21:02:35 executing program 4:
r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sequencer2\x00', 0x0, 0x0)
ioctl$SNDRV_SEQ_IOCTL_GET_SUBSCRIPTION(r0, 0x40085112, &(0x7f0000000140)={{0x7fff}, {}, 0x0, 0x0, 0x0, [], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffdfd]})
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, 0x0, 0x0)

21:02:35 executing program 5:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000240)={0x26, 'hash\x00', 0x0, 0x0, 'xxhash64\x00'}, 0x58)
setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, 0x0, 0x0)

21:02:35 executing program 3:
syz_usb_connect(0x0, 0x34, &(0x7f0000000180)=ANY=[@ANYBLOB="120100001c00f540c0070115146503000001090222000100000000090487000103011200090500000000000000070581bb6e86a9"], 0x0)

21:02:35 executing program 0:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0)
r1 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r1, 0x0, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r2, 0x2007fff)
sendfile(r0, r0, 0x0, 0x8080fffffffe)
r3 = socket(0x2, 0x803, 0xff)
getsockopt$EBT_SO_GET_INIT_ENTRIES(0xffffffffffffffff, 0x0, 0x83, 0x0, 0x0)
connect$inet(r3, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r4 = dup(r3)
r5 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x8000fffffffe)

21:02:35 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x9)
dup2(0xffffffffffffffff, r0)
syz_usb_connect(0x0, 0x0, 0x0, 0x0)

21:02:35 executing program 5:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000240)={0x26, 'hash\x00', 0x0, 0x0, 'xxhash64\x00'}, 0x58)
setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, 0x0, 0x0)

21:02:35 executing program 4:
syz_usb_connect(0x0, 0x3b3, &(0x7f00000000c0)={{0x12, 0x1, 0x0, 0x6c, 0x3, 0xe0, 0x8, 0x24c6, 0xd183, 0x4f36, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x2, 0xff, 0x5d, 0x81, 0x0, [], [{{0x9, 0x5, 0x85, 0xb, 0x8}}, {{0x9, 0x5, 0x1, 0x3, 0x8}}]}}]}}]}}, 0x0)

[  648.405251][   T27] audit: type=1804 audit(1597266155.405:381): pid=17317 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/333/bus" dev="sda1" ino=15964 res=1 errno=0
21:02:35 executing program 5:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x3c)
ptrace$cont(0x9, r0, 0x0, 0x7)

[  648.542461][   T12] usb 4-1: new high-speed USB device number 12 using dummy_hcd
[  648.792314][ T8130] usb 5-1: new high-speed USB device number 49 using dummy_hcd
[  648.932516][   T12] usb 4-1: config 0 has an invalid interface number: 135 but max is 0
[  648.940811][   T12] usb 4-1: config 0 has no interface number 0
[  648.948754][   T12] usb 4-1: config 0 interface 135 altsetting 0 has an invalid endpoint with address 0x0, skipping
[  648.960482][   T12] usb 4-1: config 0 interface 135 altsetting 0 endpoint 0x81 has an invalid bInterval 169, changing to 11
[  648.977918][   T12] usb 4-1: config 0 interface 135 altsetting 0 endpoint 0x81 has invalid maxpacket 1646, setting to 1024
[  648.990312][   T12] usb 4-1: config 0 interface 135 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 1
[  649.063254][ T8130] usb 5-1: Using ep0 maxpacket: 8
21:02:36 executing program 0:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0)
r1 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(0x0, 0x141042, 0x0)
ftruncate(r2, 0x2007fff)
sendfile(r0, r0, 0x0, 0x8080fffffffe)
r3 = socket(0x2, 0x803, 0xff)
getsockopt$EBT_SO_GET_INIT_ENTRIES(0xffffffffffffffff, 0x0, 0x83, 0x0, 0x0)
connect$inet(r3, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r4 = dup(r3)
r5 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x8000fffffffe)

[  649.092662][   T12] usb 4-1: New USB device found, idVendor=07c0, idProduct=1501, bcdDevice=65.14
[  649.101846][   T12] usb 4-1: New USB device strings: Mfr=3, Product=0, SerialNumber=0
[  649.111259][   T12] usb 4-1: Manufacturer: syz
[  649.122451][   T12] usb 4-1: config 0 descriptor??
[  649.142766][T17299] raw-gadget gadget: fail, usb_ep_enable returned -22
[  649.232820][ T8130] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x85 has an invalid bInterval 0, changing to 7
[  649.244341][ T8130] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x1 has an invalid bInterval 0, changing to 7
[  649.259122][ T8130] usb 5-1: New USB device found, idVendor=24c6, idProduct=d183, bcdDevice=4f.36
21:02:36 executing program 0:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0)
r1 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(0x0, 0x141042, 0x0)
ftruncate(r2, 0x2007fff)
sendfile(r0, r0, 0x0, 0x8080fffffffe)
r3 = socket(0x2, 0x803, 0xff)
getsockopt$EBT_SO_GET_INIT_ENTRIES(0xffffffffffffffff, 0x0, 0x83, 0x0, 0x0)
connect$inet(r3, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r4 = dup(r3)
r5 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x8000fffffffe)

[  649.273728][   T27] audit: type=1804 audit(1597266156.275:382): pid=17335 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/334/bus" dev="sda1" ino=15964 res=1 errno=0
[  649.278749][ T8130] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  649.321444][ T8130] usb 5-1: config 0 descriptor??
[  649.371791][   T23] usb 4-1: USB disconnect, device number 12
21:02:36 executing program 0:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0)
r1 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(0x0, 0x141042, 0x0)
ftruncate(r2, 0x2007fff)
sendfile(r0, r0, 0x0, 0x8080fffffffe)
r3 = socket(0x2, 0x803, 0xff)
getsockopt$EBT_SO_GET_INIT_ENTRIES(0xffffffffffffffff, 0x0, 0x83, 0x0, 0x0)
connect$inet(r3, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r4 = dup(r3)
r5 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x8000fffffffe)

[  649.434887][   T27] audit: type=1804 audit(1597266156.435:383): pid=17339 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/335/bus" dev="sda1" ino=15964 res=1 errno=0
[  649.501808][   T27] audit: type=1804 audit(1597266156.495:384): pid=17351 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/336/bus" dev="sda1" ino=15964 res=1 errno=0
[  649.581319][ T7291] usb 5-1: USB disconnect, device number 49
[  649.592377][    C1] xpad 5-1:0.0: xpad_irq_out - usb_submit_urb failed with result -19
[  650.182240][   T23] usb 4-1: new high-speed USB device number 13 using dummy_hcd
[  650.352176][ T7291] Bluetooth: hci7: command 0xfc11 tx timeout
[  650.358842][ T6858] Bluetooth: hci6: Entering manufacturer mode failed (-110)
[  650.362190][ T1546] Bluetooth: hci7: Entering manufacturer mode failed (-110)
[  650.376486][ T8237] usb 5-1: new high-speed USB device number 50 using dummy_hcd
[  650.582243][   T23] usb 4-1: config 0 has an invalid interface number: 135 but max is 0
[  650.590629][   T23] usb 4-1: config 0 has no interface number 0
[  650.598278][   T23] usb 4-1: config 0 interface 135 altsetting 0 has an invalid endpoint with address 0x0, skipping
[  650.609787][   T23] usb 4-1: config 0 interface 135 altsetting 0 endpoint 0x81 has an invalid bInterval 169, changing to 11
[  650.621826][   T23] usb 4-1: config 0 interface 135 altsetting 0 endpoint 0x81 has invalid maxpacket 1646, setting to 1024
[  650.633795][ T8237] usb 5-1: Using ep0 maxpacket: 8
[  650.638900][   T23] usb 4-1: config 0 interface 135 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 1
[  650.752551][   T23] usb 4-1: New USB device found, idVendor=07c0, idProduct=1501, bcdDevice=65.14
[  650.761596][   T23] usb 4-1: New USB device strings: Mfr=3, Product=0, SerialNumber=0
[  650.770945][   T23] usb 4-1: Manufacturer: syz
[  650.776961][ T8237] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x85 has an invalid bInterval 0, changing to 7
[  650.789051][   T23] usb 4-1: config 0 descriptor??
[  650.800182][ T8237] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x1 has an invalid bInterval 0, changing to 7
[  650.812945][ T8237] usb 5-1: New USB device found, idVendor=24c6, idProduct=d183, bcdDevice=4f.36
[  650.821989][ T8237] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  650.832798][T17299] raw-gadget gadget: fail, usb_ep_enable returned -22
[  650.840588][ T8237] usb 5-1: config 0 descriptor??
21:02:37 executing program 2:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r1, 0x400455c8, 0x9)
dup2(r0, 0xffffffffffffffff)
syz_usb_connect(0x0, 0x0, 0x0, 0x0)

21:02:37 executing program 0:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0)
r1 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0)
ftruncate(r2, 0x2007fff)
sendfile(r0, r0, 0x0, 0x8080fffffffe)
r3 = socket(0x2, 0x803, 0xff)
getsockopt$EBT_SO_GET_INIT_ENTRIES(0xffffffffffffffff, 0x0, 0x83, 0x0, 0x0)
connect$inet(r3, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r4 = dup(r3)
r5 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x8000fffffffe)

21:02:37 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x9)
dup2(0xffffffffffffffff, r0)
syz_usb_connect(0x0, 0x0, 0x0, 0x0)

[  650.980676][   T27] audit: type=1804 audit(1597266157.976:385): pid=17384 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/337/bus" dev="sda1" ino=15906 res=1 errno=0
[  651.009547][T15657] Bluetooth: hci7: sending frame failed (-49)
[  651.063769][   T23] usb 4-1: USB disconnect, device number 13
21:02:38 executing program 3:
fsopen(&(0x7f00000000c0)='bdev\x00', 0x0)

21:02:38 executing program 0:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0)
r1 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0)
ftruncate(r2, 0x2007fff)
sendfile(r0, r0, 0x0, 0x8080fffffffe)
r3 = socket(0x2, 0x803, 0xff)
getsockopt$EBT_SO_GET_INIT_ENTRIES(0xffffffffffffffff, 0x0, 0x83, 0x0, 0x0)
connect$inet(r3, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r4 = dup(r3)
r5 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x8000fffffffe)

21:02:38 executing program 4:
syz_usb_connect(0x0, 0x3b3, &(0x7f00000000c0)={{0x12, 0x1, 0x0, 0x6c, 0x3, 0xe0, 0x8, 0x24c6, 0xd183, 0x4f36, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x2, 0xff, 0x5d, 0x81, 0x0, [], [{{0x9, 0x5, 0x85, 0xb, 0x8}}, {{0x9, 0x5, 0x1, 0x3, 0x8}}]}}]}}]}}, 0x0)

[  651.100234][   T27] audit: type=1804 audit(1597266158.006:386): pid=17384 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/337/bus" dev="sda1" ino=15906 res=1 errno=0
[  651.102917][ T8237] usb 5-1: USB disconnect, device number 50
[  651.132133][    C1] xpad 5-1:0.0: xpad_irq_in - usb_submit_urb failed with result -19
[  651.140546][    C1] xpad 5-1:0.0: xpad_irq_out - usb_submit_urb failed with result -19
21:02:38 executing program 0:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0)
r1 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0)
ftruncate(r2, 0x2007fff)
sendfile(r0, r0, 0x0, 0x8080fffffffe)
r3 = socket(0x2, 0x803, 0xff)
getsockopt$EBT_SO_GET_INIT_ENTRIES(0xffffffffffffffff, 0x0, 0x83, 0x0, 0x0)
connect$inet(r3, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r4 = dup(r3)
r5 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x8000fffffffe)

21:02:38 executing program 3:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0xa, &(0x7f0000000200)=0x2000000000000074, 0x4)
setsockopt$inet_tcp_TCP_MD5SIG(r0, 0x6, 0xe, &(0x7f0000000300)={@in={{0x2, 0x0, @local}}, 0x0, 0x0, 0x41, 0x0, "fca3f6821acb7db2e131496c5e360349c697ea51a6436a153fb556da8f4542a35b5641c48168be2df943f8af472e0d3bf2aa4cb5de0b6bf4376e18fe20816a9d8295a02497c524bc851a8a66bd422c24"}, 0xd8)
bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e23, @multicast1}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
sendto$inet(r0, &(0x7f00000012c0)="11268a927f1f6588b967481241ba7860f46ef65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95c25a3a07e758044ab4ea6f7ae55d88fecf9281a7511bf746bec66ba", 0xfe6a, 0x11, 0x0, 0x27)

[  651.268341][   T27] audit: type=1804 audit(1597266158.266:387): pid=17407 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/338/bus" dev="sda1" ino=15947 res=1 errno=0
[  651.325278][   T27] audit: type=1804 audit(1597266158.276:388): pid=17407 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/338/bus" dev="sda1" ino=15947 res=1 errno=0
[  651.385589][   T27] audit: type=1804 audit(1597266158.356:389): pid=17411 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/339/bus" dev="sda1" ino=15934 res=1 errno=0
[  651.421723][   T27] audit: type=1804 audit(1597266158.366:390): pid=17411 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/339/bus" dev="sda1" ino=15934 res=1 errno=0
21:02:38 executing program 5:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000180)='/dev/rtc0\x00', 0x0, 0x0)
ioctl$FICLONERANGE(r0, 0x4020940d, &(0x7f00000001c0)={{r1}})

21:02:38 executing program 0:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0)
r1 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(0xffffffffffffffff, 0x2007fff)
sendfile(r0, r0, 0x0, 0x8080fffffffe)
r2 = socket(0x2, 0x803, 0xff)
getsockopt$EBT_SO_GET_INIT_ENTRIES(0xffffffffffffffff, 0x0, 0x83, 0x0, 0x0)
connect$inet(r2, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r3 = dup(r2)
r4 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r3, r4, 0x0, 0x8000fffffffe)

21:02:38 executing program 3:
r0 = syz_open_dev$loop(&(0x7f0000000880)='/dev/loop#\x00', 0x7f, 0x0)
ioctl$LOOP_SET_STATUS64(r0, 0x4c04, 0x0)

21:02:38 executing program 0:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0)
r1 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(0xffffffffffffffff, 0x2007fff)
sendfile(r0, r0, 0x0, 0x8080fffffffe)
r2 = socket(0x2, 0x803, 0xff)
getsockopt$EBT_SO_GET_INIT_ENTRIES(0xffffffffffffffff, 0x0, 0x83, 0x0, 0x0)
connect$inet(r2, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r3 = dup(r2)
r4 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r3, r4, 0x0, 0x8000fffffffe)

[  651.612232][   T27] audit: type=1804 audit(1597266158.606:391): pid=17416 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/340/bus" dev="sda1" ino=15913 res=1 errno=0
[  651.707412][   T27] audit: type=1804 audit(1597266158.706:392): pid=17422 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/341/bus" dev="sda1" ino=15906 res=1 errno=0
[  651.732394][ T8237] usb 5-1: new high-speed USB device number 51 using dummy_hcd
[  652.002097][ T8237] usb 5-1: Using ep0 maxpacket: 8
[  652.152241][ T8237] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x85 has an invalid bInterval 0, changing to 7
[  652.163302][ T8237] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x1 has an invalid bInterval 0, changing to 7
[  652.175452][ T8237] usb 5-1: New USB device found, idVendor=24c6, idProduct=d183, bcdDevice=4f.36
[  652.185205][ T8237] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  652.197515][ T8237] usb 5-1: config 0 descriptor??
[  652.469391][   T12] usb 5-1: USB disconnect, device number 51
[  652.482003][    C1] xpad 5-1:0.0: xpad_irq_out - usb_submit_urb failed with result -19
[  652.992153][ T1546] Bluetooth: hci6: Entering manufacturer mode failed (-110)
[  652.992550][   T12] Bluetooth: hci6: command 0xfc11 tx timeout
[  653.072016][   T23] Bluetooth: hci7: command 0xfc11 tx timeout
[  653.072056][ T6858] Bluetooth: hci7: Entering manufacturer mode failed (-110)
21:02:40 executing program 2:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r1, 0x400455c8, 0x9)
dup2(r0, 0xffffffffffffffff)
syz_usb_connect(0x0, 0x0, 0x0, 0x0)

21:02:40 executing program 3:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80, 0x21, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x1}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendmsg(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000040)="2f0000001c0005c5ffffff000d000000020000000b000000ec0079c9130001", 0xfed3}], 0x1}, 0x0)
sendmsg(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="2f0000001c0005c5ffffff080d0000000200001f01000000190102", 0x1b}], 0x1}, 0x4000000)
r0 = socket(0x10, 0x80002, 0x0)
sendmmsg$alg(r0, &(0x7f0000000140)=[{0x200003f8, 0x0, &(0x7f0000000100), 0x6, &(0x7f0000000100)}], 0x492492492492805, 0x0)

21:02:40 executing program 1:
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r1, 0x400455c8, 0x9)
dup2(r0, r1)
syz_usb_connect(0x0, 0x0, 0x0, 0x0)

21:02:40 executing program 5:
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r1 = syz_open_procfs(0x0, &(0x7f0000000040)='net/ip6_mr_vif\x00')
sendfile(r0, r1, 0x0, 0x800000080004103)

21:02:40 executing program 0:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0)
r1 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(0xffffffffffffffff, 0x2007fff)
sendfile(r0, r0, 0x0, 0x8080fffffffe)
r2 = socket(0x2, 0x803, 0xff)
getsockopt$EBT_SO_GET_INIT_ENTRIES(0xffffffffffffffff, 0x0, 0x83, 0x0, 0x0)
connect$inet(r2, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r3 = dup(r2)
r4 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r3, r4, 0x0, 0x8000fffffffe)

21:02:40 executing program 4:
syz_usb_connect(0x0, 0x3b3, &(0x7f00000000c0)={{0x12, 0x1, 0x0, 0x6c, 0x3, 0xe0, 0x8, 0x24c6, 0xd183, 0x4f36, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x2, 0xff, 0x5d, 0x81, 0x0, [], [{{0x9, 0x5, 0x85, 0xb, 0x8}}, {{0x9, 0x5, 0x1, 0x3, 0x8}}]}}]}}]}}, 0x0)

21:02:40 executing program 0:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0)
r1 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r2, 0x0)
sendfile(r0, r0, 0x0, 0x8080fffffffe)
r3 = socket(0x2, 0x803, 0xff)
getsockopt$EBT_SO_GET_INIT_ENTRIES(0xffffffffffffffff, 0x0, 0x83, 0x0, 0x0)
connect$inet(r3, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r4 = dup(r3)
r5 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x8000fffffffe)

[  653.694008][   T27] audit: type=1804 audit(1597266160.696:393): pid=17453 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/342/bus" dev="sda1" ino=15974 res=1 errno=0
21:02:40 executing program 5:
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x100000000008, 0x926, 0x3333, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x9, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x22}}}}]}}]}}, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io(0xffffffffffffffff, &(0x7f0000000080)={0x18, &(0x7f0000000340)=ANY=[], 0x0, 0x0, 0x0, 0x0}, 0x0)
r1 = syz_open_dev$evdev(&(0x7f0000000080)='/dev/input/event#\x00', 0xea, 0x0)
ioctl$EVIOCSKEYCODE_V2(r1, 0x80284504, &(0x7f0000000180)={0x0, 0x2, 0x0, 0x0, "fd3092cfa6ec31675171da9cb78d3e18b5ae8b5ad5cdeda062206da6c0c826ff"})

21:02:40 executing program 3:
syz_usb_control_io(0xffffffffffffffff, 0x0, &(0x7f0000000100)={0x84, 0x0, 0x0, 0x0, &(0x7f00000004c0)={0x20, 0x0, 0x4}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r0 = syz_usb_connect$printer(0x0, 0x36, &(0x7f0000000240)=ANY=[@ANYBLOB="12010000090000082505a8a40700000000010902240001010000000904000012070103000905010200ffe00000090582021a"], 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000740)={0x84, 0x0, 0x0, 0x0, 0x0, &(0x7f00000004c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_genetlink_get_family_id$fou(&(0x7f00000001c0)='fou\x00')
syz_open_procfs(0x0, &(0x7f0000000000)='net/ipv6_route\x00')
syz_open_dev$char_usb(0xc, 0xb4, 0x0)
syz_usb_disconnect(r0)
syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000940)=ANY=[], 0x0)

[  653.784512][   T58] Bluetooth: hci7: Frame reassembly failed (-84)
21:02:40 executing program 0:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0)
r1 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r2, 0x0)
sendfile(r0, r0, 0x0, 0x8080fffffffe)
r3 = socket(0x2, 0x803, 0xff)
getsockopt$EBT_SO_GET_INIT_ENTRIES(0xffffffffffffffff, 0x0, 0x83, 0x0, 0x0)
connect$inet(r3, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r4 = dup(r3)
r5 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x8000fffffffe)

[  653.886603][   T27] audit: type=1804 audit(1597266160.886:394): pid=17469 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/343/bus" dev="sda1" ino=15893 res=1 errno=0
21:02:41 executing program 0:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0)
r1 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r2, 0x0)
sendfile(r0, r0, 0x0, 0x8080fffffffe)
r3 = socket(0x2, 0x803, 0xff)
getsockopt$EBT_SO_GET_INIT_ENTRIES(0xffffffffffffffff, 0x0, 0x83, 0x0, 0x0)
connect$inet(r3, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r4 = dup(r3)
r5 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x8000fffffffe)

[  653.955659][ T7291] usb 5-1: new high-speed USB device number 52 using dummy_hcd
21:02:41 executing program 0:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0)
r1 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r2, 0x2007fff)
sendfile(0xffffffffffffffff, r0, 0x0, 0x8080fffffffe)
r3 = socket(0x2, 0x803, 0xff)
getsockopt$EBT_SO_GET_INIT_ENTRIES(0xffffffffffffffff, 0x0, 0x83, 0x0, 0x0)
connect$inet(r3, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r4 = dup(r3)
r5 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x8000fffffffe)

[  654.112342][ T8237] usb 6-1: new high-speed USB device number 14 using dummy_hcd
[  654.161886][   T12] usb 4-1: new high-speed USB device number 14 using dummy_hcd
[  654.202387][ T7291] usb 5-1: Using ep0 maxpacket: 8
[  654.322079][ T7291] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x85 has an invalid bInterval 0, changing to 7
[  654.343872][ T7291] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x1 has an invalid bInterval 0, changing to 7
[  654.362222][ T8237] usb 6-1: Using ep0 maxpacket: 8
[  654.372715][ T7291] usb 5-1: New USB device found, idVendor=24c6, idProduct=d183, bcdDevice=4f.36
[  654.391945][ T7291] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  654.405825][   T12] usb 4-1: Using ep0 maxpacket: 8
[  654.425432][ T7291] usb 5-1: config 0 descriptor??
[  654.503079][ T8237] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  654.517482][ T8237] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  654.523923][   T12] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid maxpacket 1792, setting to 1024
[  654.528103][ T8237] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  654.552090][ T8237] usb 6-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.00
[  654.562249][ T8237] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  654.568507][   T12] usb 4-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 1024
[  654.572602][ T8237] usb 6-1: config 0 descriptor??
[  654.605874][   T12] usb 4-1: config 1 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 26
[  654.645339][   T12] usb 4-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  654.690967][   T12] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.07
[  654.707998][   T12] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  654.719637][ T7291] usb 5-1: USB disconnect, device number 52
[  654.725718][    C0] xpad 5-1:0.0: xpad_irq_in - usb_submit_urb failed with result -19
[  654.725778][    C0] xpad 5-1:0.0: xpad_irq_out - usb_submit_urb failed with result -19
[  654.772230][T17471] raw-gadget gadget: fail, usb_ep_enable returned -22
[  654.779214][T17471] raw-gadget gadget: fail, usb_ep_enable returned -22
[  654.814682][   T12] hub 4-1:1.0: bad descriptor, ignoring hub
[  654.820698][   T12] hub: probe of 4-1:1.0 failed with error -5
[  655.015340][T17471] raw-gadget gadget: fail, usb_ep_enable returned -22
[  655.023016][T17471] raw-gadget gadget: fail, usb_ep_enable returned -22
[  655.121866][ T8237] usbhid 6-1:0.0: can't add hid device: -71
[  655.127896][ T8237] usbhid: probe of 6-1:0.0 failed with error -71
[  655.143057][ T8237] usb 6-1: USB disconnect, device number 14
[  655.266822][   T12] usblp 4-1:1.0: usblp0: USB Bidirectional printer dev 14 if 0 alt 0 proto 3 vid 0x0525 pid 0xA4A8
[  655.631978][ T6858] Bluetooth: hci6: Entering manufacturer mode failed (-110)
[  655.633293][   T23] Bluetooth: hci6: command 0xfc11 tx timeout
[  655.791776][ T1546] Bluetooth: hci7: Entering manufacturer mode failed (-110)
[  655.791783][   T23] Bluetooth: hci7: command 0xfc11 tx timeout
[  655.802798][   T17] usb 6-1: new high-speed USB device number 15 using dummy_hcd
[  655.901813][T17471] usb 4-1: reset high-speed USB device number 14 using dummy_hcd
[  656.051778][   T17] usb 6-1: Using ep0 maxpacket: 8
21:02:43 executing program 4:
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000280)="6653078001003c27bc327600363940a9f3ffff2f0000006edc00278dcff47d01000080ca99f847605e03127172c61d79cffec86745a4298063acf2678cef33800700000000000000064d8a3aae14e7b2738e4907dc4e4c672d0f00c2f009b6cb8f0e625b59d04000891646a035e4a69a1f41d1d0a0de80b9aa2ff4e6896c89ed0a4a09946d00c2b7a78ac8362201002157b64827a09ba4a1bc7a7d48cf20bb21b14a19eb1bc6ece7e6cb04074616bc8d71ddad5017dfa81b1c451d010e47cc63c5f8a0f7a9e6abd7610fe805bcd758b4fe6245ea87a6d3f5751b2c667f0690a6da4876632e8107bd8f20de251ad0b5a7481e90658000000000080000000000000000ebfe2179f50e23", 0x109}], 0x4, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x3c)
sendmsg$TIPC_CMD_SHOW_LINK_STATS(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)=ANY=[@ANYBLOB="28020400", @ANYRES16, @ANYBLOB="010028"], 0x28}}, 0x0)
ptrace$cont(0x18, r0, 0x0, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x20, r0, 0x0, 0x0)

21:02:43 executing program 0:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0)
r1 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r2, 0x2007fff)
sendfile(0xffffffffffffffff, r0, 0x0, 0x8080fffffffe)
r3 = socket(0x2, 0x803, 0xff)
getsockopt$EBT_SO_GET_INIT_ENTRIES(0xffffffffffffffff, 0x0, 0x83, 0x0, 0x0)
connect$inet(r3, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r4 = dup(r3)
r5 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x8000fffffffe)

[  656.171787][T17471] usb 4-1: Using ep0 maxpacket: 8
[  656.175715][   T17] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  656.200760][   T17] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  656.219357][   T17] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  656.235124][T17529] ptrace attach of "/root/syz-executor.4"[17528] was attempted by "/root/syz-executor.4"[17529]
[  656.256130][   T17] usb 6-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.00
21:02:43 executing program 2:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$msdos(&(0x7f0000000040)='msdos\x00', &(0x7f00000003c0)='./file1\x00', 0xffffffff, 0x1, &(0x7f0000000080)=[{&(0x7f00000000c0)="040005090000000066617400040409000200027400f801", 0x17}], 0x0, &(0x7f00000004c0)=ANY=[])
chdir(&(0x7f0000000000)='./file1\x00')
r2 = creat(&(0x7f0000000240)='./bus\x00', 0x0)
fallocate(r2, 0x100000001, 0x0, 0x9)

21:02:43 executing program 4:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_FLUSH(r0, &(0x7f00000001c0)={0x0, 0xf000000, &(0x7f0000000040)={&(0x7f0000000140)={0x1c, 0x4, 0x6, 0x101, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}}, 0x0)

21:02:43 executing program 1:
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r1, 0x400455c8, 0x9)
dup2(r0, r1)
syz_usb_connect(0x0, 0x0, 0x0, 0x0)

[  656.266978][   T27] kauditd_printk_skb: 3 callbacks suppressed
[  656.266991][   T27] audit: type=1804 audit(1597266163.266:398): pid=17527 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/347/bus" dev="sda1" ino=15978 res=1 errno=0
[  656.296999][   T17] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  656.302407][T17512] raw-gadget gadget: fail, usb_ep_enable returned -22
[  656.327364][T17512] raw-gadget gadget: fail, usb_ep_enable returned -22
[  656.335536][   T17] usb 6-1: config 0 descriptor??
21:02:43 executing program 4:
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x5, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff7fffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_usb_connect(0x0, 0x24, &(0x7f0000000540)={{0x12, 0x1, 0x0, 0x15, 0x5f, 0x84, 0x10, 0x547, 0x6801, 0x8b45, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0x2f, 0x35, 0x65}}]}}]}}, 0x0)

[  656.411712][    C0] usblp0: nonzero read bulk status received: -71
[  656.469414][  T354] Bluetooth: hci6: Frame reassembly failed (-84)
[  656.581031][ T7291] usb 4-1: USB disconnect, device number 14
21:02:43 executing program 2:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$msdos(&(0x7f0000000040)='msdos\x00', &(0x7f00000003c0)='./file1\x00', 0xffffffff, 0x1, &(0x7f0000000080)=[{&(0x7f00000000c0)="040005090000000066617400040409000200027400f801", 0x17}], 0x0, &(0x7f00000004c0)=ANY=[])
chdir(&(0x7f0000000000)='./file1\x00')
r2 = creat(&(0x7f0000000240)='./bus\x00', 0x0)
fallocate(r2, 0x100000001, 0x0, 0x9)

[  656.621127][ T7291] usblp0: removed
21:02:43 executing program 5:
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000200)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0xa9885700, 0x0, 0x0, 0x0, 0x0)

[  656.691810][   T17] usbhid 6-1:0.0: can't add hid device: -71
[  656.697987][   T17] usbhid: probe of 6-1:0.0 failed with error -71
[  656.742771][   T17] usb 6-1: USB disconnect, device number 15
[  656.833294][ T8237] usb 5-1: new high-speed USB device number 53 using dummy_hcd
[  657.081674][ T8237] usb 5-1: Using ep0 maxpacket: 16
21:02:44 executing program 3:
r0 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000580)=ANY=[@ANYBLOB="0c01000024000b0f00fa00"/20, @ANYRES32, @ANYBLOB="00000000ffffffff000000000a0001006e6574656d000000dc0002000000000000000000000000000000000000000000000000000c0008000000000000000000140006"], 0x10c}}, 0x0)

21:02:44 executing program 5:
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000200)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0xa9885700, 0x0, 0x0, 0x0, 0x0)

21:02:44 executing program 0:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0)
r1 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r2, 0x2007fff)
sendfile(0xffffffffffffffff, r0, 0x0, 0x8080fffffffe)
r3 = socket(0x2, 0x803, 0xff)
getsockopt$EBT_SO_GET_INIT_ENTRIES(0xffffffffffffffff, 0x0, 0x83, 0x0, 0x0)
connect$inet(r3, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r4 = dup(r3)
r5 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x8000fffffffe)

21:02:44 executing program 2:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$msdos(&(0x7f0000000040)='msdos\x00', &(0x7f00000003c0)='./file1\x00', 0xffffffff, 0x1, &(0x7f0000000080)=[{&(0x7f00000000c0)="040005090000000066617400040409000200027400f801", 0x17}], 0x0, &(0x7f00000004c0)=ANY=[])
chdir(&(0x7f0000000000)='./file1\x00')
r2 = creat(&(0x7f0000000240)='./bus\x00', 0x0)
fallocate(r2, 0x100000001, 0x0, 0x9)

[  657.107995][T17582] udc-core: couldn't find an available UDC or it's busy
[  657.140307][T17582] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  657.202487][ T8237] usb 5-1: New USB device found, idVendor=0547, idProduct=6801, bcdDevice=8b.45
[  657.227542][ T8237] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  657.269473][ T8237] usb 5-1: config 0 descriptor??
21:02:44 executing program 5:
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000200)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x78, 0x78, 0x3, [@enum={0x0, 0x3, 0x0, 0x6, 0x4, [{}, {}, {}]}, @union={0x0, 0x6, 0x0, 0x5, 0x0, 0x0, [{}, {}, {}, {}, {}, {}]}]}, {0x0, [0x0]}}, 0x0, 0x93}, 0x20)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b90cb6974f527cc14538d1efb1ffe03284f6d33265be9c604c893f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x0, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

[  657.300712][   T27] audit: type=1804 audit(1597266164.296:399): pid=17590 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/348/bus" dev="sda1" ino=15977 res=1 errno=0
21:02:44 executing program 3:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_FLUSH(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)={0x1c, 0x4, 0x6, 0x101, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}}, 0x0)

21:02:44 executing program 2:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$msdos(&(0x7f0000000040)='msdos\x00', &(0x7f00000003c0)='./file1\x00', 0xffffffff, 0x1, &(0x7f0000000080)=[{&(0x7f00000000c0)="040005090000000066617400040409000200027400f801", 0x17}], 0x0, &(0x7f00000004c0)=ANY=[])
chdir(&(0x7f0000000000)='./file1\x00')
r2 = creat(&(0x7f0000000240)='./bus\x00', 0x0)
fallocate(r2, 0x100000001, 0x0, 0x9)

21:02:44 executing program 5:
setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, 0x0, 0x0)
socket$netlink(0x10, 0x3, 0x0)
socket$packet(0x11, 0x0, 0x300)
sendmsg$IPSET_CMD_SAVE(0xffffffffffffffff, 0x0, 0x20008011)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
timer_create(0x0, &(0x7f0000000040)={0x0, 0x12}, &(0x7f0000000080))
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000100)=<r0=>0x0)
timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
socket(0x0, 0x0, 0x0)
poll(0x0, 0x0, 0x204)
r1 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0)
readv(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)=""/65, 0x7ffff000}], 0x1)
r2 = creat(&(0x7f0000000300)='./file0\x00', 0x0)
fdatasync(r2)

[  657.502798][T17603] ptrace attach of "/root/syz-executor.5"[17602] was attempted by "/root/syz-executor.5"[17603]
[  657.532662][   T12] usb 5-1: USB disconnect, device number 53
[  658.511613][ T1546] Bluetooth: hci6: Entering manufacturer mode failed (-110)
[  658.511764][ T8237] Bluetooth: hci6: command 0xfc11 tx timeout
21:02:46 executing program 1:
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r1, 0x400455c8, 0x9)
dup2(r0, r1)
syz_usb_connect(0x0, 0x0, 0x0, 0x0)

21:02:46 executing program 2:
r0 = socket(0x200000000000011, 0x3, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000000c0)={'bridge_slave_0\x00', <r2=>0x0})
bind$packet(r0, &(0x7f0000000240)={0x11, 0x0, r2}, 0x14)
getsockname$packet(r0, &(0x7f0000000500)={0x11, 0x0, <r3=>0x0}, &(0x7f0000000000)=0x14)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="240000005e000700000000000069aa0000000000", @ANYRES32=r3, @ANYBLOB="10"], 0x24}}, 0x0)
r4 = socket$inet_udp(0x2, 0x2, 0x0)
r5 = dup(r4)
ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200)
r6 = socket(0x10, 0x80002, 0x0)
sendmmsg$alg(r6, &(0x7f0000000180)=[{0x2, 0x1000000000000, &(0x7f0000000080), 0xe, &(0x7f0000000100)}], 0x492492492492642, 0x0)

21:02:46 executing program 3:
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000280)="6653078001003c27bc327600363940a9f3ffff2f0000006edc00278dcff47d01000080ca99f847605e03127172c61d79cffec86745a4298063acf2678cef33800700000000000000064d8a3aae14e7b2738e4907dc4e4c672d0f00c2f009b6cb8f0e625b59d04000891646a035e4a69a1f41d1d0a0de80b9aa2ff4e6896c89ed0a4a09946d00c2b7a78ac8362201002157b64827a09ba4a1bc7a7d48cf20bb21b14a19eb1bc6ece7e6cb04074616bc8d71ddad5017dfa81b1c451d010e47cc63c5f8a0f7a9e6abd7610fe805bcd758b4fe6245ea87a6d3f5751b2c667f0690a6da4876632e8107bd8f20de251ad0b5a7481e90658000000000080000000000000000ebfe2179f50e23ba18d926a1c778858870b46cd4758f743fdbd5af8d95e130194d56dd6ea919660b6cc8c2", 0x12d}], 0x4, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x3c)
r1 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000000)={0x0, 0x0, <r2=>0x0}, &(0x7f0000000040)=0xfd27)
write$FUSE_ATTR(0xffffffffffffffff, &(0x7f0000000080)={0x78, 0x0, 0x0, {0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r2}}}, 0x78)
ptrace$cont(0x18, r0, 0x0, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x20, r0, 0x0, 0x0)

21:02:46 executing program 5:
setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, 0x0, 0x0)
socket$netlink(0x10, 0x3, 0x0)
socket$packet(0x11, 0x0, 0x300)
sendmsg$IPSET_CMD_SAVE(0xffffffffffffffff, 0x0, 0x20008011)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
timer_create(0x0, &(0x7f0000000040)={0x0, 0x12}, &(0x7f0000000080))
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000100)=<r0=>0x0)
timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
socket(0x0, 0x0, 0x0)
poll(0x0, 0x0, 0x204)
r1 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0)
readv(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)=""/65, 0x7ffff000}], 0x1)
r2 = creat(&(0x7f0000000300)='./file0\x00', 0x0)
fdatasync(r2)

21:02:46 executing program 4:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$msdos(&(0x7f0000000040)='msdos\x00', &(0x7f00000003c0)='./file1\x00', 0xffffffff, 0x1, &(0x7f0000000080)=[{&(0x7f00000000c0)="040005090000000066617400040409000200027400f801", 0x17}], 0x0, &(0x7f00000004c0)=ANY=[])
chdir(&(0x7f0000000000)='./file1\x00')
r2 = creat(&(0x7f0000000240)='./bus\x00', 0x0)
fallocate(r2, 0x100000001, 0xf60f, 0x9)

21:02:46 executing program 0:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0)
r1 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r2, 0x2007fff)
sendfile(r0, 0xffffffffffffffff, 0x0, 0x8080fffffffe)
r3 = socket(0x2, 0x803, 0xff)
getsockopt$EBT_SO_GET_INIT_ENTRIES(0xffffffffffffffff, 0x0, 0x83, 0x0, 0x0)
connect$inet(r3, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r4 = dup(r3)
r5 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x8000fffffffe)

21:02:46 executing program 2:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
setsockopt$packet_int(r1, 0x107, 0x10000000000f, &(0x7f0000006ffc)=0x40000008, 0x4)
r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendmsg$SEG6_CMD_GET_TUNSRC(0xffffffffffffffff, 0x0, 0x0)
sendmsg$SEG6_CMD_DUMPHMAC(0xffffffffffffffff, 0x0, 0x0)
sendmsg$SEG6_CMD_SET_TUNSRC(0xffffffffffffffff, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000200)={'bond0\x00', <r3=>0x0})
bind$packet(r0, &(0x7f0000000640)={0x11, 0x0, r3, 0x1, 0x0, 0x6, @link_local}, 0x14)
sendto$inet6(r0, &(0x7f0000000300)="0503d03206023e0400a00000c513f7c25975e697b02f08066b2b2ff0dac8897c6b11876d886b143a301817ccd51cc5471d130a6632a88161b6fd8f24286a57c3fe257c3314a3974bb654697f", 0xfdfa, 0x0, 0x0, 0x0)

21:02:46 executing program 3:
perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0xa7, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
arch_prctl$ARCH_SET_GS(0x1001, 0x0)

[  659.084042][   T27] audit: type=1804 audit(1597266166.076:400): pid=17625 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/349/bus" dev="sda1" ino=15983 res=1 errno=0
[  659.113024][T17631] ptrace attach of "/root/syz-executor.3"[17630] was attempted by "/root/syz-executor.3"[17631]
21:02:46 executing program 4:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$msdos(&(0x7f0000000040)='msdos\x00', &(0x7f00000003c0)='./file1\x00', 0xffffffff, 0x1, &(0x7f0000000080)=[{&(0x7f00000000c0)="040005090000000066617400040409000200027400f801", 0x17}], 0x0, &(0x7f00000004c0)=ANY=[])
chdir(&(0x7f0000000000)='./file1\x00')
r2 = creat(&(0x7f0000000240)='./bus\x00', 0x0)
fallocate(r2, 0x100000001, 0xf60f, 0x9)

[  659.295415][  T354] Bluetooth: hci6: Frame reassembly failed (-84)
21:02:46 executing program 3:
perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x7f, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sync()
tkill(0x0, 0x0)
socket(0x0, 0x0, 0x0)
ioctl$FIBMAP(0xffffffffffffffff, 0x1, 0x0)

21:02:46 executing program 2:
perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x7f, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = msgget$private(0x0, 0x0)
msgsnd(r0, &(0x7f0000000000)={0x2}, 0x2000, 0x0)
msgctl$IPC_SET(r0, 0x1, &(0x7f0000000100)={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000})

21:02:46 executing program 4:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$msdos(&(0x7f0000000040)='msdos\x00', &(0x7f00000003c0)='./file1\x00', 0xffffffff, 0x1, &(0x7f0000000080)=[{&(0x7f00000000c0)="040005090000000066617400040409000200027400f801", 0x17}], 0x0, &(0x7f00000004c0)=ANY=[])
chdir(&(0x7f0000000000)='./file1\x00')
r2 = creat(&(0x7f0000000240)='./bus\x00', 0x0)
fallocate(r2, 0x100000001, 0xf60f, 0x9)

[  661.321466][ T1546] Bluetooth: hci6: Entering manufacturer mode failed (-110)
21:02:48 executing program 1:
socketpair$unix(0x1, 0x1, 0x0, 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x9)
dup2(0xffffffffffffffff, r0)
syz_usb_connect(0x0, 0x0, 0x0, 0x0)

21:02:48 executing program 3:
perf_event_open(&(0x7f00000000c0)={0x2, 0x70, 0x7f, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
r0 = open(&(0x7f0000000100)='./bus\x00', 0x141042, 0x0)
fallocate(r0, 0x8, 0x0, 0xfffffeff000)
bind$packet(0xffffffffffffffff, 0x0, 0x0)
ioctl$int_in(0xffffffffffffffff, 0x0, &(0x7f0000000000))

21:02:48 executing program 2:
socket(0x0, 0x0, 0x0)
setsockopt$netlink_NETLINK_TX_RING(0xffffffffffffffff, 0x10e, 0xc, 0x0, 0x0)
perf_event_open(&(0x7f00000003c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf3e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x2, 0x16, &(0x7f0000001200)=ANY=[@ANYBLOB="61128c000000000061138c0000000000bf200000000000001500000063a700002d0301000000000095000000000000006916000000000000bf670000000000004506000023ff07002706000020000000070300000fe60060bf050000000000000f650000000000006507f9ff01000000070700004c0000001f75000000000000bf540000000000000704000004000b607e3601000000000095000000000000000500000000000000950000000000000032ed3c5be95e5db67754bb12dc8c27df8ecf264e0f84f9f17d3c30e3c7bdd2d17f2f1754558f2278af0100008000000000b1d8a5d4601d2969571e98c5f6b8d8c31bc51429b05c45a6a0b9bdb7dd399703d6c4f6f3be4b369289aa6812b8e007e733a9a4f16d0a3e1282ee45a010fb94fe9de56c9d8a814261bdb94a05000000c6c60bf70d742a8100000000000000810b5b40d893d98fe0185473d51b546cad3f1d5af65727546e7c955ccefa1f6ab689fde4de4e63ede20271a51445dc8da39e5b0ab71ca1b901627b562ed04ae76002d4519af619e3cca4d69e0dee5eb106774a8f3e6916dfec88158f0200000000c8fb735fd552bdc206004aeb0743eb2dc819b6cf5c8ac86d8a297dff0445a13d0045fb3cda32a673a6bb55d8c85f21dce431e56723888fb126a163f16fb2ad9bc1172ba7cbebe174aba210d739a018f9bbec63222d20cecac4d03723f1c932b3a6aa57f1ad2e99e0e67a993716dbf580469f0f53acbbea2040b401e3738270b315d362ed834f2af97787f696649a462e7ee4bcf8b07a10d6735154beb4000000000000000000000000000000bc00f674629709e7e78f4ddc211bc3ebf0bd9d42ca019dd5d022cf74686e9fbe2562671cd47840a711c8829a6c0a7b72118d46d1e827f3472f4445d253887a5ad103649afa17690884f800031e03a651bb96589a7eab04871bc47287cd31cc43ea0ffa567b40407d00000000000000e98a523d80bd0d0d703f37ca363f601ae899a53f6715a0a62a34b0c94cce6994521629ab028acfc1d926a0f6a5480a55c22fe394ac000000000000000000000000000000437d57deeb70b0b27df3ad08e95062aaf10be740626609a756673ade6d4b25a8464acc46db5b40a48bf045e487efaa5aa84a6ac79b994138a60d3238ac21245b6c788a0691fa8a851d112039e0d976db881324273f74eafbc57e92774c8b7cd776874a20ecccf094f7bfa2fe57d65750078e4d184f72775c6832301fdde30d8bf2d0a3a0ce840b62fe1a5b00"/916], &(0x7f0000000100)='GPL\x00'}, 0x48)

21:02:48 executing program 4:

21:02:48 executing program 0:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0)
r1 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r2, 0x2007fff)
sendfile(r0, 0xffffffffffffffff, 0x0, 0x8080fffffffe)
r3 = socket(0x2, 0x803, 0xff)
getsockopt$EBT_SO_GET_INIT_ENTRIES(0xffffffffffffffff, 0x0, 0x83, 0x0, 0x0)
connect$inet(r3, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r4 = dup(r3)
r5 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x8000fffffffe)

21:02:48 executing program 5:

21:02:49 executing program 5:

[  661.904481][   T27] audit: type=1804 audit(1597266168.896:401): pid=17683 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/350/bus" dev="sda1" ino=16015 res=1 errno=0
21:02:49 executing program 4:

21:02:49 executing program 3:

21:02:49 executing program 5:

[  662.084261][  T354] Bluetooth: hci6: Frame reassembly failed (-84)
21:02:49 executing program 4:

21:02:49 executing program 3:

[  664.111123][T10323] Bluetooth: hci6: command 0xfc11 tx timeout
[  664.111157][ T1546] Bluetooth: hci6: Entering manufacturer mode failed (-110)
21:02:51 executing program 1:
socketpair$unix(0x1, 0x1, 0x0, 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x9)
dup2(0xffffffffffffffff, r0)
syz_usb_connect(0x0, 0x0, 0x0, 0x0)

21:02:51 executing program 5:

21:02:51 executing program 4:

21:02:51 executing program 3:

21:02:51 executing program 2:

21:02:51 executing program 0:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0)
r1 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r2, 0x2007fff)
sendfile(r0, 0xffffffffffffffff, 0x0, 0x8080fffffffe)
r3 = socket(0x2, 0x803, 0xff)
getsockopt$EBT_SO_GET_INIT_ENTRIES(0xffffffffffffffff, 0x0, 0x83, 0x0, 0x0)
connect$inet(r3, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r4 = dup(r3)
r5 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x8000fffffffe)

21:02:51 executing program 5:
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x5, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_usb_connect(0x0, 0x0, 0x0, 0x0)

21:02:51 executing program 2:
creat(&(0x7f0000000400)='./bus\x00', 0x0)
r0 = open(&(0x7f0000000200)='./bus\x00', 0x10103e, 0x0)
mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x7ffffe, 0x4002011, r0, 0x0)
ftruncate(r0, 0xcf01)
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r2 = dup(r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
mincore(&(0x7f0000000000/0x400000)=nil, 0x400000, &(0x7f0000000080)=""/164)

21:02:51 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
ioctl$KVM_CREATE_PIT2(r3, 0x4040ae77, &(0x7f0000000080))
r4 = dup3(r3, r1, 0x0)
ioctl$KVM_SET_PIT2(r4, 0x4070aea0, &(0x7f0000000000)={[{0x1}]})

21:02:51 executing program 4:
mkdir(&(0x7f0000000240)='./file1\x00', 0x0)
mkdir(&(0x7f0000000180)='./bus\x00', 0x0)
mkdir(&(0x7f0000000280)='./file0\x00', 0x0)
mount$overlay(0x400000, &(0x7f0000000000)='./bus\x00', &(0x7f0000000080)='overlay\x00', 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='lowerdir=./bus,workdir=./file1,upperdir=./file0'])
chdir(&(0x7f00000002c0)='./bus\x00')
open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0)
r0 = open(&(0x7f0000000040)='./file0\x00', 0x0, 0x0)
read$rfkill(r0, 0x0, 0x0)

[  664.704555][   T27] audit: type=1804 audit(1597266171.697:402): pid=17713 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/351/bus" dev="sda1" ino=16042 res=1 errno=0
[  664.814147][  T354] Bluetooth: hci6: Frame reassembly failed (-84)
21:02:51 executing program 2:
creat(&(0x7f0000000400)='./bus\x00', 0x0)
r0 = open(&(0x7f0000000200)='./bus\x00', 0x10103e, 0x0)
mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x7ffffe, 0x4002011, r0, 0x0)
ftruncate(r0, 0xcf01)
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r2 = dup(r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
mincore(&(0x7f0000000000/0x400000)=nil, 0x400000, &(0x7f0000000080)=""/164)

21:02:52 executing program 3:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x1df}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000001080)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)={0x44, 0x2, 0x6, 0x101, 0x0, 0x0, {}, [@IPSET_ATTR_TYPENAME={0xc, 0x3, 'hash:ip\x00'}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}]}, 0x44}}, 0x0)
ioctl$TIOCEXCL(0xffffffffffffffff, 0x540c)

[  665.024899][   T27] audit: type=1804 audit(1597266172.017:403): pid=17739 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.4" name="/root/syzkaller-testdir524528604/syzkaller.wgtRSl/288/bus/file0" dev="sda1" ino=16043 res=1 errno=0
[  665.063921][T17726] overlayfs: failed to resolve './bus': -2
[  666.831127][   T17] Bluetooth: hci6: command 0xfc11 tx timeout
[  666.836610][ T1546] Bluetooth: hci6: Entering manufacturer mode failed (-110)
21:02:54 executing program 1:
socketpair$unix(0x1, 0x1, 0x0, 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x9)
dup2(0xffffffffffffffff, r0)
syz_usb_connect(0x0, 0x0, 0x0, 0x0)

21:02:54 executing program 4:
r0 = syz_usb_connect(0x0, 0x2d, &(0x7f00000000c0)=ANY=[@ANYBLOB="1201fe0009003c2000240042ef420000000109021b00017600200009040000010209bd00070581070001"], 0x0)
syz_open_dev$char_usb(0xc, 0xb4, 0x0)
syz_usb_disconnect(r0)

21:02:54 executing program 2:
creat(&(0x7f0000000400)='./bus\x00', 0x0)
r0 = open(&(0x7f0000000200)='./bus\x00', 0x10103e, 0x0)
mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x7ffffe, 0x4002011, r0, 0x0)
ftruncate(r0, 0xcf01)
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r2 = dup(r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
mincore(&(0x7f0000000000/0x400000)=nil, 0x400000, &(0x7f0000000080)=""/164)

21:02:54 executing program 3:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x1df}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000001080)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)={0x44, 0x2, 0x6, 0x101, 0x0, 0x0, {}, [@IPSET_ATTR_TYPENAME={0xc, 0x3, 'hash:ip\x00'}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}]}, 0x44}}, 0x0)
ioctl$TIOCEXCL(0xffffffffffffffff, 0x540c)

21:02:54 executing program 5:

21:02:54 executing program 0:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0)
r1 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r2, 0x2007fff)
sendfile(r0, r0, 0x0, 0x0)
r3 = socket(0x2, 0x803, 0xff)
getsockopt$EBT_SO_GET_INIT_ENTRIES(0xffffffffffffffff, 0x0, 0x83, 0x0, 0x0)
connect$inet(r3, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r4 = dup(r3)
r5 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x8000fffffffe)

21:02:54 executing program 5:

21:02:54 executing program 3:

[  667.453189][   T27] audit: type=1804 audit(1597266174.447:404): pid=17771 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/352/bus" dev="sda1" ino=16074 res=1 errno=0
21:02:54 executing program 5:

21:02:54 executing program 2:
creat(&(0x7f0000000400)='./bus\x00', 0x0)
r0 = open(&(0x7f0000000200)='./bus\x00', 0x10103e, 0x0)
mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x7ffffe, 0x4002011, r0, 0x0)
ftruncate(r0, 0xcf01)
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r2 = dup(r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
mincore(&(0x7f0000000000/0x400000)=nil, 0x400000, &(0x7f0000000080)=""/164)

21:02:54 executing program 3:

[  667.661070][   T17] usb 5-1: new high-speed USB device number 54 using dummy_hcd
21:02:54 executing program 2:
creat(&(0x7f0000000400)='./bus\x00', 0x0)
r0 = open(&(0x7f0000000200)='./bus\x00', 0x10103e, 0x0)
mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x7ffffe, 0x4002011, r0, 0x0)
ftruncate(r0, 0xcf01)
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
dup(r1)
mincore(&(0x7f0000000000/0x400000)=nil, 0x400000, &(0x7f0000000080)=""/164)

[  667.910969][   T17] usb 5-1: Using ep0 maxpacket: 32
[  668.031008][   T17] usb 5-1: config 118 has an invalid descriptor of length 0, skipping remainder of the config
[  668.047584][   T17] usb 5-1: config 118 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  668.074308][   T17] usb 5-1: New USB device found, idVendor=2400, idProduct=4200, bcdDevice=42.ef
[  668.097790][   T17] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  668.152094][   T17] hub 5-1:118.0: bad descriptor, ignoring hub
[  668.163665][   T17] hub: probe of 5-1:118.0 failed with error -5
[  668.188034][   T17] cdc_wdm 5-1:118.0: cdc-wdm0: USB WDM device
[  668.473090][   T23] usb 5-1: USB disconnect, device number 54
[  669.330703][T10323] usb 5-1: new high-speed USB device number 55 using dummy_hcd
[  669.550741][   T23] Bluetooth: hci6: command 0xfc11 tx timeout
[  669.550835][ T1546] Bluetooth: hci6: Entering manufacturer mode failed (-110)
[  669.572794][T10323] usb 5-1: Using ep0 maxpacket: 32
[  669.691011][T10323] usb 5-1: config 118 has an invalid descriptor of length 0, skipping remainder of the config
[  669.701452][T10323] usb 5-1: config 118 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  669.713221][T10323] usb 5-1: New USB device found, idVendor=2400, idProduct=4200, bcdDevice=42.ef
[  669.722407][T10323] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  669.771872][T10323] hub 5-1:118.0: bad descriptor, ignoring hub
[  669.778050][T10323] hub: probe of 5-1:118.0 failed with error -5
[  669.785842][T10323] cdc_wdm 5-1:118.0: cdc-wdm0: USB WDM device
21:02:57 executing program 1:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r1, 0x400455c8, 0x9)
dup2(r0, r1)
syz_usb_connect(0x0, 0x0, 0x0, 0x0)

[  670.090916][   T23] usb 5-1: USB disconnect, device number 55
21:02:57 executing program 4:
r0 = syz_usb_connect(0x0, 0x2d, &(0x7f00000000c0)=ANY=[@ANYBLOB="1201fe0009003c2000240042ef420000000109021b00017600200009040000010209bd00070581070001"], 0x0)
syz_open_dev$char_usb(0xc, 0xb4, 0x0)
syz_usb_disconnect(r0)

21:02:57 executing program 5:
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
writev(r0, &(0x7f0000000080)=[{&(0x7f0000000540)="99d7a5d577d18b5a9a03c091cc2a33fb5fc4b2f5974f7a71f0654d3b7515d20c9467c70aa01c2558e3f9ba224a49e19279532e04e2d30f26e64439116ee9a1faf8f41018ec13365b5f22643441", 0x4d}], 0x1)

21:02:57 executing program 3:
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff})
io_setup(0x21, &(0x7f00000004c0)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000000e00)=[&(0x7f0000000800)={0x0, 0x0, 0x0, 0x5, 0x0, r0, 0x0}])

21:02:57 executing program 2:
creat(&(0x7f0000000400)='./bus\x00', 0x0)
r0 = open(&(0x7f0000000200)='./bus\x00', 0x10103e, 0x0)
mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x7ffffe, 0x4002011, r0, 0x0)
ftruncate(r0, 0xcf01)
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
dup(r1)
mincore(&(0x7f0000000000/0x400000)=nil, 0x400000, &(0x7f0000000080)=""/164)

21:02:57 executing program 0:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0)
r1 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r2, 0x2007fff)
sendfile(r0, r0, 0x0, 0x0)
r3 = socket(0x2, 0x803, 0xff)
getsockopt$EBT_SO_GET_INIT_ENTRIES(0xffffffffffffffff, 0x0, 0x83, 0x0, 0x0)
connect$inet(r3, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r4 = dup(r3)
r5 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x8000fffffffe)

21:02:57 executing program 5:
perf_event_open(&(0x7f0000000380)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=@framed={{0xffffffb4, 0x5, 0x0, 0x0, 0x0, 0x61, 0x10, 0x3c}, [@ldst={0x6, 0x0, 0x6}]}, &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x366, 0x10, &(0x7f0000000000), 0x1dd}, 0x48)

21:02:57 executing program 3:
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
fallocate(r0, 0x0, 0x0, 0x8020001)
r1 = open(&(0x7f0000000140)='./bus\x00', 0x141042, 0x0)
r2 = creat(&(0x7f00000001c0)='./file0\x00', 0x0)
r3 = open(&(0x7f0000000180)='./file0\x00', 0x141042, 0x0)
write$binfmt_misc(r3, &(0x7f0000000240)=ANY=[], 0x4)
ioctl$EXT4_IOC_MOVE_EXT(r1, 0xc028660f, &(0x7f0000000200)={0x0, r2})
ioctl$FIBMAP(r1, 0x1, &(0x7f0000000080))

[  670.290817][   T27] audit: type=1804 audit(1597266177.277:405): pid=17844 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/353/bus" dev="sda1" ino=16059 res=1 errno=0
21:02:57 executing program 2:
creat(&(0x7f0000000400)='./bus\x00', 0x0)
r0 = open(&(0x7f0000000200)='./bus\x00', 0x10103e, 0x0)
mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x7ffffe, 0x4002011, r0, 0x0)
ftruncate(r0, 0xcf01)
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
dup(r1)
mincore(&(0x7f0000000000/0x400000)=nil, 0x400000, &(0x7f0000000080)=""/164)

21:02:57 executing program 5:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup2(r0, r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=@newlink={0x30, 0x10, 0x801, 0x0, 0x0, {}, [@IFLA_MASTER={0x8, 0x11}, @IFLA_GROUP={0x8}]}, 0x30}}, 0x0)

21:02:57 executing program 2:
creat(&(0x7f0000000400)='./bus\x00', 0x0)
r0 = open(&(0x7f0000000200)='./bus\x00', 0x10103e, 0x0)
mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x7ffffe, 0x4002011, r0, 0x0)
ftruncate(r0, 0xcf01)
socket$inet_icmp_raw(0x2, 0x3, 0x1)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
mincore(&(0x7f0000000000/0x400000)=nil, 0x400000, &(0x7f0000000080)=""/164)

[  670.569761][T17860] netlink: 'syz-executor.5': attribute type 17 has an invalid length.
[  670.590811][ T8236] usb 5-1: new high-speed USB device number 56 using dummy_hcd
21:02:57 executing program 1:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r1, 0x400455c8, 0x9)
dup2(r0, r1)
syz_usb_connect(0x0, 0x0, 0x0, 0x0)

[  670.657777][T17860] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
21:02:57 executing program 2:
creat(&(0x7f0000000400)='./bus\x00', 0x0)
r0 = open(&(0x7f0000000200)='./bus\x00', 0x10103e, 0x0)
mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x7ffffe, 0x4002011, r0, 0x0)
ftruncate(r0, 0xcf01)
socket$inet_icmp_raw(0x2, 0x3, 0x1)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
mincore(&(0x7f0000000000/0x400000)=nil, 0x400000, &(0x7f0000000080)=""/164)

[  670.707122][T17860] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  670.743441][T17860] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  670.853654][ T8236] usb 5-1: Using ep0 maxpacket: 32
[  670.878595][T17868] netlink: 'syz-executor.5': attribute type 17 has an invalid length.
[  670.929987][T17868] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  670.971317][ T8236] usb 5-1: config 118 has an invalid descriptor of length 0, skipping remainder of the config
[  670.988920][T17868] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  671.003752][ T8236] usb 5-1: config 118 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  671.033602][T17868] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  671.053945][ T8236] usb 5-1: New USB device found, idVendor=2400, idProduct=4200, bcdDevice=42.ef
[  671.074729][ T8236] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  671.132003][ T8236] hub 5-1:118.0: bad descriptor, ignoring hub
[  671.138182][ T8236] hub: probe of 5-1:118.0 failed with error -5
[  671.186869][ T8236] cdc_wdm 5-1:118.0: cdc-wdm0: USB WDM device
[  671.491760][ T8236] usb 5-1: USB disconnect, device number 56
21:02:59 executing program 4:
pipe(&(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$inet_udp(0x2, 0x2, 0x0)
fcntl$setpipe(r1, 0x407, 0x0)
socket$packet(0x11, 0xa, 0x300)
write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0x4240a2a0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bind$inet(r2, &(0x7f0000000080)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x34}}, 0x10)
connect$inet(r2, &(0x7f0000000040)={0x2, 0x0, @multicast1}, 0x10)
splice(r0, 0x0, r2, 0x0, 0x30005, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000))
fstat(0xffffffffffffffff, 0x0)

21:02:59 executing program 2:
creat(&(0x7f0000000400)='./bus\x00', 0x0)
r0 = open(&(0x7f0000000200)='./bus\x00', 0x10103e, 0x0)
mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x7ffffe, 0x4002011, r0, 0x0)
ftruncate(r0, 0xcf01)
socket$inet_icmp_raw(0x2, 0x3, 0x1)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
mincore(&(0x7f0000000000/0x400000)=nil, 0x400000, &(0x7f0000000080)=""/164)

21:02:59 executing program 5:
mkdir(&(0x7f0000000240)='./file1\x00', 0x0)
mkdir(&(0x7f00000000c0)='./bus\x00', 0x0)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000140)='./file1/file0\x00', 0x0)
mount$overlay(0x400002, &(0x7f0000000200)='./bus\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f0000000480)=ANY=[@ANYBLOB='upperdir=./file1,lowerdir=./bus,workdir=./file0,nfs_export=on'])
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000180), 0x0)
setuid(0x0)
mount$fuse(0x0, &(0x7f0000000180)='./bus/file0\x00', 0x0, 0x0, 0x0)
rmdir(&(0x7f00000001c0)='./file1/file0\x00')
rmdir(&(0x7f0000000080)='./bus/file0\x00')

21:02:59 executing program 1:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r1, 0x400455c8, 0x9)
dup2(r0, r1)
syz_usb_connect(0x0, 0x0, 0x0, 0x0)

21:02:59 executing program 0:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0)
r1 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r2, 0x2007fff)
sendfile(r0, r0, 0x0, 0x0)
r3 = socket(0x2, 0x803, 0xff)
getsockopt$EBT_SO_GET_INIT_ENTRIES(0xffffffffffffffff, 0x0, 0x83, 0x0, 0x0)
connect$inet(r3, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
r4 = dup(r3)
r5 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x8000fffffffe)

[  672.225282][   T27] audit: type=1804 audit(1597266179.217:406): pid=17894 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir565566080/syzkaller.lxNKJz/354/bus" dev="sda1" ino=16119 res=1 errno=0
[  672.321380][T17891] ==================================================================
[  672.329741][T17891] BUG: KASAN: use-after-free in path_init+0x116b/0x13c0
[  672.336681][T17891] Read of size 8 at addr ffff888091d9ea40 by task syz-executor.5/17891
[  672.344909][T17891] 
[  672.347254][T17891] CPU: 0 PID: 17891 Comm: syz-executor.5 Not tainted 5.8.0-syzkaller #0
[  672.355577][T17891] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  672.365631][T17891] Call Trace:
[  672.369056][T17891]  dump_stack+0x18f/0x20d
[  672.373398][T17891]  ? path_init+0x116b/0x13c0
[  672.377997][T17891]  ? path_init+0x116b/0x13c0
[  672.382601][T17891]  print_address_description.constprop.0.cold+0xae/0x497
[  672.389641][T17891]  ? vprintk_func+0x97/0x1a6
[  672.394243][T17891]  ? path_init+0x116b/0x13c0
[  672.398837][T17891]  ? path_init+0x116b/0x13c0
[  672.403438][T17891]  kasan_report.cold+0x1f/0x37
[  672.408216][T17891]  ? path_init+0x116b/0x13c0
[  672.412817][T17891]  path_init+0x116b/0x13c0
[  672.417242][T17891]  ? __kasan_slab_free+0xd8/0x120
[  672.422275][T17891]  ? kmem_cache_free.part.0+0x67/0x1f0
[  672.427741][T17891]  ? putname+0xe1/0x120
[  672.431905][T17891]  ? do_rmdir+0x145/0x440
[  672.436270][T17891]  ? do_syscall_64+0x2d/0x70
[  672.440917][T17891]  ? entry_SYSCALL_64_after_hwframe+0x44/0xa9
[  672.447007][T17891]  path_parentat+0x22/0x1b0
[  672.451518][T17891]  filename_parentat+0x188/0x560
[  672.456467][T17891]  ? getname+0xd0/0xd0
[  672.460551][T17891]  ? lockdep_hardirqs_off+0x89/0xc0
[  672.465759][T17891]  ? _raw_spin_unlock_irqrestore+0x9b/0xe0
[  672.471571][T17891]  ? lockdep_hardirqs_off+0x89/0xc0
[  672.476794][T17891]  ? check_preemption_disabled+0x50/0x130
[  672.482524][T17891]  ? putname+0xe1/0x120
[  672.486686][T17891]  ? rcu_read_lock_sched_held+0x3a/0xb0
[  672.492231][T17891]  ? putname+0xe1/0x120
[  672.496392][T17891]  ? kmem_cache_free.part.0+0x1c4/0x1f0
[  672.501942][T17891]  do_rmdir+0xa8/0x440
[  672.506015][T17891]  ? __ia32_sys_mkdir+0x80/0x80
[  672.510877][T17891]  ? strncpy_from_user+0x2bf/0x3e0
[  672.515998][T17891]  ? trace_hardirqs_on+0x5f/0x220
[  672.521031][T17891]  do_syscall_64+0x2d/0x70
[  672.525459][T17891]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[  672.531352][T17891] RIP: 0033:0x45d189
[  672.535251][T17891] Code: 5d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 2b b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  672.554856][T17891] RSP: 002b:00007fe95aa54c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000054
[  672.563271][T17891] RAX: ffffffffffffffda RBX: 00000000000260c0 RCX: 000000000045d189
[  672.571246][T17891] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020000080
[  672.579223][T17891] RBP: 000000000118cf70 R08: 0000000000000000 R09: 0000000000000000
[  672.587211][T17891] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000118cf4c
[  672.595187][T17891] R13: 00007ffef0c8a4cf R14: 00007fe95aa559c0 R15: 000000000118cf4c
[  672.603167][T17891] 
[  672.605491][T17891] Allocated by task 17891:
[  672.609915][T17891]  kasan_save_stack+0x1b/0x40
[  672.614598][T17891]  __kasan_kmalloc.constprop.0+0xbf/0xd0
[  672.620234][T17891]  kmem_cache_alloc+0x138/0x3a0
[  672.625089][T17891]  getname_flags.part.0+0x50/0x4f0
[  672.630200][T17891]  __x64_sys_rmdir+0xb1/0x100
[  672.634879][T17891]  do_syscall_64+0x2d/0x70
[  672.639300][T17891]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[  672.645177][T17891] 
[  672.647501][T17891] Freed by task 17891:
[  672.651571][T17891]  kasan_save_stack+0x1b/0x40
[  672.656246][T17891]  kasan_set_track+0x1c/0x30
[  672.660837][T17891]  kasan_set_free_info+0x1b/0x30
[  672.665774][T17891]  __kasan_slab_free+0xd8/0x120
[  672.670623][T17891]  kmem_cache_free.part.0+0x67/0x1f0
[  672.675909][T17891]  putname+0xe1/0x120
[  672.679887][T17891]  do_rmdir+0x145/0x440
[  672.684046][T17891]  do_syscall_64+0x2d/0x70
[  672.688463][T17891]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[  672.694345][T17891] 
[  672.696677][T17891] The buggy address belongs to the object at ffff888091d9ea40
[  672.696677][T17891]  which belongs to the cache names_cache of size 4096
[  672.710815][T17891] The buggy address is located 0 bytes inside of
[  672.710815][T17891]  4096-byte region [ffff888091d9ea40, ffff888091d9fa40)
[  672.723991][T17891] The buggy address belongs to the page:
[  672.729632][T17891] page:000000003e652ae7 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x91d9e
[  672.739775][T17891] head:000000003e652ae7 order:1 compound_mapcount:0
[  672.746359][T17891] flags: 0xfffe0000010200(slab|head)
[  672.751648][T17891] raw: 00fffe0000010200 ffffea000243c108 ffffea00024a2f88 ffff88821bc47a00
[  672.760233][T17891] raw: 0000000000000000 ffff888091d9ea40 0000000100000001 0000000000000000
21:02:59 executing program 1:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r1, 0x400455c8, 0x9)
dup2(r0, r1)
syz_usb_connect(0x0, 0x0, 0x0, 0x0)

[  672.768839][T17891] page dumped because: kasan: bad access detected
[  672.775242][T17891] 
[  672.777563][T17891] Memory state around the buggy address:
[  672.783192][T17891]  ffff888091d9e900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  672.791254][T17891]  ffff888091d9e980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  672.799413][T17891] >ffff888091d9ea00: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb
[  672.807467][T17891]                                            ^
[  672.813619][T17891]  ffff888091d9ea80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  672.821678][T17891]  ffff888091d9eb00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  672.829730][T17891] ==================================================================
[  672.837785][T17891] Disabling lock debugging due to kernel taint
[  672.911681][T17891] Kernel panic - not syncing: panic_on_warn set ...
[  672.918299][T17891] CPU: 0 PID: 17891 Comm: syz-executor.5 Tainted: G    B             5.8.0-syzkaller #0
[  672.928006][T17891] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  672.938052][T17891] Call Trace:
[  672.941341][T17891]  dump_stack+0x18f/0x20d
[  672.945687][T17891]  ? path_init+0x1160/0x13c0
[  672.950274][T17891]  panic+0x2e3/0x75c
[  672.954168][T17891]  ? __warn_printk+0xf3/0xf3
[  672.958753][T17891]  ? preempt_schedule_common+0x59/0xc0
[  672.964206][T17891]  ? path_init+0x116b/0x13c0
[  672.968792][T17891]  ? preempt_schedule_thunk+0x16/0x18
[  672.974160][T17891]  ? trace_hardirqs_on+0x55/0x220
[  672.979181][T17891]  ? path_init+0x116b/0x13c0
[  672.983765][T17891]  ? path_init+0x116b/0x13c0
[  672.988345][T17891]  end_report+0x4d/0x53
[  672.992497][T17891]  kasan_report.cold+0xd/0x37
[  672.997168][T17891]  ? path_init+0x116b/0x13c0
[  673.001754][T17891]  path_init+0x116b/0x13c0
[  673.006177][T17891]  ? __kasan_slab_free+0xd8/0x120
[  673.011196][T17891]  ? kmem_cache_free.part.0+0x67/0x1f0
[  673.016648][T17891]  ? putname+0xe1/0x120
[  673.020799][T17891]  ? do_rmdir+0x145/0x440
[  673.025126][T17891]  ? do_syscall_64+0x2d/0x70
[  673.029714][T17891]  ? entry_SYSCALL_64_after_hwframe+0x44/0xa9
[  673.035782][T17891]  path_parentat+0x22/0x1b0
[  673.040282][T17891]  filename_parentat+0x188/0x560
[  673.045216][T17891]  ? getname+0xd0/0xd0
[  673.049283][T17891]  ? lockdep_hardirqs_off+0x89/0xc0
[  673.054483][T17891]  ? _raw_spin_unlock_irqrestore+0x9b/0xe0
[  673.060287][T17891]  ? lockdep_hardirqs_off+0x89/0xc0
[  673.065479][T17891]  ? check_preemption_disabled+0x50/0x130
[  673.071197][T17891]  ? putname+0xe1/0x120
[  673.075355][T17891]  ? rcu_read_lock_sched_held+0x3a/0xb0
[  673.080899][T17891]  ? putname+0xe1/0x120
[  673.085048][T17891]  ? kmem_cache_free.part.0+0x1c4/0x1f0
[  673.090589][T17891]  do_rmdir+0xa8/0x440
[  673.094658][T17891]  ? __ia32_sys_mkdir+0x80/0x80
[  673.099510][T17891]  ? strncpy_from_user+0x2bf/0x3e0
[  673.104620][T17891]  ? trace_hardirqs_on+0x5f/0x220
[  673.109644][T17891]  do_syscall_64+0x2d/0x70
[  673.114062][T17891]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[  673.119949][T17891] RIP: 0033:0x45d189
[  673.123841][T17891] Code: 5d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 2b b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  673.143448][T17891] RSP: 002b:00007fe95aa54c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000054
[  673.151868][T17891] RAX: ffffffffffffffda RBX: 00000000000260c0 RCX: 000000000045d189
[  673.159837][T17891] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020000080
[  673.167807][T17891] RBP: 000000000118cf70 R08: 0000000000000000 R09: 0000000000000000
[  673.175781][T17891] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000118cf4c
[  673.183751][T17891] R13: 00007ffef0c8a4cf R14: 00007fe95aa559c0 R15: 000000000118cf4c
[  673.193057][T17891] Kernel Offset: disabled
[  673.197427][T17891] Rebooting in 86400 seconds..