6, @ANYBLOB="00042dbd7000fddbdf251a0000001c00228008000700020000000800010009000000080002000300000005009200010000001c0022800800040021c10000080003007d000000080003000800000008009a00020000004c0022800800040028000000080005000400000008000700010000000800030001000000084fcd971fdcd15cf93b0007000500000008000500b66800000800050001"], 0xa8}}, 0x0)
r0 = socket$unix(0x1, 0x5, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
sendmsg$AUDIT_GET(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000040), 0xc, 0x0}, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x23, &(0x7f0000000240)=[{&(0x7f00000000c0)="800000003804000019000300e61000006c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0x4db, 0x400}], 0x4801, 0x0)

00:31:47 executing program 0:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$inet(0x2, 0x3, 0x4)
setsockopt$inet_msfilter(r1, 0x0, 0x8, &(0x7f0000000080)=ANY=[@ANYBLOB='\b'], 0x1)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000000040)={<r2=>0x0, @local, @local}, &(0x7f0000000000)=0xc)
sendmsg$nl_route_sched(r0, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000180)=@newqdisc={0x30, 0x24, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8, 0x8, 'tbf\x00'}, {0x4}}]}, 0x30}}, 0x0)

[ 2505.308999] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[ 2505.318496] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[ 2505.336867] EXT4-fs (loop4): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[ 2505.358520] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
00:31:47 executing program 1:
r0 = getpid()
prctl$PR_SET_PTRACER(0x59616d61, r0)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r1 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
r2 = socket$inet(0x2, 0x4000000000000001, 0x0)
r3 = dup2(r2, r2)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)="45e9aed12f060000001e94193c25d86800278dcff47d01e0234353cb271c787c8529d6e2e29840cb4895e22e494e8a87ce96ad5719a0541c2e6422467f2a97f459398655c81fd81b007008f9241e78f593f77a414d8e34b68074e089ddb0f67cf4c857370bc2c8e0459e83331b02000000abe01eca003d635ce2f0462c9a7977aee274424348eb84d8c9f10b154a5c234b3a04010c209a", 0x97}], 0x4, 0x0)
ptrace$setopts(0x4206, r1, 0x0, 0x0)
tkill(r1, 0x26)
ptrace$cont(0x18, r1, 0x0, 0x0)
ptrace$setregs(0xffffffffffffffff, r1, 0x0, &(0x7f0000000080))
ptrace$cont(0x20, r1, 0x0, 0x0)

00:31:47 executing program 3:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x0, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)="0f34", 0x2}], 0x1, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f00000001c0)=""/1, 0x1}], 0x3, 0x0, 0x0, 0x0)
tkill(r0, 0x15)
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0xe4, &(0x7f0000000480)="f71559c80aa4cefd3b79e76a039acbd61caef13fff703cc78e402a21c67dbe3ec9ee6c2a3b818b0000000009eb2b5c9a61000039dfad3ec35ca3dfaa6d0e35475ace78a33eb2b7fcfdd45d247a877bbcdd0307b91e8e05257ee498343d11310dda51e11dc0d92d614498a96fd09b90c0b306ef4fcd32316c48f327739494cfd766e8741d9783e4dc2a1cccb48f7d11a12e7714d3b2ab3f7e145069c031dff4e03cebb733218d3f00c1505b36dae61f9430afbad35132ad1172403fa3de92466d47fa032032453d60b2a1c1080000000000000095c32dd6fb7092e7a73ceffe3f8c450343"}}], 0x1c)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

00:31:47 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000016000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="baa100b000eef36cba21000f20e06635000001000f22e066b9800000c00f326635001000000f30bad104ecc80080d267d9f866b9800000c00f326635000400000f300f20c06635200000000f22c067f3af", 0x51}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r2, 0x4008ae90, &(0x7f0000000540)={0x2, 0x0, [{0x1, 0x0, 0x0, 0x0, 0x0, 0x20}, {}]})
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000001c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800], 0x0, 0x5211})
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f0000000300)={0x0, 0x0, @ioapic={0xd000, 0x0, 0x0, 0x0, 0x0, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x9}]}})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:31:47 executing program 0:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$inet(0x2, 0x3, 0x4)
setsockopt$inet_msfilter(r1, 0x0, 0x8, &(0x7f0000000080)=ANY=[@ANYBLOB='\b'], 0x1)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000000040)={<r2=>0x0, @local, @local}, &(0x7f0000000000)=0xc)
sendmsg$nl_route_sched(r0, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000180)=@newqdisc={0x30, 0x24, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8, 0x8, 'tbf\x00'}, {0x4}}]}, 0x30}}, 0x0)

00:31:47 executing program 4:
sendmsg$NL80211_CMD_SET_REG(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="a8003ef3", @ANYRES16, @ANYBLOB="00042dbd7000fddbdf251a0000001c00228008000700020000000800010009000000080002000300000005009200010000001c0022800800040021c10000080003007d000000080003000800000008009a00020000004c0022800800040028000000080005000400000008000700010000000800030001000000084fcd971fdcd15cf93b0007000500000008000500b66800000800050001"], 0xa8}}, 0x0)
r0 = socket$unix(0x1, 0x5, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
sendmsg$AUDIT_GET(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000040), 0xc, 0x0}, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x23, &(0x7f0000000240)=[{&(0x7f00000000c0)="800000003804000019000300e61400006c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0x4db, 0x400}], 0x4801, 0x0)

00:31:47 executing program 0:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$inet(0x2, 0x3, 0x4)
setsockopt$inet_msfilter(r1, 0x0, 0x8, &(0x7f0000000080)=ANY=[@ANYBLOB='\b'], 0x1)
getsockopt$inet_pktinfo(r1, 0x0, 0x8, 0x0, &(0x7f0000000000))
sendmsg$nl_route_sched(r0, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000180)=@newqdisc={0x30, 0x24, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8, 0x8, 'tbf\x00'}, {0x4}}]}, 0x30}}, 0x0)

[ 2505.731020] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[ 2505.740936] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[ 2505.753423] EXT4-fs (loop4): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[ 2505.776430] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
00:31:47 executing program 4:
sendmsg$NL80211_CMD_SET_REG(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="a8003ef3", @ANYRES16, @ANYBLOB="00042dbd7000fddbdf251a0000001c00228008000700020000000800010009000000080002000300000005009200010000001c0022800800040021c10000080003007d000000080003000800000008009a00020000004c0022800800040028000000080005000400000008000700010000000800030001000000084fcd971fdcd15cf93b0007000500000008000500b66800000800050001"], 0xa8}}, 0x0)
r0 = socket$unix(0x1, 0x5, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
sendmsg$AUDIT_GET(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000040), 0xc, 0x0}, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x23, &(0x7f0000000240)=[{&(0x7f00000000c0)="800000003804000019000300e66400006c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0x4db, 0x400}], 0x4801, 0x0)

00:31:47 executing program 0:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$inet(0x2, 0x3, 0x4)
setsockopt$inet_msfilter(r1, 0x0, 0x8, &(0x7f0000000080)=ANY=[@ANYBLOB='\b'], 0x1)
getsockopt$inet_pktinfo(r1, 0x0, 0x8, 0x0, &(0x7f0000000000))
sendmsg$nl_route_sched(r0, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000180)=@newqdisc={0x30, 0x24, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8, 0x8, 'tbf\x00'}, {0x4}}]}, 0x30}}, 0x0)

00:31:47 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000016000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="baa100b000eef36cba21000f20e06635000001000f22e066b9800000c00f326635001000000f30bad104ecc80080d267d9f866b9800000c00f326635000400000f300f20c06635200000000f22c067f3af", 0x51}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r2, 0x4008ae90, &(0x7f0000000540)={0x2, 0x0, [{0x1, 0x0, 0x0, 0x0, 0x0, 0x20}, {}]})
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000001c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800], 0x0, 0x5211})
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f0000000300)={0x0, 0x0, @ioapic={0xd000, 0x0, 0x0, 0x0, 0x0, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x9}]}})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[ 2505.968718] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[ 2506.000211] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[ 2506.028177] EXT4-fs (loop4): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[ 2506.073400] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
00:31:50 executing program 5:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)="0f34", 0x2}], 0x1, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f00000001c0)=""/1, 0x1}], 0x3, 0x0, 0x0, 0x0)
tkill(r0, 0x15)
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0xe7, &(0x7f0000000480)="f71559c80aa4cefd3b79e76a039acbd61caef13fff703cc78e402a21c67dbe3ec9ee6c2a3b818b0000000009eb2b5c9a61000039dfad3ec35ca3dfaa6d0e35475ace78a33eb2b7fcfdd45d247a877bbcdd0307b91e8e05257ee498343d11310dda51e11dc0d92d614498a96fd09b90c0b306ef4fcd32316c48f327739494cfd766e8741d9783e4dc2a1cccb48f7d11a12e7714d3b2ab3f7e145069c031dff4e03cebb733218d3f00c1505b36dae61f9430afbad35132ad1172403fa3de92466d47fa032032453d60b2a1c1080000000000000095c32dd6fb7092e7a73ceffe3f8c450343d34abd"}}], 0x1c)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x30740000000000, 0x0)

00:31:50 executing program 0:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$inet(0x2, 0x3, 0x4)
setsockopt$inet_msfilter(r1, 0x0, 0x8, &(0x7f0000000080)=ANY=[@ANYBLOB='\b'], 0x1)
getsockopt$inet_pktinfo(r1, 0x0, 0x8, 0x0, &(0x7f0000000000))
sendmsg$nl_route_sched(r0, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000180)=@newqdisc={0x30, 0x24, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8, 0x8, 'tbf\x00'}, {0x4}}]}, 0x30}}, 0x0)

00:31:50 executing program 4:
sendmsg$NL80211_CMD_SET_REG(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="a8003ef3", @ANYRES16, @ANYBLOB="00042dbd7000fddbdf251a0000001c00228008000700020000000800010009000000080002000300000005009200010000001c0022800800040021c10000080003007d000000080003000800000008009a00020000004c0022800800040028000000080005000400000008000700010000000800030001000000084fcd971fdcd15cf93b0007000500000008000500b66800000800050001"], 0xa8}}, 0x0)
r0 = socket$unix(0x1, 0x5, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
sendmsg$AUDIT_GET(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000040), 0xc, 0x0}, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x23, &(0x7f0000000240)=[{&(0x7f00000000c0)="800000003804000019000300e66500006c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0x4db, 0x400}], 0x4801, 0x0)

[ 2508.313846] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[ 2508.334700] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[ 2508.364892] EXT4-fs (loop4): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[ 2508.390822] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
00:31:50 executing program 2:

00:31:50 executing program 3:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f00000001c0)=""/1, 0x1}], 0x3, 0x0, 0x0, 0x0)
tkill(r0, 0x15)
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0xe4, &(0x7f0000000480)="f71559c80aa4cefd3b79e76a039acbd61caef13fff703cc78e402a21c67dbe3ec9ee6c2a3b818b0000000009eb2b5c9a61000039dfad3ec35ca3dfaa6d0e35475ace78a33eb2b7fcfdd45d247a877bbcdd0307b91e8e05257ee498343d11310dda51e11dc0d92d614498a96fd09b90c0b306ef4fcd32316c48f327739494cfd766e8741d9783e4dc2a1cccb48f7d11a12e7714d3b2ab3f7e145069c031dff4e03cebb733218d3f00c1505b36dae61f9430afbad35132ad1172403fa3de92466d47fa032032453d60b2a1c1080000000000000095c32dd6fb7092e7a73ceffe3f8c450343"}}], 0x1c)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

00:31:50 executing program 0:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$inet(0x2, 0x3, 0x4)
setsockopt$inet_msfilter(r1, 0x0, 0x8, &(0x7f0000000080)=ANY=[@ANYBLOB='\b'], 0x1)
getsockopt$inet_pktinfo(r1, 0x0, 0x8, &(0x7f0000000040)={<r2=>0x0, @local, @local}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000180)=@newqdisc={0x30, 0x24, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8, 0x8, 'tbf\x00'}, {0x4}}]}, 0x30}}, 0x0)

00:31:50 executing program 4:
sendmsg$NL80211_CMD_SET_REG(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="a8003ef3", @ANYRES16, @ANYBLOB="00042dbd7000fddbdf251a0000001c00228008000700020000000800010009000000080002000300000005009200010000001c0022800800040021c10000080003007d000000080003000800000008009a00020000004c0022800800040028000000080005000400000008000700010000000800030001000000084fcd971fdcd15cf93b0007000500000008000500b66800000800050001"], 0xa8}}, 0x0)
r0 = socket$unix(0x1, 0x5, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
sendmsg$AUDIT_GET(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000040), 0xc, 0x0}, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x23, &(0x7f0000000240)=[{&(0x7f00000000c0)="800000003804000019000300e68903006c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0x4db, 0x400}], 0x4801, 0x0)

00:31:50 executing program 1:
r0 = getpid()
prctl$PR_SET_PTRACER(0x59616d61, r0)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r1 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
r2 = socket$inet(0x2, 0x4000000000000001, 0x0)
r3 = dup2(r2, r2)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)="45e9aed12f060000001e94193c25d86800278dcff47d01e0234353cb271c787c8529d6e2e29840cb4895e22e494e8a87ce96ad5719a0541c2e6422467f2a97f459398655c81fd81b007008f9241e78f593f77a414d8e34b68074e089ddb0f67cf4c857370bc2c8e0459e83331b02000000abe01eca003d635ce2f0462c9a7977aee274424348eb84d8c9f10b154a5c234b3a04010c209a", 0x97}], 0x4, 0x0)
ptrace$setopts(0x4206, r1, 0x0, 0x0)
tkill(r1, 0x26)
ptrace$cont(0x18, r1, 0x0, 0x0)
ptrace$setregs(0xd, 0x0, 0x0, &(0x7f0000000080))
ptrace$cont(0x20, r1, 0x0, 0x0)

00:31:50 executing program 2:

00:31:50 executing program 2:

[ 2508.762977] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[ 2508.777975] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[ 2508.792965] EXT4-fs (loop4): ext4_check_descriptors: Inode table for group 0 overlaps superblock
00:31:50 executing program 0:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$inet(0x2, 0x3, 0x4)
setsockopt$inet_msfilter(r1, 0x0, 0x8, &(0x7f0000000080)=ANY=[@ANYBLOB='\b'], 0x1)
getsockopt$inet_pktinfo(r1, 0x0, 0x8, &(0x7f0000000040)={<r2=>0x0, @local, @local}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000180)=@newqdisc={0x30, 0x24, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8, 0x8, 'tbf\x00'}, {0x4}}]}, 0x30}}, 0x0)

[ 2508.819966] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
00:31:50 executing program 4:
sendmsg$NL80211_CMD_SET_REG(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="a8003ef3", @ANYRES16, @ANYBLOB="00042dbd7000fddbdf251a0000001c00228008000700020000000800010009000000080002000300000005009200010000001c0022800800040021c10000080003007d000000080003000800000008009a00020000004c0022800800040028000000080005000400000008000700010000000800030001000000084fcd971fdcd15cf93b0007000500000008000500b66800000800050001"], 0xa8}}, 0x0)
r0 = socket$unix(0x1, 0x5, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
sendmsg$AUDIT_GET(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000040), 0xc, 0x0}, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x23, &(0x7f0000000240)=[{&(0x7f00000000c0)="800000003804000019000300e68a03006c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0x4db, 0x400}], 0x4801, 0x0)

[ 2509.016706] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[ 2509.032235] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[ 2509.042232] EXT4-fs (loop4): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[ 2509.053593] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
00:31:53 executing program 5:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)="0f34", 0x2}], 0x1, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f00000001c0)=""/1, 0x1}], 0x3, 0x0, 0x0, 0x0)
tkill(r0, 0x15)
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0xe7, &(0x7f0000000480)="f71559c80aa4cefd3b79e76a039acbd61caef13fff703cc78e402a21c67dbe3ec9ee6c2a3b818b0000000009eb2b5c9a61000039dfad3ec35ca3dfaa6d0e35475ace78a33eb2b7fcfdd45d247a877bbcdd0307b91e8e05257ee498343d11310dda51e11dc0d92d614498a96fd09b90c0b306ef4fcd32316c48f327739494cfd766e8741d9783e4dc2a1cccb48f7d11a12e7714d3b2ab3f7e145069c031dff4e03cebb733218d3f00c1505b36dae61f9430afbad35132ad1172403fa3de92466d47fa032032453d60b2a1c1080000000000000095c32dd6fb7092e7a73ceffe3f8c450343d34abd"}}], 0x1c)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0xa0730000000000, 0x0)

00:31:53 executing program 2:

00:31:53 executing program 0:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$inet(0x2, 0x3, 0x4)
setsockopt$inet_msfilter(r1, 0x0, 0x8, &(0x7f0000000080)=ANY=[@ANYBLOB='\b'], 0x1)
getsockopt$inet_pktinfo(r1, 0x0, 0x8, &(0x7f0000000040)={<r2=>0x0, @local, @local}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000180)=@newqdisc={0x30, 0x24, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8, 0x8, 'tbf\x00'}, {0x4}}]}, 0x30}}, 0x0)

00:31:53 executing program 4:
sendmsg$NL80211_CMD_SET_REG(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="a8003ef3", @ANYRES16, @ANYBLOB="00042dbd7000fddbdf251a0000001c00228008000700020000000800010009000000080002000300000005009200010000001c0022800800040021c10000080003007d000000080003000800000008009a00020000004c0022800800040028000000080005000400000008000700010000000800030001000000084fcd971fdcd15cf93b0007000500000008000500b66800000800050001"], 0xa8}}, 0x0)
r0 = socket$unix(0x1, 0x5, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
sendmsg$AUDIT_GET(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000040), 0xc, 0x0}, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x23, &(0x7f0000000240)=[{&(0x7f00000000c0)="800000003804000019000300e6fd03006c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0x4db, 0x400}], 0x4801, 0x0)

[ 2511.381285] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[ 2511.390733] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[ 2511.402313] EXT4-fs (loop4): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[ 2511.434438] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
00:31:53 executing program 3:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f00000001c0)=""/1, 0x1}], 0x3, 0x0, 0x0, 0x0)
tkill(r0, 0x15)
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0xe4, &(0x7f0000000480)="f71559c80aa4cefd3b79e76a039acbd61caef13fff703cc78e402a21c67dbe3ec9ee6c2a3b818b0000000009eb2b5c9a61000039dfad3ec35ca3dfaa6d0e35475ace78a33eb2b7fcfdd45d247a877bbcdd0307b91e8e05257ee498343d11310dda51e11dc0d92d614498a96fd09b90c0b306ef4fcd32316c48f327739494cfd766e8741d9783e4dc2a1cccb48f7d11a12e7714d3b2ab3f7e145069c031dff4e03cebb733218d3f00c1505b36dae61f9430afbad35132ad1172403fa3de92466d47fa032032453d60b2a1c1080000000000000095c32dd6fb7092e7a73ceffe3f8c450343"}}], 0x1c)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

00:31:53 executing program 0:
socket(0x10, 0x3, 0x0)
r0 = socket$inet(0x2, 0x3, 0x4)
setsockopt$inet_msfilter(r0, 0x0, 0x8, &(0x7f0000000080)=ANY=[@ANYBLOB='\b'], 0x1)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, &(0x7f0000000040)={<r1=>0x0, @local, @local}, &(0x7f0000000000)=0xc)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000180)=@newqdisc={0x30, 0x24, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8, 0x8, 'tbf\x00'}, {0x4}}]}, 0x30}}, 0x0)

00:31:53 executing program 2:

00:31:53 executing program 4:
sendmsg$NL80211_CMD_SET_REG(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="a8003ef3", @ANYRES16, @ANYBLOB="00042dbd7000fddbdf251a0000001c00228008000700020000000800010009000000080002000300000005009200010000001c0022800800040021c10000080003007d000000080003000800000008009a00020000004c0022800800040028000000080005000400000008000700010000000800030001000000084fcd971fdcd15cf93b0007000500000008000500b66800000800050001"], 0xa8}}, 0x0)
r0 = socket$unix(0x1, 0x5, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
sendmsg$AUDIT_GET(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000040), 0xc, 0x0}, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x23, &(0x7f0000000240)=[{&(0x7f00000000c0)="800000003804000019000300e61a04006c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0x4db, 0x400}], 0x4801, 0x0)

00:31:53 executing program 1:
r0 = getpid()
prctl$PR_SET_PTRACER(0x59616d61, r0)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r1 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
r2 = socket$inet(0x2, 0x4000000000000001, 0x0)
r3 = dup2(r2, r2)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)="45e9aed12f060000001e94193c25d86800278dcff47d01e0234353cb271c787c8529d6e2e29840cb4895e22e494e8a87ce96ad5719a0541c2e6422467f2a97f459398655c81fd81b007008f9241e78f593f77a414d8e34b68074e089ddb0f67cf4c857370bc2c8e0459e83331b02000000abe01eca003d635ce2f0462c9a7977aee274424348eb84d8c9f10b154a5c234b3a04010c209a", 0x97}], 0x4, 0x0)
ptrace$setopts(0x4206, r1, 0x0, 0x0)
tkill(r1, 0x26)
ptrace$cont(0x18, r1, 0x0, 0x0)
ptrace$setregs(0xd, 0x0, 0x0, &(0x7f0000000080))
ptrace$cont(0x20, r1, 0x0, 0x0)

00:31:53 executing program 2:

00:31:53 executing program 0:
socket(0x10, 0x3, 0x0)
r0 = socket$inet(0x2, 0x3, 0x4)
setsockopt$inet_msfilter(r0, 0x0, 0x8, &(0x7f0000000080)=ANY=[@ANYBLOB='\b'], 0x1)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, &(0x7f0000000040)={<r1=>0x0, @local, @local}, &(0x7f0000000000)=0xc)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000180)=@newqdisc={0x30, 0x24, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8, 0x8, 'tbf\x00'}, {0x4}}]}, 0x30}}, 0x0)

[ 2511.864295] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[ 2511.879573] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[ 2511.893467] EXT4-fs (loop4): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[ 2511.914497] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
00:31:53 executing program 2:

00:31:56 executing program 5:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)="0f34", 0x2}], 0x1, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f00000001c0)=""/1, 0x1}], 0x3, 0x0, 0x0, 0x0)
tkill(r0, 0x15)
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0xe7, &(0x7f0000000480)="f71559c80aa4cefd3b79e76a039acbd61caef13fff703cc78e402a21c67dbe3ec9ee6c2a3b818b0000000009eb2b5c9a61000039dfad3ec35ca3dfaa6d0e35475ace78a33eb2b7fcfdd45d247a877bbcdd0307b91e8e05257ee498343d11310dda51e11dc0d92d614498a96fd09b90c0b306ef4fcd32316c48f327739494cfd766e8741d9783e4dc2a1cccb48f7d11a12e7714d3b2ab3f7e145069c031dff4e03cebb733218d3f00c1505b36dae61f9430afbad35132ad1172403fa3de92466d47fa032032453d60b2a1c1080000000000000095c32dd6fb7092e7a73ceffe3f8c450343d34abd"}}], 0x1c)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0xb0530000000000, 0x0)

00:31:56 executing program 4:
sendmsg$NL80211_CMD_SET_REG(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="a8003ef3", @ANYRES16, @ANYBLOB="00042dbd7000fddbdf251a0000001c00228008000700020000000800010009000000080002000300000005009200010000001c0022800800040021c10000080003007d000000080003000800000008009a00020000004c0022800800040028000000080005000400000008000700010000000800030001000000084fcd971fdcd15cf93b0007000500000008000500b66800000800050001"], 0xa8}}, 0x0)
r0 = socket$unix(0x1, 0x5, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
sendmsg$AUDIT_GET(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000040), 0xc, 0x0}, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x23, &(0x7f0000000240)=[{&(0x7f00000000c0)="800000003804000019000300e61b04006c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0x4db, 0x400}], 0x4801, 0x0)

00:31:56 executing program 0:
socket(0x10, 0x3, 0x0)
r0 = socket$inet(0x2, 0x3, 0x4)
setsockopt$inet_msfilter(r0, 0x0, 0x8, &(0x7f0000000080)=ANY=[@ANYBLOB='\b'], 0x1)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, &(0x7f0000000040)={<r1=>0x0, @local, @local}, &(0x7f0000000000)=0xc)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000180)=@newqdisc={0x30, 0x24, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8, 0x8, 'tbf\x00'}, {0x4}}]}, 0x30}}, 0x0)

00:31:56 executing program 2:

[ 2514.418576] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[ 2514.436793] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[ 2514.446281] EXT4-fs (loop4): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[ 2514.478989] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
00:31:56 executing program 3:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f00000001c0)=""/1, 0x1}], 0x3, 0x0, 0x0, 0x0)
tkill(r0, 0x15)
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0xe4, &(0x7f0000000480)="f71559c80aa4cefd3b79e76a039acbd61caef13fff703cc78e402a21c67dbe3ec9ee6c2a3b818b0000000009eb2b5c9a61000039dfad3ec35ca3dfaa6d0e35475ace78a33eb2b7fcfdd45d247a877bbcdd0307b91e8e05257ee498343d11310dda51e11dc0d92d614498a96fd09b90c0b306ef4fcd32316c48f327739494cfd766e8741d9783e4dc2a1cccb48f7d11a12e7714d3b2ab3f7e145069c031dff4e03cebb733218d3f00c1505b36dae61f9430afbad35132ad1172403fa3de92466d47fa032032453d60b2a1c1080000000000000095c32dd6fb7092e7a73ceffe3f8c450343"}}], 0x1c)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

00:31:56 executing program 2:

00:31:56 executing program 0:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$inet(0x2, 0x3, 0x4)
setsockopt$inet_msfilter(r1, 0x0, 0x8, &(0x7f0000000080)=ANY=[@ANYBLOB='\b'], 0x1)
getsockopt$inet_pktinfo(r1, 0x0, 0x8, &(0x7f0000000040)={0x0, @local, @local}, &(0x7f0000000000)=0xc)
sendmsg$nl_route_sched(r0, 0x0, 0x0)

00:31:56 executing program 4:
sendmsg$NL80211_CMD_SET_REG(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="a8003ef3", @ANYRES16, @ANYBLOB="00042dbd7000fddbdf251a0000001c00228008000700020000000800010009000000080002000300000005009200010000001c0022800800040021c10000080003007d000000080003000800000008009a00020000004c0022800800040028000000080005000400000008000700010000000800030001000000084fcd971fdcd15cf93b0007000500000008000500b66800000800050001"], 0xa8}}, 0x0)
r0 = socket$unix(0x1, 0x5, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
sendmsg$AUDIT_GET(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000040), 0xc, 0x0}, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x23, &(0x7f0000000240)=[{&(0x7f00000000c0)="800000003804000019000300e61c04006c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0x4db, 0x400}], 0x4801, 0x0)

00:31:56 executing program 1:
r0 = getpid()
prctl$PR_SET_PTRACER(0x59616d61, r0)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r1 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
r2 = socket$inet(0x2, 0x4000000000000001, 0x0)
r3 = dup2(r2, r2)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)="45e9aed12f060000001e94193c25d86800278dcff47d01e0234353cb271c787c8529d6e2e29840cb4895e22e494e8a87ce96ad5719a0541c2e6422467f2a97f459398655c81fd81b007008f9241e78f593f77a414d8e34b68074e089ddb0f67cf4c857370bc2c8e0459e83331b02000000abe01eca003d635ce2f0462c9a7977aee274424348eb84d8c9f10b154a5c234b3a04010c209a", 0x97}], 0x4, 0x0)
ptrace$setopts(0x4206, r1, 0x0, 0x0)
tkill(r1, 0x26)
ptrace$cont(0x18, r1, 0x0, 0x0)
ptrace$setregs(0xd, 0x0, 0x0, &(0x7f0000000080))
ptrace$cont(0x20, r1, 0x0, 0x0)

00:31:56 executing program 0:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$inet(0x2, 0x3, 0x4)
setsockopt$inet_msfilter(r1, 0x0, 0x8, &(0x7f0000000080)=ANY=[@ANYBLOB='\b'], 0x1)
getsockopt$inet_pktinfo(r1, 0x0, 0x8, &(0x7f0000000040)={0x0, @local, @local}, &(0x7f0000000000)=0xc)
sendmsg$nl_route_sched(r0, 0x0, 0x0)

00:31:56 executing program 2:

[ 2514.884220] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[ 2514.899567] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[ 2514.916949] EXT4-fs (loop4): ext4_check_descriptors: Inode table for group 0 overlaps superblock
00:31:56 executing program 2:

[ 2514.946915] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
00:31:59 executing program 5:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)="0f34", 0x2}], 0x1, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f00000001c0)=""/1, 0x1}], 0x3, 0x0, 0x0, 0x0)
tkill(r0, 0x15)
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0xe7, &(0x7f0000000480)="f71559c80aa4cefd3b79e76a039acbd61caef13fff703cc78e402a21c67dbe3ec9ee6c2a3b818b0000000009eb2b5c9a61000039dfad3ec35ca3dfaa6d0e35475ace78a33eb2b7fcfdd45d247a877bbcdd0307b91e8e05257ee498343d11310dda51e11dc0d92d614498a96fd09b90c0b306ef4fcd32316c48f327739494cfd766e8741d9783e4dc2a1cccb48f7d11a12e7714d3b2ab3f7e145069c031dff4e03cebb733218d3f00c1505b36dae61f9430afbad35132ad1172403fa3de92466d47fa032032453d60b2a1c1080000000000000095c32dd6fb7092e7a73ceffe3f8c450343d34abd"}}], 0x1c)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0xf0ffffff7f0000, 0x0)

00:31:59 executing program 2:

00:31:59 executing program 4:
sendmsg$NL80211_CMD_SET_REG(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="a8003ef3", @ANYRES16, @ANYBLOB="00042dbd7000fddbdf251a0000001c00228008000700020000000800010009000000080002000300000005009200010000001c0022800800040021c10000080003007d000000080003000800000008009a00020000004c0022800800040028000000080005000400000008000700010000000800030001000000084fcd971fdcd15cf93b0007000500000008000500b66800000800050001"], 0xa8}}, 0x0)
r0 = socket$unix(0x1, 0x5, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
sendmsg$AUDIT_GET(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000040), 0xc, 0x0}, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x23, &(0x7f0000000240)=[{&(0x7f00000000c0)="800000003804000019000300e61d04006c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0x4db, 0x400}], 0x4801, 0x0)

00:31:59 executing program 0:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$inet(0x2, 0x3, 0x4)
setsockopt$inet_msfilter(r1, 0x0, 0x8, &(0x7f0000000080)=ANY=[@ANYBLOB='\b'], 0x1)
getsockopt$inet_pktinfo(r1, 0x0, 0x8, &(0x7f0000000040)={0x0, @local, @local}, &(0x7f0000000000)=0xc)
sendmsg$nl_route_sched(r0, 0x0, 0x0)

[ 2517.452704] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[ 2517.462505] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[ 2517.498402] EXT4-fs (loop4): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[ 2517.532456] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
00:31:59 executing program 3:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100), 0x0, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f00000001c0)=""/1, 0x1}], 0x3, 0x0, 0x0, 0x0)
tkill(r0, 0x15)
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0xe4, &(0x7f0000000480)="f71559c80aa4cefd3b79e76a039acbd61caef13fff703cc78e402a21c67dbe3ec9ee6c2a3b818b0000000009eb2b5c9a61000039dfad3ec35ca3dfaa6d0e35475ace78a33eb2b7fcfdd45d247a877bbcdd0307b91e8e05257ee498343d11310dda51e11dc0d92d614498a96fd09b90c0b306ef4fcd32316c48f327739494cfd766e8741d9783e4dc2a1cccb48f7d11a12e7714d3b2ab3f7e145069c031dff4e03cebb733218d3f00c1505b36dae61f9430afbad35132ad1172403fa3de92466d47fa032032453d60b2a1c1080000000000000095c32dd6fb7092e7a73ceffe3f8c450343"}}], 0x1c)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

00:31:59 executing program 0:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$inet(0x2, 0x3, 0x4)
setsockopt$inet_msfilter(r1, 0x0, 0x8, &(0x7f0000000080)=ANY=[@ANYBLOB='\b'], 0x1)
getsockopt$inet_pktinfo(r1, 0x0, 0x8, &(0x7f0000000040)={0x0, @local, @local}, &(0x7f0000000000)=0xc)
sendmsg$nl_route_sched(r0, &(0x7f00000007c0)={0x0, 0x0, 0x0}, 0x0)

00:31:59 executing program 2:
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000001200)=ANY=[@ANYBLOB="740000002400f30700000000ddffffff00000000", @ANYRES32, @ANYBLOB="00000000ffffffffffffffff080001007366710006000500fffff0000010e104deccbbbde735b9a8b2eca00000000000000000000000000033cc3512c9aa8178bdf1001b00000000000000000000de7f46000000000000007f0000000000009900007cf76567e30e03c32824f1583940fb0e363002e94564838f548258a632963f8262d0485c9b90c19b6ca74fb97882f65eb406eaf163fe648fceb6d85c1a8e44476c248656cb5d845549c5ceffcfeaabfca524afef20c0034fbd36262c964c61f3771603fd386dc70a77e574732bd950e808d63007d6c6683e251ac28f6b0000863aa3d9e240168ef067671514ccb381077c2afecae2bb28925f8dd87c3994ef3645d77e7281ab057d2bef3b8444014c8752a4a8a434ac70810633f2eb7d7a89d0f3cf2074bb2e180772593cd728026dfe9b7bc2cbc70a0c42fd1a3f071dde69a5dcd32cb951da688b879615"], 0x74}}, 0x0)
r0 = socket(0x10, 0x80002, 0x0)
sendmmsg$alg(r0, &(0x7f0000000180)=[{0xa, 0x1000000000000, &(0x7f0000000100)=[{&(0x7f0000000040)="e588da94b522c2d1f3139c2948718f407fe7166ac45a790cd2095b44582f3310fb073cb29f9afc1ddb6272a61982d91410b9914e7638a71eab6cd729de3c717034a0069e9ed7d8d5fa1979ad04faed8aeb23cac0ab9a4d2927d53b44ef0f6eb8b357570886780d116f40c92841c5a3d72ac31d7abedde3433aa57b7fefb2a6e25f68b39642e8ed4cba1d481661ba"}, {&(0x7f0000000600)="a175aecfc133f10e0296d588d507cb2369905aafe9156c60719627564d1f5841ed3912a4b4d6372b4d52111e6d26ae638675c823527d292fb9cfb0691358daaeed278a87b98817f0efa445e1e8110e40b7979829311002818ea4bfa43e186dbdf71f761f261789a4e4063b30213fc8674cff946703b49ecc157cd063ec3bf08b8f75365561ef81b12e6d77479cb6fba9e4a0e862fe0729da03403caa9b02aff1a185885195"}], 0xe, &(0x7f0000000100)}], 0x126618d46e7cf97, 0x0)
write$binfmt_misc(0xffffffffffffffff, 0x0, 0xfffffecc)

00:31:59 executing program 4:
sendmsg$NL80211_CMD_SET_REG(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="a8003ef3", @ANYRES16, @ANYBLOB="00042dbd7000fddbdf251a0000001c00228008000700020000000800010009000000080002000300000005009200010000001c0022800800040021c10000080003007d000000080003000800000008009a00020000004c0022800800040028000000080005000400000008000700010000000800030001000000084fcd971fdcd15cf93b0007000500000008000500b66800000800050001"], 0xa8}}, 0x0)
r0 = socket$unix(0x1, 0x5, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
sendmsg$AUDIT_GET(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000040), 0xc, 0x0}, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x23, &(0x7f0000000240)=[{&(0x7f00000000c0)="800000003804000019000300e61e04006c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0x4db, 0x400}], 0x4801, 0x0)

00:31:59 executing program 1:
r0 = getpid()
prctl$PR_SET_PTRACER(0x59616d61, r0)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r1 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
r2 = socket$inet(0x2, 0x4000000000000001, 0x0)
r3 = dup2(r2, r2)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)="45e9aed12f060000001e94193c25d86800278dcff47d01e0234353cb271c787c8529d6e2e29840cb4895e22e494e8a87ce96ad5719a0541c2e6422467f2a97f459398655c81fd81b007008f9241e78f593f77a414d8e34b68074e089ddb0f67cf4c857370bc2c8e0459e83331b02000000abe01eca003d635ce2f0462c9a7977aee274424348eb84d8c9f10b154a5c234b3a04010c209a", 0x97}], 0x4, 0x0)
ptrace$setopts(0x4206, r1, 0x0, 0x0)
tkill(r1, 0x26)
ptrace$cont(0x18, r1, 0x0, 0x0)
ptrace$setregs(0xd, r1, 0x0, 0x0)
ptrace$cont(0x20, r1, 0x0, 0x0)

00:31:59 executing program 0:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$inet(0x2, 0x3, 0x4)
setsockopt$inet_msfilter(r1, 0x0, 0x8, &(0x7f0000000080)=ANY=[@ANYBLOB='\b'], 0x1)
getsockopt$inet_pktinfo(r1, 0x0, 0x8, &(0x7f0000000040)={0x0, @local, @local}, &(0x7f0000000000)=0xc)
sendmsg$nl_route_sched(r0, &(0x7f00000007c0)={0x0, 0x0, 0x0}, 0x0)

[ 2517.898424] netlink: 64 bytes leftover after parsing attributes in process `syz-executor.2'.
[ 2517.937108] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[ 2517.955480] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[ 2517.970405] EXT4-fs (loop4): ext4_check_descriptors: Inode table for group 0 overlaps superblock
00:31:59 executing program 2:
r0 = socket$inet_udp(0x2, 0x2, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = dup(r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_ifreq(r0, 0x8922, &(0x7f0000000040)={'veth1_to_batadv\x00', @ifru_names='vlan0\x00'})

00:31:59 executing program 0:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$inet(0x2, 0x3, 0x4)
setsockopt$inet_msfilter(r1, 0x0, 0x8, &(0x7f0000000080)=ANY=[@ANYBLOB='\b'], 0x1)
getsockopt$inet_pktinfo(r1, 0x0, 0x8, &(0x7f0000000040)={0x0, @local, @local}, &(0x7f0000000000)=0xc)
sendmsg$nl_route_sched(r0, &(0x7f00000007c0)={0x0, 0x0, 0x0}, 0x0)

[ 2517.996157] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[ 2518.072321] veth1_to_batadv: mtu greater than device maximum
[ 2518.089061] veth1_to_batadv: mtu greater than device maximum
00:32:02 executing program 5:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)="0f34", 0x2}], 0x1, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f00000001c0)=""/1, 0x1}], 0x3, 0x0, 0x0, 0x0)
tkill(r0, 0x15)
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0xe7, &(0x7f0000000480)="f71559c80aa4cefd3b79e76a039acbd61caef13fff703cc78e402a21c67dbe3ec9ee6c2a3b818b0000000009eb2b5c9a61000039dfad3ec35ca3dfaa6d0e35475ace78a33eb2b7fcfdd45d247a877bbcdd0307b91e8e05257ee498343d11310dda51e11dc0d92d614498a96fd09b90c0b306ef4fcd32316c48f327739494cfd766e8741d9783e4dc2a1cccb48f7d11a12e7714d3b2ab3f7e145069c031dff4e03cebb733218d3f00c1505b36dae61f9430afbad35132ad1172403fa3de92466d47fa032032453d60b2a1c1080000000000000095c32dd6fb7092e7a73ceffe3f8c450343d34abd"}}], 0x1c)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x100000000000000, 0x0)

00:32:02 executing program 4:
sendmsg$NL80211_CMD_SET_REG(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="a8003ef3", @ANYRES16, @ANYBLOB="00042dbd7000fddbdf251a0000001c00228008000700020000000800010009000000080002000300000005009200010000001c0022800800040021c10000080003007d000000080003000800000008009a00020000004c0022800800040028000000080005000400000008000700010000000800030001000000084fcd971fdcd15cf93b0007000500000008000500b66800000800050001"], 0xa8}}, 0x0)
r0 = socket$unix(0x1, 0x5, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
sendmsg$AUDIT_GET(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000040), 0xc, 0x0}, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x23, &(0x7f0000000240)=[{&(0x7f00000000c0)="800000003804000019000300e61f04006c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0x4db, 0x400}], 0x4801, 0x0)

00:32:02 executing program 0:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$inet(0x2, 0x3, 0x4)
setsockopt$inet_msfilter(r1, 0x0, 0x8, &(0x7f0000000080)=ANY=[@ANYBLOB='\b'], 0x1)
getsockopt$inet_pktinfo(r1, 0x0, 0x8, &(0x7f0000000040)={0x0, @local, @local}, &(0x7f0000000000)=0xc)
sendmsg$nl_route_sched(r0, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={0x0}}, 0x0)

00:32:02 executing program 2:
perf_event_open(&(0x7f00000012c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
setgid(0x0)
mkdir(&(0x7f0000000440)='./file1\x00', 0x0)
mkdir(&(0x7f0000000340)='./file0\x00', 0x0)
mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000040)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1'])
lsetxattr(&(0x7f00000005c0)='./file1\x00', &(0x7f0000000600)=@known='trusted.overlay.redirect\x00', 0x0, 0x0, 0x0)
lsetxattr$trusted_overlay_nlink(&(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='trusted.overlay.nlink\x00', &(0x7f0000000100)={'U-', 0x80000000}, 0x16, 0x1)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
mknodat(r0, &(0x7f0000000140)='./file1/file0\x00', 0x0, 0x80ffff)

00:32:02 executing program 0:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$inet(0x2, 0x3, 0x4)
setsockopt$inet_msfilter(r1, 0x0, 0x8, &(0x7f0000000080)=ANY=[@ANYBLOB='\b'], 0x1)
getsockopt$inet_pktinfo(r1, 0x0, 0x8, &(0x7f0000000040)={0x0, @local, @local}, &(0x7f0000000000)=0xc)
sendmsg$nl_route_sched(r0, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={0x0}}, 0x0)

[ 2520.472724] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[ 2520.532434] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[ 2520.557166] EXT4-fs (loop4): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[ 2520.577721] overlayfs: conflicting lowerdir path
[ 2520.581075] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[ 2520.643680] overlayfs: conflicting lowerdir path
00:32:02 executing program 3:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100), 0x0, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f00000001c0)=""/1, 0x1}], 0x3, 0x0, 0x0, 0x0)
tkill(r0, 0x15)
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0xe4, &(0x7f0000000480)="f71559c80aa4cefd3b79e76a039acbd61caef13fff703cc78e402a21c67dbe3ec9ee6c2a3b818b0000000009eb2b5c9a61000039dfad3ec35ca3dfaa6d0e35475ace78a33eb2b7fcfdd45d247a877bbcdd0307b91e8e05257ee498343d11310dda51e11dc0d92d614498a96fd09b90c0b306ef4fcd32316c48f327739494cfd766e8741d9783e4dc2a1cccb48f7d11a12e7714d3b2ab3f7e145069c031dff4e03cebb733218d3f00c1505b36dae61f9430afbad35132ad1172403fa3de92466d47fa032032453d60b2a1c1080000000000000095c32dd6fb7092e7a73ceffe3f8c450343"}}], 0x1c)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

00:32:02 executing program 0:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$inet(0x2, 0x3, 0x4)
setsockopt$inet_msfilter(r1, 0x0, 0x8, &(0x7f0000000080)=ANY=[@ANYBLOB='\b'], 0x1)
getsockopt$inet_pktinfo(r1, 0x0, 0x8, &(0x7f0000000040)={0x0, @local, @local}, &(0x7f0000000000)=0xc)
sendmsg$nl_route_sched(r0, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={0x0}}, 0x0)

00:32:02 executing program 4:
sendmsg$NL80211_CMD_SET_REG(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="a8003ef3", @ANYRES16, @ANYBLOB="00042dbd7000fddbdf251a0000001c00228008000700020000000800010009000000080002000300000005009200010000001c0022800800040021c10000080003007d000000080003000800000008009a00020000004c0022800800040028000000080005000400000008000700010000000800030001000000084fcd971fdcd15cf93b0007000500000008000500b66800000800050001"], 0xa8}}, 0x0)
r0 = socket$unix(0x1, 0x5, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
sendmsg$AUDIT_GET(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000040), 0xc, 0x0}, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x23, &(0x7f0000000240)=[{&(0x7f00000000c0)="800000003804000019000300e62004006c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0x4db, 0x400}], 0x4801, 0x0)

00:32:02 executing program 1:
r0 = getpid()
prctl$PR_SET_PTRACER(0x59616d61, r0)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r1 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
r2 = socket$inet(0x2, 0x4000000000000001, 0x0)
r3 = dup2(r2, r2)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)="45e9aed12f060000001e94193c25d86800278dcff47d01e0234353cb271c787c8529d6e2e29840cb4895e22e494e8a87ce96ad5719a0541c2e6422467f2a97f459398655c81fd81b007008f9241e78f593f77a414d8e34b68074e089ddb0f67cf4c857370bc2c8e0459e83331b02000000abe01eca003d635ce2f0462c9a7977aee274424348eb84d8c9f10b154a5c234b3a04010c209a", 0x97}], 0x4, 0x0)
ptrace$setopts(0x4206, r1, 0x0, 0x0)
tkill(r1, 0x26)
ptrace$cont(0x18, r1, 0x0, 0x0)
ptrace$setregs(0xd, r1, 0x0, 0x0)
ptrace$cont(0x20, r1, 0x0, 0x0)

00:32:02 executing program 2:
perf_event_open(&(0x7f00000012c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
setgid(0x0)
mkdir(&(0x7f0000000440)='./file1\x00', 0x0)
mkdir(&(0x7f0000000340)='./file0\x00', 0x0)
mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000040)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1'])
lsetxattr(&(0x7f00000005c0)='./file1\x00', &(0x7f0000000600)=@known='trusted.overlay.redirect\x00', 0x0, 0x0, 0x0)
lsetxattr$trusted_overlay_nlink(&(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='trusted.overlay.nlink\x00', &(0x7f0000000100)={'U-', 0x80000000}, 0x16, 0x1)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
mknodat(r0, &(0x7f0000000140)='./file1/file0\x00', 0x0, 0x80ffff)

00:32:02 executing program 0:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$inet(0x2, 0x3, 0x4)
setsockopt$inet_msfilter(r1, 0x0, 0x8, &(0x7f0000000080)=ANY=[@ANYBLOB='\b'], 0x1)
getsockopt$inet_pktinfo(r1, 0x0, 0x8, &(0x7f0000000040)={<r2=>0x0, @local, @local}, &(0x7f0000000000)=0xc)
sendmsg$nl_route_sched(r0, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000180)=@newqdisc={0x30, 0x24, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8, 0x8, 'tbf\x00'}, {0x4}}]}, 0x30}}, 0x0)

[ 2520.927560] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
00:32:02 executing program 0:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$inet(0x2, 0x3, 0x4)
setsockopt$inet_msfilter(r1, 0x0, 0x8, &(0x7f0000000080)=ANY=[@ANYBLOB='\b'], 0x1)
getsockopt$inet_pktinfo(r1, 0x0, 0x8, &(0x7f0000000040)={<r2=>0x0, @local, @local}, &(0x7f0000000000)=0xc)
sendmsg$nl_route_sched(r0, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000180)=@newqdisc={0x30, 0x24, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8, 0x8, 'tbf\x00'}, {0x4}}]}, 0x30}}, 0x0)

[ 2520.986775] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[ 2521.007440] EXT4-fs (loop4): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[ 2521.072511] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[ 2521.191091] overlayfs: conflicting lowerdir path
00:32:05 executing program 5:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)="0f34", 0x2}], 0x1, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f00000001c0)=""/1, 0x1}], 0x3, 0x0, 0x0, 0x0)
tkill(r0, 0x15)
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0xe7, &(0x7f0000000480)="f71559c80aa4cefd3b79e76a039acbd61caef13fff703cc78e402a21c67dbe3ec9ee6c2a3b818b0000000009eb2b5c9a61000039dfad3ec35ca3dfaa6d0e35475ace78a33eb2b7fcfdd45d247a877bbcdd0307b91e8e05257ee498343d11310dda51e11dc0d92d614498a96fd09b90c0b306ef4fcd32316c48f327739494cfd766e8741d9783e4dc2a1cccb48f7d11a12e7714d3b2ab3f7e145069c031dff4e03cebb733218d3f00c1505b36dae61f9430afbad35132ad1172403fa3de92466d47fa032032453d60b2a1c1080000000000000095c32dd6fb7092e7a73ceffe3f8c450343d34abd"}}], 0x1c)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0xe00000000000000, 0x0)

00:32:05 executing program 0:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$inet(0x2, 0x3, 0x4)
setsockopt$inet_msfilter(r1, 0x0, 0x8, &(0x7f0000000080)=ANY=[@ANYBLOB='\b'], 0x1)
getsockopt$inet_pktinfo(r1, 0x0, 0x8, &(0x7f0000000040)={<r2=>0x0, @local, @local}, &(0x7f0000000000)=0xc)
sendmsg$nl_route_sched(r0, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000180)=@newqdisc={0x30, 0x24, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8, 0x8, 'tbf\x00'}, {0x4}}]}, 0x30}}, 0x0)

00:32:05 executing program 4:
sendmsg$NL80211_CMD_SET_REG(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="a8003ef3", @ANYRES16, @ANYBLOB="00042dbd7000fddbdf251a0000001c00228008000700020000000800010009000000080002000300000005009200010000001c0022800800040021c10000080003007d000000080003000800000008009a00020000004c0022800800040028000000080005000400000008000700010000000800030001000000084fcd971fdcd15cf93b0007000500000008000500b66800000800050001"], 0xa8}}, 0x0)
r0 = socket$unix(0x1, 0x5, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
sendmsg$AUDIT_GET(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000040), 0xc, 0x0}, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x23, &(0x7f0000000240)=[{&(0x7f00000000c0)="800000003804000019000300e62104006c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0x4db, 0x400}], 0x4801, 0x0)

00:32:05 executing program 2:
r0 = open(&(0x7f0000000180)='./bus\x00', 0x151042, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f00000005c0)='/proc/sysvipc/sem\x00', 0x0, 0x0)
sendfile(r0, r3, 0x0, 0x400)

00:32:05 executing program 0:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$inet(0x2, 0x3, 0x4)
setsockopt$inet_msfilter(r1, 0x0, 0x8, &(0x7f0000000080)=ANY=[@ANYBLOB='\b'], 0x1)
getsockopt$inet_pktinfo(r1, 0x0, 0x8, &(0x7f0000000040)={0x0, @local, @local}, &(0x7f0000000000)=0xc)
sendmsg$nl_route_sched(r0, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000180)=@newqdisc={0x30, 0x24, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8, 0x8, 'tbf\x00'}, {0x4}}]}, 0x30}}, 0x0)

[ 2523.528106] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[ 2523.548960] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[ 2523.577769] EXT4-fs (loop4): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[ 2523.615553] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
00:32:05 executing program 3:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100), 0x0, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f00000001c0)=""/1, 0x1}], 0x3, 0x0, 0x0, 0x0)
tkill(r0, 0x15)
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0xe4, &(0x7f0000000480)="f71559c80aa4cefd3b79e76a039acbd61caef13fff703cc78e402a21c67dbe3ec9ee6c2a3b818b0000000009eb2b5c9a61000039dfad3ec35ca3dfaa6d0e35475ace78a33eb2b7fcfdd45d247a877bbcdd0307b91e8e05257ee498343d11310dda51e11dc0d92d614498a96fd09b90c0b306ef4fcd32316c48f327739494cfd766e8741d9783e4dc2a1cccb48f7d11a12e7714d3b2ab3f7e145069c031dff4e03cebb733218d3f00c1505b36dae61f9430afbad35132ad1172403fa3de92466d47fa032032453d60b2a1c1080000000000000095c32dd6fb7092e7a73ceffe3f8c450343"}}], 0x1c)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

00:32:05 executing program 2:
r0 = open(&(0x7f0000000180)='./bus\x00', 0x151042, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f00000005c0)='/proc/sysvipc/sem\x00', 0x0, 0x0)
sendfile(r0, r3, 0x0, 0x400)

00:32:05 executing program 0:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$inet(0x2, 0x3, 0x4)
setsockopt$inet_msfilter(r1, 0x0, 0x8, &(0x7f0000000080)=ANY=[@ANYBLOB='\b'], 0x1)
getsockopt$inet_pktinfo(r1, 0x0, 0x8, &(0x7f0000000040)={0x0, @local, @local}, &(0x7f0000000000)=0xc)
sendmsg$nl_route_sched(r0, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000180)=@newqdisc={0x30, 0x24, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8, 0x8, 'tbf\x00'}, {0x4}}]}, 0x30}}, 0x0)

00:32:05 executing program 1:
r0 = getpid()
prctl$PR_SET_PTRACER(0x59616d61, r0)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r1 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
r2 = socket$inet(0x2, 0x4000000000000001, 0x0)
r3 = dup2(r2, r2)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)="45e9aed12f060000001e94193c25d86800278dcff47d01e0234353cb271c787c8529d6e2e29840cb4895e22e494e8a87ce96ad5719a0541c2e6422467f2a97f459398655c81fd81b007008f9241e78f593f77a414d8e34b68074e089ddb0f67cf4c857370bc2c8e0459e83331b02000000abe01eca003d635ce2f0462c9a7977aee274424348eb84d8c9f10b154a5c234b3a04010c209a", 0x97}], 0x4, 0x0)
ptrace$setopts(0x4206, r1, 0x0, 0x0)
tkill(r1, 0x26)
ptrace$cont(0x18, r1, 0x0, 0x0)
ptrace$setregs(0xd, r1, 0x0, 0x0)
ptrace$cont(0x20, r1, 0x0, 0x0)

00:32:05 executing program 4:
sendmsg$NL80211_CMD_SET_REG(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="a8003ef3", @ANYRES16, @ANYBLOB="00042dbd7000fddbdf251a0000001c00228008000700020000000800010009000000080002000300000005009200010000001c0022800800040021c10000080003007d000000080003000800000008009a00020000004c0022800800040028000000080005000400000008000700010000000800030001000000084fcd971fdcd15cf93b0007000500000008000500b66800000800050001"], 0xa8}}, 0x0)
r0 = socket$unix(0x1, 0x5, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
sendmsg$AUDIT_GET(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000040), 0xc, 0x0}, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x23, &(0x7f0000000240)=[{&(0x7f00000000c0)="800000003804000019000300e62204006c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0x4db, 0x400}], 0x4801, 0x0)

00:32:05 executing program 0:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$inet(0x2, 0x3, 0x4)
setsockopt$inet_msfilter(r1, 0x0, 0x8, &(0x7f0000000080)=ANY=[@ANYBLOB='\b'], 0x1)
getsockopt$inet_pktinfo(r1, 0x0, 0x8, &(0x7f0000000040)={0x0, @local, @local}, &(0x7f0000000000)=0xc)
sendmsg$nl_route_sched(r0, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000180)=@newqdisc={0x30, 0x24, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8, 0x8, 'tbf\x00'}, {0x4}}]}, 0x30}}, 0x0)

00:32:05 executing program 2:
r0 = open(&(0x7f0000000180)='./bus\x00', 0x151042, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f00000005c0)='/proc/sysvipc/sem\x00', 0x0, 0x0)
sendfile(r0, r3, 0x0, 0x400)

[ 2523.986893] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[ 2524.012248] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[ 2524.025352] EXT4-fs (loop4): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[ 2524.048039] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
00:32:08 executing program 5:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)="0f34", 0x2}], 0x1, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f00000001c0)=""/1, 0x1}], 0x3, 0x0, 0x0, 0x0)
tkill(r0, 0x15)
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0xe7, &(0x7f0000000480)="f71559c80aa4cefd3b79e76a039acbd61caef13fff703cc78e402a21c67dbe3ec9ee6c2a3b818b0000000009eb2b5c9a61000039dfad3ec35ca3dfaa6d0e35475ace78a33eb2b7fcfdd45d247a877bbcdd0307b91e8e05257ee498343d11310dda51e11dc0d92d614498a96fd09b90c0b306ef4fcd32316c48f327739494cfd766e8741d9783e4dc2a1cccb48f7d11a12e7714d3b2ab3f7e145069c031dff4e03cebb733218d3f00c1505b36dae61f9430afbad35132ad1172403fa3de92466d47fa032032453d60b2a1c1080000000000000095c32dd6fb7092e7a73ceffe3f8c450343d34abd"}}], 0x1c)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x3f00000000000000, 0x0)

00:32:08 executing program 0:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$inet(0x2, 0x3, 0x4)
setsockopt$inet_msfilter(r1, 0x0, 0x8, &(0x7f0000000080)=ANY=[@ANYBLOB='\b'], 0x1)
getsockopt$inet_pktinfo(r1, 0x0, 0x8, &(0x7f0000000040)={<r2=>0x0, @local, @local}, &(0x7f0000000000)=0xc)
sendmsg$nl_route_sched(r0, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000180)=@newqdisc={0x30, 0x24, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0x0, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8, 0x8, 'tbf\x00'}, {0x4}}]}, 0x30}}, 0x0)

00:32:08 executing program 2:
r0 = open(&(0x7f0000000180)='./bus\x00', 0x151042, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f00000005c0)='/proc/sysvipc/sem\x00', 0x0, 0x0)
sendfile(r0, r3, 0x0, 0x400)

00:32:08 executing program 1:
r0 = getpid()
prctl$PR_SET_PTRACER(0x59616d61, r0)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r1 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
r2 = socket$inet(0x2, 0x4000000000000001, 0x0)
r3 = dup2(r2, r2)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)="45e9aed12f060000001e94193c25d86800278dcff47d01e0234353cb271c787c8529d6e2e29840cb4895e22e494e8a87ce96ad5719a0541c2e6422467f2a97f459398655c81fd81b007008f9241e78f593f77a414d8e34b68074e089ddb0f67cf4c857370bc2c8e0459e83331b02000000abe01eca003d635ce2f0462c9a7977aee274424348eb84d8c9f10b154a5c234b3a04010c209a", 0x97}], 0x4, 0x0)
ptrace$setopts(0x4206, r1, 0x0, 0x0)
tkill(r1, 0x26)
ptrace$cont(0x18, r1, 0x0, 0x0)
ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080))
ptrace$cont(0xffffffffffffffff, r1, 0x0, 0x0)

00:32:08 executing program 4:
sendmsg$NL80211_CMD_SET_REG(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="a8003ef3", @ANYRES16, @ANYBLOB="00042dbd7000fddbdf251a0000001c00228008000700020000000800010009000000080002000300000005009200010000001c0022800800040021c10000080003007d000000080003000800000008009a00020000004c0022800800040028000000080005000400000008000700010000000800030001000000084fcd971fdcd15cf93b0007000500000008000500b66800000800050001"], 0xa8}}, 0x0)
r0 = socket$unix(0x1, 0x5, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
sendmsg$AUDIT_GET(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000040), 0xc, 0x0}, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x23, &(0x7f0000000240)=[{&(0x7f00000000c0)="800000003804000019000300e62304006c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0x4db, 0x400}], 0x4801, 0x0)

[ 2526.582592] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[ 2526.614274] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[ 2526.636888] EXT4-fs (loop4): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[ 2526.664928] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
00:32:08 executing program 3:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{0x0}], 0x1, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f00000001c0)=""/1, 0x1}], 0x3, 0x0, 0x0, 0x0)
tkill(r0, 0x15)
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0xe4, &(0x7f0000000480)="f71559c80aa4cefd3b79e76a039acbd61caef13fff703cc78e402a21c67dbe3ec9ee6c2a3b818b0000000009eb2b5c9a61000039dfad3ec35ca3dfaa6d0e35475ace78a33eb2b7fcfdd45d247a877bbcdd0307b91e8e05257ee498343d11310dda51e11dc0d92d614498a96fd09b90c0b306ef4fcd32316c48f327739494cfd766e8741d9783e4dc2a1cccb48f7d11a12e7714d3b2ab3f7e145069c031dff4e03cebb733218d3f00c1505b36dae61f9430afbad35132ad1172403fa3de92466d47fa032032453d60b2a1c1080000000000000095c32dd6fb7092e7a73ceffe3f8c450343"}}], 0x1c)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

00:32:08 executing program 2:
r0 = open(&(0x7f0000000180)='./bus\x00', 0x151042, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
sendfile(r0, 0xffffffffffffffff, 0x0, 0x400)

00:32:08 executing program 0:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$inet(0x2, 0x3, 0x4)
setsockopt$inet_msfilter(r1, 0x0, 0x8, &(0x7f0000000080)=ANY=[@ANYBLOB='\b'], 0x1)
getsockopt$inet_pktinfo(r1, 0x0, 0x8, &(0x7f0000000040)={<r2=>0x0, @local, @local}, &(0x7f0000000000)=0xc)
sendmsg$nl_route_sched(r0, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000180)=@newqdisc={0x30, 0x24, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0x0, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8, 0x8, 'tbf\x00'}, {0x4}}]}, 0x30}}, 0x0)

00:32:08 executing program 4:
sendmsg$NL80211_CMD_SET_REG(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="a8003ef3", @ANYRES16, @ANYBLOB="00042dbd7000fddbdf251a0000001c00228008000700020000000800010009000000080002000300000005009200010000001c0022800800040021c10000080003007d000000080003000800000008009a00020000004c0022800800040028000000080005000400000008000700010000000800030001000000084fcd971fdcd15cf93b0007000500000008000500b66800000800050001"], 0xa8}}, 0x0)
r0 = socket$unix(0x1, 0x5, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
sendmsg$AUDIT_GET(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000040), 0xc, 0x0}, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x23, &(0x7f0000000240)=[{&(0x7f00000000c0)="800000003804000019000300e62404006c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0x4db, 0x400}], 0x4801, 0x0)

00:32:08 executing program 0:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$inet(0x2, 0x3, 0x4)
setsockopt$inet_msfilter(r1, 0x0, 0x8, &(0x7f0000000080)=ANY=[@ANYBLOB='\b'], 0x1)
getsockopt$inet_pktinfo(r1, 0x0, 0x8, &(0x7f0000000040)={<r2=>0x0, @local, @local}, &(0x7f0000000000)=0xc)
sendmsg$nl_route_sched(r0, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000180)=@newqdisc={0x30, 0x24, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0x0, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8, 0x8, 'tbf\x00'}, {0x4}}]}, 0x30}}, 0x0)

[ 2526.935606] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[ 2526.946134] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[ 2526.956581] EXT4-fs (loop4): ext4_check_descriptors: Inode table for group 0 overlaps superblock
00:32:08 executing program 2:
r0 = open(&(0x7f0000000180)='./bus\x00', 0x151042, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
sendfile(r0, 0xffffffffffffffff, 0x0, 0x400)

[ 2526.984258] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
00:32:08 executing program 0:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$inet(0x2, 0x3, 0x4)
setsockopt$inet_msfilter(r1, 0x0, 0x8, &(0x7f0000000080)=ANY=[@ANYBLOB='\b'], 0x1)
getsockopt$inet_pktinfo(r1, 0x0, 0x8, &(0x7f0000000040)={<r2=>0x0, @local, @local}, &(0x7f0000000000)=0xc)
sendmsg$nl_route_sched(r0, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000180)=@newqdisc={0x30, 0x24, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8, 0x8, 'tbf\x00'}, {0x4}}]}, 0x30}}, 0x0)

00:32:11 executing program 5:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)="0f34", 0x2}], 0x1, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f00000001c0)=""/1, 0x1}], 0x3, 0x0, 0x0, 0x0)
tkill(r0, 0x15)
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0xe7, &(0x7f0000000480)="f71559c80aa4cefd3b79e76a039acbd61caef13fff703cc78e402a21c67dbe3ec9ee6c2a3b818b0000000009eb2b5c9a61000039dfad3ec35ca3dfaa6d0e35475ace78a33eb2b7fcfdd45d247a877bbcdd0307b91e8e05257ee498343d11310dda51e11dc0d92d614498a96fd09b90c0b306ef4fcd32316c48f327739494cfd766e8741d9783e4dc2a1cccb48f7d11a12e7714d3b2ab3f7e145069c031dff4e03cebb733218d3f00c1505b36dae61f9430afbad35132ad1172403fa3de92466d47fa032032453d60b2a1c1080000000000000095c32dd6fb7092e7a73ceffe3f8c450343d34abd"}}], 0x1c)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x8000000000000000, 0x0)

00:32:11 executing program 4:
sendmsg$NL80211_CMD_SET_REG(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="a8003ef3", @ANYRES16, @ANYBLOB="00042dbd7000fddbdf251a0000001c00228008000700020000000800010009000000080002000300000005009200010000001c0022800800040021c10000080003007d000000080003000800000008009a00020000004c0022800800040028000000080005000400000008000700010000000800030001000000084fcd971fdcd15cf93b0007000500000008000500b66800000800050001"], 0xa8}}, 0x0)
r0 = socket$unix(0x1, 0x5, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
sendmsg$AUDIT_GET(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000040), 0xc, 0x0}, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x23, &(0x7f0000000240)=[{&(0x7f00000000c0)="800000003804000019000300e6ef27006c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0x4db, 0x400}], 0x4801, 0x0)

00:32:11 executing program 2:
r0 = open(&(0x7f0000000180)='./bus\x00', 0x151042, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
sendfile(r0, 0xffffffffffffffff, 0x0, 0x400)

00:32:11 executing program 0:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$inet(0x2, 0x3, 0x4)
setsockopt$inet_msfilter(r1, 0x0, 0x8, &(0x7f0000000080)=ANY=[@ANYBLOB='\b'], 0x1)
getsockopt$inet_pktinfo(r1, 0x0, 0x8, &(0x7f0000000040)={<r2=>0x0, @local, @local}, &(0x7f0000000000)=0xc)
sendmsg$nl_route_sched(r0, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000180)=@newqdisc={0x30, 0x24, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8, 0x8, 'tbf\x00'}, {0x4}}]}, 0x30}}, 0x0)

00:32:11 executing program 1:
r0 = getpid()
prctl$PR_SET_PTRACER(0x59616d61, r0)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r1 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
r2 = socket$inet(0x2, 0x4000000000000001, 0x0)
r3 = dup2(r2, r2)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)="45e9aed12f060000001e94193c25d86800278dcff47d01e0234353cb271c787c8529d6e2e29840cb4895e22e494e8a87ce96ad5719a0541c2e6422467f2a97f459398655c81fd81b007008f9241e78f593f77a414d8e34b68074e089ddb0f67cf4c857370bc2c8e0459e83331b02000000abe01eca003d635ce2f0462c9a7977aee274424348eb84d8c9f10b154a5c234b3a04010c209a", 0x97}], 0x4, 0x0)
ptrace$setopts(0x4206, r1, 0x0, 0x0)
tkill(r1, 0x26)
ptrace$cont(0x18, r1, 0x0, 0x0)
ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080))
ptrace$cont(0xffffffffffffffff, r1, 0x0, 0x0)

[ 2529.618569] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[ 2529.650362] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[ 2529.666121] EXT4-fs (loop4): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[ 2529.692607] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
00:32:11 executing program 3:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{0x0}], 0x1, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f00000001c0)=""/1, 0x1}], 0x3, 0x0, 0x0, 0x0)
tkill(r0, 0x15)
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0xe4, &(0x7f0000000480)="f71559c80aa4cefd3b79e76a039acbd61caef13fff703cc78e402a21c67dbe3ec9ee6c2a3b818b0000000009eb2b5c9a61000039dfad3ec35ca3dfaa6d0e35475ace78a33eb2b7fcfdd45d247a877bbcdd0307b91e8e05257ee498343d11310dda51e11dc0d92d614498a96fd09b90c0b306ef4fcd32316c48f327739494cfd766e8741d9783e4dc2a1cccb48f7d11a12e7714d3b2ab3f7e145069c031dff4e03cebb733218d3f00c1505b36dae61f9430afbad35132ad1172403fa3de92466d47fa032032453d60b2a1c1080000000000000095c32dd6fb7092e7a73ceffe3f8c450343"}}], 0x1c)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

00:32:11 executing program 0:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$inet(0x2, 0x3, 0x4)
setsockopt$inet_msfilter(r1, 0x0, 0x8, &(0x7f0000000080)=ANY=[@ANYBLOB='\b'], 0x1)
getsockopt$inet_pktinfo(r1, 0x0, 0x8, &(0x7f0000000040)={<r2=>0x0, @local, @local}, &(0x7f0000000000)=0xc)
sendmsg$nl_route_sched(r0, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000180)=@newqdisc={0x30, 0x24, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8, 0x8, 'tbf\x00'}, {0x4}}]}, 0x30}}, 0x0)

00:32:11 executing program 2:
r0 = open(&(0x7f0000000180)='./bus\x00', 0x151042, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
fcntl$dupfd(r1, 0x0, r1)
r2 = openat$procfs(0xffffffffffffff9c, &(0x7f00000005c0)='/proc/sysvipc/sem\x00', 0x0, 0x0)
sendfile(r0, r2, 0x0, 0x400)

00:32:11 executing program 4:
sendmsg$NL80211_CMD_SET_REG(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="a8003ef3", @ANYRES16, @ANYBLOB="00042dbd7000fddbdf251a0000001c00228008000700020000000800010009000000080002000300000005009200010000001c0022800800040021c10000080003007d000000080003000800000008009a00020000004c0022800800040028000000080005000400000008000700010000000800030001000000084fcd971fdcd15cf93b0007000500000008000500b66800000800050001"], 0xa8}}, 0x0)
r0 = socket$unix(0x1, 0x5, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
sendmsg$AUDIT_GET(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000040), 0xc, 0x0}, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x23, &(0x7f0000000240)=[{&(0x7f00000000c0)="800000003804000019000300e61f28006c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0x4db, 0x400}], 0x4801, 0x0)

00:32:11 executing program 2:
r0 = open(&(0x7f0000000180)='./bus\x00', 0x151042, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
fcntl$dupfd(r1, 0x0, r1)
r2 = openat$procfs(0xffffffffffffff9c, &(0x7f00000005c0)='/proc/sysvipc/sem\x00', 0x0, 0x0)
sendfile(r0, r2, 0x0, 0x400)

[ 2529.982325] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[ 2529.996181] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
00:32:11 executing program 0:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$inet(0x2, 0x3, 0x4)
setsockopt$inet_msfilter(r1, 0x0, 0x8, &(0x7f0000000080)=ANY=[@ANYBLOB='\b'], 0x1)
getsockopt$inet_pktinfo(r1, 0x0, 0x8, &(0x7f0000000040)={<r2=>0x0, @local, @local}, &(0x7f0000000000)=0xc)
sendmsg$nl_route_sched(r0, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000180)=@newqdisc={0x24, 0x24, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}}, 0x24}}, 0x0)

[ 2530.029766] EXT4-fs (loop4): ext4_check_descriptors: Inode table for group 0 overlaps superblock
00:32:12 executing program 2:
r0 = open(&(0x7f0000000180)='./bus\x00', 0x151042, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
fcntl$dupfd(r1, 0x0, r1)
r2 = openat$procfs(0xffffffffffffff9c, &(0x7f00000005c0)='/proc/sysvipc/sem\x00', 0x0, 0x0)
sendfile(r0, r2, 0x0, 0x400)

[ 2530.075728] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
00:32:14 executing program 5:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)="0f34", 0x2}], 0x1, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f00000001c0)=""/1, 0x1}], 0x3, 0x0, 0x0, 0x0)
tkill(r0, 0x15)
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0xe7, &(0x7f0000000480)="f71559c80aa4cefd3b79e76a039acbd61caef13fff703cc78e402a21c67dbe3ec9ee6c2a3b818b0000000009eb2b5c9a61000039dfad3ec35ca3dfaa6d0e35475ace78a33eb2b7fcfdd45d247a877bbcdd0307b91e8e05257ee498343d11310dda51e11dc0d92d614498a96fd09b90c0b306ef4fcd32316c48f327739494cfd766e8741d9783e4dc2a1cccb48f7d11a12e7714d3b2ab3f7e145069c031dff4e03cebb733218d3f00c1505b36dae61f9430afbad35132ad1172403fa3de92466d47fa032032453d60b2a1c1080000000000000095c32dd6fb7092e7a73ceffe3f8c450343d34abd"}}], 0x1c)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0xfeffffff00000000, 0x0)

00:32:14 executing program 0:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$inet(0x2, 0x3, 0x4)
setsockopt$inet_msfilter(r1, 0x0, 0x8, &(0x7f0000000080)=ANY=[@ANYBLOB='\b'], 0x1)
getsockopt$inet_pktinfo(r1, 0x0, 0x8, &(0x7f0000000040)={<r2=>0x0, @local, @local}, &(0x7f0000000000)=0xc)
sendmsg$nl_route_sched(r0, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000180)=@newqdisc={0x24, 0x24, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}}, 0x24}}, 0x0)

00:32:14 executing program 4:
sendmsg$NL80211_CMD_SET_REG(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="a8003ef3", @ANYRES16, @ANYBLOB="00042dbd7000fddbdf251a0000001c00228008000700020000000800010009000000080002000300000005009200010000001c0022800800040021c10000080003007d000000080003000800000008009a00020000004c0022800800040028000000080005000400000008000700010000000800030001000000084fcd971fdcd15cf93b0007000500000008000500b66800000800050001"], 0xa8}}, 0x0)
r0 = socket$unix(0x1, 0x5, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
sendmsg$AUDIT_GET(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000040), 0xc, 0x0}, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x23, &(0x7f0000000240)=[{&(0x7f00000000c0)="800000003804000019000300e60034006c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0x4db, 0x400}], 0x4801, 0x0)

00:32:14 executing program 2:
r0 = open(&(0x7f0000000180)='./bus\x00', 0x151042, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f00000005c0)='/proc/sysvipc/sem\x00', 0x0, 0x0)
sendfile(r0, r1, 0x0, 0x400)

00:32:14 executing program 1:
r0 = getpid()
prctl$PR_SET_PTRACER(0x59616d61, r0)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r1 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
r2 = socket$inet(0x2, 0x4000000000000001, 0x0)
r3 = dup2(r2, r2)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)="45e9aed12f060000001e94193c25d86800278dcff47d01e0234353cb271c787c8529d6e2e29840cb4895e22e494e8a87ce96ad5719a0541c2e6422467f2a97f459398655c81fd81b007008f9241e78f593f77a414d8e34b68074e089ddb0f67cf4c857370bc2c8e0459e83331b02000000abe01eca003d635ce2f0462c9a7977aee274424348eb84d8c9f10b154a5c234b3a04010c209a", 0x97}], 0x4, 0x0)
ptrace$setopts(0x4206, r1, 0x0, 0x0)
tkill(r1, 0x26)
ptrace$cont(0x18, r1, 0x0, 0x0)
ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080))
ptrace$cont(0xffffffffffffffff, r1, 0x0, 0x0)

[ 2532.699043] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[ 2532.738157] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[ 2532.752103] EXT4-fs (loop4): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[ 2532.786008] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
00:32:14 executing program 3:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{0x0}], 0x1, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f00000001c0)=""/1, 0x1}], 0x3, 0x0, 0x0, 0x0)
tkill(r0, 0x15)
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0xe4, &(0x7f0000000480)="f71559c80aa4cefd3b79e76a039acbd61caef13fff703cc78e402a21c67dbe3ec9ee6c2a3b818b0000000009eb2b5c9a61000039dfad3ec35ca3dfaa6d0e35475ace78a33eb2b7fcfdd45d247a877bbcdd0307b91e8e05257ee498343d11310dda51e11dc0d92d614498a96fd09b90c0b306ef4fcd32316c48f327739494cfd766e8741d9783e4dc2a1cccb48f7d11a12e7714d3b2ab3f7e145069c031dff4e03cebb733218d3f00c1505b36dae61f9430afbad35132ad1172403fa3de92466d47fa032032453d60b2a1c1080000000000000095c32dd6fb7092e7a73ceffe3f8c450343"}}], 0x1c)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

00:32:14 executing program 0:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$inet(0x2, 0x3, 0x4)
setsockopt$inet_msfilter(r1, 0x0, 0x8, &(0x7f0000000080)=ANY=[@ANYBLOB='\b'], 0x1)
getsockopt$inet_pktinfo(r1, 0x0, 0x8, &(0x7f0000000040)={<r2=>0x0, @local, @local}, &(0x7f0000000000)=0xc)
sendmsg$nl_route_sched(r0, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000180)=@newqdisc={0x24, 0x24, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}}, 0x24}}, 0x0)

00:32:14 executing program 2:
r0 = open(&(0x7f0000000180)='./bus\x00', 0x151042, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f00000005c0)='/proc/sysvipc/sem\x00', 0x0, 0x0)
sendfile(r0, r1, 0x0, 0x400)

00:32:14 executing program 4:
sendmsg$NL80211_CMD_SET_REG(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="a8003ef3", @ANYRES16, @ANYBLOB="00042dbd7000fddbdf251a0000001c00228008000700020000000800010009000000080002000300000005009200010000001c0022800800040021c10000080003007d000000080003000800000008009a00020000004c0022800800040028000000080005000400000008000700010000000800030001000000084fcd971fdcd15cf93b0007000500000008000500b66800000800050001"], 0xa8}}, 0x0)
r0 = socket$unix(0x1, 0x5, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
sendmsg$AUDIT_GET(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000040), 0xc, 0x0}, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x23, &(0x7f0000000240)=[{&(0x7f00000000c0)="800000003804000019000300e600af006c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0x4db, 0x400}], 0x4801, 0x0)

[ 2533.009045] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[ 2533.025095] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
00:32:14 executing program 0:
r0 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_ifreq(r0, 0x8922, &(0x7f0000000040)={'veth1_to_batadv\x00', @ifru_names='vlan0\x00'})

00:32:14 executing program 2:
r0 = open(&(0x7f0000000180)='./bus\x00', 0x151042, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f00000005c0)='/proc/sysvipc/sem\x00', 0x0, 0x0)
sendfile(r0, r1, 0x0, 0x400)

00:32:15 executing program 0:
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41be, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000100)='/dev/vhost-net\x00', 0x2, 0x0)
ioctl$int_in(r0, 0x40000000af01, 0x0)
ioctl$VHOST_SET_MEM_TABLE(0xffffffffffffffff, 0x4008af03, 0x0)
ioctl$VHOST_NET_SET_BACKEND(r0, 0x4008af30, &(0x7f0000000000))

[ 2533.075224] EXT4-fs (loop4): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[ 2533.102565] veth1_to_batadv: mtu greater than device maximum
[ 2533.146391] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
00:32:17 executing program 5:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)="0f34", 0x2}], 0x1, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f00000001c0)=""/1, 0x1}], 0x3, 0x0, 0x0, 0x0)
tkill(r0, 0x15)
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0xe7, &(0x7f0000000480)="f71559c80aa4cefd3b79e76a039acbd61caef13fff703cc78e402a21c67dbe3ec9ee6c2a3b818b0000000009eb2b5c9a61000039dfad3ec35ca3dfaa6d0e35475ace78a33eb2b7fcfdd45d247a877bbcdd0307b91e8e05257ee498343d11310dda51e11dc0d92d614498a96fd09b90c0b306ef4fcd32316c48f327739494cfd766e8741d9783e4dc2a1cccb48f7d11a12e7714d3b2ab3f7e145069c031dff4e03cebb733218d3f00c1505b36dae61f9430afbad35132ad1172403fa3de92466d47fa032032453d60b2a1c1080000000000000095c32dd6fb7092e7a73ceffe3f8c450343d34abd"}}], 0x1c)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0xffefffffff7f0000, 0x0)

00:32:17 executing program 2:
r0 = open(&(0x7f0000000180)='./bus\x00', 0x151042, 0x0)
r1 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = openat$procfs(0xffffffffffffff9c, &(0x7f00000005c0)='/proc/sysvipc/sem\x00', 0x0, 0x0)
sendfile(r0, r2, 0x0, 0x400)

00:32:17 executing program 4:
sendmsg$NL80211_CMD_SET_REG(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="a8003ef3", @ANYRES16, @ANYBLOB="00042dbd7000fddbdf251a0000001c00228008000700020000000800010009000000080002000300000005009200010000001c0022800800040021c10000080003007d000000080003000800000008009a00020000004c0022800800040028000000080005000400000008000700010000000800030001000000084fcd971fdcd15cf93b0007000500000008000500b66800000800050001"], 0xa8}}, 0x0)
r0 = socket$unix(0x1, 0x5, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
sendmsg$AUDIT_GET(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000040), 0xc, 0x0}, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x23, &(0x7f0000000240)=[{&(0x7f00000000c0)="800000003804000019000300e680bb006c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0x4db, 0x400}], 0x4801, 0x0)

00:32:17 executing program 0:
perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
setfsuid(0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x2, 0x2110, &(0x7f0000000640)=ANY=[@ANYBLOB="61128c000000000061138c0000000000bf2000000000000015000000080000002d0301000000000095000000000000006916000000000000bf67000000000000350600000fff07086706000002000000070300000ee60060bf050000000000004f650000000000006507f9ff01000000070700004c0000005f75000000000000bf54000000000000070400000400f9ffad4301000000000095000000000000000500000000000000950000000000000032ed3c5be9525db67754bb12fe3054ac69a5864e764f9914953170d2d7ffffff8ecf264e0f84f9f17d3c30e3c7bdd2d17f2f1754558f227857c4299bfd22a33daf6d71d79a5e12814cb1d8a5d4601d295c45a6a0b9bdb7dd399703d6c4f6f3be4b369289aa6812b8e007e733a9a4f16d0a3e1282ee45a010fb94fe9de56c9d8a814261bdb94a05000000c6c60bf70d742a81762bab8395fa64810b5b40d893ea8fe0185473d51b546c087431d7700000006e7c955cfa1f6ab689fde4de4e63ede20271a51445dc8da39e5b0ab70100010000000000d048cd6002d4519af619e3cca4d69e0dee5eb106774a8f3e6916df85aaf34c4756ad3a6d74ec88158f0200000000c8fb735fd552bdc206004aeb0743eb2dc819b6cf5c8ac86d8a297dff0445a13d0045fb3cda32a673a6bb55d8c85f21dce431e56723888fb126a163f16fb2ad9bc1172ba7cbebe174aba210d702a018f9bbec63222d20cecac4d03723f1c932b3a6aa57f1ad2e99e0e67a993716dbf580469f62ed834f2af97787f696649a462e7ee4bcf8b07a10d6735154beb4000004000000000000000000000000bc00f674629709e7e78f4ddc211bc3ebf0bd9d42ca019dd5d022cf74686e9fbe2562671cd47840a7afaab43176e65ec1118d46d1e827f3472f4445d253887a5ad103649afa17690884f8d2001e03a651bb96589a7eab04871bc47287cd313f00000000000000407d00000000000000000000c59050647802cf86f10000005f37d83f84e98a52fbbecd106425563d80bd0d0d703f37ca363f601ae899a53f6715a0a62a34b0c94cce699452050000000000000026a0f6a5480a55c22fe394ac000000000000000000000000000000437d57defb79ea6a58bc3eeed729a2f95e1d6a1fc3857ff51b1e3ee00000000000000090867f577cdde2144d9d7a3b9bc43717188cb8426286fc55fc57cc3c6de4aa67babf350709e282a4f2bf59f46e20465eae865dbfd533b1cb2d540d0490cd5248715c74b6bd0248a9a0b417bbdfb5351defc6"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000)={0x0, 0x0, 0x81}}, 0x48)
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)
socket$unix(0x1, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0)
pipe(&(0x7f0000000040))
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000))
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = dup3(r3, r1, 0x0)
dup2(r4, r2)
openat$vcsa(0xffffff9c, &(0x7f0000000080)='/dev/vcsa\x00', 0x52201, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)

00:32:17 executing program 1:
r0 = getpid()
prctl$PR_SET_PTRACER(0x59616d61, r0)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r1 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
r2 = socket$inet(0x2, 0x4000000000000001, 0x0)
r3 = dup2(r2, r2)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)="45e9aed12f060000001e94193c25d86800278dcff47d01e0234353cb271c787c8529d6e2e29840cb4895e22e494e8a87ce96ad5719a0541c2e6422467f2a97f459398655c81fd81b007008f9241e78f593f77a414d8e34b68074e089ddb0f67cf4c857370bc2c8e0459e83331b02000000abe01eca003d635ce2f0462c9a7977aee274424348eb84d8c9f10b154a5c234b3a04010c209a", 0x97}], 0x4, 0x0)
ptrace$setopts(0x4206, r1, 0x0, 0x0)
tkill(r1, 0x26)
ptrace$cont(0x18, r1, 0x0, 0x0)
ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080))
ptrace$cont(0x20, 0x0, 0x0, 0x0)

[ 2535.743641] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[ 2535.812452] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[ 2535.846727] EXT4-fs (loop4): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[ 2535.873409] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
00:32:17 executing program 3:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}], 0x1, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f00000001c0)=""/1, 0x1}], 0x3, 0x0, 0x0, 0x0)
tkill(r0, 0x15)
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0xe4, &(0x7f0000000480)="f71559c80aa4cefd3b79e76a039acbd61caef13fff703cc78e402a21c67dbe3ec9ee6c2a3b818b0000000009eb2b5c9a61000039dfad3ec35ca3dfaa6d0e35475ace78a33eb2b7fcfdd45d247a877bbcdd0307b91e8e05257ee498343d11310dda51e11dc0d92d614498a96fd09b90c0b306ef4fcd32316c48f327739494cfd766e8741d9783e4dc2a1cccb48f7d11a12e7714d3b2ab3f7e145069c031dff4e03cebb733218d3f00c1505b36dae61f9430afbad35132ad1172403fa3de92466d47fa032032453d60b2a1c1080000000000000095c32dd6fb7092e7a73ceffe3f8c450343"}}], 0x1c)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

00:32:17 executing program 2:
r0 = open(&(0x7f0000000180)='./bus\x00', 0x151042, 0x0)
r1 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = openat$procfs(0xffffffffffffff9c, &(0x7f00000005c0)='/proc/sysvipc/sem\x00', 0x0, 0x0)
sendfile(r0, r2, 0x0, 0x400)

00:32:17 executing program 4:
sendmsg$NL80211_CMD_SET_REG(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="a8003ef3", @ANYRES16, @ANYBLOB="00042dbd7000fddbdf251a0000001c00228008000700020000000800010009000000080002000300000005009200010000001c0022800800040021c10000080003007d000000080003000800000008009a00020000004c0022800800040028000000080005000400000008000700010000000800030001000000084fcd971fdcd15cf93b0007000500000008000500b66800000800050001"], 0xa8}}, 0x0)
r0 = socket$unix(0x1, 0x5, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
sendmsg$AUDIT_GET(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000040), 0xc, 0x0}, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x23, &(0x7f0000000240)=[{&(0x7f00000000c0)="800000003804000019000300e600c0006c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0x4db, 0x400}], 0x4801, 0x0)

00:32:17 executing program 0:
perf_event_open(&(0x7f0000000280)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x203, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket$kcm(0x29, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f00000039c0)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000008009500f10100000000487591731cba12c07d57d995b61e89a4530f92304f242b416ae9eeefc0e9c60ebab1c176bf9bb4dde984510c82dc2b9381b72b100d0682fd0a0c4a06b29e220dc28dac72599456d4c4e6f3fe2d1dee18f638ac947b5e026a9705735b68727d6ef3834293812e927c03c7da1322da44c7f2ed1084a12f56d1cb398dff1db3df98588374e267846442f9e49b9e473c6c58a4ca03767c69cee1b6be486e4c9507af216bd889eff7dd5adb8e49f4a94615e49c08c9a20819e02cc22e6be4557cd4ed88b37ab8d7674c644dca2f1b4d745fd9d42f49db6d4a4762e5cc23dfc1adafd1e5a3e7f2e898961cb43e438c4e41ae43e8118e1407a601dae4b8b99bffffb1ac006c67767b03b95151aeb89e6d0843c625aa2285b6e4afd8c1cc3eb215ba22f43115f4d39dc7beedb130d9f2be90133a0e3ed34258b8c9370634060105baa664953514605fba3973aa021945b985a8a66e9cfa9d9e57033815717b4fdbe55b37cb8d7f41aacfbd4089ea1bd22440f64909a09b5a759a703e71f358e11ac8e13db17d792e604a4f279b3bd6621bdf2c17bc04000000000000000000c4006200607a9a76e5d9656a7154c75773902a1fdf399df3925130312d095e9c1f973d091cec77e7198c1a11a755761fe46169b2b5b8cdedb695cc425fe203d2f2655a76865c2cb4e2470fcfff248c0add5431a7fbcb0ebf69e2d560aa848a11cd521efaf4f66a09af93a089ab1daae4b518d7a5d95a017864487366d6d7ee7bb0749cacf56cf27409c60fca2e2981b22d08f874e0a9cb6fca7844f9dab530388eb1f43d4abbfc59d6f1b18fff80df4bf024f120bd715d82033f2fb7d8fc9e0d77b294e097e293db58992c0024ab2fd8e5e7003af92d11de48e8b4d32972cba6f49051cec1bf6f16231bbb90a2d201e5a47811a2270058ffebd7ccde2480ae40d6156e9a4a2039d0416e3f83074192c48c63384f52b8eeb60571e5bbbab3e6d2b557a52bee6f81968981811f832d064048c0e0bbe46984b2f0d0504255c22ee8674053d0e160e525536edf56a93d0a7a6f0889f4ee8964875fea6ff57ba6ae25c5e8ca4f78d5a01308243b08f1caa46be5244d64f8e875858e083144c642f71cdc8e5634c1360c056430f677ee7ed7ac1f9743786b2fb8c2fc8dda2e8b64185625bf4dd0fcfcc3d36c93230b7b059bc295aa0e38b1c3edc349ab96e73d2060acfd8145e4a5851bc4d6fdc5ad939d7795f3879baa88bd0c09892c58000987e5c7954e9f3684d116b01ce0b8ef953de70e7cd9311c8b018956f8a42ca26ab295f1ecf617a8dc38e525f415a1bd46b38845ebca04061bacbf627f798a7f520078fee48f83b5989543729e57a9e1d686bc86cd51704f309130f5347413776a7b7bea3c46c0c4c4b7c27c45057d95ac85ac1cdcee8e6fa31fc02137ed1fb4b21c13b9a2c5e3f7c9ef9c45a314a6f0b9352be92986d63263b5aa5264cb4a82cf080de1633aa4fd9c3e4455ac6a029a1513cb132d28c69a5fc6d17a5700d9bc22a4dda51c0bb5dd70d3155ed199e0e4f33dfef7f1efbb4f81f2f48a228cb93f41921220e18b54eaf8cfe1a783d5a99e95ecd6e86ae04ee8bd60235c53ccfc7eaa9a83a004f1aeffbad240825b7178e7bc5afb7c0000800000000000000500000000d2122e69200ad88c4ad1730185b1e9efd2d9e4f08948e1552331ee20a5228fcf0ed8f3337a5c1c2851f6338308ca045cb5206e8fd856ecb111d06d74f4526c4b0f2919f0e46c4f509d2c271f6be8f14d038b7ac58136c44d6e07162257615b59e4de239a32940ba0f372c8a91e04f5624d60c346b7bca4b656d80d23eedb18cb680015f78ee59adfd9d5aab9101d336f1be2c2136e4f108a8aaf6f61b21f722a0d8cd3fa65bbf3f6793df43e1bfb2d5cfd9acfbfb061e20e4313aeb9891096522d36b9bc739d567eeec3425b77e1f78fb9f306ea841cd2158733fb84f4494db2703314ad83bcb19d55bed59dac0261806b57dc61cd897d1849eb9332c0c2d0f905a3b861551ae0908dfee8d40600000000000000ff3aeed1ab5da8c0516dab40d42529a6105b0a2d9f860d83f83a375ccdc3202de525b450e0da386e372adfdd7ff7de73c3150b64c863485ec8dbeff8cb0d8e3a5e1eb725ad84d8d96ced5d70e5837e1531546700c98c9db7287db0fc213810895883cbaa6d3d4a023bef3eb70acb313ed257ec5984ed7a9e243e40e6e6afbd922635d4495a0c8783b1d826e1026707e10bf5d705a21e351d2aa8d1710b40c201786aac4396db7a156e1690c1247ae34f7ce471b8428ef5040722c91bc564286b3ccad3a47f3f88a446f3b14ccc9e30e95c90a63caf5cbee130d567d0b5357f4df69bef8303580846d8059d89bf706772c0473a8a50352359cd5722d02995556da0fb57082abd9a39ec9e01a09913e37a7955dde1dd7f2ea48d32b96e3fcadc95f0aa1a056799f429663582b39f5c5b60db6646a8e51732c052080b5acb161f0d581adc485f1c51d541e26a841977cd25da5bd9c804a49218d925257bc2d3e87d228accb4daeb84dac91b4fc760e80f444dd422fdad2161bc318a52828c3943e322e2df635b0af0d65a1afcd2"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x222}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x18000000000002a0, 0xe80, 0x6000, &(0x7f00000000c0)="b9ff03c6630d698cb89e0bf088ca1fffffff14000000632177fbac14143ae0", 0x0, 0x2f, 0x0, 0x0, 0xfffffffffffffe2a}, 0x28)

00:32:17 executing program 2:
r0 = open(&(0x7f0000000180)='./bus\x00', 0x151042, 0x0)
r1 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = openat$procfs(0xffffffffffffff9c, &(0x7f00000005c0)='/proc/sysvipc/sem\x00', 0x0, 0x0)
sendfile(r0, r2, 0x0, 0x400)

[ 2536.117721] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
00:32:18 executing program 0:
perf_event_open(&(0x7f0000000480)={0x0, 0x70, 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000040)='net/mcfilter6\x00')
preadv(r0, &(0x7f0000000100), 0x18d, 0x207200)

[ 2536.161580] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[ 2536.176044] EXT4-fs (loop4): ext4_check_descriptors: Inode table for group 0 overlaps superblock
00:32:18 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = openat$procfs(0xffffffffffffff9c, &(0x7f00000005c0)='/proc/sysvipc/sem\x00', 0x0, 0x0)
sendfile(0xffffffffffffffff, r2, 0x0, 0x400)

[ 2536.217325] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
00:32:20 executing program 5:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)="0f34", 0x2}], 0x1, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f00000001c0)=""/1, 0x1}], 0x3, 0x0, 0x0, 0x0)
tkill(r0, 0x15)
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0xe7, &(0x7f0000000480)="f71559c80aa4cefd3b79e76a039acbd61caef13fff703cc78e402a21c67dbe3ec9ee6c2a3b818b0000000009eb2b5c9a61000039dfad3ec35ca3dfaa6d0e35475ace78a33eb2b7fcfdd45d247a877bbcdd0307b91e8e05257ee498343d11310dda51e11dc0d92d614498a96fd09b90c0b306ef4fcd32316c48f327739494cfd766e8741d9783e4dc2a1cccb48f7d11a12e7714d3b2ab3f7e145069c031dff4e03cebb733218d3f00c1505b36dae61f9430afbad35132ad1172403fa3de92466d47fa032032453d60b2a1c1080000000000000095c32dd6fb7092e7a73ceffe3f8c450343d34abd"}}], 0x1c)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0xffffffff00000000, 0x0)

00:32:20 executing program 4:
sendmsg$NL80211_CMD_SET_REG(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="a8003ef3", @ANYRES16, @ANYBLOB="00042dbd7000fddbdf251a0000001c00228008000700020000000800010009000000080002000300000005009200010000001c0022800800040021c10000080003007d000000080003000800000008009a00020000004c0022800800040028000000080005000400000008000700010000000800030001000000084fcd971fdcd15cf93b0007000500000008000500b66800000800050001"], 0xa8}}, 0x0)
r0 = socket$unix(0x1, 0x5, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
sendmsg$AUDIT_GET(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000040), 0xc, 0x0}, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x23, &(0x7f0000000240)=[{&(0x7f00000000c0)="800000003804000019000300e60102006c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0x4db, 0x400}], 0x4801, 0x0)

00:32:20 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = openat$procfs(0xffffffffffffff9c, &(0x7f00000005c0)='/proc/sysvipc/sem\x00', 0x0, 0x0)
sendfile(0xffffffffffffffff, r2, 0x0, 0x400)

00:32:20 executing program 0:
mkdir(&(0x7f0000000200)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mkdir(&(0x7f0000000280)='./file0\x00', 0x0)
mount$overlay(0x400000, &(0x7f0000000000)='./bus\x00', &(0x7f0000000400)='overlay\x00', 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='lowerdir=./bus,workdir=./file1,upperdir=./file0'])
chdir(&(0x7f0000000140)='./bus\x00')
r0 = open(&(0x7f0000000040)='./file0\x00', 0x200c2, 0x0)
write$nbd(r0, &(0x7f0000000d80)=ANY=[], 0x1)

00:32:20 executing program 1:
r0 = getpid()
prctl$PR_SET_PTRACER(0x59616d61, r0)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r1 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
r2 = socket$inet(0x2, 0x4000000000000001, 0x0)
r3 = dup2(r2, r2)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)="45e9aed12f060000001e94193c25d86800278dcff47d01e0234353cb271c787c8529d6e2e29840cb4895e22e494e8a87ce96ad5719a0541c2e6422467f2a97f459398655c81fd81b007008f9241e78f593f77a414d8e34b68074e089ddb0f67cf4c857370bc2c8e0459e83331b02000000abe01eca003d635ce2f0462c9a7977aee274424348eb84d8c9f10b154a5c234b3a04010c209a", 0x97}], 0x4, 0x0)
ptrace$setopts(0x4206, r1, 0x0, 0x0)
tkill(r1, 0x26)
ptrace$cont(0x18, r1, 0x0, 0x0)
ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080))
ptrace$cont(0x20, 0x0, 0x0, 0x0)

[ 2538.781142] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[ 2538.803395] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[ 2538.819746] EXT4-fs (loop4): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[ 2538.866827] overlayfs: './file0' not a directory
[ 2538.875038] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
00:32:20 executing program 3:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}], 0x1, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f00000001c0)=""/1, 0x1}], 0x3, 0x0, 0x0, 0x0)
tkill(r0, 0x15)
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0xe4, &(0x7f0000000480)="f71559c80aa4cefd3b79e76a039acbd61caef13fff703cc78e402a21c67dbe3ec9ee6c2a3b818b0000000009eb2b5c9a61000039dfad3ec35ca3dfaa6d0e35475ace78a33eb2b7fcfdd45d247a877bbcdd0307b91e8e05257ee498343d11310dda51e11dc0d92d614498a96fd09b90c0b306ef4fcd32316c48f327739494cfd766e8741d9783e4dc2a1cccb48f7d11a12e7714d3b2ab3f7e145069c031dff4e03cebb733218d3f00c1505b36dae61f9430afbad35132ad1172403fa3de92466d47fa032032453d60b2a1c1080000000000000095c32dd6fb7092e7a73ceffe3f8c450343"}}], 0x1c)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

00:32:20 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = openat$procfs(0xffffffffffffff9c, &(0x7f00000005c0)='/proc/sysvipc/sem\x00', 0x0, 0x0)
sendfile(0xffffffffffffffff, r2, 0x0, 0x400)

00:32:20 executing program 0:
perf_event_open(&(0x7f0000000280)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x203, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket$kcm(0x29, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f00000039c0)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000008009500f10100000000487591731cba12c07d57d995b61e89a4530f92304f242b416ae9eeefc0e9c60ebab1c176bf9bb4dde984510c82dc2b9381b72b100d0682fd0a0c4a06b29e220dc28dac72599456d4c4e6f3fe2d1dee18f638ac947b5e026a9705735b68727d6ef3834293812e927c03c7da1322da44c7f2ed1084a12f56d1cb398dff1db3df98588374e267846442f9e49b9e473c6c58a4ca03767c69cee1b6be486e4c9507af216bd889eff7dd5adb8e49f4a94615e49c08c9a20819e02cc22e6be4557cd4ed88b37ab8d7674c644dca2f1b4d745fd9d42f49db6d4a4762e5cc23dfc1adafd1e5a3e7f2e898961cb43e438c4e41ae43e8118e1407a601dae4b8b99bffffb1ac006c67767b03b95151aeb89e6d0843c625aa2285b6e4afd8c1cc3eb215ba22f43115f4d39dc7beedb130d9f2be90133a0e3ed34258b8c9370634060105baa664953514605fba3973aa021945b985a8a66e9cfa9d9e57033815717b4fdbe55b37cb8d7f41aacfbd4089ea1bd22440f64909a09b5a759a703e71f358e11ac8e13db17d792e604a4f279b3bd6621bdf2c17bc04000000000000000000c4006200607a9a76e5d9656a7154c75773902a1fdf399df3925130312d095e9c1f973d091cec77e7198c1a11a755761fe46169b2b5b8cdedb695cc425fe203d2f2655a76865c2cb4e2470fcfff248c0add5431a7fbcb0ebf69e2d560aa848a11cd521efaf4f66a09af93a089ab1daae4b518d7a5d95a017864487366d6d7ee7bb0749cacf56cf27409c60fca2e2981b22d08f874e0a9cb6fca7844f9dab530388eb1f43d4abbfc59d6f1b18fff80df4bf024f120bd715d82033f2fb7d8fc9e0d77b294e097e293db58992c0024ab2fd8e5e7003af92d11de48e8b4d32972cba6f49051cec1bf6f16231bbb90a2d201e5a47811a2270058ffebd7ccde2480ae40d6156e9a4a2039d0416e3f83074192c48c63384f52b8eeb60571e5bbbab3e6d2b557a52bee6f81968981811f832d064048c0e0bbe46984b2f0d0504255c22ee8674053d0e160e525536edf56a93d0a7a6f0889f4ee8964875fea6ff57ba6ae25c5e8ca4f78d5a01308243b08f1caa46be5244d64f8e875858e083144c642f71cdc8e5634c1360c056430f677ee7ed7ac1f9743786b2fb8c2fc8dda2e8b64185625bf4dd0fcfcc3d36c93230b7b059bc295aa0e38b1c3edc349ab96e73d2060acfd8145e4a5851bc4d6fdc5ad939d7795f3879baa88bd0c09892c58000987e5c7954e9f3684d116b01ce0b8ef953de70e7cd9311c8b018956f8a42ca26ab295f1ecf617a8dc38e525f415a1bd46b38845ebca04061bacbf627f798a7f520078fee48f83b5989543729e57a9e1d686bc86cd51704f309130f5347413776a7b7bea3c46c0c4c4b7c27c45057d95ac85ac1cdcee8e6fa31fc02137ed1fb4b21c13b9a2c5e3f7c9ef9c45a314a6f0b9352be92986d63263b5aa5264cb4a82cf080de1633aa4fd9c3e4455ac6a029a1513cb132d28c69a5fc6d17a5700d9bc22a4dda51c0bb5dd70d3155ed199e0e4f33dfef7f1efbb4f81f2f48a228cb93f41921220e18b54eaf8cfe1a783d5a99e95ecd6e86ae04ee8bd60235c53ccfc7eaa9a83a004f1aeffbad240825b7178e7bc5afb7c0000800000000000000500000000d2122e69200ad88c4ad1730185b1e9efd2d9e4f08948e1552331ee20a5228fcf0ed8f3337a5c1c2851f6338308ca045cb5206e8fd856ecb111d06d74f4526c4b0f2919f0e46c4f509d2c271f6be8f14d038b7ac58136c44d6e07162257615b59e4de239a32940ba0f372c8a91e04f5624d60c346b7bca4b656d80d23eedb18cb680015f78ee59adfd9d5aab9101d336f1be2c2136e4f108a8aaf6f61b21f722a0d8cd3fa65bbf3f6793df43e1bfb2d5cfd9acfbfb061e20e4313aeb9891096522d36b9bc739d567eeec3425b77e1f78fb9f306ea841cd2158733fb84f4494db2703314ad83bcb19d55bed59dac0261806b57dc61cd897d1849eb9332c0c2d0f905a3b861551ae0908dfee8d40600000000000000ff3aeed1ab5da8c0516dab40d42529a6105b0a2d9f860d83f83a375ccdc3202de525b450e0da386e372adfdd7ff7de73c3150b64c863485ec8dbeff8cb0d8e3a5e1eb725ad84d8d96ced5d70e5837e1531546700c98c9db7287db0fc213810895883cbaa6d3d4a023bef3eb70acb313ed257ec5984ed7a9e243e40e6e6afbd922635d4495a0c8783b1d826e1026707e10bf5d705a21e351d2aa8d1710b40c201786aac4396db7a156e1690c1247ae34f7ce471b8428ef5040722c91bc564286b3ccad3a47f3f88a446f3b14ccc9e30e95c90a63caf5cbee130d567d0b5357f4df69bef8303580846d8059d89bf706772c0473a8a50352359cd5722d02995556da0fb57082abd9a39ec9e01a09913e37a7955dde1dd7f2ea48d32b96e3fcadc95f0aa1a056799f429663582b39f5c5b60db6646a8e51732c052080b5acb161f0d581adc485f1c51d541e26a841977cd25da5bd9c804a49218d925257bc2d3e87d228accb4daeb84dac91b4fc760e80f444dd422fdad2161bc318a52828c3943e322e2df635b0af0d65a1afcd2"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x222}, 0x48)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x26e1, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x18000000000002a0, 0xe80, 0x6000, &(0x7f00000000c0)="b9ff03c6630d698cb89e0bf088ca1fffffff14000000632177fbac14143ae0", 0x0, 0x2f, 0x0, 0x0, 0xfffffffffffffe2a}, 0x28)

00:32:20 executing program 4:
sendmsg$NL80211_CMD_SET_REG(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="a8003ef3", @ANYRES16, @ANYBLOB="00042dbd7000fddbdf251a0000001c00228008000700020000000800010009000000080002000300000005009200010000001c0022800800040021c10000080003007d000000080003000800000008009a00020000004c0022800800040028000000080005000400000008000700010000000800030001000000084fcd971fdcd15cf93b0007000500000008000500b66800000800050001"], 0xa8}}, 0x0)
r0 = socket$unix(0x1, 0x5, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
sendmsg$AUDIT_GET(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000040), 0xc, 0x0}, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x23, &(0x7f0000000240)=[{&(0x7f00000000c0)="800000003804000019000300e60103006c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0x4db, 0x400}], 0x4801, 0x0)

[ 2539.080538] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[ 2539.097907] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[ 2539.122658] EXT4-fs (loop4): ext4_check_descriptors: Inode table for group 0 overlaps superblock
00:32:21 executing program 2:
r0 = open(0x0, 0x151042, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f00000005c0)='/proc/sysvipc/sem\x00', 0x0, 0x0)
sendfile(r0, r3, 0x0, 0x400)

[ 2539.169962] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
00:32:21 executing program 4:
sendmsg$NL80211_CMD_SET_REG(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="a8003ef3", @ANYRES16, @ANYBLOB="00042dbd7000fddbdf251a0000001c00228008000700020000000800010009000000080002000300000005009200010000001c0022800800040021c10000080003007d000000080003000800000008009a00020000004c0022800800040028000000080005000400000008000700010000000800030001000000084fcd971fdcd15cf93b0007000500000008000500b66800000800050001"], 0xa8}}, 0x0)
r0 = socket$unix(0x1, 0x5, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
sendmsg$AUDIT_GET(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000040), 0xc, 0x0}, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x23, &(0x7f0000000240)=[{&(0x7f00000000c0)="800000003804000019000300e60104006c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0x4db, 0x400}], 0x4801, 0x0)

00:32:21 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000100)={0x2, 0x4e20, @multicast2}, 0x10)
setsockopt$sock_int(r0, 0x1, 0x3c, &(0x7f00000000c0)=0x1, 0x4)
sendto$inet(r0, 0x0, 0xffffffffffffff12, 0x20000000, &(0x7f0000000080)={0x2, 0x4e20}, 0x10)
sendto$inet(r0, &(0x7f0000000140)="7c0d111317b1ff8ebff29f81219ec5b10d0d003f0aefd9448dbef1ffb4e3a6af87131512da528f6235fe35d30b3b5cb4877c1b89bbf83f6d749d5b00679601a3ab5cf1ad797252bb0c7b43e3e9763221cb2c8d76f824f4bea338f53aa75703f465e50e434e2193900c39ab79d37cf7e9bc2df860c7a8cfc0ce7a24fe6f821e6e5e77267487dcf0208aaa5e3aeb1d921d2fdbb8587804a8e3eeb6ebca013835a981d333ca0915d7ae9d24a14f26", 0xfffffffffffffe13, 0x26a7d94d1c144252, 0x0, 0x0)

[ 2539.365513] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[ 2539.375535] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[ 2539.386040] EXT4-fs (loop4): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[ 2539.398628] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
00:32:23 executing program 5:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)="0f34", 0x2}], 0x1, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f00000001c0)=""/1, 0x1}], 0x3, 0x0, 0x0, 0x0)
tkill(r0, 0x15)
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0xe7, &(0x7f0000000480)="f71559c80aa4cefd3b79e76a039acbd61caef13fff703cc78e402a21c67dbe3ec9ee6c2a3b818b0000000009eb2b5c9a61000039dfad3ec35ca3dfaa6d0e35475ace78a33eb2b7fcfdd45d247a877bbcdd0307b91e8e05257ee498343d11310dda51e11dc0d92d614498a96fd09b90c0b306ef4fcd32316c48f327739494cfd766e8741d9783e4dc2a1cccb48f7d11a12e7714d3b2ab3f7e145069c031dff4e03cebb733218d3f00c1505b36dae61f9430afbad35132ad1172403fa3de92466d47fa032032453d60b2a1c1080000000000000095c32dd6fb7092e7a73ceffe3f8c450343d34abd"}}], 0x1c)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0xe)

00:32:23 executing program 2:
r0 = open(0x0, 0x151042, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f00000005c0)='/proc/sysvipc/sem\x00', 0x0, 0x0)
sendfile(r0, r3, 0x0, 0x400)

00:32:23 executing program 0:

00:32:23 executing program 4:
sendmsg$NL80211_CMD_SET_REG(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="a8003ef3", @ANYRES16, @ANYBLOB="00042dbd7000fddbdf251a0000001c00228008000700020000000800010009000000080002000300000005009200010000001c0022800800040021c10000080003007d000000080003000800000008009a00020000004c0022800800040028000000080005000400000008000700010000000800030001000000084fcd971fdcd15cf93b0007000500000008000500b66800000800050001"], 0xa8}}, 0x0)
r0 = socket$unix(0x1, 0x5, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
sendmsg$AUDIT_GET(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000040), 0xc, 0x0}, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x23, &(0x7f0000000240)=[{&(0x7f00000000c0)="800000003804000019000300e60105006c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0x4db, 0x400}], 0x4801, 0x0)

00:32:23 executing program 1:
r0 = getpid()
prctl$PR_SET_PTRACER(0x59616d61, r0)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r1 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
r2 = socket$inet(0x2, 0x4000000000000001, 0x0)
r3 = dup2(r2, r2)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)="45e9aed12f060000001e94193c25d86800278dcff47d01e0234353cb271c787c8529d6e2e29840cb4895e22e494e8a87ce96ad5719a0541c2e6422467f2a97f459398655c81fd81b007008f9241e78f593f77a414d8e34b68074e089ddb0f67cf4c857370bc2c8e0459e83331b02000000abe01eca003d635ce2f0462c9a7977aee274424348eb84d8c9f10b154a5c234b3a04010c209a", 0x97}], 0x4, 0x0)
ptrace$setopts(0x4206, r1, 0x0, 0x0)
tkill(r1, 0x26)
ptrace$cont(0x18, r1, 0x0, 0x0)
ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080))
ptrace$cont(0x20, 0x0, 0x0, 0x0)

[ 2541.764685] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[ 2541.778897] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[ 2541.814849] EXT4-fs (loop4): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[ 2541.854512] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
00:32:23 executing program 3:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}], 0x1, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f00000001c0)=""/1, 0x1}], 0x3, 0x0, 0x0, 0x0)
tkill(r0, 0x15)
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0xe4, &(0x7f0000000480)="f71559c80aa4cefd3b79e76a039acbd61caef13fff703cc78e402a21c67dbe3ec9ee6c2a3b818b0000000009eb2b5c9a61000039dfad3ec35ca3dfaa6d0e35475ace78a33eb2b7fcfdd45d247a877bbcdd0307b91e8e05257ee498343d11310dda51e11dc0d92d614498a96fd09b90c0b306ef4fcd32316c48f327739494cfd766e8741d9783e4dc2a1cccb48f7d11a12e7714d3b2ab3f7e145069c031dff4e03cebb733218d3f00c1505b36dae61f9430afbad35132ad1172403fa3de92466d47fa032032453d60b2a1c1080000000000000095c32dd6fb7092e7a73ceffe3f8c450343"}}], 0x1c)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

00:32:23 executing program 2:
r0 = open(0x0, 0x151042, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f00000005c0)='/proc/sysvipc/sem\x00', 0x0, 0x0)
sendfile(r0, r3, 0x0, 0x400)

00:32:23 executing program 0:

00:32:23 executing program 4:
sendmsg$NL80211_CMD_SET_REG(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="a8003ef3", @ANYRES16, @ANYBLOB="00042dbd7000fddbdf251a0000001c00228008000700020000000800010009000000080002000300000005009200010000001c0022800800040021c10000080003007d000000080003000800000008009a00020000004c0022800800040028000000080005000400000008000700010000000800030001000000084fcd971fdcd15cf93b0007000500000008000500b66800000800050001"], 0xa8}}, 0x0)
r0 = socket$unix(0x1, 0x5, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
sendmsg$AUDIT_GET(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000040), 0xc, 0x0}, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x23, &(0x7f0000000240)=[{&(0x7f00000000c0)="800000003804000019000300e60106006c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0x4db, 0x400}], 0x4801, 0x0)

00:32:24 executing program 2:
r0 = open(&(0x7f0000000180)='./bus\x00', 0x0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f00000005c0)='/proc/sysvipc/sem\x00', 0x0, 0x0)
sendfile(r0, r3, 0x0, 0x400)

00:32:24 executing program 0:

[ 2542.165406] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[ 2542.190971] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[ 2542.205386] EXT4-fs (loop4): ext4_check_descriptors: Inode table for group 0 overlaps superblock
00:32:24 executing program 2:
r0 = open(&(0x7f0000000180)='./bus\x00', 0x0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f00000005c0)='/proc/sysvipc/sem\x00', 0x0, 0x0)
sendfile(r0, r3, 0x0, 0x400)

[ 2542.255665] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
00:32:26 executing program 0:

00:32:26 executing program 5:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)="0f34", 0x2}], 0x1, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f00000001c0)=""/1, 0x1}], 0x3, 0x0, 0x0, 0x0)
tkill(r0, 0x15)
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0xe7, &(0x7f0000000480)="f71559c80aa4cefd3b79e76a039acbd61caef13fff703cc78e402a21c67dbe3ec9ee6c2a3b818b0000000009eb2b5c9a61000039dfad3ec35ca3dfaa6d0e35475ace78a33eb2b7fcfdd45d247a877bbcdd0307b91e8e05257ee498343d11310dda51e11dc0d92d614498a96fd09b90c0b306ef4fcd32316c48f327739494cfd766e8741d9783e4dc2a1cccb48f7d11a12e7714d3b2ab3f7e145069c031dff4e03cebb733218d3f00c1505b36dae61f9430afbad35132ad1172403fa3de92466d47fa032032453d60b2a1c1080000000000000095c32dd6fb7092e7a73ceffe3f8c450343d34abd"}}], 0x1c)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x21)

00:32:26 executing program 4:
sendmsg$NL80211_CMD_SET_REG(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="a8003ef3", @ANYRES16, @ANYBLOB="00042dbd7000fddbdf251a0000001c00228008000700020000000800010009000000080002000300000005009200010000001c0022800800040021c10000080003007d000000080003000800000008009a00020000004c0022800800040028000000080005000400000008000700010000000800030001000000084fcd971fdcd15cf93b0007000500000008000500b66800000800050001"], 0xa8}}, 0x0)
r0 = socket$unix(0x1, 0x5, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
sendmsg$AUDIT_GET(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000040), 0xc, 0x0}, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x23, &(0x7f0000000240)=[{&(0x7f00000000c0)="800000003804000019000300e60107006c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0x4db, 0x400}], 0x4801, 0x0)

00:32:26 executing program 2:
r0 = open(&(0x7f0000000180)='./bus\x00', 0x0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f00000005c0)='/proc/sysvipc/sem\x00', 0x0, 0x0)
sendfile(r0, r3, 0x0, 0x400)

00:32:26 executing program 1:

[ 2544.871365] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[ 2544.896323] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[ 2544.907931] EXT4-fs (loop4): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[ 2544.946815] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
00:32:27 executing program 3:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)="0f", 0x1}], 0x1, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f00000001c0)=""/1, 0x1}], 0x3, 0x0, 0x0, 0x0)
tkill(r0, 0x15)
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0xe4, &(0x7f0000000480)="f71559c80aa4cefd3b79e76a039acbd61caef13fff703cc78e402a21c67dbe3ec9ee6c2a3b818b0000000009eb2b5c9a61000039dfad3ec35ca3dfaa6d0e35475ace78a33eb2b7fcfdd45d247a877bbcdd0307b91e8e05257ee498343d11310dda51e11dc0d92d614498a96fd09b90c0b306ef4fcd32316c48f327739494cfd766e8741d9783e4dc2a1cccb48f7d11a12e7714d3b2ab3f7e145069c031dff4e03cebb733218d3f00c1505b36dae61f9430afbad35132ad1172403fa3de92466d47fa032032453d60b2a1c1080000000000000095c32dd6fb7092e7a73ceffe3f8c450343"}}], 0x1c)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

00:32:27 executing program 1:

00:32:27 executing program 0:
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, &(0x7f00000000c0)={0x10002, 0xa, 0xd9, 0x0, <r2=>0x0})
ioctl$DRM_IOCTL_MODE_MAP_DUMB(r1, 0xc01064b3, &(0x7f0000000140)={r2})
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
dup3(r3, 0xffffffffffffffff, 0x0)
unlinkat(0xffffffffffffffff, 0x0, 0x200)
r4 = syz_open_dev$dri(0x0, 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r4, 0xc02064b2, &(0x7f00000000c0)={0x10002, 0xa, 0xd9, 0x0, <r5=>0x0})
ioctl$DRM_IOCTL_MODE_MAP_DUMB(r4, 0xc01064b3, &(0x7f0000000140)={r5})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(0xffffffffffffffff, 0xc02064b2, &(0x7f0000000040)={0x0, 0x3, 0x1})
r6 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r7 = socket$inet6_tcp(0xa, 0x1, 0x0)
dup3(r6, r7, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
dup2(r0, r1)

00:32:27 executing program 2:
r0 = open(&(0x7f0000000180)='./bus\x00', 0x151042, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = fcntl$dupfd(0xffffffffffffffff, 0x0, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f00000005c0)='/proc/sysvipc/sem\x00', 0x0, 0x0)
sendfile(r0, r3, 0x0, 0x400)

00:32:27 executing program 4:
sendmsg$NL80211_CMD_SET_REG(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="a8003ef3", @ANYRES16, @ANYBLOB="00042dbd7000fddbdf251a0000001c00228008000700020000000800010009000000080002000300000005009200010000001c0022800800040021c10000080003007d000000080003000800000008009a00020000004c0022800800040028000000080005000400000008000700010000000800030001000000084fcd971fdcd15cf93b0007000500000008000500b66800000800050001"], 0xa8}}, 0x0)
r0 = socket$unix(0x1, 0x5, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
sendmsg$AUDIT_GET(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000040), 0xc, 0x0}, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x23, &(0x7f0000000240)=[{&(0x7f00000000c0)="800000003804000019000300e60108006c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0x4db, 0x400}], 0x4801, 0x0)

[ 2545.158338] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[ 2545.189326] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
00:32:27 executing program 2:
r0 = open(&(0x7f0000000180)='./bus\x00', 0x151042, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = fcntl$dupfd(0xffffffffffffffff, 0x0, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f00000005c0)='/proc/sysvipc/sem\x00', 0x0, 0x0)
sendfile(r0, r3, 0x0, 0x400)

00:32:27 executing program 1:
open(&(0x7f0000000200)='./file0\x00', 0x1070c0, 0x0)
syz_mount_image$minix(&(0x7f0000000140)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000040)="600084e002000a0000000001000000c98f13", 0x12, 0x400}, {&(0x7f0000000880)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494fcbcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5fe6b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bd89e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb04e4cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e73872540ef4e5aecb0de86dd2a75bee61a9303a332233ff5a259b078a6", 0x326, 0x34f9}], 0x0, 0x0)
acct(&(0x7f0000000480)='./file0\x00')
umount2(&(0x7f0000000500)='./file0\x00', 0x0)

[ 2545.218878] EXT4-fs (loop4): ext4_check_descriptors: Inode table for group 0 overlaps superblock
00:32:27 executing program 2:
r0 = open(&(0x7f0000000180)='./bus\x00', 0x151042, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = fcntl$dupfd(0xffffffffffffffff, 0x0, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f00000005c0)='/proc/sysvipc/sem\x00', 0x0, 0x0)
sendfile(r0, r3, 0x0, 0x400)

[ 2545.289681] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[ 2545.298712] audit: type=1800 audit(1588638747.164:37): pid=23779 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="syz-executor.1" name="file0" dev="sda1" ino=16566 res=0
[ 2545.355849] MINIX-fs: mounting unchecked file system, running fsck is recommended
[ 2545.424272] Process accounting resumed
[ 2545.516127] Process accounting resumed
00:32:29 executing program 5:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)="0f34", 0x2}], 0x1, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f00000001c0)=""/1, 0x1}], 0x3, 0x0, 0x0, 0x0)
tkill(r0, 0x15)
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0xe7, &(0x7f0000000480)="f71559c80aa4cefd3b79e76a039acbd61caef13fff703cc78e402a21c67dbe3ec9ee6c2a3b818b0000000009eb2b5c9a61000039dfad3ec35ca3dfaa6d0e35475ace78a33eb2b7fcfdd45d247a877bbcdd0307b91e8e05257ee498343d11310dda51e11dc0d92d614498a96fd09b90c0b306ef4fcd32316c48f327739494cfd766e8741d9783e4dc2a1cccb48f7d11a12e7714d3b2ab3f7e145069c031dff4e03cebb733218d3f00c1505b36dae61f9430afbad35132ad1172403fa3de92466d47fa032032453d60b2a1c1080000000000000095c32dd6fb7092e7a73ceffe3f8c450343d34abd"}}], 0x1c)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0xe00)

00:32:29 executing program 0:
prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x38, 0x1, 0x0, 0x0, 0x9}, 0x0)
r1 = socket$inet6(0xa, 0x2, 0x0)
recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0)
tee(0xffffffffffffffff, 0xffffffffffffffff, 0x7, 0x0)
pipe(&(0x7f00000002c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
socketpair(0x0, 0x0, 0x0, 0x0)
sendmmsg$alg(0xffffffffffffffff, &(0x7f0000006040)=[{0x8004000, 0x0, 0x0}, {0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000480)="739a9484e2081d5a172d3decdbead70b861fc7bf50cd4029e5be226a6967ae4ad6bfb77de5c0779d54d1c7cb4bf54d41939ea9829c5abc5d56ee5ba47cf598b92f6573a1a06742c107d3e33332b9bf4e9637fa48c50581d6c95f69d3370669868e1576fda7ee131f51e0dab975e1ec04539b8ecbbf38daea889d144763bfbdd4fe5dfee2e57a1913f87615e42ca3d14e82698041b606eeaf7c121611cd84f44c6b74a18d2dc6370df00973f34c8fab113ca93e72e284acc6d175a509c12293ed677703991a94dc7a443f268a5f77d1b35422dcdb4750284b361a05b711e7e5d5d776f9ba3ce40b76a4d6f1d9ceada3ba1d67148c178df9dc13165dc22e2a21eb03c16d1cd708ea19c32e41e6c0488a088d81713371e95c990d1c8a54cd2600e92d25ed8bf597fe9ad76a662854837b36c4f4de93661c097e4f1c667da06bb8b8e32b8fca8f1be112c0149bef2e420d442dbed85030b34582bf4178e2832b825e46ba0cab0f4ba85ce0ed0f1c95d8ae19f0691f1786072629b7a758751715545e4683063094f38d549a85ac8f5ea0257f90920f08fb3f789b045f06a0ab3be633388dabbb397e574a9c924557dc3cb83f1ed576243a79318efdf80843cbcecc72897cba285c5ed9ddfe87789cabf53e16b0484a3f0e469e1cbe51596c0bb811b6617e431fff1773de8446d13b36cec17262497f312d4c6ad82b06deb2f7027e09bd301f116f186d0bb508c8233e5253510b17abafc265f00b6698f2c467d6171974ec6c5170ca5fd16cd21dd7348b6685b388d3842b3aedb90814cf58a4b81f1126cccf3634c86cad32ce18f703428ccc17fd89b5aad30858d0bc585ff722f281dfc242bb584e0d5db0fc2e54cd5b37097d0e795c794f758e1b02577983442284d8a8e604d8fda47afa7f73a46b6456e8fdef05a28a5150e443f52a2984f65954e40333af703d01806ee89239596a8a7c6a33d671c1ba5420a906657c5e46c3465495d31d124d98826fd7b17e25b8d2200e184879603649627b12cfdb5b69c93d73af2b30ba27599792d4368510dc07931fe1bffa26edc6f0f19a579ebf2a1a2de704d6adf764595ae19ffa2a41a214bab3fca301951bde3f815a118946d240bbc80fb1c5449fe0354a8d22513c38896b3b50c8b4a1981596ec71892fbf19603efcac420f6936b0928ff9ed9d0648723d793b58e7c42da480c490914621252d8f8d851960be95edcc8611a219a8812b800351f5b3a4b5e81b793a51fb7bce44642e6b996ff477ea4cf8812aacfcff7be778b63b4d21e17bf49761fc140f231d3a148dba95be6c6311f8dee5596c913b8712bd546462b6c0c0c1e7cb1664dcc9d13676dfe6bc6917340eb923fb540c5fb3af74ac59243976502ac74dc9947a1618a31448dc6cee8be3e827a22e7c80e95acf82b8266f32c35ef69975e1c1f60f3f21cb9cf8787d37638336f234db786939035d28112629f35752eae2c5f90e159d376d24ff606ff9dcc7f9f7bd7e84e8f003134ebf0be2bb9f87a3fa2e0a4deeeae97f70c7cb157799dcbdadc0fd818cc3877bde6f5cd30edc986eace5a085512f6d994cc7ff323959888cb4cf99757739a73834dcc6afa0546479d609f0bf9a9f6c70a2657d048654ed97128687e153f7ec02f0c4a9e231f361c8d9cf641c10a1b348ed70158e8eaec3b05800569cef34379d426469c7c534cd513edc7b5e121b495478acb3701471bcf03c98719be647dfb0d3583531f832376632a6407791375b96798457c9b471cf9e6bb82dea621408a9b7d32ebdd2ced912512625d5d5ce5e0332286470b2324689d2cf4c4b727a73f83c5db2cd9ee069e8b2507a9ebfbeced67b3b5ebfac622e0469087dcb2e23b57fe68536aad274ef97d5532748c25ca02e4308e7657a4e73bd290a0a11e10ecca97a96b492066933335b6cea18ae74c85e28d6d4b62eef7b9299ee87b440042c109be2e3de72bab49a16faa1d9303f4858fe797ca7e4eae187cb12417a2bd6f0342444fe929a72c676c7d29fe81f4fa42f1159fb5a74c1ec4f66e017d75a8adc0c2fb19eba0e523f54f67926842b7db951fd01fa56944c466f6be75ea7de166c3e071c629b8b8eab0eecb866b60014b27920c7d0207ef1b362122fa6bb5e0aee97e49a66d3be4bd2ccb27bdc4a2576a1c23e764091cecbadbf6bbdb7605de78bb26895df2430741a11a036ab161ca9f152def9c7ca02ac9a8ce4075dda516f327b30a074d50fd62a7bcdfd8294e4d138fe5b5373c28eba9c91c551d411a292de5855b33baac371e7e89feb001a5103da69a1f314ebf5899f266737e55452b2d1f06f4fffc80d80d95e5892fc9c5277715010fc51dcba39b4ac58957f8ac934539718095c38466c8edbb5d55f3065145660fcef59762b76307337c4532caca7cb829f6e2c09370d30993406656907c82329d42fe4d81497dff3248fee9dbed2b6ee2ec4b09aabf9c61c785ba7f8464b860fa48421e8ef7826be947399baaeed17a23ecaa90113e0b98d31774cb65c1252db07fa29f48182fb2acd0917cc7f5d14e427a73e06c69c1ceb9be71cca7ba63b035f1b05f396ed6456a912d2925dfc59c4aa132bc0fc3912cd33257eef12ad05ac0087692847df759634fbe8e5a9ed7bf0d28a11459167cceeb7ea27a9df01951181b924eedc0afab9b7ec367394c4fb16c754c0b2cc5f725277e2d5a41321894d2bce0fab2b3b854266d65e2bc007f658d547a62351aad089ff80dd41e66a62969fff6fd686b929b8e5c0e7403f31bdd0f7b1825fdf5faa8ce022dd02a17405f45874245bf9b39fca87bcbba56d33d9bf0bb70d5693c931f6edc6691fdd062bb467aa6b95858c80912ebad5d2cf3780aa53a217bb5bb6efed90335bb90a521c28fc39251ec3002f206d494ea741391e828da6b43747c0d6f2a4f48e434939ae12e521fed2520c0b87d3fa8efbe0e8e54320c1b6908241fb510f10c8d3a70f757a8c7a34a9b1af9b25fdd9e0ddf90145e946675a287419ac281110460d5c4aafb966131ce0103e2738ac6f4b84906bb3fea661de5463f61b9bf06302531c8516d9108e1ec25f67eb575ad5bd2713469db9ed9fa41e8255b75340e96b43fdf90652ac480a34deed3c96dad39180d3c5c3b74adba933476ea2c8a3e6db3843199a5fc30b9c77e97e8612c3c57730b473647543583c31dcd212f85d84580d1cdf83e9bb5d94c8904775898b6d503353309d44bec4e2b201136836678deb3ae725977c9aac1842328b2926b2e3600760d5d5bc9729425c2bf3996327d2b2556f6562f2b1727ec9ce27b4fb8293914c16ff27ddd696bba9cb182884e37af3d54667f78ac741aaa609a8ff8fc4a8ca77c0beb2b444357c47896b3ccd9d4a903def4bdc4ce46f5bdcaa6f437a3229dcc56a702fd761a519e27c2d2ac31fc83ac72bcb6f1319ac557442c84dc5adc3f65f50764ac1ed3b4e1afc72341f7cd8c4d0d419f29e4156c8ebfef7ebec4e28ce143078e9d8dcbd8e9b9cabdcf380017c708169d644716eca863d42285ab4da596ffd3f3061b483be69d65bd1fdf598698a513dc090435303676d611578cebbaf1915123759316281e57260d0750969ae379db6c73d432d9a696c2bcb4ef64ece2a6ca5f68e2d1c0cf7a2dc1709488fe5017b66c92e30bb843b0fcbbe211fe2771f8948246eaabec81193001da2c1ebb26f5342b38f87422b40364caa563fb94cc20cc7124a2ddefd065cf8958fc31f62d5cadde7afed69544047b98ba916ebf1d1770ecd6af299a7a39d8162e86ec16d26fe198214f85f776cee88b5fdbdaec41baf110e90d5d03cd7b53e195cd576969d6fc6f0d63c21e400ca979732f85db6bdd1190239059b7f3c04aa20fdfc94352a5ee03250ebf89d9edac3e38863cc860cdc35677da64fc32d7d58dd19beb72e75f5131840f0d2461dd1c2b22bd2b2bf7cd1eef7ad30e87185bd25b4566239ffac121b64e3a13c965fd3aef6ab499ae981fd606d1219ed60e2d70ff36f34d18612440704b99aca94f57629eedacebfbf9a74e0dc0d866ded600e21c41ba578f093ff0c32e0cb3e8758580989a80f121e05a0f18671536af42d549e8211e42bf433e8a343acf745212f91861e47732427c3aa9f997ed830c67f34e11cb27cc9416037da007fdc706276cb517ce57b000e842526f658aab4094285160d9877b0830b82a79bd6d17f77457fb5cedd05a0ed575b227a340cb8686e6b0765347c899ba609ae66e7a9617729ac48255227d95aa09a8eb793f505da1acb048703519d93b2d84b488129fbc305f5ca1e8bdcb4167eeb40d5057b3fed428f06e12f0496839495c38c3804f8d3707da911037e304e2f24fcf341a12fd7330aafa277adc50b6bead3a5df80e3749d24ff69a8498e4183517468b83d58346b504826e373384a11d735701f608ad55bc2249a92d6549205a6366663424c24f9b9297e9312bd49bcbb682eca9feed3615820ed795fb35660d8de3271c9033dc40ba98f67d75826a32a74ceca3a5c6cd64bf2023c95f3e9caa85c48ab3ea582f677e8f43dd12d7061c6d9b57e9bd6f53f8f2f6d4d51c4728fd294f1c8b5cf85d43e154592fd6875b73442d1679e60f8af27f6b17c206d5a13b4d7195980510414aa0f30931494ff59ba1ca2b0f36d71c9a3800244b115b943c3e7db1d5166d279440f27f40173518544db161126603fb8da2738da8cba5454ae98fc91d48334d81a9ea60e98b45bad10564ddf393fceb2f7ee38064334d2e8a052504b2e4311f1f60218285f770337976ab4598b8476062d0373f99633b51bffcfe2a007d2109281767afdccd600a5200b1a07a0d9abf8a8b0d4c72efb3f461c297a48b8ffd0ab704b8f224ae6c59a67dd98cd3c5ef8b4edfa845e2696f29b830682553728bd7af80f0da7b58687e8d7da3c13e9c5fedaff0191034fef3310524d4b09e890034ade1141527846f85b331541e90ed7fe175a5c5cb8b6252b2057cec0a99764e02d9144a92d4562cd92edb556f5cae3c7cf6627f4ab942218257fb0754d65fcb0f6e0b0197af435203cea5fbead9dc9ab522f12ed2d95eecaada7be1022c98ecfabbf3f5cb56328615d031580a6f24bade12040f0cee7f255f63bc7e943e414599ab67ef189a4d6e6ab33e8d37a46f24907bc158df5dc76f6ef776c6f309879c6050c0f32789019c84bde8c07e698db428e3c9279f92e1a0524a1144cbb37770cb6a84b27828d3a66291ac108fa2b2d9df5aad9f4d9b08c6a170fd096d52570c949fc14def89671a8cad0f326e3df0d837f9f93a2e4fb478b2d1f3d3e7f600ebeb7047e94a3c199abef788117eaf7bcf15b6acc8aa105cfa6d03966870bec4c9b0ac1eac43311ddc856952598fb06033b2b1f93813f202e2d76ee3660949b4cd93fb85a65c5d90483dfff352e11235b3c3f264dfe6b3e67c4f2d0dc28737c239de96775a4ea950ba6ffef7926af83c23ef7a270bb7c22be3b15341c6f00f7f76058f051d30563e74c0f13dd78ddb055ddfc1ab9c2a39e5d19aa930f0625e0196c8e16e3098e682efc3bcb8d7d9591d831a02d45e9bf32e46e77e4db1edb6acdb35d2ce3a111ae89c7157beff485fa052903a4e0516bb66022077c6b0d373e3d1e94f7c3025451b3c30281c42921599c76f74d700d742b4c8ca79ab2932db6f09f04f61a906ebafbecac383945de580c066767d946c29f00e0c818f2cad0eac86761a7f9eed587cb6a0eaed233c36ae50089044648eaca04784b5c187ad023c47e333a2c3a36c5a71705512a", 0x1000}, {&(0x7f0000001480)}, {&(0x7f0000000380)="a288793e35fc98ecbd400642f4a6d9c70898285946cdc9851452e6a777e52a48a21e9082b02b2c746bc443f200008ec8a0fc3354d15a60fcdb79095a005f5f45cdad15696e429ea0a9d3f1ad9436413d66fa4ea4c311a294eebaa9631449d5cb8f07f86eee98a20ef8221192219a45979395a04ff86e12e46fc87bd6008df3ded412c6db7f8b7e16097b2c6954b7b4b6e1c919ef9f9a12b7350ded0164f550647f0c61", 0xa3}, {&(0x7f0000002480)="eec302ed31948b1bf14a981a7a4490cb0fdb98b50546074d6b68cbcfd1ffa1c6e0d30179981df5d7693f6a7169c09133f95185cf5819c63f59b88427a7dbddf99e681deeec726c9f1996cf4b2f101c36e88e42d6bd8c54aefa58d36e8bc12ce2cad59faae2c69c4cc093ec5c060a988b39f69fdcad5dbe4e008ef502b10d20d6206bf1a679d47f25307f27d5cfff2f8c19b78ff26032a748cf1f5e8dd6fcf320e21ce4e8f2a502d2126a6b02402f79198d23f0e0ec09ca9b22d5d58f2e6587db7c1a7be3ea7a50c17e787df5f782a6f44cf115c84f4023e6ccb214395d99f5eeb2cb95070d8694657380a57b302e962a8b2a9eb1b51dc920e5229247b80d11a4b05e5d3faa0e754d2e2cd8be325b693e389540d4915c35b261f2d329ca67bbcf420d6ab8e6f764fcadbceeaa02afe5be449ca5e01a4cb6b695d91ac65af9aa984d890e8ec0c8b027b2fa4a7ea8c92e4f671a8535013b2f7396d047bef5d16fd64422eed4a051652cf5de4933c9d98dcf4d360356c67305e45de8c55881eec4f1e134c8121e71922b05a6b76b2380b0a84f5ea1ed3f6591bf2b7274ceaf9608c8b573fe5dbce547fa2f769643b81f9e11b065cd10156610c615044ad99009cf764ce1f44b40e8e543a57cd534ee74479f19bd497958165f70a54c25935f65c54494f6c50675e377642333ac63dd21aa9782a0863f6a08a9259b7e39b39496be70c44f52b2cfcb00366dc3e408d8ec4d1b2bb6fa5c9ef613d1dfeca4bc41b42f70e8c1e5db2bc99a0bf412621b537849e7f396e3681a57590b847c24153c661f4a78ec669b4f69c027238f8aaa3c4a3e3caa0cecf1f0ed3f05cca50e4ca0b6ad1c126a07b7ca8c5721be2febc102869d7fb2dcd8f31aa79ed094c1ae1a326b9f6da34faf9b73bb4b6f24c85a2f181222be426704202be4b0ebe389ce5e4701794e116d4c8e60ab04ab56fabea3decbccf156f749bcea1094425302e52205e40269e74f10afd6b1b3d059026050e42994096decbea2a9ff36e5d29a7f87420e4a670a0b63c24dd73c90f0cc22f5928ff2defc24e825391d2c468482c1835fd0418db3678978e46ddabb8f06817ae20eb04c94b52f3ebc9a67220b4253136d60c8ca36a799e4d6efb892495de29b3ee7a97b62fd89351c4eb066bd094bc0b44967fbb2899ef0eeafbccc8b2af75443d290aa74179e1bb91989a649b6d643b84eefef9a084b97ff663b6e32a56340a80af4e5b2523f9913003fb8139259b529bd56e08c1d94bfeb7fa44c8d836bb0ca1729e30a492fcae72972e0493f8eb528c3ab704750f5c4e9db0c62e62d0876287550e16897a34dc98f1f9b7c9db9b3754ea2101344cbea0d4f3d8a209d36aefb92b44f9feaa5d623dc9511b91f5ae13fa81a763e35fedc133b2a3c8c8906a207f2b799c5abf9a227df976702649ad18c9b57a751fa82a50b81185bbd1bc679a3fee2f1f380789edff533f0c0d9e01284b284fd2d89007027a1dd0c9fe0774287b5ffe2888020f1fb365f5edf6ff04101032c3d712704ff1893b3d49a6a6c28e15ee0ea9c38c809f998d4574bc5dd8beb024355fac7c96ee6b94ff7692ebeae2f06691ba59565ea8e13371b5ad661a5f5d77bdca7982d6a62ad0b33ca76adad2e73a549776f85af16458a28c8b199a816ea61a1d070e47f33a850956fd3e9cb0067ff567c3442e6b229e1d807f47aa82dd592624b704e6dda20b1deca675ebb3913ce54edeb38e691ac1fd24bceb7681a9b00579e4f8618926e4cbad9144e73f461675cdd425629c1c3270dc65ae84ea48141c9071139594e2c8aed62c008799d598cae9f9bb66cb69fc36b5ea23dcb5ea568c94103304e4f92c68df2202ac43b19bbf2e9eb2ba96f5e86b0a71e68b951d11c0aedeb426ec937c64f2a016583d0f4e228625a4d3d1d45da37565ceeccf822ec945225b1ac76d353645ecd40c0999b4ed80a2a0685084ddc5b3abd412c0ef7d1a0c33f793cd947a581783d72a08d9e52ddda31cd4ab81214c93d163661f6956e57d21560745ed3111652bf06dc7ba795d6b96f8b9d98bd4e9a4c4516a219ef569a5ec8cb424cee97137d6b3522b321bb44b58a0a616d19d9c570231c88788ff35b7282aa246535f8ad56b77f827f437f0aa0ce196e42044e95f968c977369fd1afadd3073f04cd260d3aced110c3f562aa60aa5f03e86ec7068b1b747ec8406a9ff26a85c3bcf32ae3089551395e12f407b4e6d9532ae5a47fad4c02696d568ffa27e7c83fe5999a1239adc16fac086be1b5e68e6a4e619ec9b4c5d3f11e289b3422e5ff59be35a197531cd691cada14df15cac390a2a9c3133e3ee0c4721e987c610b9a2d27e65a7c3cb1ffc8e20dd95920e331747238a584f1697e73a4badcc405de30e6dd6be7af34a93e17c0d67f0b909a1e5a0c332a5ddc304bf1dfbefc8f9e82dd7257e8b4b7c80bf346a8830bfc2fc4b35a558409f2eadf112af92efe62dce3f46d0f794da43b1ed04bfb1dd96acaf731c169f05ec05eef60956ce1e5507a854e4d16939abd69e333c9df35f54ee3efbab968e6a62e02b577fee55658ae1aae1739239a4c916dead6ae919794578b2b511770dcc575b2c0fd6bd45e6993573aff6cc1769f7d94fbc0f6cbd4b36d3c7d108a030da7606d22fc66f1edd172f3ef3fdd96d84f018abd3f714aaad63ad0d951b5f982a1003991e7343632a455e2451813236837b63468031bdd2e1081688db50a8bae96019ba46b509afe17c7456352faab3988d08656ec4f6786e23e1e531c4d2bb8a33d0b2275363aac6bd1304147942d5f98892a1cf0e58c2d9607b9a408e6c03343ef750a38023e7923ce3ba8008ca1fb06822f5c7f9fc84c0cd993aa2dad7f23428aba727fc7e06a75ab7f2b6b90947b07b18065cbdb3d01b79ebf0622e70a642de60380854cb935cf5417af3207a7fff9249a38d72a20a09a0d3925108553fc5fbdb58a724f3d84f206d9364fb74d68891b2d31437daf54690a6271a942700f0c99e55d73f6969d83604043bd1558291be22f3f32bf5b5397311c53f3284c5ddeda1cff3b08b1b44ac8a5569d0ea82366aa958bca46462b3a583cbc9843f8c7e8e40336d270726d28386930cd9aa326c0d0af5d14175805e0cdadd3cea05c4a033d955a470a7703bb05231daddb83cc4ff759e1b440114e8b809bf4d2e93ef173d6c70be1630325aaf81254d230cc1ab07fa174d21a0f18d244b26c1d73c54680f7ecaed02359a41012b7c3900b1966d27733f88a409e607506469e8577c4bfd8e3e1cc56aa9a3a9156219d7979cfbf1cf6f1f6c72ecfc432ff18ca09888cb1f1e403ab62d1591f0277f12e921fffa0a19adb86d56e6d16efbdfe0bf7b8a7ab29e70b8ec7af5e95a4e390b0bebfd50acd767c1927522c8ceb6750fbfd25fcfe581e97a63e1816b302b2e0348c16c298ef4cc4f3adcc9f450cd5f3f66d0dea6e99186a92f69fa4b0be92933c2859ba98447ce0c32d9d4525da65b67abbd0a84b872ef2abc305052a77d3bdedb16579ab4b8efad5cb92b54d3e8bdf75d3a65d24cc89884115ea72b5a46ec5b407f55276a7a83fcb27be9114a61285c75e5ede631c4b240cc46c1827df17a80467c9ad4e16074dd8fd37aa3be32e66d311bbc3bda4dd9aa92fc4ed0931a6488e33b3d75c480300d2b1e3d830414bfa2a8339ad13af91002af805a7f3926da71956ab8392342140834b2b1d66f896211fdb1242422b5b0d5b4db6d8e3c26fe9699b8b33af5daa4dd66905b1163463eab298c92402f1d0f70266e088fce002168202a525f523f2566ed15eb9b1c13bd7f0bae0132155a5d73643eb51924ce50c43adbb75738ac74aad0fa5f30dbb21033c7e9969c7312ad954b9c43bc9851ba8739013fac42db66d246b1e589d5c9326b015fdc35885688d35de7c46ff16e4e17c837ccac3ce621452885c16ad0ee12a5ef7ffbc3a5aabdf123b992bba4d1043526202849f33cba838241d72f9f58deb76a5c313b08bac6195e3743b6541074c13af948813b4febf4ee940137989cd9a1a7872a44b33100ee135b508822854a0cc5a50545e935005d344081d7a3845dac48c1cf1048920cf10a6a4d02e78af59b22bf57915b95e53979bec164de9090d6ee1604b0c933f76a381033f426c5501632c688940f9e3c7be3035a5bafbf9cc200a8e5617da279eb93f2a7ebc28b26a6a10b980b4bc312cada5b002414f4bf103fb55679f5b9555125d6e3b98f14bd2c2fb54a4363dae4401a6e6502630d516a6998c1252e2c45dac3d81d25b503cc8b3c7d796b2a54a5b3b027dc252d50adb4f896eea63dc39f40af22c0cd43fa11d52b7b29801b63b6e0db080be061f038afe220b4e0ccd25776b3d2947e9cdb27a9cdc1e6f5f3f85822c2798c27af1207c20b90cb9559c3c40d5395cf6b7e74f82a110cae84cf373db35a0c7caaf95ae1bfe2a38b370a9b75cca405d30fd92e149418e396a080bd7f9cc4850e0b35cde836b6eefb21df35308825b88f548f431974022b8bd9410931128875a34818e6680849dda7b38d2f90dc0c4d8293828a31223cb8e218b391aaae9e45d9076524ad2467c52fbab0fc98c7a637d93c4b038b58d8f2f05c449a86cbe170f846ffcdcfe6a8b1f57950634b0aae12fe231294758194bbf82364438332e0af6329397272d8294dbf9eb587c819e2653100f38e14d890affe1752a26e704b0e63ac8f643dd9cec2179c92c908f28d1eb4a4421c8761a121dcf7bc23b4ae38a96c6a47df3638f9a9f76f4c8cdba60a96e98d85ed39c009c84d088b7b08fc8314f0a049911ad7aa1cd0443f7d38517cfcc8217bfd8017e01afd7e63c51ef81e7b256258a7d58ef04a2eaf5b56d6ddc4184b621bba9f133fff602671bb2a2f2c36f017f158e4b0fb3c704f0a41f7547de8fdd5dd52e33dad4f1380f88d8cc52c8e252617d02679f40bd92abac082b518db58b0926acfcfd3bf567b50a636127667acb7dcdbea796edda3b9803c04ceec25751f1c5fd3f2bd215605079cdf3e1e086eade2af66862a7a2d75c5de2f2735889b25b4601913d3c148fb61c842a264f28945f5a29e448df719f3c0b80394572eb7e2c13c805d9f09057b7777091360e21117a1a376e10a6246fb24020e787655cf116e146a72a6730521b3f2408bcde6bc16de23922266e87e7acc1abba81f53e244aa5b664652c39ceba7e66e035988ed2a21a4ad724894fbba50bb4bd2daa2f9c23d8041a340e7401297a3799957503fea74237c9ab3fb94b9ea45b88db4eb927e9cf98305cd99b14f8638055150fa83f720bf12c5e128762e2c6e5a20daff9dfe542c743f6d8aac59e82a6d574a26d69e8e7aa176becee125b0913e6bdb05cc2bfae65ffca4faa6e4c2c15e9d349f6d8df584581dc054e4d3249868eb7b909bf12813d1a33f1c92d107608ccd6d0e9ff05a618470e9038c09f80a9ff8ea3e3ed45980fb67477e436e9e5773f5054f75a7a08113291f948255eec281b7365f1533bc27250bacf295ab4eb734ef27d98f0883e0ec93b06611caa98c0c32f10ee7bf94e2fc22d264ffc12d3a9b06b682f061a8d83535186a503fb4b0d8eb121e2d2f36a9164e94159cb7ee0559748c371d319173c94b5d38468c9f7359742030ddb5c7bde38662f0f41034e3324ba2b59bec0fb7d12d229ddde0bcbe99724e291bfff4b0c6f2e0dea6e9e34b66689bf061f6a639ab64898c3a07a0bef8316f8588f2492d9dd1761ee552e0dab05a92cb2dbd84efa74b291539b136ba25cc7632653ad", 0xffe}, {&(0x7f0000003480)}, {&(0x7f0000003580)}, {&(0x7f00000000c0)="9372346864f67eecba5a94953cc7c328fb6d5d01d03968b12f026329bfc9ed58cb2cf6ea2a8fac5f751d48ff6a30e7cab169e40ff3e36b005d401285a89e6cae0b7152494870cfea3aa6828c7541330333a2492563e45049e88805f5537cb094c2b52c11b0dc2eae50b1ad2214972882507f2b2cb117e92ce49afd2f", 0x7c}, {&(0x7f0000003680)}], 0x8, &(0x7f0000000280)=[@assoc={0x18, 0x117, 0x4, 0x20}, @op={0x18, 0x117, 0x3, 0x1}], 0x30, 0x40010}, {0x0, 0x0, &(0x7f0000004b40)=[{&(0x7f0000000400)}, {&(0x7f0000004680)="db9bcfc408cc014b811416dc6c55116f6592eeee2548c6a91afe696540144c6fbfc52f7538148b9f92a195d1e5157656e3f0", 0x32}, {&(0x7f0000004700)="133d20127255840fd255336975f2b3c68c3d8dc111662c0f0999353bc671442a4d7c551d3d9f758c4bb31252ccd6d09e9429a570575d50c92cc002351976da3ad45689b5303d46bf3eb1a5056e701ebc13d1a213dd3889ec44e94a94a404bc1390e67f20015fd7660d16b87d72b7902cb39b1883b0e806e060740fd096a7b1589725205b556b310a4966e433fd82def098bba8bd28cdbb0ddd4e54b27f7d49295bdebc", 0xa3}, {0x0}, {0x0}, {0x0}], 0x6, &(0x7f0000004bc0)=ANY=[@ANYBLOB="2000000000000000170100000200000007000000a04a93d1b57d9e0000000000180000000000000017010000040000000002000000000000180000000000000017010000030700"/80], 0x50}], 0x3, 0x0)
fcntl$setpipe(r3, 0x407, 0x0)
write(r3, &(0x7f0000000340), 0x41395527)
vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x1, 0x0, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000440)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
socket$inet_sctp(0x2, 0x5, 0x84)
r4 = socket$inet6_sctp(0xa, 0x0, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r4, 0x84, 0x64, &(0x7f0000000180)=[@in6={0xa, 0x4e22, 0x0, @ipv4={[0x0, 0x0, 0x0, 0xfec0000000000000], [], @local}}, @in={0x2, 0x0, @remote}], 0x2c)

00:32:29 executing program 4:
sendmsg$NL80211_CMD_SET_REG(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="a8003ef3", @ANYRES16, @ANYBLOB="00042dbd7000fddbdf251a0000001c00228008000700020000000800010009000000080002000300000005009200010000001c0022800800040021c10000080003007d000000080003000800000008009a00020000004c0022800800040028000000080005000400000008000700010000000800030001000000084fcd971fdcd15cf93b0007000500000008000500b66800000800050001"], 0xa8}}, 0x0)
r0 = socket$unix(0x1, 0x5, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
sendmsg$AUDIT_GET(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000040), 0xc, 0x0}, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x23, &(0x7f0000000240)=[{&(0x7f00000000c0)="800000003804000019000300e60109006c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0x4db, 0x400}], 0x4801, 0x0)

00:32:29 executing program 2:
r0 = open(&(0x7f0000000180)='./bus\x00', 0x151042, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = fcntl$dupfd(r1, 0x0, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f00000005c0)='/proc/sysvipc/sem\x00', 0x0, 0x0)
sendfile(r0, r3, 0x0, 0x400)

[ 2547.942921] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[ 2547.955284] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[ 2547.966542] EXT4-fs (loop4): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[ 2547.997635] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
00:32:30 executing program 1:
open(&(0x7f0000000200)='./file0\x00', 0x1070c0, 0x0)
syz_mount_image$minix(&(0x7f0000000140)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000040)="600084e002000a0000000001000000c98f13", 0x12, 0x400}, {&(0x7f0000000880)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494fcbcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5fe6b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bd89e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb04e4cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e73872540ef4e5aecb0de86dd2a75bee61a9303a332233ff5a259b078a6", 0x326, 0x34f9}], 0x0, 0x0)
acct(&(0x7f0000000480)='./file0\x00')
umount2(&(0x7f0000000500)='./file0\x00', 0x0)

00:32:30 executing program 2:
r0 = open(&(0x7f0000000180)='./bus\x00', 0x151042, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = fcntl$dupfd(r1, 0x0, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f00000005c0)='/proc/sysvipc/sem\x00', 0x0, 0x0)
sendfile(r0, r3, 0x0, 0x400)

00:32:30 executing program 3:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)="0f", 0x1}], 0x1, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f00000001c0)=""/1, 0x1}], 0x3, 0x0, 0x0, 0x0)
tkill(r0, 0x15)
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0xe4, &(0x7f0000000480)="f71559c80aa4cefd3b79e76a039acbd61caef13fff703cc78e402a21c67dbe3ec9ee6c2a3b818b0000000009eb2b5c9a61000039dfad3ec35ca3dfaa6d0e35475ace78a33eb2b7fcfdd45d247a877bbcdd0307b91e8e05257ee498343d11310dda51e11dc0d92d614498a96fd09b90c0b306ef4fcd32316c48f327739494cfd766e8741d9783e4dc2a1cccb48f7d11a12e7714d3b2ab3f7e145069c031dff4e03cebb733218d3f00c1505b36dae61f9430afbad35132ad1172403fa3de92466d47fa032032453d60b2a1c1080000000000000095c32dd6fb7092e7a73ceffe3f8c450343"}}], 0x1c)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

00:32:30 executing program 4:
sendmsg$NL80211_CMD_SET_REG(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="a8003ef3", @ANYRES16, @ANYBLOB="00042dbd7000fddbdf251a0000001c00228008000700020000000800010009000000080002000300000005009200010000001c0022800800040021c10000080003007d000000080003000800000008009a00020000004c0022800800040028000000080005000400000008000700010000000800030001000000084fcd971fdcd15cf93b0007000500000008000500b66800000800050001"], 0xa8}}, 0x0)
r0 = socket$unix(0x1, 0x5, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
sendmsg$AUDIT_GET(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000040), 0xc, 0x0}, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x23, &(0x7f0000000240)=[{&(0x7f00000000c0)="800000003804000019000300e6010a006c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0x4db, 0x400}], 0x4801, 0x0)

00:32:30 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$hfsplus(&(0x7f0000000180)='hfsplus\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001380)={[{@force='force'}, {@session={'session'}}]})

[ 2548.364712] audit: type=1800 audit(1588638750.234:38): pid=23824 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="syz-executor.1" name="file0" dev="sda1" ino=16357 res=0
00:32:30 executing program 0:
r0 = socket(0x11, 0x800000003, 0x8)
bind(r0, &(0x7f0000000280)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x58)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, 0x0, &(0x7f0000000180))
sendmsg$IPSET_CMD_PROTOCOL(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x3c, 0x1, 0x6, 0x0, 0x0, 0x0, {0x3, 0x0, 0x9}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x3c}, 0x1, 0x0, 0x0, 0x24000854}, 0x44840)
getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={<r1=>0x0}, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, &(0x7f0000000240)={0x0, @in, 0x0, 0x9, 0x0, 0x0, 0x102}, 0x9c)
listen(0xffffffffffffffff, 0x8001)
getsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(0xffffffffffffffff, 0x84, 0x76, &(0x7f0000000000)={r1, 0xfffffffd}, &(0x7f0000000080)=0x8)
r2 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r2, 0x6, 0x80000000000002, &(0x7f0000000040)=0x76, 0x4)
bind$inet(r2, &(0x7f0000000280)={0x2, 0x4e23, @broadcast}, 0x10)
setsockopt$SO_ATTACH_FILTER(r2, 0x1, 0x1a, &(0x7f0000000480)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0xeb}]}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r2, 0x6, 0xd, 0x0, 0x0)
sendto$inet(r2, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r2, 0x6, 0xd, &(0x7f00000007c0)='bbr\x00', 0x4)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendto$inet(r2, &(0x7f00000012c0)="0c268a927f1f6588b967481241ba7860ac5cf65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95425a3a07e758044ab4ea6f7ae55d88fecf93a1a7511bf746bec66ba", 0xfe6a, 0x20c49a, 0x0, 0x27)

00:32:30 executing program 2:
r0 = open(&(0x7f0000000180)='./bus\x00', 0x151042, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = fcntl$dupfd(r1, 0x0, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f00000005c0)='/proc/sysvipc/sem\x00', 0x0, 0x0)
sendfile(r0, r3, 0x0, 0x400)

[ 2548.432371] MINIX-fs: mounting unchecked file system, running fsck is recommended
[ 2548.519692] Process accounting resumed
[ 2548.525262] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
00:32:30 executing program 1:
open(&(0x7f0000000200)='./file0\x00', 0x1070c0, 0x0)
syz_mount_image$minix(&(0x7f0000000140)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000040)="600084e002000a0000000001000000c98f13", 0x12, 0x400}, {&(0x7f0000000880)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494fcbcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5fe6b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bd89e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb04e4cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e73872540ef4e5aecb0de86dd2a75bee61a9303a332233ff5a259b078a6", 0x326, 0x34f9}], 0x0, 0x0)
acct(&(0x7f0000000480)='./file0\x00')
umount2(&(0x7f0000000500)='./file0\x00', 0x0)

[ 2548.576579] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[ 2548.593205] EXT4-fs (loop4): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[ 2548.620934] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[ 2548.685565] audit: type=1800 audit(1588638750.554:39): pid=23852 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="syz-executor.1" name="file0" dev="sda1" ino=15948 res=0
[ 2548.722275] MINIX-fs: mounting unchecked file system, running fsck is recommended
[ 2548.779992] Process accounting resumed
00:32:32 executing program 4:
sendmsg$NL80211_CMD_SET_REG(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="a8003ef3", @ANYRES16, @ANYBLOB="00042dbd7000fddbdf251a0000001c00228008000700020000000800010009000000080002000300000005009200010000001c0022800800040021c10000080003007d000000080003000800000008009a00020000004c0022800800040028000000080005000400000008000700010000000800030001000000084fcd971fdcd15cf93b0007000500000008000500b66800000800050001"], 0xa8}}, 0x0)
r0 = socket$unix(0x1, 0x5, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
sendmsg$AUDIT_GET(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000040), 0xc, 0x0}, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x23, &(0x7f0000000240)=[{&(0x7f00000000c0)="800000003804000019000300e6010c006c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0x4db, 0x400}], 0x4801, 0x0)

00:32:32 executing program 0:
socket(0x0, 0x0, 0x0)
getsockname$packet(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000008c0)=ANY=[@ANYBLOB="ec0100002800270d00"/20, @ANYRES32, @ANYBLOB="0480000000800000f2ff00000800010075333200c00102"], 0x1ec}}, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000008c0)=ANY=[], 0x1ec}}, 0x0)

00:32:32 executing program 2:
r0 = open(&(0x7f0000000180)='./bus\x00', 0x151042, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
fcntl$dupfd(r1, 0x0, r1)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
r2 = openat$procfs(0xffffffffffffff9c, &(0x7f00000005c0)='/proc/sysvipc/sem\x00', 0x0, 0x0)
sendfile(r0, r2, 0x0, 0x400)

00:32:32 executing program 1:
open(&(0x7f0000000200)='./file0\x00', 0x1070c0, 0x0)
syz_mount_image$minix(&(0x7f0000000140)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000040)="600084e002000a0000000001000000c98f13", 0x12, 0x400}, {&(0x7f0000000880)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494fcbcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5fe6b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bd89e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb04e4cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e73872540ef4e5aecb0de86dd2a75bee61a9303a332233ff5a259b078a6", 0x326, 0x34f9}], 0x0, 0x0)
acct(&(0x7f0000000480)='./file0\x00')
umount2(&(0x7f0000000500)='./file0\x00', 0x0)

00:32:32 executing program 5:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)="0f34", 0x2}], 0x1, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f00000001c0)=""/1, 0x1}], 0x3, 0x0, 0x0, 0x0)
tkill(r0, 0x15)
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0xe7, &(0x7f0000000480)="f71559c80aa4cefd3b79e76a039acbd61caef13fff703cc78e402a21c67dbe3ec9ee6c2a3b818b0000000009eb2b5c9a61000039dfad3ec35ca3dfaa6d0e35475ace78a33eb2b7fcfdd45d247a877bbcdd0307b91e8e05257ee498343d11310dda51e11dc0d92d614498a96fd09b90c0b306ef4fcd32316c48f327739494cfd766e8741d9783e4dc2a1cccb48f7d11a12e7714d3b2ab3f7e145069c031dff4e03cebb733218d3f00c1505b36dae61f9430afbad35132ad1172403fa3de92466d47fa032032453d60b2a1c1080000000000000095c32dd6fb7092e7a73ceffe3f8c450343d34abd"}}], 0x1c)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x3f00)

[ 2550.944201] audit: type=1800 audit(1588638752.814:40): pid=23869 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="syz-executor.1" name="file0" dev="sda1" ino=16948 res=0
[ 2550.976057] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
00:32:32 executing program 2:
r0 = open(&(0x7f0000000180)='./bus\x00', 0x151042, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
fcntl$dupfd(r1, 0x0, r1)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
r2 = openat$procfs(0xffffffffffffff9c, &(0x7f00000005c0)='/proc/sysvipc/sem\x00', 0x0, 0x0)
sendfile(r0, r2, 0x0, 0x400)

[ 2551.002338] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[ 2551.005513] MINIX-fs: mounting unchecked file system, running fsck is recommended
[ 2551.070628] Process accounting resumed
[ 2551.074338] EXT4-fs (loop4): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[ 2551.127446] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
00:32:33 executing program 3:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)="0f", 0x1}], 0x1, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f00000001c0)=""/1, 0x1}], 0x3, 0x0, 0x0, 0x0)
tkill(r0, 0x15)
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0xe4, &(0x7f0000000480)="f71559c80aa4cefd3b79e76a039acbd61caef13fff703cc78e402a21c67dbe3ec9ee6c2a3b818b0000000009eb2b5c9a61000039dfad3ec35ca3dfaa6d0e35475ace78a33eb2b7fcfdd45d247a877bbcdd0307b91e8e05257ee498343d11310dda51e11dc0d92d614498a96fd09b90c0b306ef4fcd32316c48f327739494cfd766e8741d9783e4dc2a1cccb48f7d11a12e7714d3b2ab3f7e145069c031dff4e03cebb733218d3f00c1505b36dae61f9430afbad35132ad1172403fa3de92466d47fa032032453d60b2a1c1080000000000000095c32dd6fb7092e7a73ceffe3f8c450343"}}], 0x1c)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

00:32:33 executing program 1:
open(&(0x7f0000000200)='./file0\x00', 0x1070c0, 0x0)
syz_mount_image$minix(&(0x7f0000000140)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000040)="600084e002000a0000000001000000c98f13", 0x12, 0x400}, {&(0x7f0000000880)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494fcbcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5fe6b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bd89e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb04e4cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e73872540ef4e5aecb0de86dd2a75bee61a9303a332233ff5a259b078a6", 0x326, 0x34f9}], 0x0, 0x0)
umount2(&(0x7f0000000500)='./file0\x00', 0x0)

00:32:33 executing program 0:
timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000000180))
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
r2 = gettid()
clock_nanosleep(0x0, 0x0, &(0x7f0000000040)={0x77359400}, 0x0)
tkill(r2, 0x40100c000000013)

00:32:33 executing program 2:
r0 = open(&(0x7f0000000180)='./bus\x00', 0x151042, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
fcntl$dupfd(r1, 0x0, r1)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
r2 = openat$procfs(0xffffffffffffff9c, &(0x7f00000005c0)='/proc/sysvipc/sem\x00', 0x0, 0x0)
sendfile(r0, r2, 0x0, 0x400)

00:32:33 executing program 4:
sendmsg$NL80211_CMD_SET_REG(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="a8003ef3", @ANYRES16, @ANYBLOB="00042dbd7000fddbdf251a0000001c00228008000700020000000800010009000000080002000300000005009200010000001c0022800800040021c10000080003007d000000080003000800000008009a00020000004c0022800800040028000000080005000400000008000700010000000800030001000000084fcd971fdcd15cf93b0007000500000008000500b66800000800050001"], 0xa8}}, 0x0)
r0 = socket$unix(0x1, 0x5, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
sendmsg$AUDIT_GET(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000040), 0xc, 0x0}, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x23, &(0x7f0000000240)=[{&(0x7f00000000c0)="800000003804000019000300e60122006c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0x4db, 0x400}], 0x4801, 0x0)

[ 2551.403404] audit: type=1800 audit(1588638753.274:41): pid=23905 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="syz-executor.1" name="file0" dev="sda1" ino=16941 res=0
[ 2551.435164] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[ 2551.444565] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
00:32:33 executing program 2:
r0 = open(&(0x7f0000000180)='./bus\x00', 0x151042, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x0)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f00000005c0)='/proc/sysvipc/sem\x00', 0x0, 0x0)
sendfile(r0, r3, 0x0, 0x400)

[ 2551.454107] EXT4-fs (loop4): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[ 2551.475845] MINIX-fs: mounting unchecked file system, running fsck is recommended
[ 2551.475925] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
00:32:33 executing program 4:
sendmsg$NL80211_CMD_SET_REG(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="a8003ef3", @ANYRES16, @ANYBLOB="00042dbd7000fddbdf251a0000001c00228008000700020000000800010009000000080002000300000005009200010000001c0022800800040021c10000080003007d000000080003000800000008009a00020000004c0022800800040028000000080005000400000008000700010000000800030001000000084fcd971fdcd15cf93b0007000500000008000500b66800000800050001"], 0xa8}}, 0x0)
r0 = socket$unix(0x1, 0x5, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
sendmsg$AUDIT_GET(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000040), 0xc, 0x0}, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x23, &(0x7f0000000240)=[{&(0x7f00000000c0)="800000003804000019000300e60123006c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0x4db, 0x400}], 0x4801, 0x0)

[ 2551.717075] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[ 2551.726764] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[ 2551.737442] EXT4-fs (loop4): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[ 2551.759219] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
00:32:35 executing program 5:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)="0f34", 0x2}], 0x1, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f00000001c0)=""/1, 0x1}], 0x3, 0x0, 0x0, 0x0)
tkill(r0, 0x15)
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0xe7, &(0x7f0000000480)="f71559c80aa4cefd3b79e76a039acbd61caef13fff703cc78e402a21c67dbe3ec9ee6c2a3b818b0000000009eb2b5c9a61000039dfad3ec35ca3dfaa6d0e35475ace78a33eb2b7fcfdd45d247a877bbcdd0307b91e8e05257ee498343d11310dda51e11dc0d92d614498a96fd09b90c0b306ef4fcd32316c48f327739494cfd766e8741d9783e4dc2a1cccb48f7d11a12e7714d3b2ab3f7e145069c031dff4e03cebb733218d3f00c1505b36dae61f9430afbad35132ad1172403fa3de92466d47fa032032453d60b2a1c1080000000000000095c32dd6fb7092e7a73ceffe3f8c450343d34abd"}}], 0x1c)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x4000)

00:32:35 executing program 1:
open(&(0x7f0000000200)='./file0\x00', 0x1070c0, 0x0)
syz_mount_image$minix(&(0x7f0000000140)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000040)="600084e002000a0000000001000000c98f13", 0x12, 0x400}, {&(0x7f0000000880)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494fcbcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5fe6b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bd89e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb04e4cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e73872540ef4e5aecb0de86dd2a75bee61a9303a332233ff5a259b078a6", 0x326, 0x34f9}], 0x0, 0x0)
umount2(&(0x7f0000000500)='./file0\x00', 0x0)

00:32:35 executing program 2:
r0 = open(&(0x7f0000000180)='./bus\x00', 0x151042, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x0)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f00000005c0)='/proc/sysvipc/sem\x00', 0x0, 0x0)
sendfile(r0, r3, 0x0, 0x400)

00:32:35 executing program 4:
sendmsg$NL80211_CMD_SET_REG(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="a8003ef3", @ANYRES16, @ANYBLOB="00042dbd7000fddbdf251a0000001c00228008000700020000000800010009000000080002000300000005009200010000001c0022800800040021c10000080003007d000000080003000800000008009a00020000004c0022800800040028000000080005000400000008000700010000000800030001000000084fcd971fdcd15cf93b0007000500000008000500b66800000800050001"], 0xa8}}, 0x0)
r0 = socket$unix(0x1, 0x5, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
sendmsg$AUDIT_GET(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000040), 0xc, 0x0}, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x23, &(0x7f0000000240)=[{&(0x7f00000000c0)="800000003804000019000300e6012c006c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0x4db, 0x400}], 0x4801, 0x0)

00:32:35 executing program 0:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000080)={0x26, 'hash\x00', 0x0, 0x0, 'wp256\x00'}, 0x58)
r1 = accept4(r0, 0x0, 0x0, 0x0)
sendmmsg$sock(r1, &(0x7f00000002c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0)
recvfrom$l2tp(r1, 0x0, 0x0, 0x0, 0x0, 0x0)

[ 2554.032304] audit: type=1800 audit(1588638755.904:42): pid=23950 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="syz-executor.1" name="file0" dev="sda1" ino=16967 res=0
[ 2554.061986] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[ 2554.070958] MINIX-fs: mounting unchecked file system, running fsck is recommended
[ 2554.088486] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[ 2554.109810] EXT4-fs (loop4): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[ 2554.144437] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
00:32:36 executing program 3:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)="0f34", 0x2}], 0x1, 0x0)
ptrace$setopts(0xffffffffffffffff, r0, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f00000001c0)=""/1, 0x1}], 0x3, 0x0, 0x0, 0x0)
tkill(r0, 0x15)
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0xe4, &(0x7f0000000480)="f71559c80aa4cefd3b79e76a039acbd61caef13fff703cc78e402a21c67dbe3ec9ee6c2a3b818b0000000009eb2b5c9a61000039dfad3ec35ca3dfaa6d0e35475ace78a33eb2b7fcfdd45d247a877bbcdd0307b91e8e05257ee498343d11310dda51e11dc0d92d614498a96fd09b90c0b306ef4fcd32316c48f327739494cfd766e8741d9783e4dc2a1cccb48f7d11a12e7714d3b2ab3f7e145069c031dff4e03cebb733218d3f00c1505b36dae61f9430afbad35132ad1172403fa3de92466d47fa032032453d60b2a1c1080000000000000095c32dd6fb7092e7a73ceffe3f8c450343"}}], 0x1c)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

00:32:36 executing program 2:
r0 = open(&(0x7f0000000180)='./bus\x00', 0x151042, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x0)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f00000005c0)='/proc/sysvipc/sem\x00', 0x0, 0x0)
sendfile(r0, r3, 0x0, 0x400)

00:32:36 executing program 0:
syz_mount_image$vfat(0x0, &(0x7f0000000480)='\xe9\x1fq\x89Y\x1e\x923aK\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = dup3(r0, r1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
clone(0x40000000007fc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
mount$9p_unix(&(0x7f0000000040)='\xe9\x1fq\x89Y\x1e\x923aK\x00', &(0x7f0000000000)='\xe9\x1fq\x89Y\x1e\x923aK\x00', &(0x7f00000001c0)='9p\x00', 0x0, &(0x7f0000000100)={'trans=unix,'})

00:32:36 executing program 1:
open(&(0x7f0000000200)='./file0\x00', 0x1070c0, 0x0)
syz_mount_image$minix(&(0x7f0000000140)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000040)="600084e002000a0000000001000000c98f13", 0x12, 0x400}, {&(0x7f0000000880)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494fcbcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5fe6b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bd89e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb04e4cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e73872540ef4e5aecb0de86dd2a75bee61a9303a332233ff5a259b078a6", 0x326, 0x34f9}], 0x0, 0x0)
umount2(&(0x7f0000000500)='./file0\x00', 0x0)

00:32:36 executing program 4:
sendmsg$NL80211_CMD_SET_REG(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="a8003ef3", @ANYRES16, @ANYBLOB="00042dbd7000fddbdf251a0000001c00228008000700020000000800010009000000080002000300000005009200010000001c0022800800040021c10000080003007d000000080003000800000008009a00020000004c0022800800040028000000080005000400000008000700010000000800030001000000084fcd971fdcd15cf93b0007000500000008000500b66800000800050001"], 0xa8}}, 0x0)
r0 = socket$unix(0x1, 0x5, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
sendmsg$AUDIT_GET(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000040), 0xc, 0x0}, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x23, &(0x7f0000000240)=[{&(0x7f00000000c0)="800000003804000019000300e6012d006c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0x4db, 0x400}], 0x4801, 0x0)

00:32:36 executing program 0:
clone(0x20002004ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
exit_group(0x0)
memfd_create(0x0, 0x0)
mount(0x0, 0x0, 0x0, 0x0, 0x0)
chdir(0x0)
mkdir(&(0x7f0000000240)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
creat(&(0x7f00000000c0)='./bus/file1\x00', 0x0)
mkdir(&(0x7f0000000280)='./file0\x00', 0x0)
mount$overlay(0x400000, &(0x7f0000000000)='./bus\x00', &(0x7f0000000400)='overlay\x00', 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='lowerdir=./bus,workdir=./file1,upperdir=./file0'])
lsetxattr$security_capability(&(0x7f0000000100)='./bus/file1\x00', &(0x7f0000000180)='security.capability\x00', 0x0, 0x0, 0x0)

[ 2554.450565] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
00:32:36 executing program 2:
r0 = open(&(0x7f0000000180)='./bus\x00', 0x151042, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
r3 = openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
sendfile(r0, r3, 0x0, 0x400)

[ 2554.487613] audit: type=1800 audit(1588638756.354:43): pid=23981 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="syz-executor.1" name="file0" dev="sda1" ino=16930 res=0
[ 2554.494010] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[ 2554.524512] EXT4-fs (loop4): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[ 2554.550503] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[ 2554.569841] MINIX-fs: mounting unchecked file system, running fsck is recommended
[ 2554.727365] overlayfs: upperdir is in-use as upperdir/workdir of another mount, mount with '-o index=off' to override exclusive upperdir protection.
00:32:38 executing program 5:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)="0f34", 0x2}], 0x1, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f00000001c0)=""/1, 0x1}], 0x3, 0x0, 0x0, 0x0)
tkill(r0, 0x15)
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0xe7, &(0x7f0000000480)="f71559c80aa4cefd3b79e76a039acbd61caef13fff703cc78e402a21c67dbe3ec9ee6c2a3b818b0000000009eb2b5c9a61000039dfad3ec35ca3dfaa6d0e35475ace78a33eb2b7fcfdd45d247a877bbcdd0307b91e8e05257ee498343d11310dda51e11dc0d92d614498a96fd09b90c0b306ef4fcd32316c48f327739494cfd766e8741d9783e4dc2a1cccb48f7d11a12e7714d3b2ab3f7e145069c031dff4e03cebb733218d3f00c1505b36dae61f9430afbad35132ad1172403fa3de92466d47fa032032453d60b2a1c1080000000000000095c32dd6fb7092e7a73ceffe3f8c450343d34abd"}}], 0x1c)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x7900)

00:32:38 executing program 4:
sendmsg$NL80211_CMD_SET_REG(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="a8003ef3", @ANYRES16, @ANYBLOB="00042dbd7000fddbdf251a0000001c00228008000700020000000800010009000000080002000300000005009200010000001c0022800800040021c10000080003007d000000080003000800000008009a00020000004c0022800800040028000000080005000400000008000700010000000800030001000000084fcd971fdcd15cf93b0007000500000008000500b66800000800050001"], 0xa8}}, 0x0)
r0 = socket$unix(0x1, 0x5, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
sendmsg$AUDIT_GET(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000040), 0xc, 0x0}, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x23, &(0x7f0000000240)=[{&(0x7f00000000c0)="800000003804000019000300e60148006c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0x4db, 0x400}], 0x4801, 0x0)

00:32:38 executing program 2:
r0 = open(&(0x7f0000000180)='./bus\x00', 0x151042, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
r3 = openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
sendfile(r0, r3, 0x0, 0x400)

00:32:38 executing program 0:
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cachefiles\x00', 0x0, 0x0)
close(r2)

00:32:38 executing program 1:
open(&(0x7f0000000200)='./file0\x00', 0x1070c0, 0x0)
acct(&(0x7f0000000480)='./file0\x00')
umount2(&(0x7f0000000500)='./file0\x00', 0x0)

[ 2557.044681] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[ 2557.060022] audit: type=1800 audit(1588638758.934:44): pid=24019 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="syz-executor.1" name="file0" dev="sda1" ino=16209 res=0
[ 2557.064978] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[ 2557.116313] EXT4-fs (loop4): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[ 2557.126922] Process accounting resumed
[ 2557.131881] audit: type=1804 audit(1588638758.964:45): pid=24019 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=ToMToU comm="syz-executor.1" name="/root/syzkaller-testdir147527572/syzkaller.fWXSDR/1246/file0" dev="sda1" ino=16209 res=1
[ 2557.186507] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
00:32:39 executing program 3:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)="0f34", 0x2}], 0x1, 0x0)
ptrace$setopts(0xffffffffffffffff, r0, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f00000001c0)=""/1, 0x1}], 0x3, 0x0, 0x0, 0x0)
tkill(r0, 0x15)
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0xe4, &(0x7f0000000480)="f71559c80aa4cefd3b79e76a039acbd61caef13fff703cc78e402a21c67dbe3ec9ee6c2a3b818b0000000009eb2b5c9a61000039dfad3ec35ca3dfaa6d0e35475ace78a33eb2b7fcfdd45d247a877bbcdd0307b91e8e05257ee498343d11310dda51e11dc0d92d614498a96fd09b90c0b306ef4fcd32316c48f327739494cfd766e8741d9783e4dc2a1cccb48f7d11a12e7714d3b2ab3f7e145069c031dff4e03cebb733218d3f00c1505b36dae61f9430afbad35132ad1172403fa3de92466d47fa032032453d60b2a1c1080000000000000095c32dd6fb7092e7a73ceffe3f8c450343"}}], 0x1c)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

00:32:39 executing program 2:
r0 = open(&(0x7f0000000180)='./bus\x00', 0x151042, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
r3 = openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
sendfile(r0, r3, 0x0, 0x400)

00:32:39 executing program 0:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000100)='/dev/vhost-net\x00', 0x2, 0x0)
ioctl$int_in(r2, 0x40000000af01, 0x0)
ioctl$VHOST_SET_MEM_TABLE(r2, 0x4008af03, &(0x7f0000000180)={0x1, 0x0, [{0x0, 0x1001, &(0x7f0000001f40)=""/4097}]})

00:32:39 executing program 1:
open(&(0x7f0000000200)='./file0\x00', 0x1070c0, 0x0)
acct(&(0x7f0000000480)='./file0\x00')
umount2(&(0x7f0000000500)='./file0\x00', 0x0)

00:32:39 executing program 4:
sendmsg$NL80211_CMD_SET_REG(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="a8003ef3", @ANYRES16, @ANYBLOB="00042dbd7000fddbdf251a0000001c00228008000700020000000800010009000000080002000300000005009200010000001c0022800800040021c10000080003007d000000080003000800000008009a00020000004c0022800800040028000000080005000400000008000700010000000800030001000000084fcd971fdcd15cf93b0007000500000008000500b66800000800050001"], 0xa8}}, 0x0)
r0 = socket$unix(0x1, 0x5, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
sendmsg$AUDIT_GET(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000040), 0xc, 0x0}, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x23, &(0x7f0000000240)=[{&(0x7f00000000c0)="800000003804000019000300e6014c006c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0x4db, 0x400}], 0x4801, 0x0)

00:32:39 executing program 2:
open(&(0x7f0000000180)='./bus\x00', 0x151042, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = openat$procfs(0xffffffffffffff9c, &(0x7f00000005c0)='/proc/sysvipc/sem\x00', 0x0, 0x0)
sendfile(0xffffffffffffffff, r2, 0x0, 0x400)

[ 2557.448841] audit: type=1800 audit(1588638759.314:46): pid=24045 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="syz-executor.1" name="file0" dev="sda1" ino=16327 res=0
00:32:39 executing program 1:
open(&(0x7f0000000200)='./file0\x00', 0x1070c0, 0x0)
acct(&(0x7f0000000480)='./file0\x00')
umount2(&(0x7f0000000500)='./file0\x00', 0x0)

[ 2557.490247] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[ 2557.503076] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[ 2557.517191] Process accounting resumed
[ 2557.547709] audit: type=1804 audit(1588638759.344:47): pid=24045 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=ToMToU comm="syz-executor.1" name="/root/syzkaller-testdir147527572/syzkaller.fWXSDR/1247/file0" dev="sda1" ino=16327 res=1
[ 2557.586128] EXT4-fs (loop4): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[ 2557.634603] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[ 2557.676955] audit: type=1800 audit(1588638759.524:48): pid=24064 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="syz-executor.1" name="file0" dev="sda1" ino=16242 res=0
[ 2557.701816] Process accounting resumed
[ 2557.715701] audit: type=1804 audit(1588638759.524:49): pid=24064 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=ToMToU comm="syz-executor.1" name="/root/syzkaller-testdir147527572/syzkaller.fWXSDR/1248/file0" dev="sda1" ino=16242 res=1
00:32:41 executing program 5:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)="0f34", 0x2}], 0x1, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f00000001c0)=""/1, 0x1}], 0x3, 0x0, 0x0, 0x0)
tkill(r0, 0x15)
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0xe7, &(0x7f0000000480)="f71559c80aa4cefd3b79e76a039acbd61caef13fff703cc78e402a21c67dbe3ec9ee6c2a3b818b0000000009eb2b5c9a61000039dfad3ec35ca3dfaa6d0e35475ace78a33eb2b7fcfdd45d247a877bbcdd0307b91e8e05257ee498343d11310dda51e11dc0d92d614498a96fd09b90c0b306ef4fcd32316c48f327739494cfd766e8741d9783e4dc2a1cccb48f7d11a12e7714d3b2ab3f7e145069c031dff4e03cebb733218d3f00c1505b36dae61f9430afbad35132ad1172403fa3de92466d47fa032032453d60b2a1c1080000000000000095c32dd6fb7092e7a73ceffe3f8c450343d34abd"}}], 0x1c)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0xb900)

00:32:41 executing program 2:
open(&(0x7f0000000180)='./bus\x00', 0x151042, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = openat$procfs(0xffffffffffffff9c, &(0x7f00000005c0)='/proc/sysvipc/sem\x00', 0x0, 0x0)
sendfile(0xffffffffffffffff, r2, 0x0, 0x400)

00:32:41 executing program 0:
r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='cmdline\x00')
close(r0)
openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000740)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$KDENABIO(r0, 0x4b36)

00:32:41 executing program 1:
syz_mount_image$minix(&(0x7f0000000140)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000040)="600084e002000a0000000001000000c98f13", 0x12, 0x400}, {&(0x7f0000000880)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494fcbcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5fe6b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bd89e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb04e4cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e73872540ef4e5aecb0de86dd2a75bee61a9303a332233ff5a259b078a6", 0x326, 0x34f9}], 0x0, 0x0)
acct(&(0x7f0000000480)='./file0\x00')
umount2(&(0x7f0000000500)='./file0\x00', 0x0)

00:32:41 executing program 4:
sendmsg$NL80211_CMD_SET_REG(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="a8003ef3", @ANYRES16, @ANYBLOB="00042dbd7000fddbdf251a0000001c00228008000700020000000800010009000000080002000300000005009200010000001c0022800800040021c10000080003007d000000080003000800000008009a00020000004c0022800800040028000000080005000400000008000700010000000800030001000000084fcd971fdcd15cf93b0007000500000008000500b66800000800050001"], 0xa8}}, 0x0)
r0 = socket$unix(0x1, 0x5, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
sendmsg$AUDIT_GET(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000040), 0xc, 0x0}, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x23, &(0x7f0000000240)=[{&(0x7f00000000c0)="800000003804000019000300e60160006c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0x4db, 0x400}], 0x4801, 0x0)

[ 2560.166107] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[ 2560.175096] MINIX-fs: mounting unchecked file system, running fsck is recommended
[ 2560.188689] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[ 2560.221555] EXT4-fs (loop4): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[ 2560.248484] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
00:32:42 executing program 3:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)="0f34", 0x2}], 0x1, 0x0)
ptrace$setopts(0xffffffffffffffff, r0, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f00000001c0)=""/1, 0x1}], 0x3, 0x0, 0x0, 0x0)
tkill(r0, 0x15)
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0xe4, &(0x7f0000000480)="f71559c80aa4cefd3b79e76a039acbd61caef13fff703cc78e402a21c67dbe3ec9ee6c2a3b818b0000000009eb2b5c9a61000039dfad3ec35ca3dfaa6d0e35475ace78a33eb2b7fcfdd45d247a877bbcdd0307b91e8e05257ee498343d11310dda51e11dc0d92d614498a96fd09b90c0b306ef4fcd32316c48f327739494cfd766e8741d9783e4dc2a1cccb48f7d11a12e7714d3b2ab3f7e145069c031dff4e03cebb733218d3f00c1505b36dae61f9430afbad35132ad1172403fa3de92466d47fa032032453d60b2a1c1080000000000000095c32dd6fb7092e7a73ceffe3f8c450343"}}], 0x1c)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

00:32:42 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000100)={0x2, 0x4e20, @multicast2}, 0x10)
sendmsg$NBD_CMD_DISCONNECT(0xffffffffffffffff, 0x0, 0x0)
open(0x0, 0x0, 0x0)
sendmsg$RDMA_NLDEV_CMD_RES_CQ_GET(0xffffffffffffffff, 0x0, 0x0)
setsockopt$sock_int(r0, 0x1, 0x3c, &(0x7f00000000c0)=0x1, 0x4)
sendto$inet(r0, 0x0, 0xffffffffffffff12, 0x20000000, &(0x7f0000000080)={0x2, 0x4e20}, 0x10)
sendto$inet(r0, &(0x7f0000000140)="7c0d111317b1ff8ebff29f81219ec5b10d0d003f0aefd9448dbef1ffb4e3a6af87131512da528f6235fe35d30b3b5cb4877c1b89bbf83f6d749d5b00679601a3ab5cf1ad797252bb0c7b43e3e9763221cb2c8d76f824f4bea338f53aa75703f465e50e434e2193900c39ab79d37cf7e9bc2df860c7a8cfc0ce7a24fe6f821e6e5e77267487dcf0208aaa5e3aeb1d921d2fdbb8587804a8e3eeb6ebca013835a981d333ca0915d7ae9d24a14f26", 0xfffffffffffffe13, 0x26a7d94d1c144252, 0x0, 0x0)

00:32:42 executing program 2:
open(&(0x7f0000000180)='./bus\x00', 0x151042, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = openat$procfs(0xffffffffffffff9c, &(0x7f00000005c0)='/proc/sysvipc/sem\x00', 0x0, 0x0)
sendfile(0xffffffffffffffff, r2, 0x0, 0x400)

00:32:42 executing program 1:
syz_mount_image$minix(&(0x7f0000000140)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000040)="600084e002000a0000000001000000c98f13", 0x12, 0x400}, {&(0x7f0000000880)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494fcbcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5fe6b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bd89e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb04e4cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e73872540ef4e5aecb0de86dd2a75bee61a9303a332233ff5a259b078a6", 0x326, 0x34f9}], 0x0, 0x0)
acct(&(0x7f0000000480)='./file0\x00')
umount2(&(0x7f0000000500)='./file0\x00', 0x0)

00:32:42 executing program 4:
sendmsg$NL80211_CMD_SET_REG(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="a8003ef3", @ANYRES16, @ANYBLOB="00042dbd7000fddbdf251a0000001c00228008000700020000000800010009000000080002000300000005009200010000001c0022800800040021c10000080003007d000000080003000800000008009a00020000004c0022800800040028000000080005000400000008000700010000000800030001000000084fcd971fdcd15cf93b0007000500000008000500b66800000800050001"], 0xa8}}, 0x0)
r0 = socket$unix(0x1, 0x5, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
sendmsg$AUDIT_GET(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000040), 0xc, 0x0}, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x23, &(0x7f0000000240)=[{&(0x7f00000000c0)="800000003804000019000300e60168006c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0x4db, 0x400}], 0x4801, 0x0)

00:32:42 executing program 2:
r0 = open(&(0x7f0000000180)='./bus\x00', 0x151042, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
openat$procfs(0xffffffffffffff9c, &(0x7f00000005c0)='/proc/sysvipc/sem\x00', 0x0, 0x0)
sendfile(r0, 0xffffffffffffffff, 0x0, 0x400)

[ 2560.507461] MINIX-fs: mounting unchecked file system, running fsck is recommended
[ 2560.519535] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[ 2560.533730] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[ 2560.568500] EXT4-fs (loop4): ext4_check_descriptors: Inode table for group 0 overlaps superblock
00:32:42 executing program 0:
r0 = socket(0x11, 0x800000003, 0x8)
bind(r0, &(0x7f0000000280)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x58)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, 0x0, 0x0)
r1 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r1, 0x6, 0x80000000000002, &(0x7f0000000040)=0x76, 0x4)
bind$inet(r1, &(0x7f0000000280)={0x2, 0x4e23, @broadcast}, 0x10)
setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000000480)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0xeb}]}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r1, 0x6, 0xd, &(0x7f00000000c0)='dctcp\x00', 0x6)
sendto$inet(r1, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r1, 0x6, 0xd, &(0x7f00000007c0)='bbr\x00', 0x4)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendto$inet(r1, &(0x7f00000012c0)="0c268a927f1f6588b967481241ba7860ac5cf65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95425a3a07e758044ab4ea6f7ae55d88fecf93a1a7511bf746bec66ba", 0xfe6a, 0x20c49a, 0x0, 0x27)

[ 2560.608889] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
00:32:45 executing program 5:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)="0f34", 0x2}], 0x1, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f00000001c0)=""/1, 0x1}], 0x3, 0x0, 0x0, 0x0)
tkill(r0, 0x15)
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0xe7, &(0x7f0000000480)="f71559c80aa4cefd3b79e76a039acbd61caef13fff703cc78e402a21c67dbe3ec9ee6c2a3b818b0000000009eb2b5c9a61000039dfad3ec35ca3dfaa6d0e35475ace78a33eb2b7fcfdd45d247a877bbcdd0307b91e8e05257ee498343d11310dda51e11dc0d92d614498a96fd09b90c0b306ef4fcd32316c48f327739494cfd766e8741d9783e4dc2a1cccb48f7d11a12e7714d3b2ab3f7e145069c031dff4e03cebb733218d3f00c1505b36dae61f9430afbad35132ad1172403fa3de92466d47fa032032453d60b2a1c1080000000000000095c32dd6fb7092e7a73ceffe3f8c450343d34abd"}}], 0x1c)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x307400)

00:32:45 executing program 1:
syz_mount_image$minix(&(0x7f0000000140)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000040)="600084e002000a0000000001000000c98f13", 0x12, 0x400}, {&(0x7f0000000880)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494fcbcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5fe6b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bd89e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb04e4cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e73872540ef4e5aecb0de86dd2a75bee61a9303a332233ff5a259b078a6", 0x326, 0x34f9}], 0x0, 0x0)
acct(&(0x7f0000000480)='./file0\x00')
umount2(&(0x7f0000000500)='./file0\x00', 0x0)

00:32:45 executing program 2:
r0 = open(&(0x7f0000000180)='./bus\x00', 0x151042, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
openat$procfs(0xffffffffffffff9c, &(0x7f00000005c0)='/proc/sysvipc/sem\x00', 0x0, 0x0)
sendfile(r0, 0xffffffffffffffff, 0x0, 0x400)

00:32:45 executing program 4:
sendmsg$NL80211_CMD_SET_REG(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="a8003ef3", @ANYRES16, @ANYBLOB="00042dbd7000fddbdf251a0000001c00228008000700020000000800010009000000080002000300000005009200010000001c0022800800040021c10000080003007d000000080003000800000008009a00020000004c0022800800040028000000080005000400000008000700010000000800030001000000084fcd971fdcd15cf93b0007000500000008000500b66800000800050001"], 0xa8}}, 0x0)
r0 = socket$unix(0x1, 0x5, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
sendmsg$AUDIT_GET(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000040), 0xc, 0x0}, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x23, &(0x7f0000000240)=[{&(0x7f00000000c0)="800000003804000019000300e6016c006c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0x4db, 0x400}], 0x4801, 0x0)

00:32:45 executing program 0:
r0 = open(&(0x7f0000000080)='./bus\x00', 0x1410c2, 0x0)
ftruncate(r0, 0x88001)
write$P9_RXATTRCREATE(r0, &(0x7f0000000040)={0x3ba}, 0x7)
r1 = socket(0x11, 0x3, 0x0)
setsockopt$packet_buf(r1, 0x107, 0xf, &(0x7f0000000280)="a933fb23", 0x4)
bind(r1, &(0x7f0000000180)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendfile(r1, r2, 0x0, 0xffffffff010)

[ 2563.229413] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[ 2563.257267] audit: type=1804 audit(1588638765.124:50): pid=24151 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir187076671/syzkaller.vDXwRA/1267/bus" dev="sda1" ino=16869 res=1
[ 2563.262460] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[ 2563.296724] MINIX-fs: mounting unchecked file system, running fsck is recommended
00:32:45 executing program 3:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)="0f34", 0x2}], 0x1, 0x0)
ptrace$setopts(0x4206, 0x0, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f00000001c0)=""/1, 0x1}], 0x3, 0x0, 0x0, 0x0)
tkill(r0, 0x15)
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0xe4, &(0x7f0000000480)="f71559c80aa4cefd3b79e76a039acbd61caef13fff703cc78e402a21c67dbe3ec9ee6c2a3b818b0000000009eb2b5c9a61000039dfad3ec35ca3dfaa6d0e35475ace78a33eb2b7fcfdd45d247a877bbcdd0307b91e8e05257ee498343d11310dda51e11dc0d92d614498a96fd09b90c0b306ef4fcd32316c48f327739494cfd766e8741d9783e4dc2a1cccb48f7d11a12e7714d3b2ab3f7e145069c031dff4e03cebb733218d3f00c1505b36dae61f9430afbad35132ad1172403fa3de92466d47fa032032453d60b2a1c1080000000000000095c32dd6fb7092e7a73ceffe3f8c450343"}}], 0x1c)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

00:32:45 executing program 2:
r0 = open(&(0x7f0000000180)='./bus\x00', 0x151042, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
openat$procfs(0xffffffffffffff9c, &(0x7f00000005c0)='/proc/sysvipc/sem\x00', 0x0, 0x0)
sendfile(r0, 0xffffffffffffffff, 0x0, 0x400)

00:32:45 executing program 1:
open(0x0, 0x1070c0, 0x0)
syz_mount_image$minix(&(0x7f0000000140)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000040)="600084e002000a0000000001000000c98f13", 0x12, 0x400}, {&(0x7f0000000880)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494fcbcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5fe6b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bd89e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb04e4cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e73872540ef4e5aecb0de86dd2a75bee61a9303a332233ff5a259b078a6", 0x326, 0x34f9}], 0x0, 0x0)
acct(&(0x7f0000000480)='./file0\x00')
umount2(&(0x7f0000000500)='./file0\x00', 0x0)

[ 2563.507303] EXT4-fs (loop4): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[ 2563.576640] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[ 2563.616443] MINIX-fs: mounting unchecked file system, running fsck is recommended
00:32:45 executing program 2:
r0 = open(&(0x7f0000000180)='./bus\x00', 0x151042, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f00000005c0)='/proc/sysvipc/sem\x00', 0x0, 0x0)
sendfile(r0, r3, 0x0, 0x0)

00:32:45 executing program 4:
sendmsg$NL80211_CMD_SET_REG(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="a8003ef3", @ANYRES16, @ANYBLOB="00042dbd7000fddbdf251a0000001c00228008000700020000000800010009000000080002000300000005009200010000001c0022800800040021c10000080003007d000000080003000800000008009a00020000004c0022800800040028000000080005000400000008000700010000000800030001000000084fcd971fdcd15cf93b0007000500000008000500b66800000800050001"], 0xa8}}, 0x0)
r0 = socket$unix(0x1, 0x5, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
sendmsg$AUDIT_GET(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000040), 0xc, 0x0}, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x23, &(0x7f0000000240)=[{&(0x7f00000000c0)="800000003804000019000300e60174006c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0x4db, 0x400}], 0x4801, 0x0)

00:32:45 executing program 1:
open(0x0, 0x1070c0, 0x0)
syz_mount_image$minix(&(0x7f0000000140)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000040)="600084e002000a0000000001000000c98f13", 0x12, 0x400}, {&(0x7f0000000880)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494fcbcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5fe6b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bd89e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb04e4cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e73872540ef4e5aecb0de86dd2a75bee61a9303a332233ff5a259b078a6", 0x326, 0x34f9}], 0x0, 0x0)
acct(&(0x7f0000000480)='./file0\x00')
umount2(&(0x7f0000000500)='./file0\x00', 0x0)

00:32:45 executing program 2:
r0 = open(&(0x7f0000000180)='./bus\x00', 0x151042, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f00000005c0)='/proc/sysvipc/sem\x00', 0x0, 0x0)
sendfile(r0, r3, 0x0, 0x0)

[ 2563.820517] MINIX-fs: mounting unchecked file system, running fsck is recommended
[ 2563.935635] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[ 2563.972889] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[ 2563.998505] EXT4-fs (loop4): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[ 2564.032666] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
00:32:48 executing program 5:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)="0f34", 0x2}], 0x1, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f00000001c0)=""/1, 0x1}], 0x3, 0x0, 0x0, 0x0)
tkill(r0, 0x15)
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0xe7, &(0x7f0000000480)="f71559c80aa4cefd3b79e76a039acbd61caef13fff703cc78e402a21c67dbe3ec9ee6c2a3b818b0000000009eb2b5c9a61000039dfad3ec35ca3dfaa6d0e35475ace78a33eb2b7fcfdd45d247a877bbcdd0307b91e8e05257ee498343d11310dda51e11dc0d92d614498a96fd09b90c0b306ef4fcd32316c48f327739494cfd766e8741d9783e4dc2a1cccb48f7d11a12e7714d3b2ab3f7e145069c031dff4e03cebb733218d3f00c1505b36dae61f9430afbad35132ad1172403fa3de92466d47fa032032453d60b2a1c1080000000000000095c32dd6fb7092e7a73ceffe3f8c450343d34abd"}}], 0x1c)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x400000)

00:32:48 executing program 0:
r0 = open(&(0x7f0000000080)='./bus\x00', 0x1410c2, 0x0)
ftruncate(r0, 0x88001)
write$P9_RXATTRCREATE(r0, &(0x7f0000000040)={0x3ba}, 0x7)
r1 = socket(0x11, 0x3, 0x0)
setsockopt$packet_buf(r1, 0x107, 0xf, &(0x7f0000000280)="a933fb23", 0x4)
bind(r1, &(0x7f0000000180)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendfile(r1, r2, 0x0, 0xffffffff010)

00:32:48 executing program 2:
r0 = open(&(0x7f0000000180)='./bus\x00', 0x151042, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f00000005c0)='/proc/sysvipc/sem\x00', 0x0, 0x0)
sendfile(r0, r3, 0x0, 0x0)

00:32:48 executing program 1:
open(0x0, 0x1070c0, 0x0)
syz_mount_image$minix(&(0x7f0000000140)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000040)="600084e002000a0000000001000000c98f13", 0x12, 0x400}, {&(0x7f0000000880)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494fcbcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5fe6b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bd89e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb04e4cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e73872540ef4e5aecb0de86dd2a75bee61a9303a332233ff5a259b078a6", 0x326, 0x34f9}], 0x0, 0x0)
acct(&(0x7f0000000480)='./file0\x00')
umount2(&(0x7f0000000500)='./file0\x00', 0x0)

00:32:48 executing program 4:
sendmsg$NL80211_CMD_SET_REG(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="a8003ef3", @ANYRES16, @ANYBLOB="00042dbd7000fddbdf251a0000001c00228008000700020000000800010009000000080002000300000005009200010000001c0022800800040021c10000080003007d000000080003000800000008009a00020000004c0022800800040028000000080005000400000008000700010000000800030001000000084fcd971fdcd15cf93b0007000500000008000500b66800000800050001"], 0xa8}}, 0x0)
r0 = socket$unix(0x1, 0x5, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
sendmsg$AUDIT_GET(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000040), 0xc, 0x0}, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x23, &(0x7f0000000240)=[{&(0x7f00000000c0)="800000003804000019000300e6017a006c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0x4db, 0x400}], 0x4801, 0x0)

[ 2566.244440] audit: type=1804 audit(1588638768.114:51): pid=24208 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir187076671/syzkaller.vDXwRA/1268/bus" dev="sda1" ino=16141 res=1
[ 2566.305923] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[ 2566.311021] MINIX-fs: mounting unchecked file system, running fsck is recommended
[ 2566.350258] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[ 2566.375058] EXT4-fs (loop4): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[ 2566.439068] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
00:32:48 executing program 3:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)="0f34", 0x2}], 0x1, 0x0)
ptrace$setopts(0x4206, 0x0, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f00000001c0)=""/1, 0x1}], 0x3, 0x0, 0x0, 0x0)
tkill(r0, 0x15)
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0xe4, &(0x7f0000000480)="f71559c80aa4cefd3b79e76a039acbd61caef13fff703cc78e402a21c67dbe3ec9ee6c2a3b818b0000000009eb2b5c9a61000039dfad3ec35ca3dfaa6d0e35475ace78a33eb2b7fcfdd45d247a877bbcdd0307b91e8e05257ee498343d11310dda51e11dc0d92d614498a96fd09b90c0b306ef4fcd32316c48f327739494cfd766e8741d9783e4dc2a1cccb48f7d11a12e7714d3b2ab3f7e145069c031dff4e03cebb733218d3f00c1505b36dae61f9430afbad35132ad1172403fa3de92466d47fa032032453d60b2a1c1080000000000000095c32dd6fb7092e7a73ceffe3f8c450343"}}], 0x1c)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

00:32:48 executing program 1:
open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
syz_mount_image$minix(&(0x7f0000000140)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000040)="600084e002000a0000000001000000c98f13", 0x12, 0x400}, {&(0x7f0000000880)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494fcbcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5fe6b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bd89e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb04e4cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e73872540ef4e5aecb0de86dd2a75bee61a9303a332233ff5a259b078a6", 0x326, 0x34f9}], 0x0, 0x0)
acct(&(0x7f0000000480)='./file0\x00')
umount2(&(0x7f0000000500)='./file0\x00', 0x0)

00:32:48 executing program 2:
mbind(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x4003, &(0x7f0000000000)=0x9, 0x7, 0x0)
mbind(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x4003, &(0x7f0000000040)=0x7fffffff, 0x7, 0x0)
mlock2(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0)

00:32:48 executing program 4:
sendmsg$NL80211_CMD_SET_REG(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="a8003ef3", @ANYRES16, @ANYBLOB="00042dbd7000fddbdf251a0000001c00228008000700020000000800010009000000080002000300000005009200010000001c0022800800040021c10000080003007d000000080003000800000008009a00020000004c0022800800040028000000080005000400000008000700010000000800030001000000084fcd971fdcd15cf93b0007000500000008000500b66800000800050001"], 0xa8}}, 0x0)
r0 = socket$unix(0x1, 0x5, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
sendmsg$AUDIT_GET(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000040), 0xc, 0x0}, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x23, &(0x7f0000000240)=[{&(0x7f00000000c0)="800000003804000019000300e60100036c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0x4db, 0x400}], 0x4801, 0x0)

00:32:48 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000040)=ANY=[@ANYBLOB="2c0000002e001f", @ANYRESDEC], 0x2c}}, 0x0)

00:32:48 executing program 0:
r0 = open(&(0x7f0000000080)='./bus\x00', 0x1410c2, 0x0)
ftruncate(r0, 0x88001)
write$P9_RXATTRCREATE(r0, &(0x7f0000000040)={0x3ba}, 0x7)
r1 = socket(0x11, 0x3, 0x0)
setsockopt$packet_buf(r1, 0x107, 0xf, &(0x7f0000000280)="a933fb23", 0x4)
bind(r1, &(0x7f0000000180)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendfile(r1, r2, 0x0, 0xffffffff010)

[ 2566.697094] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[ 2566.716098] MINIX-fs: mounting unchecked file system, running fsck is recommended
[ 2566.744415] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[ 2566.758760] EXT4-fs (loop4): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[ 2566.766010] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'.
00:32:48 executing program 2:
r0 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000100)='/dev/vhost-net\x00', 0x2, 0x0)
ioctl$int_in(r0, 0x40000000af01, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140)='/dev/net/tun\x00', 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000002c0)={'\x00', 0x6})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000240)={0x1, 0x0, 0x0, &(0x7f0000000300)=""/246, 0x0})
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f00000007c0)=ANY=[])
ioctl$VHOST_NET_SET_BACKEND(r0, 0x4008af30, &(0x7f0000000000)={0x200000000001, r1})
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000180))

[ 2566.790494] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[ 2566.850358] audit: type=1804 audit(1588638768.724:52): pid=24255 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir187076671/syzkaller.vDXwRA/1269/bus" dev="sda1" ino=16984 res=1
00:32:51 executing program 4:
sendmsg$NL80211_CMD_SET_REG(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="a8003ef3", @ANYRES16, @ANYBLOB="00042dbd7000fddbdf251a0000001c00228008000700020000000800010009000000080002000300000005009200010000001c0022800800040021c10000080003007d000000080003000800000008009a00020000004c0022800800040028000000080005000400000008000700010000000800030001000000084fcd971fdcd15cf93b0007000500000008000500b66800000800050001"], 0xa8}}, 0x0)
r0 = socket$unix(0x1, 0x5, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
sendmsg$AUDIT_GET(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000040), 0xc, 0x0}, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x23, &(0x7f0000000240)=[{&(0x7f00000000c0)="800000003804000019000300e60110046c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0x4db, 0x400}], 0x4801, 0x0)

00:32:51 executing program 5:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)="0f34", 0x2}], 0x1, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f00000001c0)=""/1, 0x1}], 0x3, 0x0, 0x0, 0x0)
tkill(r0, 0x15)
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0xe7, &(0x7f0000000480)="f71559c80aa4cefd3b79e76a039acbd61caef13fff703cc78e402a21c67dbe3ec9ee6c2a3b818b0000000009eb2b5c9a61000039dfad3ec35ca3dfaa6d0e35475ace78a33eb2b7fcfdd45d247a877bbcdd0307b91e8e05257ee498343d11310dda51e11dc0d92d614498a96fd09b90c0b306ef4fcd32316c48f327739494cfd766e8741d9783e4dc2a1cccb48f7d11a12e7714d3b2ab3f7e145069c031dff4e03cebb733218d3f00c1505b36dae61f9430afbad35132ad1172403fa3de92466d47fa032032453d60b2a1c1080000000000000095c32dd6fb7092e7a73ceffe3f8c450343d34abd"}}], 0x1c)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x53b000)

00:32:51 executing program 1:
open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
syz_mount_image$minix(&(0x7f0000000140)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000040)="600084e002000a0000000001000000c98f13", 0x12, 0x400}, {&(0x7f0000000880)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494fcbcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5fe6b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bd89e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb04e4cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e73872540ef4e5aecb0de86dd2a75bee61a9303a332233ff5a259b078a6", 0x326, 0x34f9}], 0x0, 0x0)
acct(&(0x7f0000000480)='./file0\x00')
umount2(&(0x7f0000000500)='./file0\x00', 0x0)

00:32:51 executing program 0:
r0 = open(&(0x7f0000000080)='./bus\x00', 0x1410c2, 0x0)
ftruncate(r0, 0x88001)
write$P9_RXATTRCREATE(r0, &(0x7f0000000040)={0x3ba}, 0x7)
r1 = socket(0x11, 0x3, 0x0)
setsockopt$packet_buf(r1, 0x107, 0xf, &(0x7f0000000280)="a933fb23", 0x4)
bind(r1, &(0x7f0000000180)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendfile(r1, r2, 0x0, 0xffffffff010)

00:32:51 executing program 2:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
bind(0xffffffffffffffff, &(0x7f0000000080)=@generic={0x0, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80)
ioctl$VIDIOC_PREPARE_BUF(0xffffffffffffffff, 0xc058565d, 0x0)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)="0f34", 0x2}], 0x1, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f00000001c0)=""/1, 0x1}], 0x3, 0x0, 0x0, 0x0)
tkill(r0, 0x15)
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x115, &(0x7f0000000480)="f71559c80aa4cefd3b79e76a039acbd61caef13fff703cc78e402a21c67dbe3ec9ee6c2a3b818b0000000009eb2b5c9a61000039dfad3ec35ca3dfaa6d0e35475ace78a33eb2b7fcfdd45d247a877bbcdd0307b91e8e05257ee498343d11310dda51e11dc0d92d614498a96fd09b90c0b306ef4fcd32316c48f327739494cfd766e8741d9783e4dc2a1cccb48f7d11a12e7714d3b2ab3f7e145069c031dff4e03cebb733218d3f00c1505b36dae61f9430afbad35132ad1172403fa3de92466d47fa032032453d60b2a1c1080000000000000095c32dd6fb7092e7a73ceffe3f8c450343d34abd09f1f7098003000000912e9afd988fb466ffd306f08a01a20ca76d6a25912078ef6f3eb1ec3b969c40af0c0f0054"}}], 0x1c)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

[ 2569.313295] audit: type=1804 audit(1588638771.184:53): pid=24281 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir187076671/syzkaller.vDXwRA/1270/bus" dev="sda1" ino=16990 res=1
[ 2569.353903] MINIX-fs: mounting unchecked file system, running fsck is recommended
[ 2569.372867] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[ 2569.413377] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[ 2569.456089] EXT4-fs (loop4): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[ 2569.519001] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
00:32:51 executing program 3:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)="0f34", 0x2}], 0x1, 0x0)
ptrace$setopts(0x4206, 0x0, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f00000001c0)=""/1, 0x1}], 0x3, 0x0, 0x0, 0x0)
tkill(r0, 0x15)
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0xe4, &(0x7f0000000480)="f71559c80aa4cefd3b79e76a039acbd61caef13fff703cc78e402a21c67dbe3ec9ee6c2a3b818b0000000009eb2b5c9a61000039dfad3ec35ca3dfaa6d0e35475ace78a33eb2b7fcfdd45d247a877bbcdd0307b91e8e05257ee498343d11310dda51e11dc0d92d614498a96fd09b90c0b306ef4fcd32316c48f327739494cfd766e8741d9783e4dc2a1cccb48f7d11a12e7714d3b2ab3f7e145069c031dff4e03cebb733218d3f00c1505b36dae61f9430afbad35132ad1172403fa3de92466d47fa032032453d60b2a1c1080000000000000095c32dd6fb7092e7a73ceffe3f8c450343"}}], 0x1c)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

00:32:51 executing program 1:
open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
syz_mount_image$minix(&(0x7f0000000140)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000040)="600084e002000a0000000001000000c98f13", 0x12, 0x400}, {&(0x7f0000000880)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494fcbcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5fe6b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bd89e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb04e4cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e73872540ef4e5aecb0de86dd2a75bee61a9303a332233ff5a259b078a6", 0x326, 0x34f9}], 0x0, 0x0)
acct(&(0x7f0000000480)='./file0\x00')
umount2(&(0x7f0000000500)='./file0\x00', 0x0)

00:32:51 executing program 4:
sendmsg$NL80211_CMD_SET_REG(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="a8003ef3", @ANYRES16, @ANYBLOB="00042dbd7000fddbdf251a0000001c00228008000700020000000800010009000000080002000300000005009200010000001c0022800800040021c10000080003007d000000080003000800000008009a00020000004c0022800800040028000000080005000400000008000700010000000800030001000000084fcd971fdcd15cf93b0007000500000008000500b66800000800050001"], 0xa8}}, 0x0)
r0 = socket$unix(0x1, 0x5, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
sendmsg$AUDIT_GET(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000040), 0xc, 0x0}, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x23, &(0x7f0000000240)=[{&(0x7f00000000c0)="800000003804000019000300e60137046c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0x4db, 0x400}], 0x4801, 0x0)

00:32:51 executing program 0:
r0 = open(&(0x7f0000000080)='./bus\x00', 0x1410c2, 0x0)
ftruncate(r0, 0x88001)
write$P9_RXATTRCREATE(r0, &(0x7f0000000040)={0x3ba}, 0x7)
r1 = socket(0x11, 0x3, 0x0)
setsockopt$packet_buf(r1, 0x107, 0xf, &(0x7f0000000280)="a933fb23", 0x4)
bind(r1, &(0x7f0000000180)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x0, 0x0)
sendfile(r1, r2, 0x0, 0xffffffff010)

[ 2569.703508] MINIX-fs: mounting unchecked file system, running fsck is recommended
[ 2569.719662] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[ 2569.733308] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[ 2569.746628] EXT4-fs (loop4): ext4_check_descriptors: Inode table for group 0 overlaps superblock
00:32:51 executing program 1:
open(&(0x7f0000000200)='./file0\x00', 0x1070c0, 0x0)
syz_mount_image$minix(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000040)="600084e002000a0000000001000000c98f13", 0x12, 0x400}, {&(0x7f0000000880)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494fcbcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5fe6b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bd89e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb04e4cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e73872540ef4e5aecb0de86dd2a75bee61a9303a332233ff5a259b078a6", 0x326, 0x34f9}], 0x0, 0x0)
acct(&(0x7f0000000480)='./file0\x00')
umount2(&(0x7f0000000500)='./file0\x00', 0x0)

[ 2569.780665] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
00:32:51 executing program 4:
sendmsg$NL80211_CMD_SET_REG(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="a8003ef3", @ANYRES16, @ANYBLOB="00042dbd7000fddbdf251a0000001c00228008000700020000000800010009000000080002000300000005009200010000001c0022800800040021c10000080003007d000000080003000800000008009a00020000004c0022800800040028000000080005000400000008000700010000000800030001000000084fcd971fdcd15cf93b0007000500000008000500b66800000800050001"], 0xa8}}, 0x0)
r0 = socket$unix(0x1, 0x5, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
sendmsg$AUDIT_GET(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000040), 0xc, 0x0}, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x23, &(0x7f0000000240)=[{&(0x7f00000000c0)="800000003804000019000300e60138046c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0x4db, 0x400}], 0x4801, 0x0)

[ 2569.822078] audit: type=1804 audit(1588638771.694:54): pid=24325 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir187076671/syzkaller.vDXwRA/1271/bus" dev="sda1" ino=16990 res=1
[ 2569.891353] audit: type=1800 audit(1588638771.754:55): pid=24330 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="syz-executor.1" name="file0" dev="sda1" ino=16978 res=0
00:32:51 executing program 0:
r0 = open(&(0x7f0000000080)='./bus\x00', 0x1410c2, 0x0)
ftruncate(r0, 0x88001)
write$P9_RXATTRCREATE(r0, &(0x7f0000000040)={0x3ba}, 0x7)
r1 = socket(0x11, 0x3, 0x0)
setsockopt$packet_buf(r1, 0x107, 0xf, &(0x7f0000000280)="a933fb23", 0x4)
bind(r1, &(0x7f0000000180)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x0, 0x0)
sendfile(r1, r2, 0x0, 0xffffffff010)

[ 2569.966359] audit: type=1804 audit(1588638771.834:56): pid=24330 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=ToMToU comm="syz-executor.1" name="/root/syzkaller-testdir147527572/syzkaller.fWXSDR/1258/file0" dev="sda1" ino=16978 res=1
00:32:51 executing program 1:
open(&(0x7f0000000200)='./file0\x00', 0x1070c0, 0x0)
syz_mount_image$minix(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000040)="600084e002000a0000000001000000c98f13", 0x12, 0x400}, {&(0x7f0000000880)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494fcbcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5fe6b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bd89e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb04e4cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e73872540ef4e5aecb0de86dd2a75bee61a9303a332233ff5a259b078a6", 0x326, 0x34f9}], 0x0, 0x0)
acct(&(0x7f0000000480)='./file0\x00')
umount2(&(0x7f0000000500)='./file0\x00', 0x0)

[ 2570.010049] Process accounting resumed
[ 2570.017027] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[ 2570.027158] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[ 2570.040160] EXT4-fs (loop4): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[ 2570.052882] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[ 2570.094183] audit: type=1804 audit(1588638771.964:57): pid=24343 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir187076671/syzkaller.vDXwRA/1272/bus" dev="sda1" ino=16753 res=1
[ 2570.166346] audit: type=1800 audit(1588638772.034:58): pid=24348 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="syz-executor.1" name="file0" dev="sda1" ino=16999 res=0
[ 2570.210543] audit: type=1804 audit(1588638772.084:59): pid=24348 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=ToMToU comm="syz-executor.1" name="/root/syzkaller-testdir147527572/syzkaller.fWXSDR/1259/file0" dev="sda1" ino=16999 res=1
[ 2570.254721] Process accounting resumed
00:32:54 executing program 0:
r0 = open(&(0x7f0000000080)='./bus\x00', 0x1410c2, 0x0)
ftruncate(r0, 0x88001)
write$P9_RXATTRCREATE(r0, &(0x7f0000000040)={0x3ba}, 0x7)
r1 = socket(0x11, 0x3, 0x0)
setsockopt$packet_buf(r1, 0x107, 0xf, &(0x7f0000000280)="a933fb23", 0x4)
bind(r1, &(0x7f0000000180)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x0, 0x0)
sendfile(r1, r2, 0x0, 0xffffffff010)

00:32:54 executing program 5:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)="0f34", 0x2}], 0x1, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f00000001c0)=""/1, 0x1}], 0x3, 0x0, 0x0, 0x0)
tkill(r0, 0x15)
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0xe7, &(0x7f0000000480)="f71559c80aa4cefd3b79e76a039acbd61caef13fff703cc78e402a21c67dbe3ec9ee6c2a3b818b0000000009eb2b5c9a61000039dfad3ec35ca3dfaa6d0e35475ace78a33eb2b7fcfdd45d247a877bbcdd0307b91e8e05257ee498343d11310dda51e11dc0d92d614498a96fd09b90c0b306ef4fcd32316c48f327739494cfd766e8741d9783e4dc2a1cccb48f7d11a12e7714d3b2ab3f7e145069c031dff4e03cebb733218d3f00c1505b36dae61f9430afbad35132ad1172403fa3de92466d47fa032032453d60b2a1c1080000000000000095c32dd6fb7092e7a73ceffe3f8c450343d34abd"}}], 0x1c)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x73a000)

00:32:54 executing program 4:
sendmsg$NL80211_CMD_SET_REG(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="a8003ef3", @ANYRES16, @ANYBLOB="00042dbd7000fddbdf251a0000001c00228008000700020000000800010009000000080002000300000005009200010000001c0022800800040021c10000080003007d000000080003000800000008009a00020000004c0022800800040028000000080005000400000008000700010000000800030001000000084fcd971fdcd15cf93b0007000500000008000500b66800000800050001"], 0xa8}}, 0x0)
r0 = socket$unix(0x1, 0x5, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
sendmsg$AUDIT_GET(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000040), 0xc, 0x0}, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x23, &(0x7f0000000240)=[{&(0x7f00000000c0)="800000003804000019000300e60100056c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0x4db, 0x400}], 0x4801, 0x0)

00:32:54 executing program 1:
open(&(0x7f0000000200)='./file0\x00', 0x1070c0, 0x0)
syz_mount_image$minix(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000040)="600084e002000a0000000001000000c98f13", 0x12, 0x400}, {&(0x7f0000000880)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494fcbcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5fe6b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bd89e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb04e4cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e73872540ef4e5aecb0de86dd2a75bee61a9303a332233ff5a259b078a6", 0x326, 0x34f9}], 0x0, 0x0)
acct(&(0x7f0000000480)='./file0\x00')
umount2(&(0x7f0000000500)='./file0\x00', 0x0)

[ 2572.338527] audit: type=1800 audit(1588638774.204:60): pid=24362 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="syz-executor.1" name="file0" dev="sda1" ino=16997 res=0
[ 2572.384794] audit: type=1804 audit(1588638774.244:61): pid=24361 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir187076671/syzkaller.vDXwRA/1273/bus" dev="sda1" ino=16998 res=1
[ 2572.422006] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[ 2572.433595] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[ 2572.458644] audit: type=1804 audit(1588638774.324:62): pid=24362 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=ToMToU comm="syz-executor.1" name="/root/syzkaller-testdir147527572/syzkaller.fWXSDR/1260/file0" dev="sda1" ino=16997 res=1
[ 2572.470781] Process accounting resumed
[ 2572.507429] EXT4-fs (loop4): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[ 2572.540084] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
00:32:54 executing program 3:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)="0f34", 0x2}], 0x1, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
process_vm_writev(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
tkill(r0, 0x15)
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0xe4, &(0x7f0000000480)="f71559c80aa4cefd3b79e76a039acbd61caef13fff703cc78e402a21c67dbe3ec9ee6c2a3b818b0000000009eb2b5c9a61000039dfad3ec35ca3dfaa6d0e35475ace78a33eb2b7fcfdd45d247a877bbcdd0307b91e8e05257ee498343d11310dda51e11dc0d92d614498a96fd09b90c0b306ef4fcd32316c48f327739494cfd766e8741d9783e4dc2a1cccb48f7d11a12e7714d3b2ab3f7e145069c031dff4e03cebb733218d3f00c1505b36dae61f9430afbad35132ad1172403fa3de92466d47fa032032453d60b2a1c1080000000000000095c32dd6fb7092e7a73ceffe3f8c450343"}}], 0x1c)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

00:32:54 executing program 2:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$usbfs(&(0x7f0000000180)='/dev/bus/usb/00#/00#\x00', 0x77, 0x1)
r1 = openat$vga_arbiter(0xffffffffffffff9c, 0x0, 0x5b30c0, 0x0)
accept4$unix(r1, &(0x7f0000000300)=@abs, &(0x7f00000003c0)=0xffffff50, 0x80800)
lchown(0x0, 0x0, 0x0)
syz_open_procfs(0x0, 0x0)
ioctl$USBDEVFS_IOCTL(r0, 0xc0105512, &(0x7f0000000040)=@usbdevfs_connect)
ioctl$USBDEVFS_IOCTL(r0, 0xc0105512, &(0x7f0000000380))
openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cachefiles\x00', 0x0, 0x0)
r2 = socket$unix(0x1, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
r3 = socket$inet6_sctp(0xa, 0x5, 0x84)
r4 = fcntl$dupfd(r2, 0x406, r3)
ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200)

00:32:54 executing program 1:
open(&(0x7f0000000200)='./file0\x00', 0x1070c0, 0x0)
syz_mount_image$minix(&(0x7f0000000140)='minix\x00', 0x0, 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000040)="600084e002000a0000000001000000c98f13", 0x12, 0x400}, {&(0x7f0000000880)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494fcbcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5fe6b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bd89e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb04e4cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e73872540ef4e5aecb0de86dd2a75bee61a9303a332233ff5a259b078a6", 0x326, 0x34f9}], 0x0, 0x0)
acct(&(0x7f0000000480)='./file0\x00')
umount2(&(0x7f0000000500)='./file0\x00', 0x0)

00:32:54 executing program 0:
r0 = open(&(0x7f0000000080)='./bus\x00', 0x1410c2, 0x0)
ftruncate(r0, 0x88001)
write$P9_RXATTRCREATE(r0, &(0x7f0000000040)={0x3ba}, 0x7)
r1 = socket(0x11, 0x3, 0x0)
setsockopt$packet_buf(r1, 0x107, 0xf, &(0x7f0000000280)="a933fb23", 0x4)
bind(r1, &(0x7f0000000180)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80)
sendfile(r1, 0xffffffffffffffff, 0x0, 0xffffffff010)

00:32:54 executing program 4:
sendmsg$NL80211_CMD_SET_REG(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="a8003ef3", @ANYRES16, @ANYBLOB="00042dbd7000fddbdf251a0000001c00228008000700020000000800010009000000080002000300000005009200010000001c0022800800040021c10000080003007d000000080003000800000008009a00020000004c0022800800040028000000080005000400000008000700010000000800030001000000084fcd971fdcd15cf93b0007000500000008000500b66800000800050001"], 0xa8}}, 0x0)
r0 = socket$unix(0x1, 0x5, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
sendmsg$AUDIT_GET(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000040), 0xc, 0x0}, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x23, &(0x7f0000000240)=[{&(0x7f00000000c0)="800000003804000019000300e60100066c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0x4db, 0x400}], 0x4801, 0x0)

00:32:54 executing program 0:
r0 = open(&(0x7f0000000080)='./bus\x00', 0x1410c2, 0x0)
ftruncate(r0, 0x88001)
write$P9_RXATTRCREATE(r0, &(0x7f0000000040)={0x3ba}, 0x7)
r1 = socket(0x11, 0x3, 0x0)
setsockopt$packet_buf(r1, 0x107, 0xf, &(0x7f0000000280)="a933fb23", 0x4)
bind(r1, &(0x7f0000000180)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80)
sendfile(r1, 0xffffffffffffffff, 0x0, 0xffffffff010)

[ 2572.841790] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[ 2572.864070] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
00:32:54 executing program 1:
open(&(0x7f0000000200)='./file0\x00', 0x1070c0, 0x0)
syz_mount_image$minix(&(0x7f0000000140)='minix\x00', 0x0, 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000040)="600084e002000a0000000001000000c98f13", 0x12, 0x400}, {&(0x7f0000000880)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494fcbcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5fe6b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bd89e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb04e4cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e73872540ef4e5aecb0de86dd2a75bee61a9303a332233ff5a259b078a6", 0x326, 0x34f9}], 0x0, 0x0)
acct(&(0x7f0000000480)='./file0\x00')
umount2(&(0x7f0000000500)='./file0\x00', 0x0)

[ 2572.897291] Process accounting resumed
[ 2572.905070] EXT4-fs (loop4): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[ 2572.957690] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
00:32:54 executing program 2:
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = shmget$private(0x0, 0x1000, 0x54001800, &(0x7f0000fff000/0x1000)=nil)
shmat(r2, &(0x7f0000ff9000/0x4000)=nil, 0x5000)

00:32:54 executing program 0:
r0 = open(&(0x7f0000000080)='./bus\x00', 0x1410c2, 0x0)
ftruncate(r0, 0x88001)
write$P9_RXATTRCREATE(r0, &(0x7f0000000040)={0x3ba}, 0x7)
r1 = socket(0x11, 0x3, 0x0)
setsockopt$packet_buf(r1, 0x107, 0xf, &(0x7f0000000280)="a933fb23", 0x4)
bind(r1, &(0x7f0000000180)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80)
sendfile(r1, 0xffffffffffffffff, 0x0, 0xffffffff010)

[ 2573.097717] Process accounting resumed
00:32:57 executing program 1:
open(&(0x7f0000000200)='./file0\x00', 0x1070c0, 0x0)
syz_mount_image$minix(&(0x7f0000000140)='minix\x00', 0x0, 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000040)="600084e002000a0000000001000000c98f13", 0x12, 0x400}, {&(0x7f0000000880)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494fcbcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5fe6b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bd89e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb04e4cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e73872540ef4e5aecb0de86dd2a75bee61a9303a332233ff5a259b078a6", 0x326, 0x34f9}], 0x0, 0x0)
acct(&(0x7f0000000480)='./file0\x00')
umount2(&(0x7f0000000500)='./file0\x00', 0x0)

00:32:57 executing program 5:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)="0f34", 0x2}], 0x1, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f00000001c0)=""/1, 0x1}], 0x3, 0x0, 0x0, 0x0)
tkill(r0, 0x15)
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0xe7, &(0x7f0000000480)="f71559c80aa4cefd3b79e76a039acbd61caef13fff703cc78e402a21c67dbe3ec9ee6c2a3b818b0000000009eb2b5c9a61000039dfad3ec35ca3dfaa6d0e35475ace78a33eb2b7fcfdd45d247a877bbcdd0307b91e8e05257ee498343d11310dda51e11dc0d92d614498a96fd09b90c0b306ef4fcd32316c48f327739494cfd766e8741d9783e4dc2a1cccb48f7d11a12e7714d3b2ab3f7e145069c031dff4e03cebb733218d3f00c1505b36dae61f9430afbad35132ad1172403fa3de92466d47fa032032453d60b2a1c1080000000000000095c32dd6fb7092e7a73ceffe3f8c450343d34abd"}}], 0x1c)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x743000)

00:32:57 executing program 4:
sendmsg$NL80211_CMD_SET_REG(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="a8003ef3", @ANYRES16, @ANYBLOB="00042dbd7000fddbdf251a0000001c00228008000700020000000800010009000000080002000300000005009200010000001c0022800800040021c10000080003007d000000080003000800000008009a00020000004c0022800800040028000000080005000400000008000700010000000800030001000000084fcd971fdcd15cf93b0007000500000008000500b66800000800050001"], 0xa8}}, 0x0)
r0 = socket$unix(0x1, 0x5, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
sendmsg$AUDIT_GET(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000040), 0xc, 0x0}, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x23, &(0x7f0000000240)=[{&(0x7f00000000c0)="800000003804000019000300e60100076c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0x4db, 0x400}], 0x4801, 0x0)

[ 2575.400979] kauditd_printk_skb: 4 callbacks suppressed
[ 2575.400991] audit: type=1800 audit(1588638777.274:67): pid=24432 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="syz-executor.1" name="file0" dev="sda1" ino=17018 res=0
[ 2575.443297] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[ 2575.455493] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[ 2575.468011] EXT4-fs (loop4): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[ 2575.481595] audit: type=1804 audit(1588638777.354:68): pid=24432 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=ToMToU comm="syz-executor.1" name="/root/syzkaller-testdir147527572/syzkaller.fWXSDR/1263/file0" dev="sda1" ino=17018 res=1
[ 2575.483112] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[ 2575.525090] Process accounting resumed
00:32:57 executing program 3:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)="0f34", 0x2}], 0x1, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
process_vm_writev(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
tkill(r0, 0x15)
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0xe4, &(0x7f0000000480)="f71559c80aa4cefd3b79e76a039acbd61caef13fff703cc78e402a21c67dbe3ec9ee6c2a3b818b0000000009eb2b5c9a61000039dfad3ec35ca3dfaa6d0e35475ace78a33eb2b7fcfdd45d247a877bbcdd0307b91e8e05257ee498343d11310dda51e11dc0d92d614498a96fd09b90c0b306ef4fcd32316c48f327739494cfd766e8741d9783e4dc2a1cccb48f7d11a12e7714d3b2ab3f7e145069c031dff4e03cebb733218d3f00c1505b36dae61f9430afbad35132ad1172403fa3de92466d47fa032032453d60b2a1c1080000000000000095c32dd6fb7092e7a73ceffe3f8c450343"}}], 0x1c)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

00:32:57 executing program 2:
r0 = getpid()
prctl$PR_SET_PTRACER(0x59616d61, r0)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
r2 = dup(r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r3 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000240)="45e9aed12f060000000000000025d86800278dcff47d010000805acb271c787c8529d6e2e29840cb4895e22e494e8a87ce96ad5719a0541c2e6422467f2a97e7bacf2155c81fd803eb427664349470f593f77a415e8e34b68074e0", 0x5b}], 0x4, 0x0)
ptrace$setopts(0x4206, r3, 0x0, 0x0)
tkill(r3, 0x26)
ptrace$cont(0x18, r3, 0x0, 0x0)
ptrace$setregs(0xd, r3, 0x0, &(0x7f0000000080))
ptrace$cont(0x20, r3, 0x0, 0x0)

00:32:57 executing program 0:
r0 = open(&(0x7f0000000080)='./bus\x00', 0x1410c2, 0x0)
ftruncate(r0, 0x88001)
write$P9_RXATTRCREATE(r0, &(0x7f0000000040)={0x3ba}, 0x7)
r1 = socket(0x11, 0x3, 0x0)
setsockopt$packet_buf(r1, 0x107, 0xf, &(0x7f0000000280)="a933fb23", 0x4)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x0, 0x0)
sendfile(r1, r2, 0x0, 0xffffffff010)

00:32:57 executing program 1:
open(&(0x7f0000000200)='./file0\x00', 0x1070c0, 0x0)
syz_mount_image$minix(&(0x7f0000000140)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
acct(&(0x7f0000000480)='./file0\x00')
umount2(&(0x7f0000000500)='./file0\x00', 0x0)

00:32:57 executing program 4:
sendmsg$NL80211_CMD_SET_REG(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="a8003ef3", @ANYRES16, @ANYBLOB="00042dbd7000fddbdf251a0000001c00228008000700020000000800010009000000080002000300000005009200010000001c0022800800040021c10000080003007d000000080003000800000008009a00020000004c0022800800040028000000080005000400000008000700010000000800030001000000084fcd971fdcd15cf93b0007000500000008000500b66800000800050001"], 0xa8}}, 0x0)
r0 = socket$unix(0x1, 0x5, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
sendmsg$AUDIT_GET(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000040), 0xc, 0x0}, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x23, &(0x7f0000000240)=[{&(0x7f00000000c0)="800000003804000019000300e60100096c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0x4db, 0x400}], 0x4801, 0x0)

[ 2575.797923] audit: type=1800 audit(1588638777.664:69): pid=24462 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="syz-executor.1" name="file0" dev="sda1" ino=17023 res=0
00:32:57 executing program 1:
open(&(0x7f0000000200)='./file0\x00', 0x1070c0, 0x0)
syz_mount_image$minix(&(0x7f0000000140)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
acct(&(0x7f0000000480)='./file0\x00')
umount2(&(0x7f0000000500)='./file0\x00', 0x0)

[ 2575.846695] VFS: Can't find a Minix filesystem V1 | V2 | V3 on device loop1.
[ 2575.857908] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[ 2575.884980] Process accounting resumed
00:32:57 executing program 0:
r0 = open(&(0x7f0000000080)='./bus\x00', 0x1410c2, 0x0)
ftruncate(r0, 0x88001)
write$P9_RXATTRCREATE(r0, &(0x7f0000000040)={0x3ba}, 0x7)
r1 = socket(0x11, 0x3, 0x0)
setsockopt$packet_buf(r1, 0x107, 0xf, &(0x7f0000000280)="a933fb23", 0x4)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x0, 0x0)
sendfile(r1, r2, 0x0, 0xffffffff010)

[ 2575.906353] audit: type=1804 audit(1588638777.664:70): pid=24461 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir187076671/syzkaller.vDXwRA/1277/bus" dev="sda1" ino=17021 res=1
[ 2575.941765] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[ 2575.965758] EXT4-fs (loop4): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[ 2575.978105] audit: type=1804 audit(1588638777.734:71): pid=24462 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=ToMToU comm="syz-executor.1" name="/root/syzkaller-testdir147527572/syzkaller.fWXSDR/1264/file0" dev="sda1" ino=17023 res=1
[ 2575.998518] VFS: Can't find a Minix filesystem V1 | V2 | V3 on device loop1.
00:32:57 executing program 0:
r0 = open(&(0x7f0000000080)='./bus\x00', 0x1410c2, 0x0)
ftruncate(r0, 0x88001)
write$P9_RXATTRCREATE(r0, &(0x7f0000000040)={0x3ba}, 0x7)
r1 = socket(0x11, 0x3, 0x0)
setsockopt$packet_buf(r1, 0x107, 0xf, &(0x7f0000000280)="a933fb23", 0x4)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x0, 0x0)
sendfile(r1, r2, 0x0, 0xffffffff010)

[ 2576.004865] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[ 2576.017478] audit: type=1804 audit(1588638777.834:72): pid=24476 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir187076671/syzkaller.vDXwRA/1278/bus" dev="sda1" ino=17012 res=1
[ 2576.041951] audit: type=1800 audit(1588638777.854:73): pid=24478 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="syz-executor.1" name="file0" dev="sda1" ino=17021 res=0
[ 2576.081346] audit: type=1804 audit(1588638777.944:74): pid=24483 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=ToMToU comm="syz-executor.1" name="/root/syzkaller-testdir147527572/syzkaller.fWXSDR/1265/file0" dev="sda1" ino=17021 res=1
00:32:58 executing program 4:
sendmsg$NL80211_CMD_SET_REG(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="a8003ef3", @ANYRES16, @ANYBLOB="00042dbd7000fddbdf251a0000001c00228008000700020000000800010009000000080002000300000005009200010000001c0022800800040021c10000080003007d000000080003000800000008009a00020000004c0022800800040028000000080005000400000008000700010000000800030001000000084fcd971fdcd15cf93b0007000500000008000500b66800000800050001"], 0xa8}}, 0x0)
r0 = socket$unix(0x1, 0x5, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
sendmsg$AUDIT_GET(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000040), 0xc, 0x0}, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x23, &(0x7f0000000240)=[{&(0x7f00000000c0)="800000003804000019000300e601000a6c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0x4db, 0x400}], 0x4801, 0x0)

00:32:58 executing program 1:
open(&(0x7f0000000200)='./file0\x00', 0x1070c0, 0x0)
syz_mount_image$minix(&(0x7f0000000140)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
acct(&(0x7f0000000480)='./file0\x00')
umount2(&(0x7f0000000500)='./file0\x00', 0x0)

[ 2576.131440] Process accounting resumed
[ 2576.187620] audit: type=1800 audit(1588638778.054:75): pid=24490 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="syz-executor.1" name="file0" dev="sda1" ino=17026 res=0
[ 2576.216674] audit: type=1804 audit(1588638778.084:76): pid=24488 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir187076671/syzkaller.vDXwRA/1279/bus" dev="sda1" ino=17029 res=1
[ 2576.251999] VFS: Can't find a Minix filesystem V1 | V2 | V3 on device loop1.
[ 2576.323807] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[ 2576.355196] Process accounting resumed
[ 2576.363077] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[ 2576.376038] EXT4-fs (loop4): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[ 2576.419000] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
00:33:00 executing program 5:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)="0f34", 0x2}], 0x1, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f00000001c0)=""/1, 0x1}], 0x3, 0x0, 0x0, 0x0)
tkill(r0, 0x15)
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0xe7, &(0x7f0000000480)="f71559c80aa4cefd3b79e76a039acbd61caef13fff703cc78e402a21c67dbe3ec9ee6c2a3b818b0000000009eb2b5c9a61000039dfad3ec35ca3dfaa6d0e35475ace78a33eb2b7fcfdd45d247a877bbcdd0307b91e8e05257ee498343d11310dda51e11dc0d92d614498a96fd09b90c0b306ef4fcd32316c48f327739494cfd766e8741d9783e4dc2a1cccb48f7d11a12e7714d3b2ab3f7e145069c031dff4e03cebb733218d3f00c1505b36dae61f9430afbad35132ad1172403fa3de92466d47fa032032453d60b2a1c1080000000000000095c32dd6fb7092e7a73ceffe3f8c450343d34abd"}}], 0x1c)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x790000)

00:33:00 executing program 0:
r0 = open(&(0x7f0000000080)='./bus\x00', 0x1410c2, 0x0)
ftruncate(r0, 0x88001)
write$P9_RXATTRCREATE(r0, &(0x7f0000000040)={0x3ba}, 0x7)
r1 = socket(0x11, 0x3, 0x0)
bind(r1, &(0x7f0000000180)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x0, 0x0)
sendfile(r1, r2, 0x0, 0xffffffff010)

00:33:00 executing program 3:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)="0f34", 0x2}], 0x1, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
process_vm_writev(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
tkill(r0, 0x15)
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0xe4, &(0x7f0000000480)="f71559c80aa4cefd3b79e76a039acbd61caef13fff703cc78e402a21c67dbe3ec9ee6c2a3b818b0000000009eb2b5c9a61000039dfad3ec35ca3dfaa6d0e35475ace78a33eb2b7fcfdd45d247a877bbcdd0307b91e8e05257ee498343d11310dda51e11dc0d92d614498a96fd09b90c0b306ef4fcd32316c48f327739494cfd766e8741d9783e4dc2a1cccb48f7d11a12e7714d3b2ab3f7e145069c031dff4e03cebb733218d3f00c1505b36dae61f9430afbad35132ad1172403fa3de92466d47fa032032453d60b2a1c1080000000000000095c32dd6fb7092e7a73ceffe3f8c450343"}}], 0x1c)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

00:33:00 executing program 1:
open(&(0x7f0000000200)='./file0\x00', 0x1070c0, 0x0)
syz_mount_image$minix(&(0x7f0000000140)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f0000000040)="600084e002000a0000000001000000c98f13", 0x12, 0x400}], 0x0, 0x0)
acct(&(0x7f0000000480)='./file0\x00')
umount2(&(0x7f0000000500)='./file0\x00', 0x0)

00:33:00 executing program 4:
sendmsg$NL80211_CMD_SET_REG(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="a8003ef3", @ANYRES16, @ANYBLOB="00042dbd7000fddbdf251a0000001c00228008000700020000000800010009000000080002000300000005009200010000001c0022800800040021c10000080003007d000000080003000800000008009a00020000004c0022800800040028000000080005000400000008000700010000000800030001000000084fcd971fdcd15cf93b0007000500000008000500b66800000800050001"], 0xa8}}, 0x0)
r0 = socket$unix(0x1, 0x5, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
sendmsg$AUDIT_GET(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000040), 0xc, 0x0}, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x23, &(0x7f0000000240)=[{&(0x7f00000000c0)="800000003804000019000300e601000c6c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0x4db, 0x400}], 0x4801, 0x0)

00:33:00 executing program 0:
r0 = open(&(0x7f0000000080)='./bus\x00', 0x1410c2, 0x0)
ftruncate(r0, 0x88001)
write$P9_RXATTRCREATE(r0, &(0x7f0000000040)={0x3ba}, 0x7)
r1 = socket(0x11, 0x3, 0x0)
bind(r1, &(0x7f0000000180)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x0, 0x0)
sendfile(r1, r2, 0x0, 0xffffffff010)

00:33:00 executing program 2:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$usbfs(&(0x7f0000000180)='/dev/bus/usb/00#/00#\x00', 0x77, 0x1)
openat$vga_arbiter(0xffffffffffffff9c, 0x0, 0x0, 0x0)
syz_open_procfs(0x0, 0x0)
ioctl$USBDEVFS_IOCTL(r0, 0xc0105512, &(0x7f0000000040)=@usbdevfs_connect)
openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cachefiles\x00', 0x0, 0x0)
socket$unix(0x1, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)

[ 2578.864921] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[ 2578.867168] hub 9-0:1.0: USB hub found
[ 2578.879155] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[ 2578.890387] hub 9-0:1.0: 8 ports detected
[ 2578.918178] MINIX-fs: bad superblock or unable to read bitmaps
[ 2578.921047] EXT4-fs (loop4): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[ 2578.991157] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
00:33:00 executing program 1:
open(&(0x7f0000000200)='./file0\x00', 0x1070c0, 0x0)
syz_mount_image$minix(&(0x7f0000000140)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f0000000040)="600084e002000a0000000001000000c98f13", 0x12, 0x400}], 0x0, 0x0)
acct(&(0x7f0000000480)='./file0\x00')
umount2(&(0x7f0000000500)='./file0\x00', 0x0)

[ 2579.066279] Process accounting resumed
00:33:00 executing program 0:
r0 = open(&(0x7f0000000080)='./bus\x00', 0x1410c2, 0x0)
ftruncate(r0, 0x88001)
write$P9_RXATTRCREATE(r0, &(0x7f0000000040)={0x3ba}, 0x7)
r1 = socket(0x11, 0x3, 0x0)
bind(r1, &(0x7f0000000180)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x0, 0x0)
sendfile(r1, r2, 0x0, 0xffffffff010)

00:33:01 executing program 4:
sendmsg$NL80211_CMD_SET_REG(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="a8003ef3", @ANYRES16, @ANYBLOB="00042dbd7000fddbdf251a0000001c00228008000700020000000800010009000000080002000300000005009200010000001c0022800800040021c10000080003007d000000080003000800000008009a00020000004c0022800800040028000000080005000400000008000700010000000800030001000000084fcd971fdcd15cf93b0007000500000008000500b66800000800050001"], 0xa8}}, 0x0)
r0 = socket$unix(0x1, 0x5, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
sendmsg$AUDIT_GET(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000040), 0xc, 0x0}, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x23, &(0x7f0000000240)=[{&(0x7f00000000c0)="800000003804000019000300e60104106c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0x4db, 0x400}], 0x4801, 0x0)

[ 2579.229347] MINIX-fs: bad superblock or unable to read bitmaps
00:33:01 executing program 2:

[ 2579.275746] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[ 2579.291431] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
00:33:01 executing program 1:
open(&(0x7f0000000200)='./file0\x00', 0x1070c0, 0x0)
syz_mount_image$minix(&(0x7f0000000140)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f0000000040)="600084e002000a0000000001000000c98f13", 0x12, 0x400}], 0x0, 0x0)
acct(&(0x7f0000000480)='./file0\x00')
umount2(&(0x7f0000000500)='./file0\x00', 0x0)

[ 2579.339115] EXT4-fs (loop4): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[ 2579.343694] Process accounting resumed
[ 2579.388529] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[ 2579.462768] MINIX-fs: bad superblock or unable to read bitmaps
[ 2579.533225] Process accounting resumed
00:33:03 executing program 5:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)="0f34", 0x2}], 0x1, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f00000001c0)=""/1, 0x1}], 0x3, 0x0, 0x0, 0x0)
tkill(r0, 0x15)
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0xe7, &(0x7f0000000480)="f71559c80aa4cefd3b79e76a039acbd61caef13fff703cc78e402a21c67dbe3ec9ee6c2a3b818b0000000009eb2b5c9a61000039dfad3ec35ca3dfaa6d0e35475ace78a33eb2b7fcfdd45d247a877bbcdd0307b91e8e05257ee498343d11310dda51e11dc0d92d614498a96fd09b90c0b306ef4fcd32316c48f327739494cfd766e8741d9783e4dc2a1cccb48f7d11a12e7714d3b2ab3f7e145069c031dff4e03cebb733218d3f00c1505b36dae61f9430afbad35132ad1172403fa3de92466d47fa032032453d60b2a1c1080000000000000095c32dd6fb7092e7a73ceffe3f8c450343d34abd"}}], 0x1c)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0xa07300)

00:33:03 executing program 0:
r0 = open(&(0x7f0000000080)='./bus\x00', 0x1410c2, 0x0)
ftruncate(r0, 0x88001)
write$P9_RXATTRCREATE(r0, &(0x7f0000000040)={0x3ba}, 0x7)
setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0xf, &(0x7f0000000280)="a933fb23", 0x4)
bind(0xffffffffffffffff, &(0x7f0000000180)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80)
r1 = open(&(0x7f00000000c0)='./bus\x00', 0x0, 0x0)
sendfile(0xffffffffffffffff, r1, 0x0, 0xffffffff010)

[ 2581.469114] kauditd_printk_skb: 10 callbacks suppressed
[ 2581.469128] audit: type=1804 audit(1588638783.334:87): pid=24583 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir187076671/syzkaller.vDXwRA/1283/bus" dev="sda1" ino=17217 res=1
00:33:03 executing program 4:
sendmsg$NL80211_CMD_SET_REG(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="a8003ef3", @ANYRES16, @ANYBLOB="00042dbd7000fddbdf251a0000001c00228008000700020000000800010009000000080002000300000005009200010000001c0022800800040021c10000080003007d000000080003000800000008009a00020000004c0022800800040028000000080005000400000008000700010000000800030001000000084fcd971fdcd15cf93b0007000500000008000500b66800000800050001"], 0xa8}}, 0x0)
r0 = socket$unix(0x1, 0x5, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
sendmsg$AUDIT_GET(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000040), 0xc, 0x0}, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x23, &(0x7f0000000240)=[{&(0x7f00000000c0)="800000003804000019000300e60100206c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0x4db, 0x400}], 0x4801, 0x0)

00:33:03 executing program 2:

00:33:03 executing program 1:
open(&(0x7f0000000200)='./file0\x00', 0x1070c0, 0x0)
syz_mount_image$minix(&(0x7f0000000140)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000040)="600084e002000a0000000001000000c98f13", 0x12, 0x400}, {0x0, 0x0, 0x34f9}], 0x0, 0x0)
acct(&(0x7f0000000480)='./file0\x00')
umount2(&(0x7f0000000500)='./file0\x00', 0x0)

00:33:03 executing program 3:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)="0f34", 0x2}], 0x1, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}], 0x2, 0x0, 0x0, 0x0)
tkill(r0, 0x15)
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0xe4, &(0x7f0000000480)="f71559c80aa4cefd3b79e76a039acbd61caef13fff703cc78e402a21c67dbe3ec9ee6c2a3b818b0000000009eb2b5c9a61000039dfad3ec35ca3dfaa6d0e35475ace78a33eb2b7fcfdd45d247a877bbcdd0307b91e8e05257ee498343d11310dda51e11dc0d92d614498a96fd09b90c0b306ef4fcd32316c48f327739494cfd766e8741d9783e4dc2a1cccb48f7d11a12e7714d3b2ab3f7e145069c031dff4e03cebb733218d3f00c1505b36dae61f9430afbad35132ad1172403fa3de92466d47fa032032453d60b2a1c1080000000000000095c32dd6fb7092e7a73ceffe3f8c450343"}}], 0x1c)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

00:33:03 executing program 0:
r0 = open(&(0x7f0000000080)='./bus\x00', 0x1410c2, 0x0)
ftruncate(r0, 0x88001)
write$P9_RXATTRCREATE(r0, &(0x7f0000000040)={0x3ba}, 0x7)
setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0xf, &(0x7f0000000280)="a933fb23", 0x4)
bind(0xffffffffffffffff, &(0x7f0000000180)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80)
r1 = open(&(0x7f00000000c0)='./bus\x00', 0x0, 0x0)
sendfile(0xffffffffffffffff, r1, 0x0, 0xffffffff010)

00:33:03 executing program 2:

[ 2581.891602] audit: type=1804 audit(1588638783.764:88): pid=24590 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir187076671/syzkaller.vDXwRA/1284/bus" dev="sda1" ino=17266 res=1
[ 2581.925533] MINIX-fs: mounting unchecked file system, running fsck is recommended
00:33:03 executing program 0:
r0 = open(&(0x7f0000000080)='./bus\x00', 0x1410c2, 0x0)
ftruncate(r0, 0x88001)
write$P9_RXATTRCREATE(r0, &(0x7f0000000040)={0x3ba}, 0x7)
setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0xf, &(0x7f0000000280)="a933fb23", 0x4)
bind(0xffffffffffffffff, &(0x7f0000000180)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80)
r1 = open(&(0x7f00000000c0)='./bus\x00', 0x0, 0x0)
sendfile(0xffffffffffffffff, r1, 0x0, 0xffffffff010)

[ 2581.950910] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[ 2581.976109] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
00:33:03 executing program 2:

[ 2581.989695] audit: type=1800 audit(1588638783.774:89): pid=24592 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="syz-executor.1" name="file0" dev="sda1" ino=15887 res=0
[ 2582.000323] minix_free_inode: bit 1 already cleared
[ 2582.040178] EXT4-fs (loop4): ext4_check_descriptors: Inode table for group 0 overlaps superblock
00:33:03 executing program 1:
open(&(0x7f0000000200)='./file0\x00', 0x1070c0, 0x0)
syz_mount_image$minix(&(0x7f0000000140)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000040)="600084e002000a0000000001000000c98f13", 0x12, 0x400}, {0x0, 0x0, 0x34f9}], 0x0, 0x0)
acct(&(0x7f0000000480)='./file0\x00')
umount2(&(0x7f0000000500)='./file0\x00', 0x0)

00:33:04 executing program 2:

[ 2582.091641] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[ 2582.117371] audit: type=1804 audit(1588638783.984:90): pid=24606 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir187076671/syzkaller.vDXwRA/1285/bus" dev="sda1" ino=17233 res=1
[ 2582.227688] audit: type=1800 audit(1588638784.094:91): pid=24614 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="syz-executor.1" name="file0" dev="sda1" ino=17201 res=0
[ 2582.277493] MINIX-fs: mounting unchecked file system, running fsck is recommended
[ 2582.320066] minix_free_inode: bit 1 already cleared
00:33:06 executing program 5:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)="0f34", 0x2}], 0x1, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f00000001c0)=""/1, 0x1}], 0x3, 0x0, 0x0, 0x0)
tkill(r0, 0x15)
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0xe7, &(0x7f0000000480)="f71559c80aa4cefd3b79e76a039acbd61caef13fff703cc78e402a21c67dbe3ec9ee6c2a3b818b0000000009eb2b5c9a61000039dfad3ec35ca3dfaa6d0e35475ace78a33eb2b7fcfdd45d247a877bbcdd0307b91e8e05257ee498343d11310dda51e11dc0d92d614498a96fd09b90c0b306ef4fcd32316c48f327739494cfd766e8741d9783e4dc2a1cccb48f7d11a12e7714d3b2ab3f7e145069c031dff4e03cebb733218d3f00c1505b36dae61f9430afbad35132ad1172403fa3de92466d47fa032032453d60b2a1c1080000000000000095c32dd6fb7092e7a73ceffe3f8c450343d34abd"}}], 0x1c)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0xb05300)

00:33:06 executing program 0:
r0 = open(&(0x7f0000000080)='./bus\x00', 0x1410c2, 0x0)
ftruncate(r0, 0x88001)
r1 = socket(0x11, 0x3, 0x0)
setsockopt$packet_buf(r1, 0x107, 0xf, &(0x7f0000000280)="a933fb23", 0x4)
bind(r1, &(0x7f0000000180)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x0, 0x0)
sendfile(r1, r2, 0x0, 0xffffffff010)

00:33:06 executing program 4:
sendmsg$NL80211_CMD_SET_REG(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="a8003ef3", @ANYRES16, @ANYBLOB="00042dbd7000fddbdf251a0000001c00228008000700020000000800010009000000080002000300000005009200010000001c0022800800040021c10000080003007d000000080003000800000008009a00020000004c0022800800040028000000080005000400000008000700010000000800030001000000084fcd971fdcd15cf93b0007000500000008000500b66800000800050001"], 0xa8}}, 0x0)
r0 = socket$unix(0x1, 0x5, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
sendmsg$AUDIT_GET(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000040), 0xc, 0x0}, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x23, &(0x7f0000000240)=[{&(0x7f00000000c0)="800000003804000019000300e60100226c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0x4db, 0x400}], 0x4801, 0x0)

00:33:06 executing program 2:

[ 2584.502777] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[ 2584.512914] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[ 2584.526954] EXT4-fs (loop4): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[ 2584.538004] audit: type=1804 audit(1588638786.414:92): pid=24626 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir187076671/syzkaller.vDXwRA/1286/bus" dev="sda1" ino=17329 res=1
[ 2584.587497] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
00:33:06 executing program 3:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)="0f34", 0x2}], 0x1, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}], 0x2, 0x0, 0x0, 0x0)
tkill(r0, 0x15)
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0xe4, &(0x7f0000000480)="f71559c80aa4cefd3b79e76a039acbd61caef13fff703cc78e402a21c67dbe3ec9ee6c2a3b818b0000000009eb2b5c9a61000039dfad3ec35ca3dfaa6d0e35475ace78a33eb2b7fcfdd45d247a877bbcdd0307b91e8e05257ee498343d11310dda51e11dc0d92d614498a96fd09b90c0b306ef4fcd32316c48f327739494cfd766e8741d9783e4dc2a1cccb48f7d11a12e7714d3b2ab3f7e145069c031dff4e03cebb733218d3f00c1505b36dae61f9430afbad35132ad1172403fa3de92466d47fa032032453d60b2a1c1080000000000000095c32dd6fb7092e7a73ceffe3f8c450343"}}], 0x1c)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

00:33:06 executing program 1:
open(&(0x7f0000000200)='./file0\x00', 0x1070c0, 0x0)
syz_mount_image$minix(&(0x7f0000000140)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000040)="600084e002000a0000000001000000c98f13", 0x12, 0x400}, {0x0, 0x0, 0x34f9}], 0x0, 0x0)
acct(&(0x7f0000000480)='./file0\x00')
umount2(&(0x7f0000000500)='./file0\x00', 0x0)

00:33:06 executing program 2:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x2000000000000074, 0x25d)
bind$inet(r0, &(0x7f0000000280)={0x2, 0x4e23, @multicast1}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x220007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
sendto$inet(r0, &(0x7f00000012c0)="0c268a927f1f6588b967480a41ba7860f46ef65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95c25a3a07e758044ab4ea6f7ae55d88fecf90b1a7511bf746bec66ba", 0xfe6a, 0x11, 0x0, 0x170)

00:33:06 executing program 0:
r0 = open(&(0x7f0000000080)='./bus\x00', 0x1410c2, 0x0)
ftruncate(r0, 0x88001)
r1 = socket(0x11, 0x3, 0x0)
setsockopt$packet_buf(r1, 0x107, 0xf, &(0x7f0000000280)="a933fb23", 0x4)
bind(r1, &(0x7f0000000180)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x0, 0x0)
sendfile(r1, r2, 0x0, 0xffffffff010)

00:33:06 executing program 4:
sendmsg$NL80211_CMD_SET_REG(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="a8003ef3", @ANYRES16, @ANYBLOB="00042dbd7000fddbdf251a0000001c00228008000700020000000800010009000000080002000300000005009200010000001c0022800800040021c10000080003007d000000080003000800000008009a00020000004c0022800800040028000000080005000400000008000700010000000800030001000000084fcd971fdcd15cf93b0007000500000008000500b66800000800050001"], 0xa8}}, 0x0)
r0 = socket$unix(0x1, 0x5, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
sendmsg$AUDIT_GET(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000040), 0xc, 0x0}, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x23, &(0x7f0000000240)=[{&(0x7f00000000c0)="800000003804000019000300e60100236c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0x4db, 0x400}], 0x4801, 0x0)

00:33:06 executing program 2:
clone(0x20002104ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
exit_group(0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000400)=ANY=[@ANYBLOB="d00800002400ffffff7f0a000410ffffa6fffff7", @ANYRES32, @ANYBLOB="0000000bf1ffffff0000000b0800010063627100a40802000404060003000000050008a000700300fdffffffffff00001f0000000500000000020000010000000000100083000000fd"], 0x8d0}}, 0x0)
open(0x0, 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000080))
sendmmsg$alg(0xffffffffffffffff, 0x0, 0x0, 0x0)

[ 2584.996378] audit: type=1800 audit(1588638786.864:93): pid=24651 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="syz-executor.1" name="file0" dev="sda1" ino=17015 res=0
[ 2585.022612] MINIX-fs: mounting unchecked file system, running fsck is recommended
[ 2585.037283] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
00:33:07 executing program 0:
r0 = open(&(0x7f0000000080)='./bus\x00', 0x1410c2, 0x0)
ftruncate(r0, 0x88001)
r1 = socket(0x11, 0x3, 0x0)
setsockopt$packet_buf(r1, 0x107, 0xf, &(0x7f0000000280)="a933fb23", 0x4)
bind(r1, &(0x7f0000000180)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x0, 0x0)
sendfile(r1, r2, 0x0, 0xffffffff010)

[ 2585.062846] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[ 2585.084836] EXT4-fs (loop4): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[ 2585.102515] minix_free_inode: bit 1 already cleared
00:33:07 executing program 1:
open(&(0x7f0000000200)='./file0\x00', 0x1070c0, 0x0)
syz_mount_image$minix(&(0x7f0000000140)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000040)="600084e002000a0000000001000000c98f13", 0x12, 0x400}, {&(0x7f0000000880), 0x0, 0x34f9}], 0x0, 0x0)
acct(&(0x7f0000000480)='./file0\x00')
umount2(&(0x7f0000000500)='./file0\x00', 0x0)

[ 2585.132066] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[ 2585.284705] audit: type=1800 audit(1588638787.144:94): pid=24679 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="syz-executor.1" name="file0" dev="sda1" ino=17044 res=0
[ 2585.316947] MINIX-fs: mounting unchecked file system, running fsck is recommended
[ 2585.332994] audit: type=1804 audit(1588638787.174:95): pid=24680 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir187076671/syzkaller.vDXwRA/1288/bus" dev="sda1" ino=17051 res=1
[ 2585.419849] minix_free_inode: bit 1 already cleared
00:33:09 executing program 2:
r0 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r0, &(0x7f00000002c0)={0x0, 0x48, &(0x7f0000000080)=[{&(0x7f0000000040)="2e00000025000511d25a80648c63940d0524fc60040010000a0011000200000037153e370a00098002000000d1bd", 0x2e}], 0x1}, 0x0)

00:33:09 executing program 5:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)="0f34", 0x2}], 0x1, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f00000001c0)=""/1, 0x1}], 0x3, 0x0, 0x0, 0x0)
tkill(r0, 0x15)
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0xe7, &(0x7f0000000480)="f71559c80aa4cefd3b79e76a039acbd61caef13fff703cc78e402a21c67dbe3ec9ee6c2a3b818b0000000009eb2b5c9a61000039dfad3ec35ca3dfaa6d0e35475ace78a33eb2b7fcfdd45d247a877bbcdd0307b91e8e05257ee498343d11310dda51e11dc0d92d614498a96fd09b90c0b306ef4fcd32316c48f327739494cfd766e8741d9783e4dc2a1cccb48f7d11a12e7714d3b2ab3f7e145069c031dff4e03cebb733218d3f00c1505b36dae61f9430afbad35132ad1172403fa3de92466d47fa032032453d60b2a1c1080000000000000095c32dd6fb7092e7a73ceffe3f8c450343d34abd"}}], 0x1c)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0xb90000)

00:33:09 executing program 0:
r0 = open(&(0x7f0000000080)='./bus\x00', 0x1410c2, 0x0)
write$P9_RXATTRCREATE(r0, &(0x7f0000000040)={0x3ba}, 0x7)
r1 = socket(0x11, 0x3, 0x0)
setsockopt$packet_buf(r1, 0x107, 0xf, &(0x7f0000000280)="a933fb23", 0x4)
bind(r1, &(0x7f0000000180)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x0, 0x0)
sendfile(r1, r2, 0x0, 0xffffffff010)

00:33:09 executing program 4:
sendmsg$NL80211_CMD_SET_REG(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="a8003ef3", @ANYRES16, @ANYBLOB="00042dbd7000fddbdf251a0000001c00228008000700020000000800010009000000080002000300000005009200010000001c0022800800040021c10000080003007d000000080003000800000008009a00020000004c0022800800040028000000080005000400000008000700010000000800030001000000084fcd971fdcd15cf93b0007000500000008000500b66800000800050001"], 0xa8}}, 0x0)
r0 = socket$unix(0x1, 0x5, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
sendmsg$AUDIT_GET(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000040), 0xc, 0x0}, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x23, &(0x7f0000000240)=[{&(0x7f00000000c0)="800000003804000019000300e601002c6c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0x4db, 0x400}], 0x4801, 0x0)

[ 2587.535308] netlink: 'syz-executor.2': attribute type 17 has an invalid length.
[ 2587.551052] netlink: 'syz-executor.2': attribute type 9 has an invalid length.
[ 2587.559083] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[ 2587.571065] audit: type=1804 audit(1588638789.444:96): pid=24691 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir187076671/syzkaller.vDXwRA/1289/bus" dev="sda1" ino=17066 res=1
[ 2587.585477] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[ 2587.620281] EXT4-fs (loop4): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[ 2587.651591] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
00:33:09 executing program 3:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)="0f34", 0x2}], 0x1, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}], 0x2, 0x0, 0x0, 0x0)
tkill(r0, 0x15)
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0xe4, &(0x7f0000000480)="f71559c80aa4cefd3b79e76a039acbd61caef13fff703cc78e402a21c67dbe3ec9ee6c2a3b818b0000000009eb2b5c9a61000039dfad3ec35ca3dfaa6d0e35475ace78a33eb2b7fcfdd45d247a877bbcdd0307b91e8e05257ee498343d11310dda51e11dc0d92d614498a96fd09b90c0b306ef4fcd32316c48f327739494cfd766e8741d9783e4dc2a1cccb48f7d11a12e7714d3b2ab3f7e145069c031dff4e03cebb733218d3f00c1505b36dae61f9430afbad35132ad1172403fa3de92466d47fa032032453d60b2a1c1080000000000000095c32dd6fb7092e7a73ceffe3f8c450343"}}], 0x1c)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

00:33:09 executing program 1:
open(&(0x7f0000000200)='./file0\x00', 0x1070c0, 0x0)
syz_mount_image$minix(&(0x7f0000000140)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000040)="600084e002000a0000000001000000c98f13", 0x12, 0x400}, {&(0x7f0000000880), 0x0, 0x34f9}], 0x0, 0x0)
acct(&(0x7f0000000480)='./file0\x00')
umount2(&(0x7f0000000500)='./file0\x00', 0x0)

00:33:09 executing program 2:
syz_emit_ethernet(0x4a, &(0x7f0000000400)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}, @remote, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "209200", 0x14, 0x6, 0x0, @remote, @local, {[], {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x0)

00:33:09 executing program 0:
r0 = open(&(0x7f0000000080)='./bus\x00', 0x1410c2, 0x0)
write$P9_RXATTRCREATE(r0, &(0x7f0000000040)={0x3ba}, 0x7)
r1 = socket(0x11, 0x3, 0x0)
setsockopt$packet_buf(r1, 0x107, 0xf, &(0x7f0000000280)="a933fb23", 0x4)
bind(r1, &(0x7f0000000180)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x0, 0x0)
sendfile(r1, r2, 0x0, 0xffffffff010)

00:33:09 executing program 4:
sendmsg$NL80211_CMD_SET_REG(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="a8003ef3", @ANYRES16, @ANYBLOB="00042dbd7000fddbdf251a0000001c00228008000700020000000800010009000000080002000300000005009200010000001c0022800800040021c10000080003007d000000080003000800000008009a00020000004c0022800800040028000000080005000400000008000700010000000800030001000000084fcd971fdcd15cf93b0007000500000008000500b66800000800050001"], 0xa8}}, 0x0)
r0 = socket$unix(0x1, 0x5, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
sendmsg$AUDIT_GET(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000040), 0xc, 0x0}, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x23, &(0x7f0000000240)=[{&(0x7f00000000c0)="800000003804000019000300e601002d6c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0x4db, 0x400}], 0x4801, 0x0)

[ 2588.042206] audit: type=1800 audit(1588638789.914:97): pid=24717 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="syz-executor.1" name="file0" dev="sda1" ino=17072 res=0
00:33:09 executing program 2:
r0 = socket(0x1000000010, 0x80002, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000400)=ANY=[@ANYBLOB="d00800002400ffffff7f0a000410ffffa6fffff7", @ANYRES32, @ANYBLOB="0000000bf1ffffff0000000b0800010063627100a40802000404060003000000050008a000700300fdffffffffff00001f0000000500000000020000010000000000100083000000fdffffff07000000084900000100000002000000cf000000feffffff080000000180000003000000090000000200000000274a49ef6949a7bb000000050000000100000004000000ff7f000000000000000400000002000004000000ff0f0000f44f350001000000010400005eb768350100000008000000ffffffffc38d00001f000000040008830600000000000100f7ffffff030000000080ffff050000000600000006000000a900000000000000c0000000c0ffffff08000000018000000101000006000000b300000000000020050000000104000004000000070000000800000001010000c22e0000c0ffffff0500000004000000060000000900000008000000f7ffffff0800000003000000080000000400000001000080040000000400000000100000040000000700000009000000fcffffff01000000010000000900000000020000060e0000080000000200000002000000090000000800000007000000ab000000fb00000007000000ff0100000800000001040000070000000300000009000000ff07000008000000ffff0000a90100000900000005000000200000000500000001000000070000008eb7000000000080010000000000000007000000fffffffffcffffff01f0ffff000000003f00000003000000000100000080000000800000030000000500000005000000ffffffff0700000015ba000004000000070000000300000003000000ffffffff04000000554f00006ff800000700000003000000000200000600000008000000b300000006000000000000000007000001010000030000000080000000040000730a000001000080010000009e0c0000000800000100008000000000000000004000000000fefffff67d000004000000ff01000002000000000000004000000040000000ed000000010001000e0a05000000000000020000040000000600000002000000ff7f00000100000001000000060000007f000000020000000004000004000000090000009000000008000000b6000000040000000400000005000000f50a0000ffff0000060000008ff9ffff070000001eaaffff3f0000008000000000000000ff0c0000ff7f0000030000007f0000002d0000000800000000010000ff070000ffffffff2bab000002000000ace800000500000000000000e1bf934d070000001f000d000300000004000000070000000900000005000000030000000200000087d400000200000008000000000100007f0000000e000000080000000200000007000000ffffff7f06000000000000000500000001000000820000001f0000000004000001000000faffffff0500000006000000070000000300000010000500810306009fff04000800000004040600d90b0000ff00000005000000040000001ba2cc3b00000080010000003f000000ff0f0000bd52c97303000000be060000fffffffffffeffff7f000000ff0000008100000000db040009000000070000000300000000000000060000008f5e0000010000000002000006000000010100000200000007000000000000e0318900000104000000efff000600000004000000080000000400000002000000c00000000800000008000000f7ffffff05000000810000004d00000001000080eb0700001f000000090000000800000001000000000000000000000002000000ffff00000100000002000000000000e0a000000040000000ff000000f7ffffff0500000009000000070000000600000028080000030000000600000004000000be00000003000000070000000500000038080000faffffffffffffff47b5554d001000008100000007000000ffffff5e6d4e2d000100000002000000566b00002000000004000000020000008b01000001000000ffff000004000000ff0f0000050000002000000003000000e40d000007000000f8ffffff200000003f000000387f00000700000007000000c10a000009000000040000000400000000000000008000000100008009000000370b000000000000ff07000006000000bb7900000400000002000000ffffff7f0300000000000000090000000700000005000000000000807f0000000900000008000000fad4ffffff01000001010000010000003f0000000400000020f2ffff01000100ffff0000010000000200000008000000fbfffffff9ffffff040000004d000000060000000200000002000000070000004e0d0000000200000800000035000000300e00000700000000040000020000000180000020000000f2ffffff070000000500000000010000fffffeff0900000000080000070000000800000009000000ff7f00000900000004000000040000000000000006000000050000000100000009000000080000007e0700000300000000800000bf16000002000006000000ffee00000001000000000000000010f7006305000000000000000000007f00000010080000000000000100008002000000080000000101000003000000ffffff7ffffffffff7ffffff0600000003000000a6060000ff0300000700000001800000090000000200000000000000040000000080ffff00020000070000000500000001000100000000800000af06060000002b0a000005000000010000000500000009000000040000000500000002000000ffffff7ff30000000800000002000000ffff0000ff070000810000004000000075fc000009000000fbffffff0500000000000000810000000100000080000000d05e0000020000001f00000000000000ff010000451e00002d00000000000000ff0000001000030008001000ff070000010000001800010039"], 0x8d0}}, 0x0)
sendmmsg$alg(r0, &(0x7f0000000200), 0x10efe10675dec16, 0x0)

[ 2588.069001] audit: type=1804 audit(1588638789.934:98): pid=24719 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir187076671/syzkaller.vDXwRA/1290/bus" dev="sda1" ino=17361 res=1
[ 2588.119060] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[ 2588.132865] MINIX-fs: mounting unchecked file system, running fsck is recommended
[ 2588.155141] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
00:33:10 executing program 0:
r0 = open(&(0x7f0000000080)='./bus\x00', 0x1410c2, 0x0)
write$P9_RXATTRCREATE(r0, &(0x7f0000000040)={0x3ba}, 0x7)
r1 = socket(0x11, 0x3, 0x0)
setsockopt$packet_buf(r1, 0x107, 0xf, &(0x7f0000000280)="a933fb23", 0x4)
bind(r1, &(0x7f0000000180)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x0, 0x0)
sendfile(r1, r2, 0x0, 0xffffffff010)

[ 2588.184470] audit: type=1804 audit(1588638790.014:99): pid=24728 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=ToMToU comm="syz-executor.1" name="/root/syzkaller-testdir147527572/syzkaller.fWXSDR/1274/file0" dev="sda1" ino=17072 res=1
[ 2588.220021] EXT4-fs (loop4): ext4_check_descriptors: Inode table for group 0 overlaps superblock
00:33:10 executing program 1:
open(&(0x7f0000000200)='./file0\x00', 0x1070c0, 0x0)
syz_mount_image$minix(&(0x7f0000000140)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000040)="600084e002000a0000000001000000c98f13", 0x12, 0x400}, {&(0x7f0000000880), 0x0, 0x34f9}], 0x0, 0x0)
acct(&(0x7f0000000480)='./file0\x00')
umount2(&(0x7f0000000500)='./file0\x00', 0x0)

[ 2588.254058] Process accounting resumed
[ 2588.281684] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[ 2588.319823] minix_free_inode: bit 1 already cleared
00:33:10 executing program 2:
syz_mount_image$vfat(&(0x7f0000000040)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000380)=[{&(0x7f0000000100)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
ioctl$FITRIM(r0, 0x82307201, 0x0)
ioctl$RTC_AIE_OFF(r0, 0x7002)
r1 = socket(0x40000000002, 0x3, 0x2)
setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000100)='batadv0\x00', 0x10)
sendmsg$IPVS_CMD_DEL_SERVICE(r1, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000140)={&(0x7f0000000080)={0x6c, 0x0, 0x200, 0x70bd26, 0x25dfdbff, {}, [@IPVS_CMD_ATTR_DAEMON={0x20, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'veth0_to_bond\x00'}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x6, 0x7, 0x4e20}]}, @IPVS_CMD_ATTR_SERVICE={0x38, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_PORT={0x6, 0x4, 0x4e23}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x3}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x1}, @IPVS_SVC_ATTR_SCHED_NAME={0xa, 0x6, 'lblcr\x00'}, @IPVS_SVC_ATTR_NETMASK={0x8, 0x9, 0x56}, @IPVS_SVC_ATTR_NETMASK={0x8, 0x9, 0x53}]}]}, 0x6c}, 0x1, 0x0, 0x0, 0x80}, 0xc000)
pipe2(&(0x7f00000001c0), 0x80800)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg(0xffffffffffffffff, 0x0, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = socket$inet6_sctp(0xa, 0x801, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r3, 0x84, 0x64, &(0x7f0000cf6fe4)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c)
r4 = getpid()
sched_setscheduler(r4, 0x5, &(0x7f0000000380))
connect$inet6(r3, &(0x7f0000000080)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
r5 = open(&(0x7f0000000080)='./bus\x00', 0x141042, 0x0)
ptrace$getsig(0x4202, 0x0, 0x0, &(0x7f0000000240))
ftruncate(r5, 0x200004)

[ 2588.323866] audit: type=1804 audit(1588638790.194:100): pid=24736 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir187076671/syzkaller.vDXwRA/1291/bus" dev="sda1" ino=17017 res=1
[ 2588.524325] audit: type=1800 audit(1588638790.394:101): pid=24748 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="syz-executor.1" name="file0" dev="sda1" ino=17063 res=0
[ 2588.561559] MINIX-fs: mounting unchecked file system, running fsck is recommended
[ 2588.630818] minix_free_inode: bit 1 already cleared
00:33:12 executing program 0:
ftruncate(0xffffffffffffffff, 0x88001)
write$P9_RXATTRCREATE(0xffffffffffffffff, &(0x7f0000000040)={0x3ba}, 0x7)
r0 = socket(0x11, 0x3, 0x0)
setsockopt$packet_buf(r0, 0x107, 0xf, &(0x7f0000000280)="a933fb23", 0x4)
bind(r0, &(0x7f0000000180)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80)
r1 = open(&(0x7f00000000c0)='./bus\x00', 0x0, 0x0)
sendfile(r0, r1, 0x0, 0xffffffff010)

00:33:12 executing program 5:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)="0f34", 0x2}], 0x1, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f00000001c0)=""/1, 0x1}], 0x3, 0x0, 0x0, 0x0)
tkill(r0, 0x15)
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0xe7, &(0x7f0000000480)="f71559c80aa4cefd3b79e76a039acbd61caef13fff703cc78e402a21c67dbe3ec9ee6c2a3b818b0000000009eb2b5c9a61000039dfad3ec35ca3dfaa6d0e35475ace78a33eb2b7fcfdd45d247a877bbcdd0307b91e8e05257ee498343d11310dda51e11dc0d92d614498a96fd09b90c0b306ef4fcd32316c48f327739494cfd766e8741d9783e4dc2a1cccb48f7d11a12e7714d3b2ab3f7e145069c031dff4e03cebb733218d3f00c1505b36dae61f9430afbad35132ad1172403fa3de92466d47fa032032453d60b2a1c1080000000000000095c32dd6fb7092e7a73ceffe3f8c450343d34abd"}}], 0x1c)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x1000000)

00:33:12 executing program 1:
open(&(0x7f0000000200)='./file0\x00', 0x1070c0, 0x0)
syz_mount_image$minix(&(0x7f0000000140)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000040)="600084e002000a0000000001000000c98f13", 0x12, 0x400}, {&(0x7f0000000880)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494fcbcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5fe6", 0x193, 0x34f9}], 0x0, 0x0)
acct(&(0x7f0000000480)='./file0\x00')
umount2(&(0x7f0000000500)='./file0\x00', 0x0)

[ 2590.563666] audit: type=1800 audit(1588638792.434:102): pid=24762 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="syz-executor.1" name="file0" dev="sda1" ino=17053 res=0
[ 2590.598628] MINIX-fs: mounting unchecked file system, running fsck is recommended
[ 2590.649777] minix_free_inode: bit 1 already cleared
00:33:12 executing program 3:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)="0f34", 0x2}], 0x1, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {0x0}], 0x3, 0x0, 0x0, 0x0)
tkill(r0, 0x15)
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0xe4, &(0x7f0000000480)="f71559c80aa4cefd3b79e76a039acbd61caef13fff703cc78e402a21c67dbe3ec9ee6c2a3b818b0000000009eb2b5c9a61000039dfad3ec35ca3dfaa6d0e35475ace78a33eb2b7fcfdd45d247a877bbcdd0307b91e8e05257ee498343d11310dda51e11dc0d92d614498a96fd09b90c0b306ef4fcd32316c48f327739494cfd766e8741d9783e4dc2a1cccb48f7d11a12e7714d3b2ab3f7e145069c031dff4e03cebb733218d3f00c1505b36dae61f9430afbad35132ad1172403fa3de92466d47fa032032453d60b2a1c1080000000000000095c32dd6fb7092e7a73ceffe3f8c450343"}}], 0x1c)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

00:33:12 executing program 4:
sendmsg$NL80211_CMD_SET_REG(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="a8003ef3", @ANYRES16, @ANYBLOB="00042dbd7000fddbdf251a0000001c00228008000700020000000800010009000000080002000300000005009200010000001c0022800800040021c10000080003007d000000080003000800000008009a00020000004c0022800800040028000000080005000400000008000700010000000800030001000000084fcd971fdcd15cf93b0007000500000008000500b66800000800050001"], 0xa8}}, 0x0)
r0 = socket$unix(0x1, 0x5, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
sendmsg$AUDIT_GET(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000040), 0xc, 0x0}, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x23, &(0x7f0000000240)=[{&(0x7f00000000c0)="800000003804000019000300e60104376c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0x4db, 0x400}], 0x4801, 0x0)

00:33:12 executing program 2:
r0 = getpid()
prctl$PR_SET_PTRACER(0x59616d61, r0)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r1 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
r2 = socket$inet(0x2, 0x4000000000000001, 0x0)
r3 = dup2(r2, r2)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
vmsplice(0xffffffffffffffff, &(0x7f00000012c0)=[{&(0x7f0000000000)="a298d0ef7f9ec0de6e18290bb84ef303d951ff45dd9b2c882a183144b0beac69ed7aa5981eb09e7937129d3b78003560810939b3d8b6ce5c5b0aa071a48ba86245b721abf90b4e42ba577270bb645b117bfc03fe760a3812e31aaa11c2de4f9677401a6ee692cd2435775006f336c1419579bc893608597f0e81b9762c20b2784f8af955c81f286b2e1026e04c326f1f623d1862ae2006c81dfb71f9b0c3da3beb7aafc397bac8ce61e7aa0624e2cdd1b3b5f002a73f47968a2ee768a4b3810c6929d61a41d63d0e0743ee1db392edad87e2e86fd00e7e54d453939e7356", 0xde}, {&(0x7f0000000100)="daf82f37f8a52419d91abdca883fac3456297c17748489047725da4bd4d729e4d805f912c4f61752f6e87614b3c7768926790c08a38878601f558bf732ccef", 0x3f}, {&(0x7f0000000140)="e000bb3de9cf9dc4deb608d74d7297fea0646262fdd2939ae74078d224b69a31336bee0e85fd0704ad1a10e3cbd0d7d9553fb0158ea52a03600588fb57aeb842f8ae4f2d999af2f9bee1711e029bbe4b8b697c4468841abbc54567a418ed53972ac90a04ceb2974233038420bbaec99454a9b97222bd52cfbe6e90733f7109dc9c35d135123cdad966b8b9f5f262a66ace57b78e097d617d930e3d3189a8673336adcb34068e3b8961b60940dfa33c447a8c144392f24027355fe7633e769911493af707000000000000882d23f61d3fd373a53cba7af133963a676fbbe5d146", 0xe0}, {&(0x7f0000000240)="1e28000000008633dec75d2a6e30e311d489f5ff41733f553ebf70b6b68a3459f598f55a204f867c8e67ee6e2fa6725d61410c3704f851259dff3df1a0fbc897b6af57", 0x43}, {&(0x7f00000002c0)="a8c1a4de22b766c8ba1ee8aff5a692d474c4ee8563a0c658f4ff8e84a6ce35bcaef88cd5a8aefd1f94dbd858b1cc36a97c8eda0c7c41566a3b08f67b7b215633c67ac72621270770e1986660d95309e6bfabe76672cf758d5ff8fc2c7a30c28b23c9a2ef3c740853a76ee3182de6ec9b4407506d327c15506024dbc47bcd6771c9d07fc70264f16a3f074b438848b2b58268828f6a9c910d99b58072a318207468cf06c57c8efcc06940159851678f00a6a0c4199da6e0d78d3c739da224f7577808382271d5d4eee624d9a95697f6297b073f47266c1cda99b854c2d6267b496e2ad369a9469a3e3f6266a8dc889db4c914657d99689d669e17817b1b27f4ce8090d2d155676eb8704d20ba267cf8f0da80eb89b628b0798cb1363ba6dd1da7873b3b77acddadcefc7d77efa3fc5a2def7be7af1b888ffedbd2c5a8f576aaecb254db4ca37be1bbcc9e05c80f150996ab989f7ec0525a725eef1d6467de0024f7a276b83d4b25b43e7586a2567e90c8141e2050a77e6db7a3d5077e0a26a5ce0c630aeb2b7e087fcda58d60df3693acd86ee86c1a9a8fba7544d5fddbca7bb53aa2233058fef13bc60bd83ec472d78f05dc0e78cf592b32919e5352732bcd47ba9c9226c00874378e1c40f0ff1fb80695aa91e08aa50c82ba1b2a68e5e0f8ac32bbe7e3846be7a9efdc4a4603fd5cdb31d1694903bb8fd48cb9b85c3e2d6b633cf7385c9ad83c110bdbd2fc6c4ebd2f36f04cb7a39c0e4afb8f75d048aa447e23b97d818b4fea2bbe48446e993cb95acd6a0399a21a0d91e0d0066ceee56f99822d3a571d4a2f015b3d13d1dff96efc124f54183e4477aa52824d5de5b41bb2585076c136271b1591479f120bfab275e8e528da5803a41ab3ccf92d718c3a3fc0a0f4c9fea59e01937c2db94a41cf225ce76f872d82e84387c3210881356a59279f940a94220b7152dba4af50e5b13b6122089600cd8c5033c338536e87fefa59a7cc4bedd7acd2a075b7803860c6124f0a0ac5a2d559d55b6ae1bcbe669081d6147194457b104c89055fb2b197967a15b54a51801578805f6f4eed5f2472c5aa3897e5d8ff7cf915a1520ac3cd2e12030010d6027bb0ca4d7f79752163a636376e13be8d788bf56fd539cc683fd3c0856300a4eea82a83e3120b1a9415852785a0d4addf3d594df34678e3f48c9939aee8abd4c0bab1ce18ddb82ef9d3c8ef8de520aa7facfce8f7723d73d9dea5f63343d92de9e7a0a7c6c78345f028a23ab1245cd4b705d2a0972bbc9d29cbb929bba8500f528da37ad35824222ff52e8176373413020f3db4e18d8c301e8bcb16f1c61e545cee9569616f400c8d5109a8ddd8da46e22581cac6ba668fd1ff4f12197af773c95a8f50a8a7f4c1a6dd2ed37659f63544ab54267be9cac1f2511368efbf818c2ed53685905f033a7d2d4cd01d38e6a35071513f8b37ae136037b377a2b9b0663e04310e9868f3c5359115e8ae9626d0de77b23fe78d707894d9693be0c84f9d649afa4610993e1ead61eb067b6d46850fd5521a602d590e18f1f1b6f9efead7696f12e507aca2b61160efd630e64446adfccbbda9ebd9257db602fedfda9dc4478ef7f8786d43861d1e5dc9afb1c4657dd4125fef0b351c82aa836fa5b5bdffefc597b2719e98aa8298653c57f5006e59818ffeb8e729031b9ef141d1cb50725779b98f372eea72e53a3e24666888547c770326b100824b0640c7f28d05b23249863f3597bfe7d71b0c3e10b30d43f618685c22ccd5613e0376ff8abae6e023b82deedcea9cf14cf75dab3b0883c915ae39478861340e54202e68aef226cfe670dcc28403c48b1c9b5e310d1e6e049d3eebd7d2834fe82c25fca365f3b85cc9a6374d0ea9c8492ede255a4050525c951974e6844b6f4cefb543dc00bcc6bec69a8756b189af1bb9338ab69bef90d4c3d7e569278759b665843f72f2d641bc46c15dc7193c2260fa8923ed3a6df2982a3cd28366cdb13aabc5f1dee32cb055b30da757f572fa25ca3207d1081079629d3c49138af8e9818d371bd2132402cac0280a4fa7dc701623d7e48e7e26f275d01f5462b10275a2c4508a3171674095723b1d1fcaed34467374a87a7816eada6a381b27d661535d10a2d536f9b8031d9684bce2307af1f7913431f876c2eef9e333f6e2d06976cc10d7c3739d0127d8260443a3a8f7a1409ca529d74587cc6cb10cf2a6883e69535c1beb704b8716e1cef7cd3c7f7977118f0a53cf1abfe9eea074fa5dc8f8738a3c80f28e4900d2de8b6b4ff976e34faac91d0214f939a2690e38ebc6e2e937c27bf0e70258559ff713c709f301907b1fecf69a282189fd129bbe749caea6ac9af5d3f25fcd03bd90fcc5371994000cd0e70cb1f85a507335658960c1b722cc093ebb23becaf7fb51cb0c4f2e1a369ba092ed27f202fa684977bdf4c7f892b59693dadae26d59c3b6bd5e164cda1e45fcbfe2ad54e0222ca512464d7c0fd52351c81df718202ed3eac92fcfce9874f9fedfa907118defb971761713ba9a17a4f413302572c9411261515dec861aff54e8b24a15e7da058a7c549e086955a97aed47dc6d1c654b3affb6384b283e4825406e695afc2358cb0dfa3654ef0854dbb615050add8a009f0da7cd63d74864e9bf81992b2d97cdc9e88dc5b2d85aabf2a3caf8c9a674005ed922f421c65a3c36ff9edb775179a844e99aff1bdae5c7b8d20b834576f0da791b2e33af205f53aa71acbb65044dfc862ae8b2b4210e39d0eddf124b673d853cc972bfad5bccbe28b07676b674ed0125d2601ac944b7af0ad4840d041bf3b01fb7c7145060f1eef290e27d198c58f1c2b1c190809178dfb3ba9e42ee0afbed84d0ee00299990712712425ac682f68636fb7b1b3690b9799a8167bb970b2dc7cbf8bea498bbb7e280a5bf9d888fa118393d7b874e1a9bfcb771bed2578aefed62f057e6325025a438d15f228992a536e2449f53b527766191b618846afa4c6cea46fd819f79f983409db03440be31fa97440dc82fbfa5f0ecd1695bd0fcec8f49f4d0cb38d38cba95cc9182af33f9d16f494a6d7b38a82834043b1d55ee6309b297b9b5be05c9863cb330d37bb9012d5a6ca9773381feebbefa6a239fb4ae1719893ee2eb578b1d71bcb4c1fb8329b97623cbcb144d53e08531a478073193d9f7bffa82a3c656526d7f7132b4b0b5e884121695170df1eeb329a9767d265c40fd73a91ce1f3c6dd68137c5665bb1339a9a78fb9f824ea5b7d76415d90622289745ded7e159ed931378f49604e4ca1c1a1a6db2cfd5c71744197f19abbce8c61fbe7915caa7ac0ae4305eecda87adcb80b5a097714063aefd4089ff897839085e0ea552d436e99ed78a571b39b0eee609d10b9c7c3b2da4be02d23ca3494a7e445ad2be7ceb93bfa8ff43bbe044aea346bb610351773d342f2e1f5d0cad573673ac9466ec64645a35f88f4447230a5780ebd7543b55e137053a08a7838657882c686994145fd698cb171d2c5ce9257790f9f3a4502f4e165076c2c7e6770d788939918ec926f8989df240c1bc981d9d8c392bf165c888e0e247802b7a9a48b2f03b245c5b577619b5f60e50e7aca22e36ae6265e3def2d97cb4825c7bda34150021c673d14c4e2130cf4edf7d27d63475bd478b6c2cd4ee406bb9c4d7b41fcc07868ba2b8cef4a640423140b2614bf4e13bc7811ed225a7369e148ddd7a3686088fa5a3211a47762021762667a8d09c6805c058cbdfde8336ee06008bec9d5ba585bb452827a955bf0a0caac5ad5ade021c03479026ab5f36c4dc79248f4384c24c39c43863d170c1452037e62700b55abda1dfb963ca8d75a770d5e3ebf9d8fbf0c3e15bdafe1540d04d5cb376a5f0fc6d44fc800eaee565d1acca2c2bb21a06de06a73198faf763299eedcb1604247d2dd0793253b97be8d1b42620a2d8a8c707c477e1b250ecbc2554c7d70aad1e69bad2a7947b4631f96ca8384c229e13c6ca9c812b6c80c9f547f0a214be75cb874cee77c8a68a56845b06cf42966575b0755561b7d191fbb6477ee51fe312980ca8efed2397eddfe8eae9992318354bcc2bdd95905b400c387e538ad98ebdd120818b35256fc00f5d84375f3c99d167e246eda1b2a972e1fc2b840ae55608a76603387b2aef4efd6f2e23a867ae637a8c7b21ddef4c218f9f85a1b700c24ac43a62d3bb04ac12cec14b44b9a01f3f5ec3f010761692f2a207ccc2ba86c2d1f3a9f78d301c897fac28131ce0960de4ea4bcf2bb1d823ce57d4b98d9d1edacef8c567e1582e6edd2a1572769b9b124c87d10184ccdda6adef747815fb492afa69849e6c0fddd2f95626b4dce85e3e92d986c34ef6f77b1401490698f521619a2f1dba7efcb06972e140b81fd7192226fef518cbb7aeb14f1858c51cc3676033e1aeec66bb3a40b284434662f98f68a602d331954b3499a1a3d5e73bc145c5466bfa3e81b1648334ccb0badacf551d93be02e6f55c817390f0deac63b47702ce472539c249de8797c35db5f06bbf0522102df1b5f14a1f958f4f906ed619b3a354a653fc40b014e3681da4138f2147585353d01604c55c2232f03761bc6280bb97649458dc45e51639901ddd5e97141e7789654cb557c5df2ea624cdd28df0dbf7065f16bbe87382f51ca132a21c525f91450f3c19bbffef9e7f45ba6cc29bd7974572e13e20a8242396e54e09e74303e65a588fb7dacbf83a367401805ef43f9f36dbcfdef5a65079d2e5d0b510d38ba0fd1461a095ab50e61aefa5daed2d56a41cd581fe0b583d27fa0ceb4d6630090ae96364587d8b3d6ea9a81e49f42c770fbda5d929b67acbab007e1f87e3d3e90d2696bfad2df55d3a04a15cef7dcae91afae16ebdf30bda154be56bb65adc888ecc7aab8a2b60834e0acc9b105ec19d2f490dded98927ff7e7a293991fe4eff7f7083e98cabf0111bd6612efd1ddf2878d4df154b74855b8fc73786ae4633f8adee42360b85c8d712651418c2a4afcb848ab1d06794a6b33e5cd9dd2580f17b5872283cf6080a03128ace583374672699f428ba30c5cecea0d9c3ff6a8bf1fa9b9765e8f7c1134a3bf0599fd4ccb936adede7889c415a68105d4354a78e43ee7b5e529d97f2b3fe25235072ef9fefdc4118ee7c801f62d57668918b30ed39a527a591926fa4b947a1a01008346850999da94573322b66e1642376806c7886f60dd30c9cc094da8c14a1997340f98e0306b79583701690e6ade214887611a4c9de33b6990d6f422422ea68a8c3169ece276b2335d5caedf4c6947dc62a78f4d47050de4913733adbc565b5ea8f6734aaf9ae02455e1fd0ccc1d6a130840ab19d2b5fca2b96cf05863a2c2aec0da1148b1dd7b09c14932d9c24c8658fd7c7c6bfe98640b32a873a3602decbafe6d9244621ac6e78ed1aeb6220c69e5d898accca8a7a1a2d7f9ce801bee84b7051eb37996f2fe0423eece74cea49cdb836f8eb30b0132a9ce06210891e451b25e2986a4ae4da751e761b85b91ad656029f31ff7121404508387fff0144cc12fe4ddcb4d0fa9a96cfb317d8dcde96ee19ff777c46f3e6290d4dfe13a117d83506ef60a8163cd992eb9266f5445f0a725e8424753f002b1946191b7786f18d97ef75936848d6b3b5b4a455ac7a1e3fc5a60f031f99b79acf7bb361085c9e6ea2b7ba46f00482263a080f9e4ed5dc43853dde634031d1806dbf63537d0ac1733390be5ee3dc981cce882ea2992ac21f87d146ea39934798833ac785100"/4096, 0x1000}], 0x5, 0x4)
ptrace$setopts(0x4206, r1, 0x0, 0x0)
tkill(r1, 0x24)
ptrace$cont(0x18, r1, 0x0, 0x0)
ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080))
ptrace$cont(0x20, r1, 0x0, 0x0)

00:33:12 executing program 0:
ftruncate(0xffffffffffffffff, 0x88001)
write$P9_RXATTRCREATE(0xffffffffffffffff, &(0x7f0000000040)={0x3ba}, 0x7)
r0 = socket(0x11, 0x3, 0x0)
setsockopt$packet_buf(r0, 0x107, 0xf, &(0x7f0000000280)="a933fb23", 0x4)
bind(r0, &(0x7f0000000180)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80)
r1 = open(&(0x7f00000000c0)='./bus\x00', 0x0, 0x0)
sendfile(r0, r1, 0x0, 0xffffffff010)

00:33:12 executing program 1:
open(&(0x7f0000000200)='./file0\x00', 0x1070c0, 0x0)
syz_mount_image$minix(&(0x7f0000000140)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000040)="600084e002000a0000000001000000c98f13", 0x12, 0x400}, {&(0x7f0000000880)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494fcbcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5fe6", 0x193, 0x34f9}], 0x0, 0x0)
acct(&(0x7f0000000480)='./file0\x00')
umount2(&(0x7f0000000500)='./file0\x00', 0x0)

[ 2591.080551] audit: type=1800 audit(1588638792.954:103): pid=24781 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="syz-executor.1" name="file0" dev="sda1" ino=17373 res=0
[ 2591.113683] MINIX-fs: mounting unchecked file system, running fsck is recommended
00:33:13 executing program 0:
ftruncate(0xffffffffffffffff, 0x88001)
write$P9_RXATTRCREATE(0xffffffffffffffff, &(0x7f0000000040)={0x3ba}, 0x7)
r0 = socket(0x11, 0x3, 0x0)
setsockopt$packet_buf(r0, 0x107, 0xf, &(0x7f0000000280)="a933fb23", 0x4)
bind(r0, &(0x7f0000000180)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80)
r1 = open(&(0x7f00000000c0)='./bus\x00', 0x0, 0x0)
sendfile(r0, r1, 0x0, 0xffffffff010)

[ 2591.149297] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[ 2591.158386] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[ 2591.186952] EXT4-fs (loop4): ext4_check_descriptors: Inode table for group 0 overlaps superblock
00:33:13 executing program 2:
r0 = getpid()
prctl$PR_SET_PTRACER(0x59616d61, r0)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r1 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
r2 = socket$inet(0x2, 0x4000000000000001, 0x0)
r3 = dup2(r2, r2)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
vmsplice(0xffffffffffffffff, &(0x7f00000012c0)=[{&(0x7f0000000000)="a298d0ef7f9ec0de6e18290bb84ef303d951ff45dd9b2c882a183144b0beac69ed7aa5981eb09e7937129d3b78003560810939b3d8b6ce5c5b0aa071a48ba86245b721abf90b4e42ba577270bb645b117bfc03fe760a3812e31aaa11c2de4f9677401a6ee692cd2435775006f336c1419579bc893608597f0e81b9762c20b2784f8af955c81f286b2e1026e04c326f1f623d1862ae2006c81dfb71f9b0c3da3beb7aafc397bac8ce61e7aa0624e2cdd1b3b5f002a73f47968a2ee768a4b3810c6929d61a41d63d0e0743ee1db392edad87e2e86fd00e7e54d453939e7356", 0xde}, {&(0x7f0000000100)="daf82f37f8a52419d91abdca883fac3456297c17748489047725da4bd4d729e4d805f912c4f61752f6e87614b3c7768926790c08a38878601f558bf732ccef", 0x3f}, {&(0x7f0000000140)="e000bb3de9cf9dc4deb608d74d7297fea0646262fdd2939ae74078d224b69a31336bee0e85fd0704ad1a10e3cbd0d7d9553fb0158ea52a03600588fb57aeb842f8ae4f2d999af2f9bee1711e029bbe4b8b697c4468841abbc54567a418ed53972ac90a04ceb2974233038420bbaec99454a9b97222bd52cfbe6e90733f7109dc9c35d135123cdad966b8b9f5f262a66ace57b78e097d617d930e3d3189a8673336adcb34068e3b8961b60940dfa33c447a8c144392f24027355fe7633e769911493af707000000000000882d23f61d3fd373a53cba7af133963a676fbbe5d146", 0xe0}, {&(0x7f0000000240)="1e28000000008633dec75d2a6e30e311d489f5ff41733f553ebf70b6b68a3459f598f55a204f867c8e67ee6e2fa6725d61410c3704f851259dff3df1a0fbc897b6af57", 0x43}, {&(0x7f00000002c0)="a8c1a4de22b766c8ba1ee8aff5a692d474c4ee8563a0c658f4ff8e84a6ce35bcaef88cd5a8aefd1f94dbd858b1cc36a97c8eda0c7c41566a3b08f67b7b215633c67ac72621270770e1986660d95309e6bfabe76672cf758d5ff8fc2c7a30c28b23c9a2ef3c740853a76ee3182de6ec9b4407506d327c15506024dbc47bcd6771c9d07fc70264f16a3f074b438848b2b58268828f6a9c910d99b58072a318207468cf06c57c8efcc06940159851678f00a6a0c4199da6e0d78d3c739da224f7577808382271d5d4eee624d9a95697f6297b073f47266c1cda99b854c2d6267b496e2ad369a9469a3e3f6266a8dc889db4c914657d99689d669e17817b1b27f4ce8090d2d155676eb8704d20ba267cf8f0da80eb89b628b0798cb1363ba6dd1da7873b3b77acddadcefc7d77efa3fc5a2def7be7af1b888ffedbd2c5a8f576aaecb254db4ca37be1bbcc9e05c80f150996ab989f7ec0525a725eef1d6467de0024f7a276b83d4b25b43e7586a2567e90c8141e2050a77e6db7a3d5077e0a26a5ce0c630aeb2b7e087fcda58d60df3693acd86ee86c1a9a8fba7544d5fddbca7bb53aa2233058fef13bc60bd83ec472d78f05dc0e78cf592b32919e5352732bcd47ba9c9226c00874378e1c40f0ff1fb80695aa91e08aa50c82ba1b2a68e5e0f8ac32bbe7e3846be7a9efdc4a4603fd5cdb31d1694903bb8fd48cb9b85c3e2d6b633cf7385c9ad83c110bdbd2fc6c4ebd2f36f04cb7a39c0e4afb8f75d048aa447e23b97d818b4fea2bbe48446e993cb95acd6a0399a21a0d91e0d0066ceee56f99822d3a571d4a2f015b3d13d1dff96efc124f54183e4477aa52824d5de5b41bb2585076c136271b1591479f120bfab275e8e528da5803a41ab3ccf92d718c3a3fc0a0f4c9fea59e01937c2db94a41cf225ce76f872d82e84387c3210881356a59279f940a94220b7152dba4af50e5b13b6122089600cd8c5033c338536e87fefa59a7cc4bedd7acd2a075b7803860c6124f0a0ac5a2d559d55b6ae1bcbe669081d6147194457b104c89055fb2b197967a15b54a51801578805f6f4eed5f2472c5aa3897e5d8ff7cf915a1520ac3cd2e12030010d6027bb0ca4d7f79752163a636376e13be8d788bf56fd539cc683fd3c0856300a4eea82a83e3120b1a9415852785a0d4addf3d594df34678e3f48c9939aee8abd4c0bab1ce18ddb82ef9d3c8ef8de520aa7facfce8f7723d73d9dea5f63343d92de9e7a0a7c6c78345f028a23ab1245cd4b705d2a0972bbc9d29cbb929bba8500f528da37ad35824222ff52e8176373413020f3db4e18d8c301e8bcb16f1c61e545cee9569616f400c8d5109a8ddd8da46e22581cac6ba668fd1ff4f12197af773c95a8f50a8a7f4c1a6dd2ed37659f63544ab54267be9cac1f2511368efbf818c2ed53685905f033a7d2d4cd01d38e6a35071513f8b37ae136037b377a2b9b0663e04310e9868f3c5359115e8ae9626d0de77b23fe78d707894d9693be0c84f9d649afa4610993e1ead61eb067b6d46850fd5521a602d590e18f1f1b6f9efead7696f12e507aca2b61160efd630e64446adfccbbda9ebd9257db602fedfda9dc4478ef7f8786d43861d1e5dc9afb1c4657dd4125fef0b351c82aa836fa5b5bdffefc597b2719e98aa8298653c57f5006e59818ffeb8e729031b9ef141d1cb50725779b98f372eea72e53a3e24666888547c770326b100824b0640c7f28d05b23249863f3597bfe7d71b0c3e10b30d43f618685c22ccd5613e0376ff8abae6e023b82deedcea9cf14cf75dab3b0883c915ae39478861340e54202e68aef226cfe670dcc28403c48b1c9b5e310d1e6e049d3eebd7d2834fe82c25fca365f3b85cc9a6374d0ea9c8492ede255a4050525c951974e6844b6f4cefb543dc00bcc6bec69a8756b189af1bb9338ab69bef90d4c3d7e569278759b665843f72f2d641bc46c15dc7193c2260fa8923ed3a6df2982a3cd28366cdb13aabc5f1dee32cb055b30da757f572fa25ca3207d1081079629d3c49138af8e9818d371bd2132402cac0280a4fa7dc701623d7e48e7e26f275d01f5462b10275a2c4508a3171674095723b1d1fcaed34467374a87a7816eada6a381b27d661535d10a2d536f9b8031d9684bce2307af1f7913431f876c2eef9e333f6e2d06976cc10d7c3739d0127d8260443a3a8f7a1409ca529d74587cc6cb10cf2a6883e69535c1beb704b8716e1cef7cd3c7f7977118f0a53cf1abfe9eea074fa5dc8f8738a3c80f28e4900d2de8b6b4ff976e34faac91d0214f939a2690e38ebc6e2e937c27bf0e70258559ff713c709f301907b1fecf69a282189fd129bbe749caea6ac9af5d3f25fcd03bd90fcc5371994000cd0e70cb1f85a507335658960c1b722cc093ebb23becaf7fb51cb0c4f2e1a369ba092ed27f202fa684977bdf4c7f892b59693dadae26d59c3b6bd5e164cda1e45fcbfe2ad54e0222ca512464d7c0fd52351c81df718202ed3eac92fcfce9874f9fedfa907118defb971761713ba9a17a4f413302572c9411261515dec861aff54e8b24a15e7da058a7c549e086955a97aed47dc6d1c654b3affb6384b283e4825406e695afc2358cb0dfa3654ef0854dbb615050add8a009f0da7cd63d74864e9bf81992b2d97cdc9e88dc5b2d85aabf2a3caf8c9a674005ed922f421c65a3c36ff9edb775179a844e99aff1bdae5c7b8d20b834576f0da791b2e33af205f53aa71acbb65044dfc862ae8b2b4210e39d0eddf124b673d853cc972bfad5bccbe28b07676b674ed0125d2601ac944b7af0ad4840d041bf3b01fb7c7145060f1eef290e27d198c58f1c2b1c190809178dfb3ba9e42ee0afbed84d0ee00299990712712425ac682f68636fb7b1b3690b9799a8167bb970b2dc7cbf8bea498bbb7e280a5bf9d888fa118393d7b874e1a9bfcb771bed2578aefed62f057e6325025a438d15f228992a536e2449f53b527766191b618846afa4c6cea46fd819f79f983409db03440be31fa97440dc82fbfa5f0ecd1695bd0fcec8f49f4d0cb38d38cba95cc9182af33f9d16f494a6d7b38a82834043b1d55ee6309b297b9b5be05c9863cb330d37bb9012d5a6ca9773381feebbefa6a239fb4ae1719893ee2eb578b1d71bcb4c1fb8329b97623cbcb144d53e08531a478073193d9f7bffa82a3c656526d7f7132b4b0b5e884121695170df1eeb329a9767d265c40fd73a91ce1f3c6dd68137c5665bb1339a9a78fb9f824ea5b7d76415d90622289745ded7e159ed931378f49604e4ca1c1a1a6db2cfd5c71744197f19abbce8c61fbe7915caa7ac0ae4305eecda87adcb80b5a097714063aefd4089ff897839085e0ea552d436e99ed78a571b39b0eee609d10b9c7c3b2da4be02d23ca3494a7e445ad2be7ceb93bfa8ff43bbe044aea346bb610351773d342f2e1f5d0cad573673ac9466ec64645a35f88f4447230a5780ebd7543b55e137053a08a7838657882c686994145fd698cb171d2c5ce9257790f9f3a4502f4e165076c2c7e6770d788939918ec926f8989df240c1bc981d9d8c392bf165c888e0e247802b7a9a48b2f03b245c5b577619b5f60e50e7aca22e36ae6265e3def2d97cb4825c7bda34150021c673d14c4e2130cf4edf7d27d63475bd478b6c2cd4ee406bb9c4d7b41fcc07868ba2b8cef4a640423140b2614bf4e13bc7811ed225a7369e148ddd7a3686088fa5a3211a47762021762667a8d09c6805c058cbdfde8336ee06008bec9d5ba585bb452827a955bf0a0caac5ad5ade021c03479026ab5f36c4dc79248f4384c24c39c43863d170c1452037e62700b55abda1dfb963ca8d75a770d5e3ebf9d8fbf0c3e15bdafe1540d04d5cb376a5f0fc6d44fc800eaee565d1acca2c2bb21a06de06a73198faf763299eedcb1604247d2dd0793253b97be8d1b42620a2d8a8c707c477e1b250ecbc2554c7d70aad1e69bad2a7947b4631f96ca8384c229e13c6ca9c812b6c80c9f547f0a214be75cb874cee77c8a68a56845b06cf42966575b0755561b7d191fbb6477ee51fe312980ca8efed2397eddfe8eae9992318354bcc2bdd95905b400c387e538ad98ebdd120818b35256fc00f5d84375f3c99d167e246eda1b2a972e1fc2b840ae55608a76603387b2aef4efd6f2e23a867ae637a8c7b21ddef4c218f9f85a1b700c24ac43a62d3bb04ac12cec14b44b9a01f3f5ec3f010761692f2a207ccc2ba86c2d1f3a9f78d301c897fac28131ce0960de4ea4bcf2bb1d823ce57d4b98d9d1edacef8c567e1582e6edd2a1572769b9b124c87d10184ccdda6adef747815fb492afa69849e6c0fddd2f95626b4dce85e3e92d986c34ef6f77b1401490698f521619a2f1dba7efcb06972e140b81fd7192226fef518cbb7aeb14f1858c51cc3676033e1aeec66bb3a40b284434662f98f68a602d331954b3499a1a3d5e73bc145c5466bfa3e81b1648334ccb0badacf551d93be02e6f55c817390f0deac63b47702ce472539c249de8797c35db5f06bbf0522102df1b5f14a1f958f4f906ed619b3a354a653fc40b014e3681da4138f2147585353d01604c55c2232f03761bc6280bb97649458dc45e51639901ddd5e97141e7789654cb557c5df2ea624cdd28df0dbf7065f16bbe87382f51ca132a21c525f91450f3c19bbffef9e7f45ba6cc29bd7974572e13e20a8242396e54e09e74303e65a588fb7dacbf83a367401805ef43f9f36dbcfdef5a65079d2e5d0b510d38ba0fd1461a095ab50e61aefa5daed2d56a41cd581fe0b583d27fa0ceb4d6630090ae96364587d8b3d6ea9a81e49f42c770fbda5d929b67acbab007e1f87e3d3e90d2696bfad2df55d3a04a15cef7dcae91afae16ebdf30bda154be56bb65adc888ecc7aab8a2b60834e0acc9b105ec19d2f490dded98927ff7e7a293991fe4eff7f7083e98cabf0111bd6612efd1ddf2878d4df154b74855b8fc73786ae4633f8adee42360b85c8d712651418c2a4afcb848ab1d06794a6b33e5cd9dd2580f17b5872283cf6080a03128ace583374672699f428ba30c5cecea0d9c3ff6a8bf1fa9b9765e8f7c1134a3bf0599fd4ccb936adede7889c415a68105d4354a78e43ee7b5e529d97f2b3fe25235072ef9fefdc4118ee7c801f62d57668918b30ed39a527a591926fa4b947a1a01008346850999da94573322b66e1642376806c7886f60dd30c9cc094da8c14a1997340f98e0306b79583701690e6ade214887611a4c9de33b6990d6f422422ea68a8c3169ece276b2335d5caedf4c6947dc62a78f4d47050de4913733adbc565b5ea8f6734aaf9ae02455e1fd0ccc1d6a130840ab19d2b5fca2b96cf05863a2c2aec0da1148b1dd7b09c14932d9c24c8658fd7c7c6bfe98640b32a873a3602decbafe6d9244621ac6e78ed1aeb6220c69e5d898accca8a7a1a2d7f9ce801bee84b7051eb37996f2fe0423eece74cea49cdb836f8eb30b0132a9ce06210891e451b25e2986a4ae4da751e761b85b91ad656029f31ff7121404508387fff0144cc12fe4ddcb4d0fa9a96cfb317d8dcde96ee19ff777c46f3e6290d4dfe13a117d83506ef60a8163cd992eb9266f5445f0a725e8424753f002b1946191b7786f18d97ef75936848d6b3b5b4a455ac7a1e3fc5a60f031f99b79acf7bb361085c9e6ea2b7ba46f00482263a080f9e4ed5dc43853dde634031d1806dbf63537d0ac1733390be5ee3dc981cce882ea2992ac21f87d146ea39934798833ac785100"/4096, 0x1000}], 0x5, 0x4)
ptrace$setopts(0x4206, r1, 0x0, 0x0)
tkill(r1, 0x24)
ptrace$cont(0x18, r1, 0x0, 0x0)
ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080))
ptrace$cont(0x20, r1, 0x0, 0x0)

[ 2591.197553] minix_free_inode: bit 1 already cleared
00:33:13 executing program 1:
open(&(0x7f0000000200)='./file0\x00', 0x1070c0, 0x0)
syz_mount_image$minix(&(0x7f0000000140)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000040)="600084e002000a0000000001000000c98f13", 0x12, 0x400}, {&(0x7f0000000880)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494fcbcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5fe6", 0x193, 0x34f9}], 0x0, 0x0)
acct(&(0x7f0000000480)='./file0\x00')
umount2(&(0x7f0000000500)='./file0\x00', 0x0)

[ 2591.273293] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
00:33:13 executing program 4:
sendmsg$NL80211_CMD_SET_REG(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="a8003ef3", @ANYRES16, @ANYBLOB="00042dbd7000fddbdf251a0000001c00228008000700020000000800010009000000080002000300000005009200010000001c0022800800040021c10000080003007d000000080003000800000008009a00020000004c0022800800040028000000080005000400000008000700010000000800030001000000084fcd971fdcd15cf93b0007000500000008000500b66800000800050001"], 0xa8}}, 0x0)
r0 = socket$unix(0x1, 0x5, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
sendmsg$AUDIT_GET(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000040), 0xc, 0x0}, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x23, &(0x7f0000000240)=[{&(0x7f00000000c0)="800000003804000019000300e60104386c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0x4db, 0x400}], 0x4801, 0x0)

00:33:13 executing program 0:
r0 = open(0x0, 0x1410c2, 0x0)
ftruncate(r0, 0x88001)
write$P9_RXATTRCREATE(r0, &(0x7f0000000040)={0x3ba}, 0x7)
r1 = socket(0x11, 0x3, 0x0)
setsockopt$packet_buf(r1, 0x107, 0xf, &(0x7f0000000280)="a933fb23", 0x4)
bind(r1, &(0x7f0000000180)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x0, 0x0)
sendfile(r1, r2, 0x0, 0xffffffff010)

[ 2591.381131] MINIX-fs: mounting unchecked file system, running fsck is recommended
[ 2591.408837] audit: type=1800 audit(1588638793.274:104): pid=24806 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="syz-executor.1" name="file0" dev="sda1" ino=17053 res=0
[ 2591.452947] minix_free_inode: bit 1 already cleared
[ 2591.528631] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[ 2591.544157] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[ 2591.555634] EXT4-fs (loop4): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[ 2591.582365] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
00:33:15 executing program 5:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)="0f34", 0x2}], 0x1, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f00000001c0)=""/1, 0x1}], 0x3, 0x0, 0x0, 0x0)
tkill(r0, 0x15)
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0xe7, &(0x7f0000000480)="f71559c80aa4cefd3b79e76a039acbd61caef13fff703cc78e402a21c67dbe3ec9ee6c2a3b818b0000000009eb2b5c9a61000039dfad3ec35ca3dfaa6d0e35475ace78a33eb2b7fcfdd45d247a877bbcdd0307b91e8e05257ee498343d11310dda51e11dc0d92d614498a96fd09b90c0b306ef4fcd32316c48f327739494cfd766e8741d9783e4dc2a1cccb48f7d11a12e7714d3b2ab3f7e145069c031dff4e03cebb733218d3f00c1505b36dae61f9430afbad35132ad1172403fa3de92466d47fa032032453d60b2a1c1080000000000000095c32dd6fb7092e7a73ceffe3f8c450343d34abd"}}], 0x1c)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0xe000000)

00:33:15 executing program 0:
r0 = open(0x0, 0x1410c2, 0x0)
ftruncate(r0, 0x88001)
write$P9_RXATTRCREATE(r0, &(0x7f0000000040)={0x3ba}, 0x7)
r1 = socket(0x11, 0x3, 0x0)
setsockopt$packet_buf(r1, 0x107, 0xf, &(0x7f0000000280)="a933fb23", 0x4)
bind(r1, &(0x7f0000000180)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x0, 0x0)
sendfile(r1, r2, 0x0, 0xffffffff010)

00:33:15 executing program 3:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)="0f34", 0x2}], 0x1, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {0x0}], 0x3, 0x0, 0x0, 0x0)
tkill(r0, 0x15)
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0xe4, &(0x7f0000000480)="f71559c80aa4cefd3b79e76a039acbd61caef13fff703cc78e402a21c67dbe3ec9ee6c2a3b818b0000000009eb2b5c9a61000039dfad3ec35ca3dfaa6d0e35475ace78a33eb2b7fcfdd45d247a877bbcdd0307b91e8e05257ee498343d11310dda51e11dc0d92d614498a96fd09b90c0b306ef4fcd32316c48f327739494cfd766e8741d9783e4dc2a1cccb48f7d11a12e7714d3b2ab3f7e145069c031dff4e03cebb733218d3f00c1505b36dae61f9430afbad35132ad1172403fa3de92466d47fa032032453d60b2a1c1080000000000000095c32dd6fb7092e7a73ceffe3f8c450343"}}], 0x1c)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

00:33:15 executing program 1:
open(&(0x7f0000000200)='./file0\x00', 0x1070c0, 0x0)
syz_mount_image$minix(&(0x7f0000000140)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000040)="600084e002000a0000000001000000c98f13", 0x12, 0x400}, {&(0x7f0000000880)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494fcbcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5fe6b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bd89e07a398babbc64f", 0x25d, 0x34f9}], 0x0, 0x0)
acct(&(0x7f0000000480)='./file0\x00')
umount2(&(0x7f0000000500)='./file0\x00', 0x0)

00:33:15 executing program 4:
sendmsg$NL80211_CMD_SET_REG(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="a8003ef3", @ANYRES16, @ANYBLOB="00042dbd7000fddbdf251a0000001c00228008000700020000000800010009000000080002000300000005009200010000001c0022800800040021c10000080003007d000000080003000800000008009a00020000004c0022800800040028000000080005000400000008000700010000000800030001000000084fcd971fdcd15cf93b0007000500000008000500b66800000800050001"], 0xa8}}, 0x0)
r0 = socket$unix(0x1, 0x5, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
sendmsg$AUDIT_GET(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000040), 0xc, 0x0}, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x23, &(0x7f0000000240)=[{&(0x7f00000000c0)="800000003804000019000300e601003f6c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0x4db, 0x400}], 0x4801, 0x0)

00:33:15 executing program 0:
r0 = open(0x0, 0x1410c2, 0x0)
ftruncate(r0, 0x88001)
write$P9_RXATTRCREATE(r0, &(0x7f0000000040)={0x3ba}, 0x7)
r1 = socket(0x11, 0x3, 0x0)
setsockopt$packet_buf(r1, 0x107, 0xf, &(0x7f0000000280)="a933fb23", 0x4)
bind(r1, &(0x7f0000000180)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x0, 0x0)
sendfile(r1, r2, 0x0, 0xffffffff010)

[ 2594.108725] audit: type=1800 audit(1588638795.974:105): pid=24842 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="syz-executor.1" name="file0" dev="sda1" ino=17079 res=0
[ 2594.132236] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
00:33:16 executing program 0:
r0 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0)
ftruncate(r0, 0x88001)
write$P9_RXATTRCREATE(r0, &(0x7f0000000040)={0x3ba}, 0x7)
r1 = socket(0x11, 0x3, 0x0)
setsockopt$packet_buf(r1, 0x107, 0xf, &(0x7f0000000280)="a933fb23", 0x4)
bind(r1, &(0x7f0000000180)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x0, 0x0)
sendfile(r1, r2, 0x0, 0xffffffff010)

[ 2594.154216] MINIX-fs: mounting unchecked file system, running fsck is recommended
[ 2594.165993] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[ 2594.175954] EXT4-fs (loop4): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[ 2594.200407] minix_free_inode: bit 1 already cleared
00:33:16 executing program 1:
open(&(0x7f0000000200)='./file0\x00', 0x1070c0, 0x0)
syz_mount_image$minix(&(0x7f0000000140)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000040)="600084e002000a0000000001000000c98f13", 0x12, 0x400}, {&(0x7f0000000880)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494fcbcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5fe6b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bd89e07a398babbc64f", 0x25d, 0x34f9}], 0x0, 0x0)
acct(&(0x7f0000000480)='./file0\x00')
umount2(&(0x7f0000000500)='./file0\x00', 0x0)

[ 2594.207852] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
00:33:16 executing program 2 (fault-call:5 fault-nth:0):
r0 = open(&(0x7f0000000180)='./bus\x00', 0x151042, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f00000005c0)='/proc/sysvipc/sem\x00', 0x0, 0x0)
sendfile(r0, r3, 0x0, 0x400)

00:33:16 executing program 0:
r0 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0)
ftruncate(r0, 0x88001)
write$P9_RXATTRCREATE(r0, &(0x7f0000000040)={0x3ba}, 0x7)
r1 = socket(0x11, 0x3, 0x0)
setsockopt$packet_buf(r1, 0x107, 0xf, &(0x7f0000000280)="a933fb23", 0x4)
bind(r1, &(0x7f0000000180)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x0, 0x0)
sendfile(r1, r2, 0x0, 0xffffffff010)

00:33:16 executing program 4:
sendmsg$NL80211_CMD_SET_REG(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="a8003ef3", @ANYRES16, @ANYBLOB="00042dbd7000fddbdf251a0000001c00228008000700020000000800010009000000080002000300000005009200010000001c0022800800040021c10000080003007d000000080003000800000008009a00020000004c0022800800040028000000080005000400000008000700010000000800030001000000084fcd971fdcd15cf93b0007000500000008000500b66800000800050001"], 0xa8}}, 0x0)
r0 = socket$unix(0x1, 0x5, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
sendmsg$AUDIT_GET(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000040), 0xc, 0x0}, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x23, &(0x7f0000000240)=[{&(0x7f00000000c0)="800000003804000019000300e60100406c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0x4db, 0x400}], 0x4801, 0x0)

[ 2594.355945] audit: type=1800 audit(1588638796.224:106): pid=24859 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="syz-executor.1" name="file0" dev="sda1" ino=17372 res=0
[ 2594.385168] FAULT_INJECTION: forcing a failure.
[ 2594.385168] name failslab, interval 1, probability 0, space 0, times 0
[ 2594.407637] MINIX-fs: mounting unchecked file system, running fsck is recommended
[ 2594.410764] CPU: 0 PID: 24860 Comm: syz-executor.2 Not tainted 4.19.120-syzkaller #0
[ 2594.423448] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2594.432907] Call Trace:
[ 2594.435535]  dump_stack+0x188/0x20d
[ 2594.439277]  should_fail.cold+0xa/0x1b
[ 2594.443179]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[ 2594.448296]  ? __lock_is_held+0xad/0x140
[ 2594.452393]  __should_failslab+0x115/0x180
00:33:16 executing program 0:
r0 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0)
ftruncate(r0, 0x88001)
write$P9_RXATTRCREATE(r0, &(0x7f0000000040)={0x3ba}, 0x7)
r1 = socket(0x11, 0x3, 0x0)
setsockopt$packet_buf(r1, 0x107, 0xf, &(0x7f0000000280)="a933fb23", 0x4)
bind(r1, &(0x7f0000000180)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x0, 0x0)
sendfile(r1, r2, 0x0, 0xffffffff010)

[ 2594.456651]  should_failslab+0x5/0xf
[ 2594.460381]  kmem_cache_alloc_trace+0x2c6/0x7a0
[ 2594.465076]  alloc_pipe_info+0xb8/0x410
[ 2594.469076]  splice_direct_to_actor+0x6df/0x8d0
[ 2594.473758]  ? __inode_security_revalidate+0xd3/0x120
[ 2594.478962]  ? generic_pipe_buf_nosteal+0x10/0x10
[ 2594.483814]  ? avc_policy_seqno+0x9/0x70
[ 2594.488421]  ? selinux_file_permission+0x87/0x520
[ 2594.493285]  ? do_splice_to+0x160/0x160
[ 2594.497274]  ? security_file_permission+0x84/0x220
[ 2594.502264]  do_splice_direct+0x1a8/0x270
[ 2594.506416]  ? splice_direct_to_actor+0x8d0/0x8d0
[ 2594.511274]  ? rcu_read_lock_sched_held+0x10a/0x130
[ 2594.516304]  ? rcu_sync_lockdep_assert+0x69/0xa0
[ 2594.521072]  do_sendfile+0x549/0xc10
[ 2594.524803]  ? do_compat_pwritev64+0x1b0/0x1b0
[ 2594.529402]  ? wait_for_completion+0x3c0/0x3c0
[ 2594.533989]  ? vfs_write+0x15b/0x550
[ 2594.537704]  __x64_sys_sendfile64+0x1cc/0x210
[ 2594.542193]  ? __ia32_sys_sendfile+0x220/0x220
[ 2594.546779]  ? __ia32_sys_clock_settime+0x260/0x260
[ 2594.551802]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 2594.556571]  ? trace_hardirqs_off_caller+0x55/0x210
[ 2594.561593]  ? do_syscall_64+0x21/0x620
[ 2594.565684]  do_syscall_64+0xf9/0x620
[ 2594.569581]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 2594.574778] RIP: 0033:0x45c829
[ 2594.577987] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 2594.596905] RSP: 002b:00007f74b8b75c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 2594.604629] RAX: ffffffffffffffda RBX: 00000000004fc2c0 RCX: 000000000045c829
[ 2594.611907] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000003
[ 2594.619172] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 2594.626445] R10: 0000000000000400 R11: 0000000000000246 R12: 0000000000000007
[ 2594.633722] R13: 00000000000008dc R14: 00000000004cb816 R15: 00007f74b8b766d4
[ 2594.671331] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[ 2594.681238] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[ 2594.701873] minix_free_inode: bit 1 already cleared
[ 2594.706684] EXT4-fs (loop4): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[ 2594.728475] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
00:33:18 executing program 5:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)="0f34", 0x2}], 0x1, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f00000001c0)=""/1, 0x1}], 0x3, 0x0, 0x0, 0x0)
tkill(r0, 0x15)
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0xe7, &(0x7f0000000480)="f71559c80aa4cefd3b79e76a039acbd61caef13fff703cc78e402a21c67dbe3ec9ee6c2a3b818b0000000009eb2b5c9a61000039dfad3ec35ca3dfaa6d0e35475ace78a33eb2b7fcfdd45d247a877bbcdd0307b91e8e05257ee498343d11310dda51e11dc0d92d614498a96fd09b90c0b306ef4fcd32316c48f327739494cfd766e8741d9783e4dc2a1cccb48f7d11a12e7714d3b2ab3f7e145069c031dff4e03cebb733218d3f00c1505b36dae61f9430afbad35132ad1172403fa3de92466d47fa032032453d60b2a1c1080000000000000095c32dd6fb7092e7a73ceffe3f8c450343d34abd"}}], 0x1c)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x20000000)

00:33:18 executing program 2 (fault-call:5 fault-nth:1):
r0 = open(&(0x7f0000000180)='./bus\x00', 0x151042, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f00000005c0)='/proc/sysvipc/sem\x00', 0x0, 0x0)
sendfile(r0, r3, 0x0, 0x400)

[ 2596.635492] FAULT_INJECTION: forcing a failure.
[ 2596.635492] name failslab, interval 1, probability 0, space 0, times 0
[ 2596.654643] CPU: 1 PID: 24885 Comm: syz-executor.2 Not tainted 4.19.120-syzkaller #0
[ 2596.662597] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2596.671960] Call Trace:
[ 2596.674559]  dump_stack+0x188/0x20d
[ 2596.678208]  should_fail.cold+0xa/0x1b
[ 2596.682098]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[ 2596.687196]  ? __lock_is_held+0xad/0x140
[ 2596.691258]  __should_failslab+0x115/0x180
[ 2596.695491]  should_failslab+0x5/0xf
[ 2596.699202]  __kmalloc+0x2d3/0x770
[ 2596.702751]  ? kmem_cache_alloc_trace+0x342/0x7a0
[ 2596.707596]  ? alloc_pipe_info+0x18e/0x410
[ 2596.711849]  alloc_pipe_info+0x18e/0x410
[ 2596.715904]  splice_direct_to_actor+0x6df/0x8d0
[ 2596.720581]  ? __inode_security_revalidate+0xd3/0x120
[ 2596.725767]  ? generic_pipe_buf_nosteal+0x10/0x10
[ 2596.730601]  ? avc_policy_seqno+0x9/0x70
[ 2596.734674]  ? selinux_file_permission+0x87/0x520
[ 2596.739516]  ? do_splice_to+0x160/0x160
[ 2596.743493]  ? security_file_permission+0x84/0x220
[ 2596.748442]  do_splice_direct+0x1a8/0x270
[ 2596.752606]  ? splice_direct_to_actor+0x8d0/0x8d0
[ 2596.757456]  ? rcu_read_lock_sched_held+0x10a/0x130
[ 2596.762482]  ? rcu_sync_lockdep_assert+0x69/0xa0
[ 2596.767241]  do_sendfile+0x549/0xc10
[ 2596.771401]  ? do_compat_pwritev64+0x1b0/0x1b0
[ 2596.776023]  ? wait_for_completion+0x3c0/0x3c0
[ 2596.780624]  ? vfs_write+0x15b/0x550
[ 2596.784333]  __x64_sys_sendfile64+0x1cc/0x210
[ 2596.788819]  ? __ia32_sys_sendfile+0x220/0x220
[ 2596.793389]  ? __ia32_sys_clock_settime+0x260/0x260
[ 2596.798408]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 2596.803167]  ? trace_hardirqs_off_caller+0x55/0x210
[ 2596.808221]  ? do_syscall_64+0x21/0x620
[ 2596.812198]  do_syscall_64+0xf9/0x620
[ 2596.816002]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 2596.821198] RIP: 0033:0x45c829
[ 2596.824389] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 2596.843340] RSP: 002b:00007f74b8b75c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 2596.851309] RAX: ffffffffffffffda RBX: 00000000004fc2c0 RCX: 000000000045c829
[ 2596.858583] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000003
[ 2596.865859] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 2596.873160] R10: 0000000000000400 R11: 0000000000000246 R12: 0000000000000007
[ 2596.880433] R13: 00000000000008dc R14: 00000000004cb816 R15: 00007f74b8b766d4
00:33:18 executing program 3:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)="0f34", 0x2}], 0x1, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {0x0}], 0x3, 0x0, 0x0, 0x0)
tkill(r0, 0x15)
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0xe4, &(0x7f0000000480)="f71559c80aa4cefd3b79e76a039acbd61caef13fff703cc78e402a21c67dbe3ec9ee6c2a3b818b0000000009eb2b5c9a61000039dfad3ec35ca3dfaa6d0e35475ace78a33eb2b7fcfdd45d247a877bbcdd0307b91e8e05257ee498343d11310dda51e11dc0d92d614498a96fd09b90c0b306ef4fcd32316c48f327739494cfd766e8741d9783e4dc2a1cccb48f7d11a12e7714d3b2ab3f7e145069c031dff4e03cebb733218d3f00c1505b36dae61f9430afbad35132ad1172403fa3de92466d47fa032032453d60b2a1c1080000000000000095c32dd6fb7092e7a73ceffe3f8c450343"}}], 0x1c)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

00:33:18 executing program 0:
r0 = open(&(0x7f0000000080)='./bus\x00', 0x1410c2, 0x0)
ftruncate(0xffffffffffffffff, 0x88001)
write$P9_RXATTRCREATE(r0, &(0x7f0000000040)={0x3ba}, 0x7)
r1 = socket(0x11, 0x3, 0x0)
setsockopt$packet_buf(r1, 0x107, 0xf, &(0x7f0000000280)="a933fb23", 0x4)
bind(r1, &(0x7f0000000180)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x0, 0x0)
sendfile(r1, r2, 0x0, 0xffffffff010)

00:33:18 executing program 1:
open(&(0x7f0000000200)='./file0\x00', 0x1070c0, 0x0)
syz_mount_image$minix(&(0x7f0000000140)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000040)="600084e002000a0000000001000000c98f13", 0x12, 0x400}, {&(0x7f0000000880)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494fcbcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5fe6b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bd89e07a398babbc64f", 0x25d, 0x34f9}], 0x0, 0x0)
acct(&(0x7f0000000480)='./file0\x00')
umount2(&(0x7f0000000500)='./file0\x00', 0x0)

00:33:18 executing program 4:
sendmsg$NL80211_CMD_SET_REG(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="a8003ef3", @ANYRES16, @ANYBLOB="00042dbd7000fddbdf251a0000001c00228008000700020000000800010009000000080002000300000005009200010000001c0022800800040021c10000080003007d000000080003000800000008009a00020000004c0022800800040028000000080005000400000008000700010000000800030001000000084fcd971fdcd15cf93b0007000500000008000500b66800000800050001"], 0xa8}}, 0x0)
r0 = socket$unix(0x1, 0x5, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
sendmsg$AUDIT_GET(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000040), 0xc, 0x0}, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x23, &(0x7f0000000240)=[{&(0x7f00000000c0)="800000003804000019000300e60100486c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0x4db, 0x400}], 0x4801, 0x0)

00:33:18 executing program 2 (fault-call:5 fault-nth:2):
r0 = open(&(0x7f0000000180)='./bus\x00', 0x151042, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f00000005c0)='/proc/sysvipc/sem\x00', 0x0, 0x0)
sendfile(r0, r3, 0x0, 0x400)

[ 2597.143065] audit: type=1800 audit(1588638799.014:107): pid=24901 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="syz-executor.1" name="file0" dev="sda1" ino=17383 res=0
[ 2597.171046] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[ 2597.184491] MINIX-fs: mounting unchecked file system, running fsck is recommended
[ 2597.212688] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[ 2597.230487] FAULT_INJECTION: forcing a failure.
[ 2597.230487] name failslab, interval 1, probability 0, space 0, times 0
[ 2597.256147] audit: type=1804 audit(1588638799.124:108): pid=24910 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir187076671/syzkaller.vDXwRA/1301/bus" dev="sda1" ino=17391 res=1
[ 2597.256465] CPU: 1 PID: 24909 Comm: syz-executor.2 Not tainted 4.19.120-syzkaller #0
[ 2597.287976] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2597.290425] EXT4-fs (loop4): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[ 2597.297353] Call Trace:
[ 2597.297387]  dump_stack+0x188/0x20d
[ 2597.297409]  should_fail.cold+0xa/0x1b
[ 2597.297432]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[ 2597.297454]  ? __lock_is_held+0xad/0x140
[ 2597.325735]  __should_failslab+0x115/0x180
[ 2597.330008]  should_failslab+0x5/0xf
[ 2597.333844]  kmem_cache_alloc_node_trace+0x272/0x750
[ 2597.338975]  ? lock_downgrade+0x740/0x740
[ 2597.343157]  __kmalloc_node+0x38/0x70
[ 2597.346982]  kvmalloc_node+0x61/0xf0
[ 2597.350719]  iov_iter_get_pages_alloc+0x55a/0x1090
[ 2597.355667]  ? __kernel_text_address+0x9/0x30
[ 2597.360182]  ? unwind_get_return_address+0x5a/0xa0
[ 2597.365134]  ? __save_stack_trace+0x8a/0xf0
[ 2597.369475]  ? iov_iter_revert+0xa30/0xa30
[ 2597.373756]  ? iov_iter_pipe+0xb4/0x2c0
[ 2597.377764]  default_file_splice_read+0x19c/0x970
[ 2597.382635]  ? kasan_kmalloc+0xbf/0xe0
[ 2597.384565] minix_free_inode: bit 1 already cleared
[ 2597.386538]  ? __kmalloc+0x15b/0x770
[ 2597.393086] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[ 2597.395291]  ? do_splice_direct+0x1a8/0x270
[ 2597.407760]  ? __x64_sys_sendfile64+0x1cc/0x210
[ 2597.412456]  ? do_syscall_64+0xf9/0x620
[ 2597.416454]  ? iter_file_splice_write+0xb30/0xb30
[ 2597.421342]  ? mark_held_locks+0xf0/0xf0
[ 2597.425439]  ? mark_held_locks+0xf0/0xf0
[ 2597.429512]  ? mark_held_locks+0xf0/0xf0
[ 2597.433579]  ? fsnotify+0x8ba/0xf00
[ 2597.437234]  ? fsnotify_first_mark+0x200/0x200
[ 2597.441829]  ? __inode_security_revalidate+0xd3/0x120
[ 2597.447031]  ? security_file_permission+0x1c0/0x220
[ 2597.452069]  ? security_file_permission+0x84/0x220
[ 2597.457014]  ? rw_verify_area+0x10c/0x330
[ 2597.461175]  ? iter_file_splice_write+0xb30/0xb30
[ 2597.466030]  do_splice_to+0x10e/0x160
[ 2597.469852]  splice_direct_to_actor+0x2b9/0x8d0
[ 2597.474537]  ? generic_pipe_buf_nosteal+0x10/0x10
[ 2597.479397]  ? do_splice_to+0x160/0x160
[ 2597.483394]  do_splice_direct+0x1a8/0x270
[ 2597.487558]  ? splice_direct_to_actor+0x8d0/0x8d0
[ 2597.492435]  ? rcu_read_lock_sched_held+0x10a/0x130
[ 2597.497485]  ? rcu_sync_lockdep_assert+0x69/0xa0
[ 2597.502262]  do_sendfile+0x549/0xc10
[ 2597.506003]  ? do_compat_pwritev64+0x1b0/0x1b0
[ 2597.510601]  ? wait_for_completion+0x3c0/0x3c0
[ 2597.515203]  ? vfs_write+0x15b/0x550
[ 2597.518933]  __x64_sys_sendfile64+0x1cc/0x210
[ 2597.523449]  ? __ia32_sys_sendfile+0x220/0x220
[ 2597.528137]  ? __ia32_sys_clock_settime+0x260/0x260
[ 2597.533163]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 2597.537924]  ? trace_hardirqs_off_caller+0x55/0x210
[ 2597.542951]  ? do_syscall_64+0x21/0x620
[ 2597.546974]  do_syscall_64+0xf9/0x620
[ 2597.550792]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 2597.555999] RIP: 0033:0x45c829
[ 2597.559200] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 2597.578646] RSP: 002b:00007f74b8b75c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 2597.586374] RAX: ffffffffffffffda RBX: 00000000004fc2c0 RCX: 000000000045c829
[ 2597.593765] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000003
[ 2597.601044] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 2597.608325] R10: 0000000000000400 R11: 0000000000000246 R12: 0000000000000007
[ 2597.615619] R13: 00000000000008dc R14: 00000000004cb816 R15: 00007f74b8b766d4
00:33:19 executing program 4:
sendmsg$NL80211_CMD_SET_REG(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="a8003ef3", @ANYRES16, @ANYBLOB="00042dbd7000fddbdf251a0000001c00228008000700020000000800010009000000080002000300000005009200010000001c0022800800040021c10000080003007d000000080003000800000008009a00020000004c0022800800040028000000080005000400000008000700010000000800030001000000084fcd971fdcd15cf93b0007000500000008000500b66800000800050001"], 0xa8}}, 0x0)
r0 = socket$unix(0x1, 0x5, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
sendmsg$AUDIT_GET(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000040), 0xc, 0x0}, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x23, &(0x7f0000000240)=[{&(0x7f00000000c0)="800000003804000019000300e601004c6c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0x4db, 0x400}], 0x4801, 0x0)

00:33:19 executing program 0:
r0 = open(&(0x7f0000000080)='./bus\x00', 0x1410c2, 0x0)
ftruncate(0xffffffffffffffff, 0x88001)
write$P9_RXATTRCREATE(r0, &(0x7f0000000040)={0x3ba}, 0x7)
r1 = socket(0x11, 0x3, 0x0)
setsockopt$packet_buf(r1, 0x107, 0xf, &(0x7f0000000280)="a933fb23", 0x4)
bind(r1, &(0x7f0000000180)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x0, 0x0)
sendfile(r1, r2, 0x0, 0xffffffff010)

00:33:19 executing program 2 (fault-call:5 fault-nth:3):
r0 = open(&(0x7f0000000180)='./bus\x00', 0x151042, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f00000005c0)='/proc/sysvipc/sem\x00', 0x0, 0x0)
sendfile(r0, r3, 0x0, 0x400)

[ 2597.735514] FAULT_INJECTION: forcing a failure.
[ 2597.735514] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 2597.753516] CPU: 0 PID: 24918 Comm: syz-executor.2 Not tainted 4.19.120-syzkaller #0
[ 2597.761454] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2597.770832] Call Trace:
[ 2597.773452]  dump_stack+0x188/0x20d
[ 2597.777110]  should_fail.cold+0xa/0x1b
[ 2597.781025]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[ 2597.786167]  __alloc_pages_nodemask+0x1c7/0x6a0
[ 2597.790948]  ? __alloc_pages_slowpath+0x26a0/0x26a0
[ 2597.795987]  ? __lock_is_held+0xad/0x140
[ 2597.800080]  ? rcu_read_lock_sched_held+0x10a/0x130
[ 2597.805130]  alloc_pages_current+0xff/0x200
[ 2597.809479]  push_pipe+0x3f6/0x780
[ 2597.815761]  iov_iter_get_pages_alloc+0x5a9/0x1090
[ 2597.820724]  ? __kernel_text_address+0x9/0x30
[ 2597.825248]  ? unwind_get_return_address+0x5a/0xa0
[ 2597.830204]  ? __save_stack_trace+0x8a/0xf0
[ 2597.835419]  ? iov_iter_revert+0xa30/0xa30
[ 2597.839692]  ? iov_iter_pipe+0xb4/0x2c0
[ 2597.843690]  default_file_splice_read+0x19c/0x970
[ 2597.848554]  ? kasan_kmalloc+0xbf/0xe0
[ 2597.852455]  ? __kmalloc+0x15b/0x770
[ 2597.856195]  ? do_splice_direct+0x1a8/0x270
[ 2597.860539]  ? __x64_sys_sendfile64+0x1cc/0x210
[ 2597.865230]  ? do_syscall_64+0xf9/0x620
[ 2597.869257]  ? iter_file_splice_write+0xb30/0xb30
[ 2597.874131]  ? mark_held_locks+0xf0/0xf0
[ 2597.878201]  ? mark_held_locks+0xf0/0xf0
[ 2597.882271]  ? mark_held_locks+0xf0/0xf0
[ 2597.886342]  ? fsnotify+0x8ba/0xf00
[ 2597.889976]  ? fsnotify_first_mark+0x200/0x200
[ 2597.894567]  ? __inode_security_revalidate+0xd3/0x120
[ 2597.899773]  ? security_file_permission+0x1c0/0x220
[ 2597.904794]  ? security_file_permission+0x84/0x220
[ 2597.909738]  ? rw_verify_area+0x10c/0x330
[ 2597.913888]  ? iter_file_splice_write+0xb30/0xb30
[ 2597.918738]  do_splice_to+0x10e/0x160
[ 2597.922548]  splice_direct_to_actor+0x2b9/0x8d0
[ 2597.927226]  ? generic_pipe_buf_nosteal+0x10/0x10
[ 2597.932093]  ? do_splice_to+0x160/0x160
[ 2597.936110]  do_splice_direct+0x1a8/0x270
[ 2597.940288]  ? splice_direct_to_actor+0x8d0/0x8d0
[ 2597.945161]  ? rcu_read_lock_sched_held+0x10a/0x130
[ 2597.950233]  ? rcu_sync_lockdep_assert+0x69/0xa0
[ 2597.955011]  do_sendfile+0x549/0xc10
[ 2597.958762]  ? do_compat_pwritev64+0x1b0/0x1b0
[ 2597.963368]  ? wait_for_completion+0x3c0/0x3c0
[ 2597.967973]  ? vfs_write+0x15b/0x550
[ 2597.971719]  __x64_sys_sendfile64+0x1cc/0x210
[ 2597.976227]  ? __ia32_sys_sendfile+0x220/0x220
[ 2597.980815]  ? __ia32_sys_clock_settime+0x260/0x260
[ 2597.985846]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 2597.990661]  ? trace_hardirqs_off_caller+0x55/0x210
[ 2597.995719]  ? do_syscall_64+0x21/0x620
[ 2597.999851]  do_syscall_64+0xf9/0x620
[ 2598.003693]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 2598.008919] RIP: 0033:0x45c829
[ 2598.012132] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 2598.031393] RSP: 002b:00007f74b8b75c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 2598.039112] RAX: ffffffffffffffda RBX: 00000000004fc2c0 RCX: 000000000045c829
[ 2598.046392] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000003
[ 2598.053674] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 2598.060954] R10: 0000000000000400 R11: 0000000000000246 R12: 0000000000000007
[ 2598.068244] R13: 00000000000008dc R14: 00000000004cb816 R15: 00007f74b8b766d4
00:33:20 executing program 1:
open(&(0x7f0000000200)='./file0\x00', 0x1070c0, 0x0)
syz_mount_image$minix(&(0x7f0000000140)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000040)="600084e002000a0000000001000000c98f13", 0x12, 0x400}, {&(0x7f0000000880)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494fcbcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5fe6b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bd89e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb04e4cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc", 0x2c2, 0x34f9}], 0x0, 0x0)
acct(&(0x7f0000000480)='./file0\x00')
umount2(&(0x7f0000000500)='./file0\x00', 0x0)

00:33:20 executing program 4:
sendmsg$NL80211_CMD_SET_REG(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="a8003ef3", @ANYRES16, @ANYBLOB="00042dbd7000fddbdf251a0000001c00228008000700020000000800010009000000080002000300000005009200010000001c0022800800040021c10000080003007d000000080003000800000008009a00020000004c0022800800040028000000080005000400000008000700010000000800030001000000084fcd971fdcd15cf93b0007000500000008000500b66800000800050001"], 0xa8}}, 0x0)
r0 = socket$unix(0x1, 0x5, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
sendmsg$AUDIT_GET(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000040), 0xc, 0x0}, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x23, &(0x7f0000000240)=[{&(0x7f00000000c0)="800000003804000019000300e60100606c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0x4db, 0x400}], 0x4801, 0x0)

[ 2598.084997] audit: type=1804 audit(1588638799.954:109): pid=24929 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir187076671/syzkaller.vDXwRA/1302/bus" dev="sda1" ino=17387 res=1
[ 2598.198539] audit: type=1800 audit(1588638800.064:110): pid=24931 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="syz-executor.1" name="file0" dev="sda1" ino=16171 res=0
[ 2598.236371] MINIX-fs: mounting unchecked file system, running fsck is recommended
[ 2598.274750] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[ 2598.288785] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[ 2598.300558] minix_free_inode: bit 1 already cleared
[ 2598.305971] EXT4-fs (loop4): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[ 2598.336484] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
00:33:21 executing program 5:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)="0f34", 0x2}], 0x1, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f00000001c0)=""/1, 0x1}], 0x3, 0x0, 0x0, 0x0)
tkill(r0, 0x15)
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0xe7, &(0x7f0000000480)="f71559c80aa4cefd3b79e76a039acbd61caef13fff703cc78e402a21c67dbe3ec9ee6c2a3b818b0000000009eb2b5c9a61000039dfad3ec35ca3dfaa6d0e35475ace78a33eb2b7fcfdd45d247a877bbcdd0307b91e8e05257ee498343d11310dda51e11dc0d92d614498a96fd09b90c0b306ef4fcd32316c48f327739494cfd766e8741d9783e4dc2a1cccb48f7d11a12e7714d3b2ab3f7e145069c031dff4e03cebb733218d3f00c1505b36dae61f9430afbad35132ad1172403fa3de92466d47fa032032453d60b2a1c1080000000000000095c32dd6fb7092e7a73ceffe3f8c450343d34abd"}}], 0x1c)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x21000000)

00:33:21 executing program 2 (fault-call:5 fault-nth:4):
r0 = open(&(0x7f0000000180)='./bus\x00', 0x151042, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f00000005c0)='/proc/sysvipc/sem\x00', 0x0, 0x0)
sendfile(r0, r3, 0x0, 0x400)

[ 2599.666060] FAULT_INJECTION: forcing a failure.
[ 2599.666060] name failslab, interval 1, probability 0, space 0, times 0
[ 2599.677886] CPU: 0 PID: 24951 Comm: syz-executor.2 Not tainted 4.19.120-syzkaller #0
[ 2599.685797] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2599.695173] Call Trace:
[ 2599.697784]  dump_stack+0x188/0x20d
[ 2599.701479]  should_fail.cold+0xa/0x1b
[ 2599.705372]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[ 2599.710479]  ? __lock_is_held+0xad/0x140
[ 2599.714558]  __should_failslab+0x115/0x180
[ 2599.718800]  should_failslab+0x5/0xf
[ 2599.722517]  kmem_cache_alloc_node_trace+0x272/0x750
[ 2599.727629]  ? kernel_poison_pages+0x2c/0x2a0
[ 2599.732120]  ? get_page_from_freelist+0x1082/0x3ef0
[ 2599.737127]  __kmalloc_node+0x38/0x70
[ 2599.740937]  kvmalloc_node+0x61/0xf0
[ 2599.744746]  ? seq_dentry+0x2c0/0x2c0
[ 2599.748566]  seq_read+0x805/0x10f0
[ 2599.752130]  ? seq_dentry+0x2c0/0x2c0
[ 2599.755991]  proc_reg_read+0x1bd/0x280
[ 2599.759911]  ? proc_reg_unlocked_ioctl+0x270/0x270
[ 2599.764848]  do_iter_read+0x46b/0x640
[ 2599.768654]  vfs_readv+0xf0/0x160
[ 2599.772104]  ? compat_rw_copy_check_uvector+0x400/0x400
[ 2599.777600]  ? push_pipe+0x411/0x780
[ 2599.781331]  ? iov_iter_get_pages_alloc+0x32b/0x1090
[ 2599.786731]  ? iov_iter_revert+0xa30/0xa30
[ 2599.790984]  default_file_splice_read+0x478/0x970
[ 2599.795976]  ? kasan_kmalloc+0xbf/0xe0
[ 2599.799993]  ? __kmalloc+0x15b/0x770
[ 2599.803879]  ? iter_file_splice_write+0xb30/0xb30
[ 2599.808850]  ? mark_held_locks+0xf0/0xf0
[ 2599.812916]  ? mark_held_locks+0xf0/0xf0
[ 2599.817030]  ? mark_held_locks+0xf0/0xf0
[ 2599.821189]  ? fsnotify+0x8ba/0xf00
[ 2599.824824]  ? fsnotify_first_mark+0x200/0x200
[ 2599.829422]  ? __inode_security_revalidate+0xd3/0x120
[ 2599.834629]  ? security_file_permission+0x1c0/0x220
[ 2599.839674]  ? security_file_permission+0x84/0x220
[ 2599.844666]  ? rw_verify_area+0x10c/0x330
[ 2599.849031]  ? iter_file_splice_write+0xb30/0xb30
[ 2599.853919]  do_splice_to+0x10e/0x160
[ 2599.857902]  splice_direct_to_actor+0x2b9/0x8d0
[ 2599.862595]  ? generic_pipe_buf_nosteal+0x10/0x10
[ 2599.867464]  ? do_splice_to+0x160/0x160
[ 2599.871446]  do_splice_direct+0x1a8/0x270
[ 2599.875612]  ? splice_direct_to_actor+0x8d0/0x8d0
[ 2599.880493]  ? rcu_read_lock_sched_held+0x10a/0x130
[ 2599.885604]  ? rcu_sync_lockdep_assert+0x69/0xa0
[ 2599.890379]  do_sendfile+0x549/0xc10
[ 2599.894129]  ? do_compat_pwritev64+0x1b0/0x1b0
[ 2599.898718]  ? wait_for_completion+0x3c0/0x3c0
[ 2599.903329]  ? vfs_write+0x15b/0x550
[ 2599.907071]  __x64_sys_sendfile64+0x1cc/0x210
[ 2599.911613]  ? __ia32_sys_sendfile+0x220/0x220
[ 2599.916214]  ? __ia32_sys_clock_settime+0x260/0x260
[ 2599.921257]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 2599.926051]  ? trace_hardirqs_off_caller+0x55/0x210
[ 2599.931092]  ? do_syscall_64+0x21/0x620
[ 2599.935101]  do_syscall_64+0xf9/0x620
[ 2599.938911]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 2599.944190] RIP: 0033:0x45c829
[ 2599.947852] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 2599.966792] RSP: 002b:00007f74b8b75c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 2599.974544] RAX: ffffffffffffffda RBX: 00000000004fc2c0 RCX: 000000000045c829
[ 2599.981910] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000003
[ 2599.989201] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 2599.996578] R10: 0000000000000400 R11: 0000000000000246 R12: 0000000000000007
[ 2600.003869] R13: 00000000000008dc R14: 00000000004cb816 R15: 00007f74b8b766d4
00:33:22 executing program 3:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)="0f34", 0x2}], 0x1, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {&(0x7f00000001c0)=""/1, 0x1}], 0x2, 0x0, 0x0, 0x0)
tkill(r0, 0x15)
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0xe4, &(0x7f0000000480)="f71559c80aa4cefd3b79e76a039acbd61caef13fff703cc78e402a21c67dbe3ec9ee6c2a3b818b0000000009eb2b5c9a61000039dfad3ec35ca3dfaa6d0e35475ace78a33eb2b7fcfdd45d247a877bbcdd0307b91e8e05257ee498343d11310dda51e11dc0d92d614498a96fd09b90c0b306ef4fcd32316c48f327739494cfd766e8741d9783e4dc2a1cccb48f7d11a12e7714d3b2ab3f7e145069c031dff4e03cebb733218d3f00c1505b36dae61f9430afbad35132ad1172403fa3de92466d47fa032032453d60b2a1c1080000000000000095c32dd6fb7092e7a73ceffe3f8c450343"}}], 0x1c)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

00:33:22 executing program 0:
r0 = open(&(0x7f0000000080)='./bus\x00', 0x1410c2, 0x0)
ftruncate(0xffffffffffffffff, 0x88001)
write$P9_RXATTRCREATE(r0, &(0x7f0000000040)={0x3ba}, 0x7)
r1 = socket(0x11, 0x3, 0x0)
setsockopt$packet_buf(r1, 0x107, 0xf, &(0x7f0000000280)="a933fb23", 0x4)
bind(r1, &(0x7f0000000180)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x0, 0x0)
sendfile(r1, r2, 0x0, 0xffffffff010)

00:33:22 executing program 1:
open(&(0x7f0000000200)='./file0\x00', 0x1070c0, 0x0)
syz_mount_image$minix(&(0x7f0000000140)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000040)="600084e002000a0000000001000000c98f13", 0x12, 0x400}, {&(0x7f0000000880)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494fcbcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5fe6b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bd89e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb04e4cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc", 0x2c2, 0x34f9}], 0x0, 0x0)
acct(&(0x7f0000000480)='./file0\x00')
umount2(&(0x7f0000000500)='./file0\x00', 0x0)

00:33:22 executing program 4:
sendmsg$NL80211_CMD_SET_REG(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="a8003ef3", @ANYRES16, @ANYBLOB="00042dbd7000fddbdf251a0000001c00228008000700020000000800010009000000080002000300000005009200010000001c0022800800040021c10000080003007d000000080003000800000008009a00020000004c0022800800040028000000080005000400000008000700010000000800030001000000084fcd971fdcd15cf93b0007000500000008000500b66800000800050001"], 0xa8}}, 0x0)
r0 = socket$unix(0x1, 0x5, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
sendmsg$AUDIT_GET(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000040), 0xc, 0x0}, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x23, &(0x7f0000000240)=[{&(0x7f00000000c0)="800000003804000019000300e60100686c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0x4db, 0x400}], 0x4801, 0x0)

00:33:22 executing program 2 (fault-call:5 fault-nth:5):
r0 = open(&(0x7f0000000180)='./bus\x00', 0x151042, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f00000005c0)='/proc/sysvipc/sem\x00', 0x0, 0x0)
sendfile(r0, r3, 0x0, 0x400)

[ 2600.251998] FAULT_INJECTION: forcing a failure.
[ 2600.251998] name failslab, interval 1, probability 0, space 0, times 0
[ 2600.269029] CPU: 0 PID: 24968 Comm: syz-executor.2 Not tainted 4.19.120-syzkaller #0
[ 2600.271678] audit: type=1800 audit(1588638802.144:111): pid=24967 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="syz-executor.1" name="file0" dev="sda1" ino=17411 res=0
[ 2600.276956] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2600.276963] Call Trace:
[ 2600.276991]  dump_stack+0x188/0x20d
[ 2600.277015]  should_fail.cold+0xa/0x1b
[ 2600.277065]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[ 2600.321391]  ? __lock_is_held+0xad/0x140
[ 2600.325476]  __should_failslab+0x115/0x180
[ 2600.329722]  should_failslab+0x5/0xf
[ 2600.333437]  __kmalloc+0x2d3/0x770
[ 2600.337004]  ? iter_file_splice_write+0x168/0xb30
[ 2600.341855]  ? mark_held_locks+0xf0/0xf0
[ 2600.345926]  iter_file_splice_write+0x168/0xb30
[ 2600.350604]  ? mark_held_locks+0xf0/0xf0
[ 2600.354680]  ? page_cache_pipe_buf_release+0x280/0x280
[ 2600.359991]  ? __inode_security_revalidate+0xd3/0x120
[ 2600.365204]  ? security_file_permission+0x84/0x220
[ 2600.370144]  ? page_cache_pipe_buf_release+0x280/0x280
[ 2600.375438]  direct_splice_actor+0x115/0x160
[ 2600.379855]  splice_direct_to_actor+0x33f/0x8d0
[ 2600.384537]  ? generic_pipe_buf_nosteal+0x10/0x10
[ 2600.389405]  ? do_splice_to+0x160/0x160
[ 2600.393409]  do_splice_direct+0x1a8/0x270
[ 2600.397584]  ? splice_direct_to_actor+0x8d0/0x8d0
[ 2600.402452]  ? rcu_read_lock_sched_held+0x10a/0x130
[ 2600.407478]  ? rcu_sync_lockdep_assert+0x69/0xa0
[ 2600.412245]  do_sendfile+0x549/0xc10
[ 2600.415975]  ? do_compat_pwritev64+0x1b0/0x1b0
[ 2600.420566]  ? wait_for_completion+0x3c0/0x3c0
[ 2600.425158]  ? vfs_write+0x15b/0x550
[ 2600.428899]  __x64_sys_sendfile64+0x1cc/0x210
[ 2600.433408]  ? __ia32_sys_sendfile+0x220/0x220
[ 2600.438018]  ? __ia32_sys_clock_settime+0x260/0x260
[ 2600.443055]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 2600.447827]  ? trace_hardirqs_off_caller+0x55/0x210
[ 2600.452854]  ? do_syscall_64+0x21/0x620
[ 2600.456838]  do_syscall_64+0xf9/0x620
[ 2600.460654]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 2600.465862] RIP: 0033:0x45c829
[ 2600.469067] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 2600.488112] RSP: 002b:00007f74b8b75c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 2600.495830] RAX: ffffffffffffffda RBX: 00000000004fc2c0 RCX: 000000000045c829
[ 2600.503127] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000003
[ 2600.510406] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 2600.517682] R10: 0000000000000400 R11: 0000000000000246 R12: 0000000000000007
[ 2600.524959] R13: 00000000000008dc R14: 00000000004cb816 R15: 00007f74b8b766d4
[ 2600.545108] MINIX-fs: mounting unchecked file system, running fsck is recommended
[ 2600.555785] audit: type=1804 audit(1588638802.434:112): pid=24969 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir187076671/syzkaller.vDXwRA/1303/bus" dev="sda1" ino=17409 res=1
[ 2600.605454] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[ 2600.624416] Process accounting resumed
00:33:22 executing program 2 (fault-call:5 fault-nth:6):
r0 = open(&(0x7f0000000180)='./bus\x00', 0x151042, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f00000005c0)='/proc/sysvipc/sem\x00', 0x0, 0x0)
sendfile(r0, r3, 0x0, 0x400)

00:33:22 executing program 0:
r0 = open(&(0x7f0000000080)='./bus\x00', 0x1410c2, 0x0)
ftruncate(r0, 0x0)
write$P9_RXATTRCREATE(r0, &(0x7f0000000040)={0x3ba}, 0x7)
r1 = socket(0x11, 0x3, 0x0)
setsockopt$packet_buf(r1, 0x107, 0xf, &(0x7f0000000280)="a933fb23", 0x4)
bind(r1, &(0x7f0000000180)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x0, 0x0)
sendfile(r1, r2, 0x0, 0xffffffff010)

00:33:22 executing program 1:
open(&(0x7f0000000200)='./file0\x00', 0x1070c0, 0x0)
syz_mount_image$minix(&(0x7f0000000140)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000040)="600084e002000a0000000001000000c98f13", 0x12, 0x400}, {&(0x7f0000000880)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494fcbcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5fe6b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bd89e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb04e4cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc", 0x2c2, 0x34f9}], 0x0, 0x0)
acct(&(0x7f0000000480)='./file0\x00')
umount2(&(0x7f0000000500)='./file0\x00', 0x0)

[ 2600.649131] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[ 2600.676600] EXT4-fs (loop4): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[ 2600.711146] audit: type=1804 audit(1588638802.454:113): pid=24975 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=ToMToU comm="syz-executor.1" name="/root/syzkaller-testdir147527572/syzkaller.fWXSDR/1283/file0" dev="sda1" ino=17411 res=1
[ 2600.749640] minix_free_inode: bit 1 already cleared
[ 2600.762795] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[ 2600.794933] FAULT_INJECTION: forcing a failure.
[ 2600.794933] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 2600.830490] CPU: 1 PID: 24987 Comm: syz-executor.2 Not tainted 4.19.120-syzkaller #0
[ 2600.838436] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2600.847814] Call Trace:
[ 2600.850427]  dump_stack+0x188/0x20d
[ 2600.854084]  should_fail.cold+0xa/0x1b
[ 2600.857996]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[ 2600.863252]  __alloc_pages_nodemask+0x1c7/0x6a0
[ 2600.867947]  ? __alloc_pages_slowpath+0x26a0/0x26a0
[ 2600.873002]  ? __radix_tree_lookup+0x360/0x360
[ 2600.877612]  ? check_preemption_disabled+0x41/0x280
[ 2600.882655]  ? find_get_entry+0x397/0x900
[ 2600.886831]  alloc_pages_current+0xff/0x200
[ 2600.891175]  __page_cache_alloc+0x2ba/0x450
[ 2600.895518]  ? ext4_xattr_get+0x181/0x9a0
[ 2600.899686]  pagecache_get_page+0x22e/0xb20
[ 2600.904033]  grab_cache_page_write_begin+0x73/0xa0
[ 2600.908995]  ext4_da_write_begin+0x2b2/0x10d0
[ 2600.913510]  ? mark_held_locks+0xa6/0xf0
[ 2600.917582]  ? ext4_write_begin+0x15b0/0x15b0
[ 2600.922093]  ? copy_page_from_iter+0x810/0x810
[ 2600.926712]  generic_perform_write+0x1f8/0x4d0
[ 2600.931324]  ? page_endio+0x950/0x950
[ 2600.935135]  ? current_time+0x140/0x140
[ 2600.939137]  ? lock_acquire+0x170/0x400
[ 2600.943132]  ? ext4_file_write_iter+0x21f/0xf90
[ 2600.947831]  __generic_file_write_iter+0x24c/0x610
[ 2600.952781]  ext4_file_write_iter+0x2fe/0xf90
[ 2600.957283]  ? do_splice_direct+0x1a8/0x270
[ 2600.961626]  ? do_sendfile+0x549/0xc10
[ 2600.965516]  ? __x64_sys_sendfile64+0x1cc/0x210
[ 2600.970204]  ? do_syscall_64+0xf9/0x620
[ 2600.974206]  ? ext4_file_mmap+0x420/0x420
[ 2600.978368]  ? __lock_is_held+0xad/0x140
[ 2600.982482]  do_iter_readv_writev+0x50c/0x790
[ 2600.987013]  ? vfs_dedupe_file_range+0x6d0/0x6d0
[ 2600.991796]  ? selinux_file_permission+0x87/0x520
[ 2600.996678]  ? security_file_permission+0x84/0x220
[ 2601.001652]  do_iter_write+0x185/0x5e0
[ 2601.006434]  ? rcu_read_lock_sched_held+0x10a/0x130
[ 2601.011468]  ? __kmalloc+0x5f8/0x770
[ 2601.015195]  ? iter_file_splice_write+0x168/0xb30
[ 2601.020056]  vfs_iter_write+0x70/0xa0
[ 2601.023978]  iter_file_splice_write+0x60c/0xb30
[ 2601.028677]  ? page_cache_pipe_buf_release+0x280/0x280
[ 2601.033980]  ? security_file_permission+0x84/0x220
[ 2601.038925]  ? page_cache_pipe_buf_release+0x280/0x280
[ 2601.044221]  direct_splice_actor+0x115/0x160
[ 2601.048653]  splice_direct_to_actor+0x33f/0x8d0
[ 2601.053347]  ? generic_pipe_buf_nosteal+0x10/0x10
[ 2601.058214]  ? do_splice_to+0x160/0x160
[ 2601.062208]  do_splice_direct+0x1a8/0x270
[ 2601.066393]  ? splice_direct_to_actor+0x8d0/0x8d0
[ 2601.071266]  ? rcu_read_lock_sched_held+0x10a/0x130
[ 2601.076290]  ? rcu_sync_lockdep_assert+0x69/0xa0
[ 2601.081059]  do_sendfile+0x549/0xc10
[ 2601.084788]  ? do_compat_pwritev64+0x1b0/0x1b0
[ 2601.089383]  ? wait_for_completion+0x3c0/0x3c0
[ 2601.094064]  ? vfs_write+0x15b/0x550
[ 2601.097801]  __x64_sys_sendfile64+0x1cc/0x210
[ 2601.102303]  ? __ia32_sys_sendfile+0x220/0x220
[ 2601.106891]  ? __ia32_sys_clock_settime+0x260/0x260
[ 2601.111926]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 2601.116704]  ? trace_hardirqs_off_caller+0x55/0x210
[ 2601.121744]  ? do_syscall_64+0x21/0x620
[ 2601.125747]  do_syscall_64+0xf9/0x620
[ 2601.129673]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 2601.134893] RIP: 0033:0x45c829
[ 2601.138095] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 2601.157038] RSP: 002b:00007f74b8b75c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 2601.164786] RAX: ffffffffffffffda RBX: 00000000004fc2c0 RCX: 000000000045c829
[ 2601.172072] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000003
00:33:23 executing program 4:
sendmsg$NL80211_CMD_SET_REG(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="a8003ef3", @ANYRES16, @ANYBLOB="00042dbd7000fddbdf251a0000001c00228008000700020000000800010009000000080002000300000005009200010000001c0022800800040021c10000080003007d000000080003000800000008009a00020000004c0022800800040028000000080005000400000008000700010000000800030001000000084fcd971fdcd15cf93b0007000500000008000500b66800000800050001"], 0xa8}}, 0x0)
r0 = socket$unix(0x1, 0x5, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
sendmsg$AUDIT_GET(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000040), 0xc, 0x0}, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x23, &(0x7f0000000240)=[{&(0x7f00000000c0)="800000003804000019000300e601006c6c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0x4db, 0x400}], 0x4801, 0x0)

[ 2601.179350] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 2601.186643] R10: 0000000000000400 R11: 0000000000000246 R12: 0000000000000007
[ 2601.194016] R13: 00000000000008dc R14: 00000000004cb816 R15: 00007f74b8b766d4
[ 2601.201838] audit: type=1804 audit(1588638802.704:114): pid=24989 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir187076671/syzkaller.vDXwRA/1304/bus" dev="sda1" ino=17400 res=1
00:33:23 executing program 0:
r0 = open(&(0x7f0000000080)='./bus\x00', 0x1410c2, 0x0)
ftruncate(r0, 0x0)
write$P9_RXATTRCREATE(r0, &(0x7f0000000040)={0x3ba}, 0x7)
r1 = socket(0x11, 0x3, 0x0)
setsockopt$packet_buf(r1, 0x107, 0xf, &(0x7f0000000280)="a933fb23", 0x4)
bind(r1, &(0x7f0000000180)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x0, 0x0)
sendfile(r1, r2, 0x0, 0xffffffff010)

[ 2601.329877] audit: type=1800 audit(1588638802.704:115): pid=24994 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="syz-executor.1" name="file0" dev="sda1" ino=17409 res=0
[ 2601.364925] audit: type=1804 audit(1588638803.104:116): pid=24997 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=ToMToU comm="syz-executor.1" name="/root/syzkaller-testdir147527572/syzkaller.fWXSDR/1284/file0" dev="sda1" ino=17409 res=1
[ 2601.394660] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[ 2601.404574] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[ 2601.414311] EXT4-fs (loop4): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[ 2601.427934] audit: type=1804 audit(1588638803.294:117): pid=25002 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir187076671/syzkaller.vDXwRA/1305/bus" dev="sda1" ino=17400 res=1
[ 2601.452902] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[ 2601.467459] MINIX-fs: mounting unchecked file system, running fsck is recommended
[ 2601.520771] Process accounting resumed
[ 2601.569894] minix_free_inode: bit 1 already cleared
00:33:24 executing program 1:
open(&(0x7f0000000200)='./file0\x00', 0x1070c0, 0x0)
syz_mount_image$minix(&(0x7f0000000140)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000040)="600084e002000a0000000001000000c98f13", 0x12, 0x400}, {&(0x7f0000000880)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494fcbcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5fe6b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bd89e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb04e4cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e", 0x2f4, 0x34f9}], 0x0, 0x0)
acct(&(0x7f0000000480)='./file0\x00')
umount2(&(0x7f0000000500)='./file0\x00', 0x0)

00:33:24 executing program 5:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)="0f34", 0x2}], 0x1, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f00000001c0)=""/1, 0x1}], 0x3, 0x0, 0x0, 0x0)
tkill(r0, 0x15)
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0xe7, &(0x7f0000000480)="f71559c80aa4cefd3b79e76a039acbd61caef13fff703cc78e402a21c67dbe3ec9ee6c2a3b818b0000000009eb2b5c9a61000039dfad3ec35ca3dfaa6d0e35475ace78a33eb2b7fcfdd45d247a877bbcdd0307b91e8e05257ee498343d11310dda51e11dc0d92d614498a96fd09b90c0b306ef4fcd32316c48f327739494cfd766e8741d9783e4dc2a1cccb48f7d11a12e7714d3b2ab3f7e145069c031dff4e03cebb733218d3f00c1505b36dae61f9430afbad35132ad1172403fa3de92466d47fa032032453d60b2a1c1080000000000000095c32dd6fb7092e7a73ceffe3f8c450343d34abd"}}], 0x1c)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x3f000000)

[ 2602.686842] audit: type=1800 audit(1588638804.554:118): pid=25019 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="syz-executor.1" name="file0" dev="sda1" ino=17414 res=0
[ 2602.721456] MINIX-fs: mounting unchecked file system, running fsck is recommended
[ 2602.791657] minix_free_inode: bit 1 already cleared
00:33:25 executing program 0:
r0 = open(&(0x7f0000000080)='./bus\x00', 0x1410c2, 0x0)
ftruncate(r0, 0x0)
write$P9_RXATTRCREATE(r0, &(0x7f0000000040)={0x3ba}, 0x7)
r1 = socket(0x11, 0x3, 0x0)
setsockopt$packet_buf(r1, 0x107, 0xf, &(0x7f0000000280)="a933fb23", 0x4)
bind(r1, &(0x7f0000000180)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x0, 0x0)
sendfile(r1, r2, 0x0, 0xffffffff010)

00:33:25 executing program 2 (fault-call:5 fault-nth:7):
r0 = open(&(0x7f0000000180)='./bus\x00', 0x151042, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f00000005c0)='/proc/sysvipc/sem\x00', 0x0, 0x0)
sendfile(r0, r3, 0x0, 0x400)

00:33:25 executing program 1:
open(&(0x7f0000000200)='./file0\x00', 0x1070c0, 0x0)
syz_mount_image$minix(&(0x7f0000000140)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000040)="600084e002000a0000000001000000c98f13", 0x12, 0x400}, {&(0x7f0000000880)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494fcbcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5fe6b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bd89e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb04e4cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e", 0x2f4, 0x34f9}], 0x0, 0x0)
acct(&(0x7f0000000480)='./file0\x00')
umount2(&(0x7f0000000500)='./file0\x00', 0x0)

00:33:25 executing program 3:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)="0f34", 0x2}], 0x1, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {&(0x7f00000001c0)=""/1, 0x1}], 0x2, 0x0, 0x0, 0x0)
tkill(r0, 0x15)
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0xe4, &(0x7f0000000480)="f71559c80aa4cefd3b79e76a039acbd61caef13fff703cc78e402a21c67dbe3ec9ee6c2a3b818b0000000009eb2b5c9a61000039dfad3ec35ca3dfaa6d0e35475ace78a33eb2b7fcfdd45d247a877bbcdd0307b91e8e05257ee498343d11310dda51e11dc0d92d614498a96fd09b90c0b306ef4fcd32316c48f327739494cfd766e8741d9783e4dc2a1cccb48f7d11a12e7714d3b2ab3f7e145069c031dff4e03cebb733218d3f00c1505b36dae61f9430afbad35132ad1172403fa3de92466d47fa032032453d60b2a1c1080000000000000095c32dd6fb7092e7a73ceffe3f8c450343"}}], 0x1c)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

00:33:25 executing program 4:
sendmsg$NL80211_CMD_SET_REG(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="a8003ef3", @ANYRES16, @ANYBLOB="00042dbd7000fddbdf251a0000001c00228008000700020000000800010009000000080002000300000005009200010000001c0022800800040021c10000080003007d000000080003000800000008009a00020000004c0022800800040028000000080005000400000008000700010000000800030001000000084fcd971fdcd15cf93b0007000500000008000500b66800000800050001"], 0xa8}}, 0x0)
r0 = socket$unix(0x1, 0x5, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
sendmsg$AUDIT_GET(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000040), 0xc, 0x0}, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x23, &(0x7f0000000240)=[{&(0x7f00000000c0)="800000003804000019000300e60100746c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0x4db, 0x400}], 0x4801, 0x0)

[ 2603.267553] audit: type=1800 audit(1588638805.134:119): pid=25039 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="syz-executor.1" name="file0" dev="sda1" ino=17422 res=0
[ 2603.289562] FAULT_INJECTION: forcing a failure.
[ 2603.289562] name failslab, interval 1, probability 0, space 0, times 0
[ 2603.305923] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[ 2603.316679] CPU: 0 PID: 25041 Comm: syz-executor.2 Not tainted 4.19.120-syzkaller #0
[ 2603.324591] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2603.334072] Call Trace:
[ 2603.336681]  dump_stack+0x188/0x20d
[ 2603.340329]  should_fail.cold+0xa/0x1b
[ 2603.344235]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[ 2603.349359]  ? __lock_is_held+0xad/0x140
[ 2603.352553] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[ 2603.353448]  __should_failslab+0x115/0x180
[ 2603.367083]  should_failslab+0x5/0xf
[ 2603.370812]  __kmalloc+0x2d3/0x770
[ 2603.375233]  ? ext4_find_extent+0x7d2/0xa50
[ 2603.379579]  ? __lock_acquire+0x6ee/0x49c0
[ 2603.383832]  ? kmem_cache_alloc+0x127/0x710
[ 2603.388176]  ext4_find_extent+0x7d2/0xa50
[ 2603.392353]  ext4_ext_map_blocks+0x1a1/0x5100
[ 2603.396875]  ? ext4_find_delalloc_cluster+0xb0/0xb0
[ 2603.400141] audit: type=1804 audit(1588638805.274:120): pid=25053 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir187076671/syzkaller.vDXwRA/1306/bus" dev="sda1" ino=17429 res=1
[ 2603.401915]  ? lock_acquire+0x170/0x400
[ 2603.401930]  ? ext4_da_get_block_prep+0x5a7/0x1450
[ 2603.401952]  ext4_da_get_block_prep+0xc10/0x1450
[ 2603.439648]  ? create_page_buffers+0x212/0x380
[ 2603.444253]  ? ext4_inode_attach_jinode.part.0+0x150/0x150
[ 2603.449462] EXT4-fs (loop4): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[ 2603.449944]  ? alloc_page_buffers+0x2c2/0x5c0
[ 2603.463402]  ? do_raw_spin_lock+0xcb/0x240
[ 2603.467656]  ? create_empty_buffers+0x52e/0x830
[ 2603.472341]  ? __add_to_page_cache_locked+0x5b7/0xc50
[ 2603.477547]  ? do_raw_spin_unlock+0x171/0x260
[ 2603.482067]  ? _raw_spin_unlock+0x29/0x40
[ 2603.486240]  ? create_page_buffers+0x190/0x380
[ 2603.490846]  __block_write_begin_int+0x480/0x17a0
[ 2603.495708]  ? ext4_inode_attach_jinode.part.0+0x150/0x150
[ 2603.501357]  ? __breadahead_gfp+0xf0/0xf0
[ 2603.505535]  ext4_da_write_begin+0x4d8/0x10d0
[ 2603.510063]  ? ext4_write_begin+0x15b0/0x15b0
[ 2603.514579]  ? copy_page_from_iter+0x810/0x810
[ 2603.519190]  generic_perform_write+0x1f8/0x4d0
[ 2603.523797]  ? __mnt_drop_write+0x50/0x80
[ 2603.527967]  ? page_endio+0x950/0x950
[ 2603.531787]  ? current_time+0x140/0x140
[ 2603.535778]  ? lock_acquire+0x170/0x400
[ 2603.541244]  ? ext4_file_write_iter+0x21f/0xf90
[ 2603.545955]  __generic_file_write_iter+0x24c/0x610
[ 2603.545984] MINIX-fs: mounting unchecked file system, running fsck is recommended
[ 2603.550902]  ext4_file_write_iter+0x2fe/0xf90
[ 2603.550917]  ? do_splice_direct+0x1a8/0x270
[ 2603.550928]  ? do_sendfile+0x549/0xc10
[ 2603.550939]  ? __x64_sys_sendfile64+0x1cc/0x210
[ 2603.550953]  ? do_syscall_64+0xf9/0x620
[ 2603.550967]  ? ext4_file_mmap+0x420/0x420
[ 2603.550982]  ? __lock_is_held+0xad/0x140
[ 2603.551004]  do_iter_readv_writev+0x50c/0x790
[ 2603.551020]  ? vfs_dedupe_file_range+0x6d0/0x6d0
[ 2603.551033]  ? selinux_file_permission+0x87/0x520
[ 2603.551059]  ? security_file_permission+0x84/0x220
[ 2603.551079]  do_iter_write+0x185/0x5e0
[ 2603.611548]  ? rcu_read_lock_sched_held+0x10a/0x130
[ 2603.616581]  ? __kmalloc+0x5f8/0x770
[ 2603.620314]  ? iter_file_splice_write+0x168/0xb30
[ 2603.625267]  vfs_iter_write+0x70/0xa0
[ 2603.629095]  iter_file_splice_write+0x60c/0xb30
[ 2603.633791]  ? page_cache_pipe_buf_release+0x280/0x280
[ 2603.639112]  ? security_file_permission+0x84/0x220
[ 2603.644081]  ? page_cache_pipe_buf_release+0x280/0x280
[ 2603.649388]  direct_splice_actor+0x115/0x160
[ 2603.653827]  splice_direct_to_actor+0x33f/0x8d0
[ 2603.658534]  ? generic_pipe_buf_nosteal+0x10/0x10
[ 2603.663422]  ? do_splice_to+0x160/0x160
[ 2603.667476]  do_splice_direct+0x1a8/0x270
[ 2603.671650]  ? splice_direct_to_actor+0x8d0/0x8d0
[ 2603.676542]  ? rcu_read_lock_sched_held+0x10a/0x130
[ 2603.681577]  ? rcu_sync_lockdep_assert+0x69/0xa0
[ 2603.685463] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[ 2603.686376]  do_sendfile+0x549/0xc10
[ 2603.699018]  ? do_compat_pwritev64+0x1b0/0x1b0
[ 2603.703627]  ? wait_for_completion+0x3c0/0x3c0
[ 2603.708229]  ? vfs_write+0x15b/0x550
[ 2603.711963]  __x64_sys_sendfile64+0x1cc/0x210
[ 2603.716483]  ? __ia32_sys_sendfile+0x220/0x220
[ 2603.721115]  ? __ia32_sys_clock_settime+0x260/0x260
[ 2603.726148]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 2603.730926]  ? trace_hardirqs_off_caller+0x55/0x210
[ 2603.735968]  ? do_syscall_64+0x21/0x620
[ 2603.739965]  do_syscall_64+0xf9/0x620
[ 2603.743787]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 2603.748995] RIP: 0033:0x45c829
00:33:25 executing program 2 (fault-call:5 fault-nth:8):
r0 = open(&(0x7f0000000180)='./bus\x00', 0x151042, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f00000005c0)='/proc/sysvipc/sem\x00', 0x0, 0x0)
sendfile(r0, r3, 0x0, 0x400)

[ 2603.752204] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 2603.771127] RSP: 002b:00007f74b8b75c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 2603.778862] RAX: ffffffffffffffda RBX: 00000000004fc2c0 RCX: 000000000045c829
[ 2603.786180] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000003
[ 2603.793473] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 2603.800857] R10: 0000000000000400 R11: 0000000000000246 R12: 0000000000000007
[ 2603.808148] R13: 00000000000008dc R14: 00000000004cb816 R15: 00007f74b8b766d4
00:33:25 executing program 4:
sendmsg$NL80211_CMD_SET_REG(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="a8003ef3", @ANYRES16, @ANYBLOB="00042dbd7000fddbdf251a0000001c00228008000700020000000800010009000000080002000300000005009200010000001c0022800800040021c10000080003007d000000080003000800000008009a00020000004c0022800800040028000000080005000400000008000700010000000800030001000000084fcd971fdcd15cf93b0007000500000008000500b66800000800050001"], 0xa8}}, 0x0)
r0 = socket$unix(0x1, 0x5, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
sendmsg$AUDIT_GET(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000040), 0xc, 0x0}, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x23, &(0x7f0000000240)=[{&(0x7f00000000c0)="800000003804000019000300e601007a6c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0x4db, 0x400}], 0x4801, 0x0)

[ 2603.854029] minix_free_inode: bit 1 already cleared
00:33:25 executing program 0:
r0 = open(&(0x7f0000000080)='./bus\x00', 0x1410c2, 0x0)
ftruncate(r0, 0x88001)
write$P9_RXATTRCREATE(0xffffffffffffffff, &(0x7f0000000040)={0x3ba}, 0x7)
r1 = socket(0x11, 0x3, 0x0)
setsockopt$packet_buf(r1, 0x107, 0xf, &(0x7f0000000280)="a933fb23", 0x4)
bind(r1, &(0x7f0000000180)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x0, 0x0)
sendfile(r1, r2, 0x0, 0xffffffff010)

[ 2603.902147] FAULT_INJECTION: forcing a failure.
[ 2603.902147] name failslab, interval 1, probability 0, space 0, times 0
[ 2603.914149] CPU: 0 PID: 25061 Comm: syz-executor.2 Not tainted 4.19.120-syzkaller #0
[ 2603.922102] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2603.931650] Call Trace:
[ 2603.934264]  dump_stack+0x188/0x20d
[ 2603.938025]  should_fail.cold+0xa/0x1b
[ 2603.941944]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[ 2603.947182]  ? kasan_kmalloc+0xbf/0xe0
[ 2603.951090]  ? __es_tree_search.isra.0+0x1af/0x210
[ 2603.956046]  __should_failslab+0x115/0x180
[ 2603.960419]  should_failslab+0x5/0xf
[ 2603.964280]  kmem_cache_alloc+0x44/0x710
[ 2603.968375]  ? ext4_es_scan+0x6f0/0x6f0
[ 2603.972504]  __es_insert_extent+0x2ae/0xf20
[ 2603.976856]  ext4_es_insert_extent+0x22e/0x5e0
[ 2603.981473]  ? ext4_es_find_delayed_extent_range+0x9f0/0x9f0
[ 2603.987305]  ? rcu_read_lock_sched_held+0x10a/0x130
[ 2603.992348]  ? ext4_es_find_delayed_extent_range+0x7d7/0x9f0
[ 2603.998188]  ext4_ext_put_gap_in_cache+0xe7/0x140
[ 2604.003079]  ? ext4_zeroout_es+0x180/0x180
[ 2604.007340]  ? ext4_find_extent+0x6bb/0xa50
[ 2604.011723]  ext4_ext_map_blocks+0x1e77/0x5100
[ 2604.016336]  ? ext4_find_delalloc_cluster+0xb0/0xb0
[ 2604.021386]  ? lock_acquire+0x170/0x400
[ 2604.025375]  ? ext4_da_get_block_prep+0x5a7/0x1450
[ 2604.030334]  ext4_da_get_block_prep+0xc10/0x1450
[ 2604.035113]  ? create_page_buffers+0x212/0x380
[ 2604.039714]  ? ext4_inode_attach_jinode.part.0+0x150/0x150
[ 2604.045367]  ? alloc_page_buffers+0x2c2/0x5c0
[ 2604.049879]  ? do_raw_spin_lock+0xcb/0x240
[ 2604.054333]  ? create_empty_buffers+0x52e/0x830
[ 2604.059029]  ? __add_to_page_cache_locked+0x5b7/0xc50
[ 2604.064231]  ? do_raw_spin_unlock+0x171/0x260
[ 2604.068745]  ? _raw_spin_unlock+0x29/0x40
[ 2604.072899]  ? create_page_buffers+0x190/0x380
[ 2604.077501]  __block_write_begin_int+0x480/0x17a0
[ 2604.082364]  ? ext4_inode_attach_jinode.part.0+0x150/0x150
[ 2604.088014]  ? __breadahead_gfp+0xf0/0xf0
[ 2604.092186]  ext4_da_write_begin+0x4d8/0x10d0
[ 2604.096697]  ? ext4_write_begin+0x15b0/0x15b0
[ 2604.101200]  ? copy_page_from_iter+0x810/0x810
[ 2604.105799]  generic_perform_write+0x1f8/0x4d0
[ 2604.110418]  ? __mnt_drop_write+0x50/0x80
[ 2604.114583]  ? page_endio+0x950/0x950
[ 2604.118392]  ? current_time+0x140/0x140
[ 2604.122378]  ? lock_acquire+0x170/0x400
[ 2604.126362]  ? ext4_file_write_iter+0x21f/0xf90
[ 2604.131038]  __generic_file_write_iter+0x24c/0x610
[ 2604.135987]  ext4_file_write_iter+0x2fe/0xf90
[ 2604.140494]  ? do_splice_direct+0x1a8/0x270
[ 2604.144820]  ? do_sendfile+0x549/0xc10
[ 2604.148724]  ? __x64_sys_sendfile64+0x1cc/0x210
[ 2604.153413]  ? do_syscall_64+0xf9/0x620
[ 2604.157396]  ? ext4_file_mmap+0x420/0x420
[ 2604.161828]  ? __lock_is_held+0xad/0x140
[ 2604.165905]  do_iter_readv_writev+0x50c/0x790
[ 2604.170408]  ? vfs_dedupe_file_range+0x6d0/0x6d0
[ 2604.175169]  ? selinux_file_permission+0x87/0x520
[ 2604.180121]  ? security_file_permission+0x84/0x220
[ 2604.185068]  do_iter_write+0x185/0x5e0
[ 2604.188971]  ? rcu_read_lock_sched_held+0x10a/0x130
[ 2604.193993]  ? __kmalloc+0x5f8/0x770
[ 2604.197720]  ? iter_file_splice_write+0x168/0xb30
[ 2604.202600]  vfs_iter_write+0x70/0xa0
[ 2604.206411]  iter_file_splice_write+0x60c/0xb30
[ 2604.211118]  ? page_cache_pipe_buf_release+0x280/0x280
[ 2604.216436]  ? security_file_permission+0x84/0x220
[ 2604.221406]  ? page_cache_pipe_buf_release+0x280/0x280
[ 2604.226707]  direct_splice_actor+0x115/0x160
[ 2604.231138]  splice_direct_to_actor+0x33f/0x8d0
[ 2604.235823]  ? generic_pipe_buf_nosteal+0x10/0x10
[ 2604.240682]  ? do_splice_to+0x160/0x160
[ 2604.244676]  do_splice_direct+0x1a8/0x270
[ 2604.248839]  ? splice_direct_to_actor+0x8d0/0x8d0
[ 2604.253707]  ? rcu_read_lock_sched_held+0x10a/0x130
[ 2604.258751]  ? rcu_sync_lockdep_assert+0x69/0xa0
[ 2604.263528]  do_sendfile+0x549/0xc10
[ 2604.267261]  ? do_compat_pwritev64+0x1b0/0x1b0
[ 2604.271863]  ? wait_for_completion+0x3c0/0x3c0
[ 2604.276453]  ? vfs_write+0x15b/0x550
[ 2604.280179]  __x64_sys_sendfile64+0x1cc/0x210
[ 2604.284706]  ? __ia32_sys_sendfile+0x220/0x220
[ 2604.289324]  ? __ia32_sys_clock_settime+0x260/0x260
[ 2604.294360]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 2604.299129]  ? trace_hardirqs_off_caller+0x55/0x210
[ 2604.304158]  ? do_syscall_64+0x21/0x620
[ 2604.308150]  do_syscall_64+0xf9/0x620
[ 2604.311961]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 2604.317165] RIP: 0033:0x45c829
[ 2604.320359] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 2604.339268] RSP: 002b:00007f74b8b75c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 2604.347207] RAX: ffffffffffffffda RBX: 00000000004fc2c0 RCX: 000000000045c829
00:33:26 executing program 1:
open(&(0x7f0000000200)='./file0\x00', 0x1070c0, 0x0)
syz_mount_image$minix(&(0x7f0000000140)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000040)="600084e002000a0000000001000000c98f13", 0x12, 0x400}, {&(0x7f0000000880)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494fcbcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5fe6b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bd89e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb04e4cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e", 0x2f4, 0x34f9}], 0x0, 0x0)
acct(&(0x7f0000000480)='./file0\x00')
umount2(&(0x7f0000000500)='./file0\x00', 0x0)

[ 2604.354491] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000003
[ 2604.361780] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 2604.369050] R10: 0000000000000400 R11: 0000000000000246 R12: 0000000000000007
[ 2604.376346] R13: 00000000000008dc R14: 00000000004cb816 R15: 00007f74b8b766d4
00:33:26 executing program 2 (fault-call:5 fault-nth:9):
r0 = open(&(0x7f0000000180)='./bus\x00', 0x151042, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f00000005c0)='/proc/sysvipc/sem\x00', 0x0, 0x0)
sendfile(r0, r3, 0x0, 0x400)

[ 2604.522281] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[ 2604.538908] MINIX-fs: mounting unchecked file system, running fsck is recommended
[ 2604.551876] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[ 2604.564567] EXT4-fs (loop4): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[ 2604.581687] minix_free_inode: bit 1 already cleared
00:33:26 executing program 0:
r0 = open(&(0x7f0000000080)='./bus\x00', 0x1410c2, 0x0)
ftruncate(r0, 0x88001)
write$P9_RXATTRCREATE(0xffffffffffffffff, &(0x7f0000000040)={0x3ba}, 0x7)
r1 = socket(0x11, 0x3, 0x0)
setsockopt$packet_buf(r1, 0x107, 0xf, &(0x7f0000000280)="a933fb23", 0x4)
bind(r1, &(0x7f0000000180)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x0, 0x0)
sendfile(r1, r2, 0x0, 0xffffffff010)

[ 2604.638896] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[ 2604.665018] FAULT_INJECTION: forcing a failure.
[ 2604.665018] name failslab, interval 1, probability 0, space 0, times 0
[ 2604.676791] CPU: 0 PID: 25081 Comm: syz-executor.2 Not tainted 4.19.120-syzkaller #0
[ 2604.684691] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2604.694054] Call Trace:
[ 2604.696663]  dump_stack+0x188/0x20d
[ 2604.700333]  should_fail.cold+0xa/0x1b
[ 2604.704246]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[ 2604.709372]  ? __lock_acquire+0x6ee/0x49c0
[ 2604.713627]  ? __es_tree_search.isra.0+0x1af/0x210
[ 2604.718582]  __should_failslab+0x115/0x180
[ 2604.722835]  should_failslab+0x5/0xf
[ 2604.726588]  kmem_cache_alloc+0x44/0x710
[ 2604.730677]  ? ext4_es_can_be_merged+0x194/0x290
[ 2604.735449]  __es_insert_extent+0x2ae/0xf20
[ 2604.739792]  ext4_es_insert_extent+0x22e/0x5e0
[ 2604.744397]  ? ext4_es_find_delayed_extent_range+0x9f0/0x9f0
[ 2604.750215]  ? lock_downgrade+0x740/0x740
[ 2604.754386]  ext4_da_get_block_prep+0x8e9/0x1450
[ 2604.759180]  ? ext4_inode_attach_jinode.part.0+0x150/0x150
[ 2604.764822]  ? retint_kernel+0x2d/0x2d
[ 2604.768731]  ? __block_write_begin_int+0x3c3/0x17a0
[ 2604.773851]  __block_write_begin_int+0x480/0x17a0
[ 2604.778711]  ? ext4_inode_attach_jinode.part.0+0x150/0x150
[ 2604.784371]  ? __breadahead_gfp+0xf0/0xf0
[ 2604.788571]  ext4_da_write_begin+0x4d8/0x10d0
[ 2604.793098]  ? ext4_write_begin+0x15b0/0x15b0
[ 2604.797609]  ? copy_page_from_iter+0x810/0x810
[ 2604.802224]  generic_perform_write+0x1f8/0x4d0
[ 2604.806830]  ? __mnt_drop_write+0x50/0x80
[ 2604.810995]  ? page_endio+0x950/0x950
[ 2604.814807]  ? current_time+0x140/0x140
[ 2604.818800]  ? lock_acquire+0x170/0x400
[ 2604.822795]  ? ext4_file_write_iter+0x21f/0xf90
[ 2604.827493]  __generic_file_write_iter+0x24c/0x610
[ 2604.832467]  ext4_file_write_iter+0x2fe/0xf90
[ 2604.836978]  ? do_splice_direct+0x1a8/0x270
[ 2604.841755]  ? do_sendfile+0x549/0xc10
[ 2604.845668]  ? __x64_sys_sendfile64+0x1cc/0x210
[ 2604.850360]  ? do_syscall_64+0xf9/0x620
[ 2604.854354]  ? ext4_file_mmap+0x420/0x420
[ 2604.858528]  ? __lock_is_held+0xad/0x140
[ 2604.862629]  do_iter_readv_writev+0x50c/0x790
[ 2604.867158]  ? vfs_dedupe_file_range+0x6d0/0x6d0
[ 2604.871932]  ? selinux_file_permission+0x87/0x520
[ 2604.876795]  ? security_file_permission+0x84/0x220
[ 2604.881759]  do_iter_write+0x185/0x5e0
[ 2604.885667]  ? rcu_read_lock_sched_held+0x10a/0x130
[ 2604.890701]  ? __kmalloc+0x5f8/0x770
[ 2604.894430]  ? iter_file_splice_write+0x168/0xb30
[ 2604.899292]  vfs_iter_write+0x70/0xa0
[ 2604.903119]  iter_file_splice_write+0x60c/0xb30
[ 2604.907845]  ? page_cache_pipe_buf_release+0x280/0x280
[ 2604.913154]  ? security_file_permission+0x84/0x220
[ 2604.918112]  ? page_cache_pipe_buf_release+0x280/0x280
[ 2604.923410]  direct_splice_actor+0x115/0x160
[ 2604.927838]  splice_direct_to_actor+0x33f/0x8d0
[ 2604.932528]  ? generic_pipe_buf_nosteal+0x10/0x10
[ 2604.937390]  ? do_splice_to+0x160/0x160
[ 2604.941490]  do_splice_direct+0x1a8/0x270
[ 2604.945655]  ? splice_direct_to_actor+0x8d0/0x8d0
[ 2604.950514]  ? rcu_read_lock_sched_held+0x10a/0x130
[ 2604.955645]  ? rcu_sync_lockdep_assert+0x69/0xa0
[ 2604.960411]  do_sendfile+0x549/0xc10
[ 2604.965118]  ? do_compat_pwritev64+0x1b0/0x1b0
[ 2604.969723]  ? wait_for_completion+0x3c0/0x3c0
[ 2604.974330]  ? vfs_write+0x15b/0x550
[ 2604.978105]  __x64_sys_sendfile64+0x1cc/0x210
[ 2604.982652]  ? __ia32_sys_sendfile+0x220/0x220
[ 2604.987231]  ? __ia32_sys_clock_settime+0x260/0x260
[ 2604.992284]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 2604.997064]  ? trace_hardirqs_off_caller+0x55/0x210
[ 2605.002104]  ? do_syscall_64+0x21/0x620
[ 2605.006095]  do_syscall_64+0xf9/0x620
[ 2605.009917]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 2605.015115] RIP: 0033:0x45c829
[ 2605.018299] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 2605.037209] RSP: 002b:00007f74b8b75c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 2605.044935] RAX: ffffffffffffffda RBX: 00000000004fc2c0 RCX: 000000000045c829
[ 2605.052214] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000003
[ 2605.059521] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 2605.066797] R10: 0000000000000400 R11: 0000000000000246 R12: 0000000000000007
[ 2605.074080] R13: 00000000000008dc R14: 00000000004cb816 R15: 00007f74b8b766d4
00:33:27 executing program 5:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)="0f34", 0x2}], 0x1, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f00000001c0)=""/1, 0x1}], 0x3, 0x0, 0x0, 0x0)
tkill(r0, 0x15)
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0xe7, &(0x7f0000000480)="f71559c80aa4cefd3b79e76a039acbd61caef13fff703cc78e402a21c67dbe3ec9ee6c2a3b818b0000000009eb2b5c9a61000039dfad3ec35ca3dfaa6d0e35475ace78a33eb2b7fcfdd45d247a877bbcdd0307b91e8e05257ee498343d11310dda51e11dc0d92d614498a96fd09b90c0b306ef4fcd32316c48f327739494cfd766e8741d9783e4dc2a1cccb48f7d11a12e7714d3b2ab3f7e145069c031dff4e03cebb733218d3f00c1505b36dae61f9430afbad35132ad1172403fa3de92466d47fa032032453d60b2a1c1080000000000000095c32dd6fb7092e7a73ceffe3f8c450343d34abd"}}], 0x1c)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0xfeffffff)

00:33:27 executing program 4:
sendmsg$NL80211_CMD_SET_REG(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="a8003ef3", @ANYRES16, @ANYBLOB="00042dbd7000fddbdf251a0000001c00228008000700020000000800010009000000080002000300000005009200010000001c0022800800040021c10000080003007d000000080003000800000008009a00020000004c0022800800040028000000080005000400000008000700010000000800030001000000084fcd971fdcd15cf93b0007000500000008000500b66800000800050001"], 0xa8}}, 0x0)
r0 = socket$unix(0x1, 0x5, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
sendmsg$AUDIT_GET(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000040), 0xc, 0x0}, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x23, &(0x7f0000000240)=[{&(0x7f00000000c0)="800000003804000019000300e601bb806c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0x4db, 0x400}], 0x4801, 0x0)

[ 2605.731437] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[ 2605.748225] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[ 2605.764042] EXT4-fs (loop4): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[ 2605.785730] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
00:33:28 executing program 3:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)="0f34", 0x2}], 0x1, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {&(0x7f00000001c0)=""/1, 0x1}], 0x2, 0x0, 0x0, 0x0)
tkill(r0, 0x15)
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0xe4, &(0x7f0000000480)="f71559c80aa4cefd3b79e76a039acbd61caef13fff703cc78e402a21c67dbe3ec9ee6c2a3b818b0000000009eb2b5c9a61000039dfad3ec35ca3dfaa6d0e35475ace78a33eb2b7fcfdd45d247a877bbcdd0307b91e8e05257ee498343d11310dda51e11dc0d92d614498a96fd09b90c0b306ef4fcd32316c48f327739494cfd766e8741d9783e4dc2a1cccb48f7d11a12e7714d3b2ab3f7e145069c031dff4e03cebb733218d3f00c1505b36dae61f9430afbad35132ad1172403fa3de92466d47fa032032453d60b2a1c1080000000000000095c32dd6fb7092e7a73ceffe3f8c450343"}}], 0x1c)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

00:33:28 executing program 1:
open(&(0x7f0000000200)='./file0\x00', 0x1070c0, 0x0)
syz_mount_image$minix(&(0x7f0000000140)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000040)="600084e002000a0000000001000000c98f13", 0x12, 0x400}, {&(0x7f0000000880)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494fcbcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5fe6b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bd89e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb04e4cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e73872540", 0x30d, 0x34f9}], 0x0, 0x0)
acct(&(0x7f0000000480)='./file0\x00')
umount2(&(0x7f0000000500)='./file0\x00', 0x0)

00:33:28 executing program 2 (fault-call:5 fault-nth:10):
r0 = open(&(0x7f0000000180)='./bus\x00', 0x151042, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f00000005c0)='/proc/sysvipc/sem\x00', 0x0, 0x0)
sendfile(r0, r3, 0x0, 0x400)

00:33:28 executing program 0:
r0 = open(&(0x7f0000000080)='./bus\x00', 0x1410c2, 0x0)
ftruncate(r0, 0x88001)
write$P9_RXATTRCREATE(0xffffffffffffffff, &(0x7f0000000040)={0x3ba}, 0x7)
r1 = socket(0x11, 0x3, 0x0)
setsockopt$packet_buf(r1, 0x107, 0xf, &(0x7f0000000280)="a933fb23", 0x4)
bind(r1, &(0x7f0000000180)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x0, 0x0)
sendfile(r1, r2, 0x0, 0xffffffff010)

00:33:28 executing program 4:
sendmsg$NL80211_CMD_SET_REG(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="a8003ef3", @ANYRES16, @ANYBLOB="00042dbd7000fddbdf251a0000001c00228008000700020000000800010009000000080002000300000005009200010000001c0022800800040021c10000080003007d000000080003000800000008009a00020000004c0022800800040028000000080005000400000008000700010000000800030001000000084fcd971fdcd15cf93b0007000500000008000500b66800000800050001"], 0xa8}}, 0x0)
r0 = socket$unix(0x1, 0x5, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
sendmsg$AUDIT_GET(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000040), 0xc, 0x0}, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x23, &(0x7f0000000240)=[{&(0x7f00000000c0)="800000003804000019000300e60180bb6c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0x4db, 0x400}], 0x4801, 0x0)

[ 2606.398216] FAULT_INJECTION: forcing a failure.
[ 2606.398216] name failslab, interval 1, probability 0, space 0, times 0
[ 2606.410395] CPU: 0 PID: 25126 Comm: syz-executor.2 Not tainted 4.19.120-syzkaller #0
[ 2606.414895] kauditd_printk_skb: 3 callbacks suppressed
[ 2606.414907] audit: type=1800 audit(1588638808.284:124): pid=25123 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="syz-executor.1" name="file0" dev="sda1" ino=17449 res=0
[ 2606.418318] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2606.418352] Call Trace:
[ 2606.418382]  dump_stack+0x188/0x20d
[ 2606.443300] audit: type=1804 audit(1588638808.284:125): pid=25122 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir187076671/syzkaller.vDXwRA/1309/bus" dev="sda1" ino=17450 res=1
[ 2606.443368]  should_fail.cold+0xa/0x1b
[ 2606.454180] MINIX-fs: mounting unchecked file system, running fsck is recommended
[ 2606.455328]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[ 2606.455344]  ? __lock_is_held+0xad/0x140
[ 2606.455368]  __should_failslab+0x115/0x180
[ 2606.455384]  should_failslab+0x5/0xf
[ 2606.455402]  kmem_cache_alloc+0x29f/0x710
[ 2606.515742]  ext4_init_io_end+0x23/0x110
[ 2606.519815]  ext4_writepages+0x1170/0x3450
[ 2606.520643] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[ 2606.524439]  ? rcu_read_lock_sched_held+0x10a/0x130
[ 2606.524457]  ? mark_buffer_dirty+0x107/0x630
[ 2606.524480]  ? __lock_acquire+0x6ee/0x49c0
[ 2606.524496]  ? ext4_mark_iloc_dirty+0x1834/0x2c00
[ 2606.524514]  ? ext4_mark_inode_dirty+0x890/0x890
[ 2606.524532]  ? mark_held_locks+0xf0/0xf0
[ 2606.557838] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[ 2606.560951]  ? ext4_mark_inode_dirty+0x890/0x890
[ 2606.560966]  ? do_writepages+0xf3/0x2a0
[ 2606.560978]  do_writepages+0xf3/0x2a0
[ 2606.560995]  ? page_writeback_cpu_online+0x10/0x10
[ 2606.561012]  ? lock_acquire+0x170/0x400
[ 2606.561026]  ? do_raw_spin_unlock+0x171/0x260
[ 2606.561051]  ? _raw_spin_unlock+0x29/0x40
[ 2606.585229] EXT4-fs (loop4): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[ 2606.587641]  __filemap_fdatawrite_range+0x27d/0x350
[ 2606.587660]  ? delete_from_page_cache_batch+0xd00/0xd00
[ 2606.587687]  ? generic_perform_write+0x367/0x4d0
[ 2606.587705]  file_write_and_wait_range+0x93/0x100
[ 2606.603933] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[ 2606.609289]  __generic_file_fsync+0x74/0x1f0
[ 2606.609312]  ext4_sync_file+0x818/0x1440
[ 2606.609329]  ? ext4_getfsmap+0x950/0x950
[ 2606.609345]  vfs_fsync_range+0x138/0x220
[ 2606.609363]  ext4_file_write_iter+0x75a/0xf90
[ 2606.609377]  ? do_splice_direct+0x1a8/0x270
[ 2606.609395]  ? do_sendfile+0x549/0xc10
[ 2606.666815]  ? __x64_sys_sendfile64+0x1cc/0x210
[ 2606.671512]  ? do_syscall_64+0xf9/0x620
[ 2606.675517]  ? ext4_file_mmap+0x420/0x420
[ 2606.679714]  ? __lock_is_held+0xad/0x140
[ 2606.683850]  do_iter_readv_writev+0x50c/0x790
[ 2606.688378]  ? vfs_dedupe_file_range+0x6d0/0x6d0
[ 2606.693177]  ? selinux_file_permission+0x87/0x520
[ 2606.698049]  ? security_file_permission+0x84/0x220
[ 2606.703018]  do_iter_write+0x185/0x5e0
[ 2606.706938]  ? rcu_read_lock_sched_held+0x10a/0x130
[ 2606.711983]  ? __kmalloc+0x5f8/0x770
[ 2606.715714]  ? iter_file_splice_write+0x168/0xb30
[ 2606.720575]  ? __lock_acquire+0x6ee/0x49c0
[ 2606.724874]  vfs_iter_write+0x70/0xa0
[ 2606.728702]  iter_file_splice_write+0x60c/0xb30
[ 2606.733403]  ? page_cache_pipe_buf_release+0x280/0x280
[ 2606.738719]  ? security_file_permission+0x84/0x220
[ 2606.743667]  ? page_cache_pipe_buf_release+0x280/0x280
[ 2606.748974]  direct_splice_actor+0x115/0x160
[ 2606.753408]  splice_direct_to_actor+0x33f/0x8d0
[ 2606.758101]  ? generic_pipe_buf_nosteal+0x10/0x10
[ 2606.762972]  ? do_splice_to+0x160/0x160
[ 2606.766971]  do_splice_direct+0x1a8/0x270
[ 2606.771754]  ? splice_direct_to_actor+0x8d0/0x8d0
[ 2606.776629]  ? rcu_read_lock_sched_held+0x10a/0x130
[ 2606.781673]  ? rcu_sync_lockdep_assert+0x69/0xa0
[ 2606.786461]  do_sendfile+0x549/0xc10
[ 2606.790214]  ? do_compat_pwritev64+0x1b0/0x1b0
[ 2606.794818]  ? wait_for_completion+0x3c0/0x3c0
[ 2606.799422]  ? vfs_write+0x15b/0x550
[ 2606.803154]  __x64_sys_sendfile64+0x1cc/0x210
[ 2606.807643]  ? __ia32_sys_sendfile+0x220/0x220
[ 2606.812220]  ? __ia32_sys_clock_settime+0x260/0x260
[ 2606.817236]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 2606.821993]  ? trace_hardirqs_off_caller+0x55/0x210
[ 2606.827060]  ? do_syscall_64+0x21/0x620
[ 2606.831297]  do_syscall_64+0xf9/0x620
[ 2606.835094]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 2606.840273] RIP: 0033:0x45c829
[ 2606.843465] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 2606.862409] RSP: 002b:00007f74b8b75c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 2606.870131] RAX: ffffffffffffffda RBX: 00000000004fc2c0 RCX: 000000000045c829
[ 2606.877398] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000003
[ 2606.884661] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 2606.891940] R10: 0000000000000400 R11: 0000000000000246 R12: 0000000000000007
00:33:28 executing program 4:
sendmsg$NL80211_CMD_SET_REG(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="a8003ef3", @ANYRES16, @ANYBLOB="00042dbd7000fddbdf251a0000001c00228008000700020000000800010009000000080002000300000005009200010000001c0022800800040021c10000080003007d000000080003000800000008009a00020000004c0022800800040028000000080005000400000008000700010000000800030001000000084fcd971fdcd15cf93b0007000500000008000500b66800000800050001"], 0xa8}}, 0x0)
r0 = socket$unix(0x1, 0x5, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
sendmsg$AUDIT_GET(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000040), 0xc, 0x0}, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x23, &(0x7f0000000240)=[{&(0x7f00000000c0)="800000003804000019000300e6010fff6c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0x4db, 0x400}], 0x4801, 0x0)

[ 2606.899240] R13: 00000000000008dc R14: 00000000004cb816 R15: 00007f74b8b766d4
00:33:28 executing program 2 (fault-call:5 fault-nth:11):
r0 = open(&(0x7f0000000180)='./bus\x00', 0x151042, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f00000005c0)='/proc/sysvipc/sem\x00', 0x0, 0x0)
sendfile(r0, r3, 0x0, 0x400)

[ 2606.945589] Process accounting resumed
00:33:28 executing program 0:
r0 = open(&(0x7f0000000080)='./bus\x00', 0x1410c2, 0x0)
ftruncate(r0, 0x88001)
write$P9_RXATTRCREATE(r0, 0x0, 0x0)
r1 = socket(0x11, 0x3, 0x0)
setsockopt$packet_buf(r1, 0x107, 0xf, &(0x7f0000000280)="a933fb23", 0x4)
bind(r1, &(0x7f0000000180)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x0, 0x0)
sendfile(r1, r2, 0x0, 0xffffffff010)

[ 2606.972813] minix_free_inode: bit 1 already cleared
00:33:28 executing program 1:
open(&(0x7f0000000200)='./file0\x00', 0x1070c0, 0x0)
syz_mount_image$minix(&(0x7f0000000140)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000040)="600084e002000a0000000001000000c98f13", 0x12, 0x400}, {&(0x7f0000000880)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494fcbcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5fe6b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bd89e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb04e4cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e73872540", 0x30d, 0x34f9}], 0x0, 0x0)
acct(&(0x7f0000000480)='./file0\x00')
umount2(&(0x7f0000000500)='./file0\x00', 0x0)

[ 2607.045435] audit: type=1804 audit(1588638808.914:126): pid=25141 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir187076671/syzkaller.vDXwRA/1310/bus" dev="sda1" ino=17438 res=1
[ 2607.076729] FAULT_INJECTION: forcing a failure.
[ 2607.076729] name failslab, interval 1, probability 0, space 0, times 0
[ 2607.120828] CPU: 0 PID: 25137 Comm: syz-executor.2 Not tainted 4.19.120-syzkaller #0
[ 2607.128787] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2607.138157] Call Trace:
[ 2607.140775]  dump_stack+0x188/0x20d
[ 2607.144436]  should_fail.cold+0xa/0x1b
[ 2607.148358]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[ 2607.153243] audit: type=1800 audit(1588638808.994:127): pid=25147 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="syz-executor.1" name="file0" dev="sda1" ino=17442 res=0
[ 2607.153486]  ? __lock_is_held+0xad/0x140
[ 2607.177287]  __should_failslab+0x115/0x180
[ 2607.181715]  should_failslab+0x5/0xf
[ 2607.183921] MINIX-fs: mounting unchecked file system, running fsck is recommended
[ 2607.185448]  kmem_cache_alloc+0x29f/0x710
[ 2607.185464]  ? ext4_put_io_end_defer+0xc3/0x3f0
[ 2607.185481]  ? rcu_read_lock_sched_held+0x10a/0x130
[ 2607.185494]  ? kmem_cache_free+0x218/0x260
[ 2607.185512]  ext4_init_io_end+0x23/0x110
[ 2607.185531]  ext4_writepages+0x1230/0x3450
[ 2607.219529]  ? rcu_read_lock_sched_held+0x10a/0x130
[ 2607.224670]  ? ext4_mark_iloc_dirty+0x1834/0x2c00
[ 2607.229540]  ? ext4_mark_inode_dirty+0x890/0x890
[ 2607.234352]  ? mark_held_locks+0xf0/0xf0
[ 2607.238456]  ? ext4_mark_inode_dirty+0x890/0x890
[ 2607.243205]  ? do_writepages+0xf3/0x2a0
[ 2607.247247]  do_writepages+0xf3/0x2a0
[ 2607.251076]  ? page_writeback_cpu_online+0x10/0x10
[ 2607.256031]  ? lock_acquire+0x170/0x400
[ 2607.260021]  ? do_raw_spin_unlock+0x171/0x260
[ 2607.264532]  ? _raw_spin_unlock+0x29/0x40
[ 2607.268834]  __filemap_fdatawrite_range+0x27d/0x350
[ 2607.273958]  ? delete_from_page_cache_batch+0xd00/0xd00
[ 2607.279358]  ? generic_perform_write+0x367/0x4d0
[ 2607.284148]  file_write_and_wait_range+0x93/0x100
[ 2607.289012]  __generic_file_fsync+0x74/0x1f0
[ 2607.293455]  ext4_sync_file+0x818/0x1440
[ 2607.297540]  ? ext4_getfsmap+0x950/0x950
[ 2607.301628]  vfs_fsync_range+0x138/0x220
[ 2607.305718]  ext4_file_write_iter+0x75a/0xf90
[ 2607.310354]  ? do_splice_direct+0x1a8/0x270
[ 2607.314692]  ? do_sendfile+0x549/0xc10
[ 2607.318590]  ? __x64_sys_sendfile64+0x1cc/0x210
[ 2607.323267]  ? do_syscall_64+0xf9/0x620
[ 2607.327264]  ? ext4_file_mmap+0x420/0x420
[ 2607.331424]  ? __lock_is_held+0xad/0x140
[ 2607.335519]  do_iter_readv_writev+0x50c/0x790
[ 2607.340027]  ? vfs_dedupe_file_range+0x6d0/0x6d0
[ 2607.344793]  ? selinux_file_permission+0x87/0x520
[ 2607.349650]  ? security_file_permission+0x84/0x220
[ 2607.354596]  do_iter_write+0x185/0x5e0
[ 2607.358498]  ? rcu_read_lock_sched_held+0x10a/0x130
[ 2607.363528]  ? __kmalloc+0x5f8/0x770
[ 2607.367269]  ? iter_file_splice_write+0x168/0xb30
[ 2607.372123]  vfs_iter_write+0x70/0xa0
[ 2607.375936]  iter_file_splice_write+0x60c/0xb30
[ 2607.380626]  ? page_cache_pipe_buf_release+0x280/0x280
[ 2607.385949]  ? security_file_permission+0x84/0x220
[ 2607.390890]  ? page_cache_pipe_buf_release+0x280/0x280
[ 2607.396188]  direct_splice_actor+0x115/0x160
[ 2607.400609]  splice_direct_to_actor+0x33f/0x8d0
[ 2607.405292]  ? generic_pipe_buf_nosteal+0x10/0x10
[ 2607.410148]  ? do_splice_to+0x160/0x160
[ 2607.414133]  do_splice_direct+0x1a8/0x270
[ 2607.418289]  ? splice_direct_to_actor+0x8d0/0x8d0
[ 2607.423166]  ? rcu_read_lock_sched_held+0x10a/0x130
[ 2607.428210]  ? rcu_sync_lockdep_assert+0x69/0xa0
[ 2607.432984]  do_sendfile+0x549/0xc10
[ 2607.436740]  ? do_compat_pwritev64+0x1b0/0x1b0
[ 2607.441347]  ? wait_for_completion+0x3c0/0x3c0
[ 2607.445943]  ? vfs_write+0x15b/0x550
[ 2607.449668]  __x64_sys_sendfile64+0x1cc/0x210
[ 2607.454170]  ? __ia32_sys_sendfile+0x220/0x220
[ 2607.458757]  ? __ia32_sys_clock_settime+0x260/0x260
[ 2607.463786]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 2607.468546]  ? trace_hardirqs_off_caller+0x55/0x210
[ 2607.473566]  ? do_syscall_64+0x21/0x620
[ 2607.477584]  do_syscall_64+0xf9/0x620
[ 2607.481395]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 2607.486604] RIP: 0033:0x45c829
[ 2607.489804] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 2607.508715] RSP: 002b:00007f74b8b75c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
00:33:29 executing program 0:
r0 = open(&(0x7f0000000080)='./bus\x00', 0x1410c2, 0x0)
ftruncate(r0, 0x88001)
write$P9_RXATTRCREATE(r0, 0x0, 0x0)
r1 = socket(0x11, 0x3, 0x0)
setsockopt$packet_buf(r1, 0x107, 0xf, &(0x7f0000000280)="a933fb23", 0x4)
bind(r1, &(0x7f0000000180)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x0, 0x0)
sendfile(r1, r2, 0x0, 0xffffffff010)

[ 2607.516433] RAX: ffffffffffffffda RBX: 00000000004fc2c0 RCX: 000000000045c829
[ 2607.523719] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000003
[ 2607.531101] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 2607.538381] R10: 0000000000000400 R11: 0000000000000246 R12: 0000000000000007
[ 2607.545665] R13: 00000000000008dc R14: 00000000004cb816 R15: 00007f74b8b766d4
[ 2607.585988] Process accounting resumed
[ 2607.596147] minix_free_inode: bit 1 already cleared
[ 2607.661734] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[ 2607.671084] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[ 2607.671647] audit: type=1804 audit(1588638809.554:128): pid=25154 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir187076671/syzkaller.vDXwRA/1311/bus" dev="sda1" ino=15975 res=1
[ 2607.684089] EXT4-fs (loop4): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[ 2607.745835] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
00:33:30 executing program 5:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)="0f34", 0x2}], 0x1, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f00000001c0)=""/1, 0x1}], 0x3, 0x0, 0x0, 0x0)
tkill(r0, 0x15)
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0xe7, &(0x7f0000000480)="f71559c80aa4cefd3b79e76a039acbd61caef13fff703cc78e402a21c67dbe3ec9ee6c2a3b818b0000000009eb2b5c9a61000039dfad3ec35ca3dfaa6d0e35475ace78a33eb2b7fcfdd45d247a877bbcdd0307b91e8e05257ee498343d11310dda51e11dc0d92d614498a96fd09b90c0b306ef4fcd32316c48f327739494cfd766e8741d9783e4dc2a1cccb48f7d11a12e7714d3b2ab3f7e145069c031dff4e03cebb733218d3f00c1505b36dae61f9430afbad35132ad1172403fa3de92466d47fa032032453d60b2a1c1080000000000000095c32dd6fb7092e7a73ceffe3f8c450343d34abd"}}], 0x1c)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0xfffffffe)

00:33:30 executing program 2 (fault-call:5 fault-nth:12):
r0 = open(&(0x7f0000000180)='./bus\x00', 0x151042, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f00000005c0)='/proc/sysvipc/sem\x00', 0x0, 0x0)
sendfile(r0, r3, 0x0, 0x400)

[ 2608.757598] FAULT_INJECTION: forcing a failure.
[ 2608.757598] name failslab, interval 1, probability 0, space 0, times 0
[ 2608.769559] CPU: 0 PID: 25168 Comm: syz-executor.2 Not tainted 4.19.120-syzkaller #0
[ 2608.777854] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2608.787212] Call Trace:
[ 2608.789805]  dump_stack+0x188/0x20d
[ 2608.793428]  should_fail.cold+0xa/0x1b
[ 2608.797321]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[ 2608.802423]  ? __lock_is_held+0xad/0x140
[ 2608.806517]  __should_failslab+0x115/0x180
[ 2608.810758]  should_failslab+0x5/0xf
[ 2608.814488]  __kmalloc+0x2d3/0x770
[ 2608.818038]  ? ext4_find_extent+0x7d2/0xa50
[ 2608.822468]  ? __lock_acquire+0x6ee/0x49c0
[ 2608.826757]  ext4_find_extent+0x7d2/0xa50
[ 2608.830918]  ext4_ext_map_blocks+0x1a1/0x5100
[ 2608.835431]  ? ext4_find_delalloc_cluster+0xb0/0xb0
[ 2608.840462]  ? lock_acquire+0x170/0x400
[ 2608.844426]  ? ext4_map_blocks+0x883/0x1970
[ 2608.848747]  ext4_map_blocks+0x8e5/0x1970
[ 2608.852890]  ? ext4_issue_zeroout+0x160/0x160
[ 2608.857411]  ext4_writepages+0x1e5b/0x3450
[ 2608.861668]  ? ext4_mark_inode_dirty+0x890/0x890
[ 2608.866441]  ? mark_held_locks+0xf0/0xf0
[ 2608.870516]  ? ext4_mark_inode_dirty+0x890/0x890
[ 2608.875263]  ? do_writepages+0xf3/0x2a0
[ 2608.879232]  do_writepages+0xf3/0x2a0
[ 2608.883028]  ? page_writeback_cpu_online+0x10/0x10
[ 2608.887967]  ? lock_acquire+0x170/0x400
[ 2608.891935]  ? do_raw_spin_unlock+0x171/0x260
[ 2608.896424]  ? _raw_spin_unlock+0x29/0x40
[ 2608.900596]  __filemap_fdatawrite_range+0x27d/0x350
[ 2608.905646]  ? delete_from_page_cache_batch+0xd00/0xd00
[ 2608.911384]  ? generic_perform_write+0x367/0x4d0
[ 2608.916172]  file_write_and_wait_range+0x93/0x100
[ 2608.921044]  __generic_file_fsync+0x74/0x1f0
[ 2608.925460]  ext4_sync_file+0x818/0x1440
[ 2608.929550]  ? ext4_getfsmap+0x950/0x950
[ 2608.933625]  vfs_fsync_range+0x138/0x220
[ 2608.937697]  ext4_file_write_iter+0x75a/0xf90
[ 2608.942194]  ? do_splice_direct+0x1a8/0x270
[ 2608.946524]  ? do_sendfile+0x549/0xc10
[ 2608.950431]  ? __x64_sys_sendfile64+0x1cc/0x210
[ 2608.955125]  ? do_syscall_64+0xf9/0x620
[ 2608.959110]  ? ext4_file_mmap+0x420/0x420
[ 2608.963307]  ? __lock_is_held+0xad/0x140
[ 2608.967375]  do_iter_readv_writev+0x50c/0x790
[ 2608.971879]  ? vfs_dedupe_file_range+0x6d0/0x6d0
[ 2608.976634]  ? selinux_file_permission+0x87/0x520
[ 2608.981494]  ? security_file_permission+0x84/0x220
[ 2608.986428]  do_iter_write+0x185/0x5e0
[ 2608.990313]  ? rcu_read_lock_sched_held+0x10a/0x130
[ 2608.995333]  ? __kmalloc+0x5f8/0x770
[ 2608.999073]  ? iter_file_splice_write+0x168/0xb30
[ 2609.003938]  vfs_iter_write+0x70/0xa0
[ 2609.007739]  iter_file_splice_write+0x60c/0xb30
[ 2609.012429]  ? page_cache_pipe_buf_release+0x280/0x280
[ 2609.017907]  ? security_file_permission+0x84/0x220
[ 2609.022847]  ? page_cache_pipe_buf_release+0x280/0x280
[ 2609.028140]  direct_splice_actor+0x115/0x160
[ 2609.032745]  splice_direct_to_actor+0x33f/0x8d0
[ 2609.037420]  ? generic_pipe_buf_nosteal+0x10/0x10
[ 2609.042263]  ? do_splice_to+0x160/0x160
[ 2609.046239]  do_splice_direct+0x1a8/0x270
[ 2609.050397]  ? splice_direct_to_actor+0x8d0/0x8d0
[ 2609.055253]  ? rcu_read_lock_sched_held+0x10a/0x130
[ 2609.060263]  ? rcu_sync_lockdep_assert+0x69/0xa0
[ 2609.065014]  do_sendfile+0x549/0xc10
[ 2609.068875]  ? do_compat_pwritev64+0x1b0/0x1b0
[ 2609.073476]  ? wait_for_completion+0x3c0/0x3c0
[ 2609.078096]  ? vfs_write+0x15b/0x550
[ 2609.081820]  __x64_sys_sendfile64+0x1cc/0x210
[ 2609.086318]  ? __ia32_sys_sendfile+0x220/0x220
[ 2609.090896]  ? __ia32_sys_clock_settime+0x260/0x260
[ 2609.095915]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 2609.100689]  ? trace_hardirqs_off_caller+0x55/0x210
[ 2609.105733]  ? do_syscall_64+0x21/0x620
[ 2609.110420]  do_syscall_64+0xf9/0x620
[ 2609.114250]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 2609.119464] RIP: 0033:0x45c829
[ 2609.122660] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 2609.141590] RSP: 002b:00007f74b8b75c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 2609.149304] RAX: ffffffffffffffda RBX: 00000000004fc2c0 RCX: 000000000045c829
[ 2609.156582] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000003
[ 2609.163889] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 2609.171271] R10: 0000000000000400 R11: 0000000000000246 R12: 0000000000000007
[ 2609.178567] R13: 00000000000008dc R14: 00000000004cb816 R15: 00007f74b8b766d4
00:33:31 executing program 4:
sendmsg$NL80211_CMD_SET_REG(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="a8003ef3", @ANYRES16, @ANYBLOB="00042dbd7000fddbdf251a0000001c00228008000700020000000800010009000000080002000300000005009200010000001c0022800800040021c10000080003007d000000080003000800000008009a00020000004c0022800800040028000000080005000400000008000700010000000800030001000000084fcd971fdcd15cf93b0007000500000008000500b66800000800050001"], 0xa8}}, 0x0)
r0 = socket$unix(0x1, 0x5, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
sendmsg$AUDIT_GET(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000040), 0xc, 0x0}, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x23, &(0x7f0000000240)=[{&(0x7f00000000c0)="800000003804000019000300e60100000a000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0x4db, 0x400}], 0x4801, 0x0)

00:33:31 executing program 1:
open(&(0x7f0000000200)='./file0\x00', 0x1070c0, 0x0)
syz_mount_image$minix(&(0x7f0000000140)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000040)="600084e002000a0000000001000000c98f13", 0x12, 0x400}, {&(0x7f0000000880)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494fcbcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5fe6b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bd89e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb04e4cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e73872540", 0x30d, 0x34f9}], 0x0, 0x0)
acct(&(0x7f0000000480)='./file0\x00')
umount2(&(0x7f0000000500)='./file0\x00', 0x0)

00:33:31 executing program 2 (fault-call:5 fault-nth:13):
r0 = open(&(0x7f0000000180)='./bus\x00', 0x151042, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f00000005c0)='/proc/sysvipc/sem\x00', 0x0, 0x0)
sendfile(r0, r3, 0x0, 0x400)

00:33:31 executing program 3:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)="0f34", 0x2}], 0x1, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {&(0x7f00000001c0)=""/1, 0x1}], 0x2, 0x0, 0x0, 0x0)
tkill(r0, 0x15)
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0xe4, &(0x7f0000000480)="f71559c80aa4cefd3b79e76a039acbd61caef13fff703cc78e402a21c67dbe3ec9ee6c2a3b818b0000000009eb2b5c9a61000039dfad3ec35ca3dfaa6d0e35475ace78a33eb2b7fcfdd45d247a877bbcdd0307b91e8e05257ee498343d11310dda51e11dc0d92d614498a96fd09b90c0b306ef4fcd32316c48f327739494cfd766e8741d9783e4dc2a1cccb48f7d11a12e7714d3b2ab3f7e145069c031dff4e03cebb733218d3f00c1505b36dae61f9430afbad35132ad1172403fa3de92466d47fa032032453d60b2a1c1080000000000000095c32dd6fb7092e7a73ceffe3f8c450343"}}], 0x1c)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

00:33:31 executing program 0:
r0 = open(&(0x7f0000000080)='./bus\x00', 0x1410c2, 0x0)
ftruncate(r0, 0x88001)
write$P9_RXATTRCREATE(r0, 0x0, 0x0)
r1 = socket(0x11, 0x3, 0x0)
setsockopt$packet_buf(r1, 0x107, 0xf, &(0x7f0000000280)="a933fb23", 0x4)
bind(r1, &(0x7f0000000180)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x0, 0x0)
sendfile(r1, r2, 0x0, 0xffffffff010)

[ 2609.441953] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[ 2609.445169] FAULT_INJECTION: forcing a failure.
[ 2609.445169] name failslab, interval 1, probability 0, space 0, times 0
[ 2609.460775] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[ 2609.475403] audit: type=1804 audit(1588638811.344:129): pid=25184 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir187076671/syzkaller.vDXwRA/1312/bus" dev="sda1" ino=17465 res=1
[ 2609.496395] EXT4-fs (loop4): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[ 2609.508263] MINIX-fs: mounting unchecked file system, running fsck is recommended
[ 2609.528065] CPU: 0 PID: 25182 Comm: syz-executor.2 Not tainted 4.19.120-syzkaller #0
[ 2609.536014] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2609.545389] Call Trace:
[ 2609.548021]  dump_stack+0x188/0x20d
[ 2609.551681]  should_fail.cold+0xa/0x1b
[ 2609.555635]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[ 2609.560816]  ? __lock_is_held+0xad/0x140
[ 2609.561442] audit: type=1800 audit(1588638811.374:130): pid=25185 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="syz-executor.1" name="file0" dev="sda1" ino=17466 res=0
[ 2609.565543]  ? is_bpf_text_address+0xa9/0x160
[ 2609.565569]  __should_failslab+0x115/0x180
[ 2609.565586]  should_failslab+0x5/0xf
[ 2609.565603]  kmem_cache_alloc+0x29f/0x710
[ 2609.602480]  ext4_mb_new_blocks+0x5ab/0x3d30
[ 2609.606915]  ? ext4_find_extent+0x7d2/0xa50
[ 2609.611269]  ? ext4_ext_search_right+0x2c7/0xb50
[ 2609.616055]  ? ext4_inode_to_goal_block+0x2df/0x3f0
[ 2609.621120]  ext4_ext_map_blocks+0x28b5/0x5100
[ 2609.622977] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[ 2609.625733]  ? ext4_find_delalloc_cluster+0xb0/0xb0
[ 2609.638958]  ext4_map_blocks+0x8e5/0x1970
[ 2609.643142]  ? ext4_issue_zeroout+0x160/0x160
[ 2609.647681]  ext4_writepages+0x1e5b/0x3450
[ 2609.651956]  ? ext4_mark_inode_dirty+0x890/0x890
[ 2609.656742]  ? mark_held_locks+0xf0/0xf0
[ 2609.660842]  ? ext4_mark_inode_dirty+0x890/0x890
[ 2609.665617]  ? do_writepages+0xf3/0x2a0
[ 2609.669691]  do_writepages+0xf3/0x2a0
[ 2609.673540]  ? page_writeback_cpu_online+0x10/0x10
[ 2609.678493]  ? lock_acquire+0x170/0x400
[ 2609.682489]  ? do_raw_spin_unlock+0x171/0x260
[ 2609.687011]  ? _raw_spin_unlock+0x29/0x40
[ 2609.691188]  __filemap_fdatawrite_range+0x27d/0x350
[ 2609.696227]  ? delete_from_page_cache_batch+0xd00/0xd00
[ 2609.701624]  ? generic_perform_write+0x367/0x4d0
[ 2609.706412]  file_write_and_wait_range+0x93/0x100
[ 2609.711280]  __generic_file_fsync+0x74/0x1f0
[ 2609.715718]  ext4_sync_file+0x818/0x1440
[ 2609.719802]  ? ext4_getfsmap+0x950/0x950
[ 2609.723866]  vfs_fsync_range+0x138/0x220
[ 2609.728063]  ext4_file_write_iter+0x75a/0xf90
[ 2609.732576]  ? do_splice_direct+0x1a8/0x270
[ 2609.736909]  ? do_sendfile+0x549/0xc10
[ 2609.740912]  ? __x64_sys_sendfile64+0x1cc/0x210
[ 2609.745620]  ? do_syscall_64+0xf9/0x620
[ 2609.749620]  ? ext4_file_mmap+0x420/0x420
[ 2609.753794]  ? __lock_is_held+0xad/0x140
[ 2609.757862]  do_iter_readv_writev+0x50c/0x790
[ 2609.762438]  ? vfs_dedupe_file_range+0x6d0/0x6d0
[ 2609.767204]  ? selinux_file_permission+0x87/0x520
[ 2609.772104]  ? security_file_permission+0x84/0x220
[ 2609.777054]  do_iter_write+0x185/0x5e0
[ 2609.781027]  ? rcu_read_lock_sched_held+0x10a/0x130
[ 2609.787550]  ? __kmalloc+0x5f8/0x770
[ 2609.791257]  ? iter_file_splice_write+0x168/0xb30
[ 2609.796132]  vfs_iter_write+0x70/0xa0
[ 2609.799936]  iter_file_splice_write+0x60c/0xb30
[ 2609.804608]  ? page_cache_pipe_buf_release+0x280/0x280
[ 2609.809889]  ? security_file_permission+0x84/0x220
[ 2609.814813]  ? page_cache_pipe_buf_release+0x280/0x280
[ 2609.820087]  direct_splice_actor+0x115/0x160
[ 2609.824500]  splice_direct_to_actor+0x33f/0x8d0
[ 2609.829282]  ? generic_pipe_buf_nosteal+0x10/0x10
[ 2609.834143]  ? do_splice_to+0x160/0x160
[ 2609.838116]  do_splice_direct+0x1a8/0x270
[ 2609.842261]  ? splice_direct_to_actor+0x8d0/0x8d0
[ 2609.847132]  ? rcu_read_lock_sched_held+0x10a/0x130
[ 2609.852143]  ? rcu_sync_lockdep_assert+0x69/0xa0
[ 2609.856906]  do_sendfile+0x549/0xc10
[ 2609.860632]  ? do_compat_pwritev64+0x1b0/0x1b0
[ 2609.865281]  ? wait_for_completion+0x3c0/0x3c0
[ 2609.869869]  ? vfs_write+0x15b/0x550
[ 2609.873586]  __x64_sys_sendfile64+0x1cc/0x210
[ 2609.878097]  ? __ia32_sys_sendfile+0x220/0x220
[ 2609.882696]  ? __ia32_sys_clock_settime+0x260/0x260
[ 2609.887754]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 2609.892549]  ? trace_hardirqs_off_caller+0x55/0x210
[ 2609.897586]  ? do_syscall_64+0x21/0x620
[ 2609.901557]  do_syscall_64+0xf9/0x620
[ 2609.905355]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 2609.910536] RIP: 0033:0x45c829
[ 2609.913726] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 2609.932651] RSP: 002b:00007f74b8b75c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
00:33:31 executing program 4:
sendmsg$NL80211_CMD_SET_REG(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="a8003ef3", @ANYRES16, @ANYBLOB="00042dbd7000fddbdf251a0000001c00228008000700020000000800010009000000080002000300000005009200010000001c0022800800040021c10000080003007d000000080003000800000008009a00020000004c0022800800040028000000080005000400000008000700010000000800030001000000084fcd971fdcd15cf93b0007000500000008000500b66800000800050001"], 0xa8}}, 0x0)
r0 = socket$unix(0x1, 0x5, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
sendmsg$AUDIT_GET(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000040), 0xc, 0x0}, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x23, &(0x7f0000000240)=[{&(0x7f00000000c0)="800000003804000019000300e601000025000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0x4db, 0x400}], 0x4801, 0x0)

[ 2609.940363] RAX: ffffffffffffffda RBX: 00000000004fc2c0 RCX: 000000000045c829
[ 2609.947657] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000003
[ 2609.954923] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 2609.962187] R10: 0000000000000400 R11: 0000000000000246 R12: 0000000000000007
[ 2609.969452] R13: 00000000000008dc R14: 00000000004cb816 R15: 00007f74b8b766d4
00:33:31 executing program 0:
r0 = open(&(0x7f0000000080)='./bus\x00', 0x1410c2, 0x0)
ftruncate(r0, 0x88001)
write$P9_RXATTRCREATE(r0, &(0x7f0000000040)={0x3ba}, 0x7)
r1 = socket(0x0, 0x3, 0x0)
setsockopt$packet_buf(r1, 0x107, 0xf, &(0x7f0000000280)="a933fb23", 0x4)
bind(r1, &(0x7f0000000180)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x0, 0x0)
sendfile(r1, r2, 0x0, 0xffffffff010)

[ 2609.999810] Process accounting resumed
[ 2610.006547] minix_free_inode: bit 1 already cleared
00:33:31 executing program 2 (fault-call:5 fault-nth:14):
r0 = open(&(0x7f0000000180)='./bus\x00', 0x151042, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f00000005c0)='/proc/sysvipc/sem\x00', 0x0, 0x0)
sendfile(r0, r3, 0x0, 0x400)

00:33:31 executing program 0:
r0 = open(&(0x7f0000000080)='./bus\x00', 0x1410c2, 0x0)
ftruncate(r0, 0x88001)
write$P9_RXATTRCREATE(r0, &(0x7f0000000040)={0x3ba}, 0x7)
r1 = socket(0x0, 0x3, 0x0)
setsockopt$packet_buf(r1, 0x107, 0xf, &(0x7f0000000280)="a933fb23", 0x4)
bind(r1, &(0x7f0000000180)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x0, 0x0)
sendfile(r1, r2, 0x0, 0xffffffff010)

[ 2610.074635] audit: type=1804 audit(1588638811.944:131): pid=25197 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir187076671/syzkaller.vDXwRA/1313/bus" dev="sda1" ino=17451 res=1
00:33:32 executing program 1:
open(&(0x7f0000000200)='./file0\x00', 0x1070c0, 0x0)
syz_mount_image$minix(&(0x7f0000000140)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000040)="600084e002000a0000000001000000c98f13", 0x12, 0x400}, {&(0x7f0000000880)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494fcbcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5fe6b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bd89e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb04e4cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e73872540ef4e5aecb0de86dd2a75bee61a", 0x31a, 0x34f9}], 0x0, 0x0)
acct(&(0x7f0000000480)='./file0\x00')
umount2(&(0x7f0000000500)='./file0\x00', 0x0)

[ 2610.209476] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[ 2610.233294] FAULT_INJECTION: forcing a failure.
[ 2610.233294] name failslab, interval 1, probability 0, space 0, times 0
[ 2610.240735] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[ 2610.245269] CPU: 1 PID: 25212 Comm: syz-executor.2 Not tainted 4.19.120-syzkaller #0
[ 2610.261965] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2610.271329] Call Trace:
[ 2610.273937]  dump_stack+0x188/0x20d
[ 2610.275681] EXT4-fs (loop4): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[ 2610.277667]  should_fail.cold+0xa/0x1b
[ 2610.277685]  ? __es_remove_extent+0x473/0x7d0
[ 2610.277701]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[ 2610.277718]  ? __es_remove_extent+0x473/0x7d0
[ 2610.277734]  ? rcu_read_lock_sched_held+0x10a/0x130
[ 2610.277751]  ? kmem_cache_free+0x218/0x260
[ 2610.313929]  __should_failslab+0x115/0x180
[ 2610.318181]  should_failslab+0x5/0xf
[ 2610.321932]  kmem_cache_alloc+0x44/0x710
[ 2610.326016]  ? ext4_es_can_be_merged+0x194/0x290
[ 2610.330800]  __es_insert_extent+0x2ae/0xf20
[ 2610.335153]  ext4_es_insert_extent+0x22e/0x5e0
[ 2610.339761]  ? ext4_es_find_delayed_extent_range+0x9f0/0x9f0
[ 2610.345592]  ext4_map_blocks+0xb68/0x1970
[ 2610.349787]  ? ext4_issue_zeroout+0x160/0x160
[ 2610.354346]  ext4_writepages+0x1e5b/0x3450
[ 2610.358752]  ? ext4_mark_inode_dirty+0x890/0x890
[ 2610.363557]  ? mark_held_locks+0xf0/0xf0
[ 2610.367669]  ? ext4_mark_inode_dirty+0x890/0x890
[ 2610.372450]  ? do_writepages+0xf3/0x2a0
[ 2610.376463]  do_writepages+0xf3/0x2a0
[ 2610.380287]  ? page_writeback_cpu_online+0x10/0x10
[ 2610.385238]  ? lock_acquire+0x170/0x400
[ 2610.389231]  ? do_raw_spin_unlock+0x171/0x260
[ 2610.393745]  ? _raw_spin_unlock+0x29/0x40
[ 2610.398019]  __filemap_fdatawrite_range+0x27d/0x350
[ 2610.403081]  ? delete_from_page_cache_batch+0xd00/0xd00
[ 2610.408485]  ? generic_perform_write+0x367/0x4d0
[ 2610.413290]  file_write_and_wait_range+0x93/0x100
[ 2610.418163]  __generic_file_fsync+0x74/0x1f0
[ 2610.422691]  ext4_sync_file+0x818/0x1440
[ 2610.426770]  ? ext4_getfsmap+0x950/0x950
[ 2610.430850]  vfs_fsync_range+0x138/0x220
[ 2610.435038]  ext4_file_write_iter+0x75a/0xf90
[ 2610.439603]  ? do_splice_direct+0x1a8/0x270
[ 2610.444100]  ? do_sendfile+0x549/0xc10
[ 2610.447997]  ? __x64_sys_sendfile64+0x1cc/0x210
[ 2610.452683]  ? do_syscall_64+0xf9/0x620
[ 2610.456690]  ? ext4_file_mmap+0x420/0x420
[ 2610.461120]  ? __lock_is_held+0xad/0x140
[ 2610.465272]  do_iter_readv_writev+0x50c/0x790
[ 2610.469788]  ? vfs_dedupe_file_range+0x6d0/0x6d0
[ 2610.474557]  ? selinux_file_permission+0x87/0x520
[ 2610.479407]  ? security_file_permission+0x84/0x220
[ 2610.484340]  do_iter_write+0x185/0x5e0
[ 2610.488233]  ? rcu_read_lock_sched_held+0x10a/0x130
[ 2610.493295]  ? __kmalloc+0x5f8/0x770
[ 2610.497096]  ? iter_file_splice_write+0x168/0xb30
[ 2610.501949]  vfs_iter_write+0x70/0xa0
[ 2610.505808]  iter_file_splice_write+0x60c/0xb30
[ 2610.510487]  ? page_cache_pipe_buf_release+0x280/0x280
[ 2610.515894]  ? security_file_permission+0x84/0x220
[ 2610.520831]  ? page_cache_pipe_buf_release+0x280/0x280
[ 2610.526117]  direct_splice_actor+0x115/0x160
[ 2610.530519]  splice_direct_to_actor+0x33f/0x8d0
[ 2610.535203]  ? generic_pipe_buf_nosteal+0x10/0x10
[ 2610.540058]  ? do_splice_to+0x160/0x160
[ 2610.544026]  do_splice_direct+0x1a8/0x270
[ 2610.548199]  ? splice_direct_to_actor+0x8d0/0x8d0
[ 2610.553066]  ? rcu_read_lock_sched_held+0x10a/0x130
[ 2610.558144]  ? rcu_sync_lockdep_assert+0x69/0xa0
[ 2610.562914]  do_sendfile+0x549/0xc10
[ 2610.566647]  ? do_compat_pwritev64+0x1b0/0x1b0
[ 2610.571245]  ? wait_for_completion+0x3c0/0x3c0
[ 2610.575822]  ? vfs_write+0x15b/0x550
[ 2610.580402]  __x64_sys_sendfile64+0x1cc/0x210
[ 2610.584925]  ? __ia32_sys_sendfile+0x220/0x220
[ 2610.589524]  ? __ia32_sys_clock_settime+0x260/0x260
[ 2610.594538]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 2610.599288]  ? trace_hardirqs_off_caller+0x55/0x210
[ 2610.604320]  ? do_syscall_64+0x21/0x620
[ 2610.608321]  do_syscall_64+0xf9/0x620
[ 2610.612136]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 2610.617433] RIP: 0033:0x45c829
[ 2610.620631] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 2610.639534] RSP: 002b:00007f74b8b75c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 2610.647475] RAX: ffffffffffffffda RBX: 00000000004fc2c0 RCX: 000000000045c829
[ 2610.655139] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000003
[ 2610.662431] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 2610.669709] R10: 0000000000000400 R11: 0000000000000246 R12: 0000000000000007
[ 2610.677685] R13: 00000000000008dc R14: 00000000004cb816 R15: 00007f74b8b766d4
[ 2610.687831] audit: type=1804 audit(1588638812.124:132): pid=25207 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir187076671/syzkaller.vDXwRA/1314/bus" dev="sda1" ino=17461 res=1
[ 2610.714781] audit: type=1800 audit(1588638812.124:133): pid=25214 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="syz-executor.1" name="file0" dev="sda1" ino=17474 res=0
[ 2610.715311] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[ 2610.757070] MINIX-fs: mounting unchecked file system, running fsck is recommended
[ 2610.839824] Process accounting resumed
00:33:33 executing program 2 (fault-call:5 fault-nth:15):
r0 = open(&(0x7f0000000180)='./bus\x00', 0x151042, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f00000005c0)='/proc/sysvipc/sem\x00', 0x0, 0x0)
sendfile(r0, r3, 0x0, 0x400)

00:33:33 executing program 5:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)="0f34", 0x2}], 0x1, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f00000001c0)=""/1, 0x1}], 0x3, 0x0, 0x0, 0x0)
tkill(r0, 0x15)
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0xe7, &(0x7f0000000480)="f71559c80aa4cefd3b79e76a039acbd61caef13fff703cc78e402a21c67dbe3ec9ee6c2a3b818b0000000009eb2b5c9a61000039dfad3ec35ca3dfaa6d0e35475ace78a33eb2b7fcfdd45d247a877bbcdd0307b91e8e05257ee498343d11310dda51e11dc0d92d614498a96fd09b90c0b306ef4fcd32316c48f327739494cfd766e8741d9783e4dc2a1cccb48f7d11a12e7714d3b2ab3f7e145069c031dff4e03cebb733218d3f00c1505b36dae61f9430afbad35132ad1172403fa3de92466d47fa032032453d60b2a1c1080000000000000095c32dd6fb7092e7a73ceffe3f8c450343d34abd"}}], 0x1c)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x2000000000)

00:33:33 executing program 0:
r0 = open(&(0x7f0000000080)='./bus\x00', 0x1410c2, 0x0)
ftruncate(r0, 0x88001)
write$P9_RXATTRCREATE(r0, &(0x7f0000000040)={0x3ba}, 0x7)
r1 = socket(0x0, 0x3, 0x0)
setsockopt$packet_buf(r1, 0x107, 0xf, &(0x7f0000000280)="a933fb23", 0x4)
bind(r1, &(0x7f0000000180)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x0, 0x0)
sendfile(r1, r2, 0x0, 0xffffffff010)

00:33:33 executing program 1:
open(&(0x7f0000000200)='./file0\x00', 0x1070c0, 0x0)
syz_mount_image$minix(&(0x7f0000000140)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000040)="600084e002000a0000000001000000c98f13", 0x12, 0x400}, {&(0x7f0000000880)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494fcbcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5fe6b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bd89e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb04e4cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e73872540ef4e5aecb0de86dd2a75bee61a", 0x31a, 0x34f9}], 0x0, 0x0)
acct(&(0x7f0000000480)='./file0\x00')
umount2(&(0x7f0000000500)='./file0\x00', 0x0)

[ 2611.768743] FAULT_INJECTION: forcing a failure.
[ 2611.768743] name failslab, interval 1, probability 0, space 0, times 0
[ 2611.770403] kauditd_printk_skb: 1 callbacks suppressed
[ 2611.770416] audit: type=1800 audit(1588638813.634:135): pid=25235 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="syz-executor.1" name="file0" dev="sda1" ino=16147 res=0
[ 2611.780547] CPU: 0 PID: 25234 Comm: syz-executor.2 Not tainted 4.19.120-syzkaller #0
[ 2611.813186] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2611.822559] Call Trace:
[ 2611.825172]  dump_stack+0x188/0x20d
[ 2611.828827]  should_fail.cold+0xa/0x1b
[ 2611.828864] MINIX-fs: mounting unchecked file system, running fsck is recommended
[ 2611.832741]  ? __es_remove_extent+0x473/0x7d0
[ 2611.832757]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[ 2611.832772]  ? __es_remove_extent+0x473/0x7d0
[ 2611.832788]  ? rcu_read_lock_sched_held+0x10a/0x130
[ 2611.832802]  ? kmem_cache_free+0x218/0x260
[ 2611.832822]  __should_failslab+0x115/0x180
[ 2611.832836]  should_failslab+0x5/0xf
[ 2611.832852]  kmem_cache_alloc+0x44/0x710
[ 2611.876797]  ? ext4_es_can_be_merged+0x194/0x290
[ 2611.881579]  __es_insert_extent+0x2ae/0xf20
[ 2611.885928]  ext4_es_insert_extent+0x22e/0x5e0
[ 2611.890542]  ? ext4_es_find_delayed_extent_range+0x9f0/0x9f0
[ 2611.896386]  ext4_map_blocks+0xb68/0x1970
[ 2611.898110] audit: type=1804 audit(1588638813.664:136): pid=25243 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir187076671/syzkaller.vDXwRA/1315/bus" dev="sda1" ino=16130 res=1
[ 2611.900586]  ? ext4_issue_zeroout+0x160/0x160
[ 2611.900617]  ext4_writepages+0x1e5b/0x3450
[ 2611.900649]  ? ext4_mark_inode_dirty+0x890/0x890
[ 2611.900669]  ? mark_held_locks+0xf0/0xf0
[ 2611.900697]  ? ext4_mark_inode_dirty+0x890/0x890
[ 2611.947138]  ? do_writepages+0xf3/0x2a0
[ 2611.951138]  do_writepages+0xf3/0x2a0
[ 2611.954985]  ? page_writeback_cpu_online+0x10/0x10
[ 2611.959943]  ? lock_acquire+0x170/0x400
[ 2611.963942]  ? do_raw_spin_unlock+0x171/0x260
[ 2611.968487]  ? _raw_spin_unlock+0x29/0x40
[ 2611.972665]  __filemap_fdatawrite_range+0x27d/0x350
[ 2611.977705]  ? delete_from_page_cache_batch+0xd00/0xd00
[ 2611.983105]  ? generic_perform_write+0x367/0x4d0
[ 2611.988022]  file_write_and_wait_range+0x93/0x100
[ 2611.992895]  __generic_file_fsync+0x74/0x1f0
[ 2611.997512]  ext4_sync_file+0x818/0x1440
[ 2612.001594]  ? ext4_getfsmap+0x950/0x950
[ 2612.005688]  vfs_fsync_range+0x138/0x220
[ 2612.009778]  ext4_file_write_iter+0x75a/0xf90
[ 2612.014305]  ? do_splice_direct+0x1a8/0x270
[ 2612.018680]  ? do_sendfile+0x549/0xc10
[ 2612.022583]  ? __x64_sys_sendfile64+0x1cc/0x210
[ 2612.027267]  ? do_syscall_64+0xf9/0x620
[ 2612.031249]  ? ext4_file_mmap+0x420/0x420
[ 2612.035399]  ? __lock_is_held+0xad/0x140
[ 2612.039489]  do_iter_readv_writev+0x50c/0x790
[ 2612.044010]  ? vfs_dedupe_file_range+0x6d0/0x6d0
[ 2612.048790]  ? selinux_file_permission+0x87/0x520
[ 2612.053681]  ? security_file_permission+0x84/0x220
[ 2612.058627]  do_iter_write+0x185/0x5e0
[ 2612.062516]  ? rcu_read_lock_sched_held+0x10a/0x130
[ 2612.072826]  ? __kmalloc+0x5f8/0x770
[ 2612.076571]  ? iter_file_splice_write+0x168/0xb30
[ 2612.081411]  vfs_iter_write+0x70/0xa0
[ 2612.085210]  iter_file_splice_write+0x60c/0xb30
[ 2612.089921]  ? page_cache_pipe_buf_release+0x280/0x280
[ 2612.095225]  ? security_file_permission+0x84/0x220
[ 2612.100176]  ? page_cache_pipe_buf_release+0x280/0x280
[ 2612.105655]  direct_splice_actor+0x115/0x160
[ 2612.110347]  splice_direct_to_actor+0x33f/0x8d0
[ 2612.115019]  ? generic_pipe_buf_nosteal+0x10/0x10
[ 2612.119885]  ? do_splice_to+0x160/0x160
[ 2612.123934]  do_splice_direct+0x1a8/0x270
[ 2612.129746]  ? splice_direct_to_actor+0x8d0/0x8d0
[ 2612.134597]  ? rcu_read_lock_sched_held+0x10a/0x130
[ 2612.139715]  ? rcu_sync_lockdep_assert+0x69/0xa0
[ 2612.144490]  do_sendfile+0x549/0xc10
[ 2612.148238]  ? do_compat_pwritev64+0x1b0/0x1b0
[ 2612.152839]  ? wait_for_completion+0x3c0/0x3c0
[ 2612.157437]  ? vfs_write+0x15b/0x550
[ 2612.161163]  __x64_sys_sendfile64+0x1cc/0x210
[ 2612.165685]  ? __ia32_sys_sendfile+0x220/0x220
[ 2612.170415]  ? __ia32_sys_clock_settime+0x260/0x260
[ 2612.175455]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 2612.180250]  ? trace_hardirqs_off_caller+0x55/0x210
[ 2612.185276]  ? do_syscall_64+0x21/0x620
[ 2612.189269]  do_syscall_64+0xf9/0x620
[ 2612.193069]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 2612.198255] RIP: 0033:0x45c829
[ 2612.201447] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 2612.220357] RSP: 002b:00007f74b8b75c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 2612.228137] RAX: ffffffffffffffda RBX: 00000000004fc2c0 RCX: 000000000045c829
[ 2612.235424] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000003
[ 2612.242750] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 2612.250042] R10: 0000000000000400 R11: 0000000000000246 R12: 0000000000000007
[ 2612.257669] R13: 00000000000008dc R14: 00000000004cb816 R15: 00007f74b8b766d4
[ 2612.303433] Process accounting resumed
00:33:34 executing program 3:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)="0f34", 0x2}], 0x1, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {&(0x7f00000001c0)=""/1, 0x1}], 0x2, 0x0, 0x0, 0x0)
tkill(r0, 0x15)
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0xe4, &(0x7f0000000480)="f71559c80aa4cefd3b79e76a039acbd61caef13fff703cc78e402a21c67dbe3ec9ee6c2a3b818b0000000009eb2b5c9a61000039dfad3ec35ca3dfaa6d0e35475ace78a33eb2b7fcfdd45d247a877bbcdd0307b91e8e05257ee498343d11310dda51e11dc0d92d614498a96fd09b90c0b306ef4fcd32316c48f327739494cfd766e8741d9783e4dc2a1cccb48f7d11a12e7714d3b2ab3f7e145069c031dff4e03cebb733218d3f00c1505b36dae61f9430afbad35132ad1172403fa3de92466d47fa032032453d60b2a1c1080000000000000095c32dd6fb7092e7a73ceffe3f8c450343"}}], 0x1c)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

00:33:34 executing program 4:
sendmsg$NL80211_CMD_SET_REG(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="a8003ef3", @ANYRES16, @ANYBLOB="00042dbd7000fddbdf251a0000001c00228008000700020000000800010009000000080002000300000005009200010000001c0022800800040021c10000080003007d000000080003000800000008009a00020000004c0022800800040028000000080005000400000008000700010000000800030001000000084fcd971fdcd15cf93b0007000500000008000500b66800000800050001"], 0xa8}}, 0x0)
r0 = socket$unix(0x1, 0x5, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
sendmsg$AUDIT_GET(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000040), 0xc, 0x0}, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x23, &(0x7f0000000240)=[{&(0x7f00000000c0)="800000003804000019000300e60100002e000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0x4db, 0x400}], 0x4801, 0x0)

00:33:34 executing program 0:
r0 = open(&(0x7f0000000080)='./bus\x00', 0x1410c2, 0x0)
ftruncate(r0, 0x88001)
write$P9_RXATTRCREATE(r0, &(0x7f0000000040)={0x3ba}, 0x7)
r1 = socket(0x11, 0x0, 0x0)
setsockopt$packet_buf(r1, 0x107, 0xf, &(0x7f0000000280)="a933fb23", 0x4)
bind(r1, &(0x7f0000000180)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x0, 0x0)
sendfile(r1, r2, 0x0, 0xffffffff010)

00:33:34 executing program 2 (fault-call:5 fault-nth:16):
r0 = open(&(0x7f0000000180)='./bus\x00', 0x151042, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f00000005c0)='/proc/sysvipc/sem\x00', 0x0, 0x0)
sendfile(r0, r3, 0x0, 0x400)

00:33:34 executing program 1:
open(&(0x7f0000000200)='./file0\x00', 0x1070c0, 0x0)
syz_mount_image$minix(&(0x7f0000000140)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000040)="600084e002000a0000000001000000c98f13", 0x12, 0x400}, {&(0x7f0000000880)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494fcbcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5fe6b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bd89e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb04e4cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e73872540ef4e5aecb0de86dd2a75bee61a", 0x31a, 0x34f9}], 0x0, 0x0)
acct(&(0x7f0000000480)='./file0\x00')
umount2(&(0x7f0000000500)='./file0\x00', 0x0)

[ 2612.454451] audit: type=1804 audit(1588638814.324:137): pid=25263 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir187076671/syzkaller.vDXwRA/1316/bus" dev="sda1" ino=16087 res=1
[ 2612.468891] FAULT_INJECTION: forcing a failure.
[ 2612.468891] name failslab, interval 1, probability 0, space 0, times 0
00:33:34 executing program 0:
r0 = open(&(0x7f0000000080)='./bus\x00', 0x1410c2, 0x0)
ftruncate(r0, 0x88001)
write$P9_RXATTRCREATE(r0, &(0x7f0000000040)={0x3ba}, 0x7)
r1 = socket(0x11, 0x0, 0x0)
setsockopt$packet_buf(r1, 0x107, 0xf, &(0x7f0000000280)="a933fb23", 0x4)
bind(r1, &(0x7f0000000180)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x0, 0x0)
sendfile(r1, r2, 0x0, 0xffffffff010)

[ 2612.493648] audit: type=1800 audit(1588638814.324:138): pid=25266 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="syz-executor.1" name="file0" dev="sda1" ino=16215 res=0
[ 2612.516915] MINIX-fs: mounting unchecked file system, running fsck is recommended
[ 2612.528155] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[ 2612.546316] CPU: 0 PID: 25265 Comm: syz-executor.2 Not tainted 4.19.120-syzkaller #0
[ 2612.554270] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2612.557449] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[ 2612.563643] Call Trace:
[ 2612.563669]  dump_stack+0x188/0x20d
[ 2612.563690]  should_fail.cold+0xa/0x1b
[ 2612.563706]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[ 2612.563719]  ? should_fail+0x142/0x7bc
[ 2612.563742]  __should_failslab+0x115/0x180
[ 2612.563756]  should_failslab+0x5/0xf
[ 2612.563773]  kmem_cache_alloc+0x44/0x710
[ 2612.592618] EXT4-fs (loop4): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[ 2612.596222]  ? rcu_read_lock_sched_held+0x10a/0x130
[ 2612.596241]  ? mempool_alloc+0x340/0x340
[ 2612.596253]  mempool_alloc+0x148/0x340
[ 2612.596270]  ? mempool_destroy+0x30/0x30
[ 2612.615362] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[ 2612.617980]  ? mempool_destroy+0x30/0x30
[ 2612.644127]  ? find_held_lock+0x2d/0x110
[ 2612.648210]  ? __unlock_page_memcg+0x4f/0x100
[ 2612.652805]  bvec_alloc+0xdb/0x2f0
[ 2612.656366]  bio_alloc_bioset+0x437/0x610
[ 2612.660547]  ? bvec_alloc+0x2f0/0x2f0
[ 2612.664431]  ? __test_set_page_writeback+0x4fa/0x1a40
[ 2612.669774]  ext4_bio_write_page+0xc02/0x142d
[ 2612.674312]  mpage_submit_page+0x14b/0x250
[ 2612.678572]  mpage_map_and_submit_buffers+0x48b/0x7c0
[ 2612.683793]  ? mpage_process_page_bufs+0x620/0x620
[ 2612.688753]  ? ext4_issue_zeroout+0x160/0x160
[ 2612.693281]  ext4_writepages+0x1f7a/0x3450
[ 2612.697557]  ? ext4_mark_inode_dirty+0x890/0x890
[ 2612.702334]  ? mark_held_locks+0xf0/0xf0
[ 2612.706458]  ? ext4_mark_inode_dirty+0x890/0x890
[ 2612.711237]  ? do_writepages+0xf3/0x2a0
[ 2612.715225]  do_writepages+0xf3/0x2a0
[ 2612.719057]  ? page_writeback_cpu_online+0x10/0x10
[ 2612.724018]  ? lock_acquire+0x170/0x400
[ 2612.728454]  ? do_raw_spin_unlock+0x171/0x260
[ 2612.733151]  ? _raw_spin_unlock+0x29/0x40
[ 2612.737331]  __filemap_fdatawrite_range+0x27d/0x350
[ 2612.742368]  ? delete_from_page_cache_batch+0xd00/0xd00
[ 2612.747772]  ? generic_perform_write+0x367/0x4d0
[ 2612.752559]  file_write_and_wait_range+0x93/0x100
[ 2612.757530]  __generic_file_fsync+0x74/0x1f0
[ 2612.761979]  ext4_sync_file+0x818/0x1440
[ 2612.766065]  ? ext4_getfsmap+0x950/0x950
[ 2612.770287]  vfs_fsync_range+0x138/0x220
[ 2612.774398]  ext4_file_write_iter+0x75a/0xf90
[ 2612.778918]  ? do_splice_direct+0x1a8/0x270
[ 2612.783261]  ? do_sendfile+0x549/0xc10
[ 2612.787169]  ? __x64_sys_sendfile64+0x1cc/0x210
[ 2612.791855]  ? do_syscall_64+0xf9/0x620
[ 2612.796028]  ? ext4_file_mmap+0x420/0x420
[ 2612.800224]  ? __lock_is_held+0xad/0x140
[ 2612.804346]  do_iter_readv_writev+0x50c/0x790
[ 2612.808869]  ? vfs_dedupe_file_range+0x6d0/0x6d0
[ 2612.813648]  ? selinux_file_permission+0x87/0x520
[ 2612.818515]  ? security_file_permission+0x84/0x220
[ 2612.823461]  do_iter_write+0x185/0x5e0
[ 2612.827348]  ? rcu_read_lock_sched_held+0x10a/0x130
[ 2612.832371]  ? __kmalloc+0x5f8/0x770
[ 2612.836092]  ? iter_file_splice_write+0x168/0xb30
[ 2612.840996]  vfs_iter_write+0x70/0xa0
[ 2612.844923]  iter_file_splice_write+0x60c/0xb30
[ 2612.847018] audit: type=1804 audit(1588638814.414:139): pid=25280 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir187076671/syzkaller.vDXwRA/1317/bus" dev="sda1" ino=16222 res=1
[ 2612.849615]  ? page_cache_pipe_buf_release+0x280/0x280
[ 2612.849648]  ? security_file_permission+0x84/0x220
[ 2612.849664]  ? page_cache_pipe_buf_release+0x280/0x280
[ 2612.849686]  direct_splice_actor+0x115/0x160
[ 2612.893431]  splice_direct_to_actor+0x33f/0x8d0
[ 2612.898168]  ? generic_pipe_buf_nosteal+0x10/0x10
[ 2612.903009]  ? do_splice_to+0x160/0x160
[ 2612.906987]  do_splice_direct+0x1a8/0x270
[ 2612.911138]  ? splice_direct_to_actor+0x8d0/0x8d0
[ 2612.916046]  ? rcu_read_lock_sched_held+0x10a/0x130
[ 2612.921106]  ? rcu_sync_lockdep_assert+0x69/0xa0
[ 2612.925869]  do_sendfile+0x549/0xc10
[ 2612.929581]  ? do_compat_pwritev64+0x1b0/0x1b0
[ 2612.934160]  ? wait_for_completion+0x3c0/0x3c0
[ 2612.938754]  ? vfs_write+0x15b/0x550
[ 2612.942497]  __x64_sys_sendfile64+0x1cc/0x210
[ 2612.947024]  ? __ia32_sys_sendfile+0x220/0x220
[ 2612.951652]  ? __ia32_sys_clock_settime+0x260/0x260
[ 2612.956732]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 2612.961486]  ? trace_hardirqs_off_caller+0x55/0x210
[ 2612.966503]  ? do_syscall_64+0x21/0x620
[ 2612.970488]  do_syscall_64+0xf9/0x620
[ 2612.974377]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 2612.979586] RIP: 0033:0x45c829
[ 2612.982866] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
00:33:34 executing program 4:
sendmsg$NL80211_CMD_SET_REG(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="a8003ef3", @ANYRES16, @ANYBLOB="00042dbd7000fddbdf251a0000001c00228008000700020000000800010009000000080002000300000005009200010000001c0022800800040021c10000080003007d000000080003000800000008009a00020000004c0022800800040028000000080005000400000008000700010000000800030001000000084fcd971fdcd15cf93b0007000500000008000500b66800000800050001"], 0xa8}}, 0x0)
r0 = socket$unix(0x1, 0x5, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
sendmsg$AUDIT_GET(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000040), 0xc, 0x0}, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x23, &(0x7f0000000240)=[{&(0x7f00000000c0)="800000003804000019000300e60100002f000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0x4db, 0x400}], 0x4801, 0x0)

[ 2613.004569] RSP: 002b:00007f74b8b75c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 2613.012469] RAX: ffffffffffffffda RBX: 00000000004fc2c0 RCX: 000000000045c829
[ 2613.019797] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000003
[ 2613.027073] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 2613.034338] R10: 0000000000000400 R11: 0000000000000246 R12: 0000000000000007
[ 2613.041673] R13: 00000000000008dc R14: 00000000004cb816 R15: 00007f74b8b766d4
00:33:34 executing program 2 (fault-call:5 fault-nth:17):
r0 = open(&(0x7f0000000180)='./bus\x00', 0x151042, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f00000005c0)='/proc/sysvipc/sem\x00', 0x0, 0x0)
sendfile(r0, r3, 0x0, 0x400)

00:33:34 executing program 0:
r0 = open(&(0x7f0000000080)='./bus\x00', 0x1410c2, 0x0)
ftruncate(r0, 0x88001)
write$P9_RXATTRCREATE(r0, &(0x7f0000000040)={0x3ba}, 0x7)
r1 = socket(0x11, 0x0, 0x0)
setsockopt$packet_buf(r1, 0x107, 0xf, &(0x7f0000000280)="a933fb23", 0x4)
bind(r1, &(0x7f0000000180)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x0, 0x0)
sendfile(r1, r2, 0x0, 0xffffffff010)

[ 2613.079999] Process accounting resumed
[ 2613.144213] audit: type=1804 audit(1588638815.014:140): pid=25286 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir187076671/syzkaller.vDXwRA/1318/bus" dev="sda1" ino=16239 res=1
[ 2613.193756] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[ 2613.210595] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[ 2613.236969] EXT4-fs (loop4): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[ 2613.237880] FAULT_INJECTION: forcing a failure.
[ 2613.237880] name failslab, interval 1, probability 0, space 0, times 0
[ 2613.268740] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[ 2613.291856] CPU: 0 PID: 25292 Comm: syz-executor.2 Not tainted 4.19.120-syzkaller #0
[ 2613.299799] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2613.310126] Call Trace:
[ 2613.312740]  dump_stack+0x188/0x20d
[ 2613.316392]  should_fail.cold+0xa/0x1b
[ 2613.320301]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[ 2613.325426]  ? find_held_lock+0x2d/0x110
[ 2613.329506]  ? blk_queue_enter+0xa53/0xce0
[ 2613.333772]  __should_failslab+0x115/0x180
[ 2613.338036]  should_failslab+0x5/0xf
[ 2613.341790]  kmem_cache_alloc_node+0x55/0x730
[ 2613.347189]  ? lock_downgrade+0x740/0x740
[ 2613.351370]  create_task_io_context+0x2c/0x430
[ 2613.356595]  generic_make_request_checks+0x1bc5/0x2310
[ 2613.361905]  ? trace_event_raw_event_block_rq_requeue+0x5e0/0x5e0
[ 2613.368179]  ? __ext4_handle_dirty_metadata+0x1de/0x580
[ 2613.373611]  ? __brelse+0x84/0xa0
[ 2613.377075]  ? ext4_mark_iloc_dirty+0x1834/0x2c00
[ 2613.381934]  generic_make_request+0x24c/0x12d0
[ 2613.386537]  ? blk_get_request+0x700/0x700
[ 2613.390853]  ? __ext4_journal_get_write_access+0x6c/0xa0
[ 2613.396298]  ? submit_bio+0xb1/0x430
[ 2613.400002]  submit_bio+0xb1/0x430
[ 2613.403555]  ? generic_make_request+0x12d0/0x12d0
[ 2613.408393]  ? lock_downgrade+0x740/0x740
[ 2613.412549]  ext4_io_submit+0x18a/0x220
[ 2613.416517]  ext4_writepages+0x189d/0x3450
[ 2613.420765]  ? ext4_mark_inode_dirty+0x890/0x890
[ 2613.425514]  ? mark_held_locks+0xf0/0xf0
[ 2613.429594]  ? ext4_mark_inode_dirty+0x890/0x890
[ 2613.434351]  ? do_writepages+0xf3/0x2a0
[ 2613.438315]  do_writepages+0xf3/0x2a0
[ 2613.442129]  ? page_writeback_cpu_online+0x10/0x10
[ 2613.447048]  ? lock_acquire+0x170/0x400
[ 2613.451028]  ? do_raw_spin_unlock+0x171/0x260
[ 2613.455571]  ? _raw_spin_unlock+0x29/0x40
[ 2613.459740]  __filemap_fdatawrite_range+0x27d/0x350
[ 2613.464789]  ? delete_from_page_cache_batch+0xd00/0xd00
[ 2613.470213]  ? generic_perform_write+0x367/0x4d0
[ 2613.474976]  file_write_and_wait_range+0x93/0x100
[ 2613.479983]  __generic_file_fsync+0x74/0x1f0
[ 2613.484427]  ext4_sync_file+0x818/0x1440
[ 2613.488552]  ? ext4_getfsmap+0x950/0x950
[ 2613.492697]  vfs_fsync_range+0x138/0x220
[ 2613.496791]  ext4_file_write_iter+0x75a/0xf90
[ 2613.501297]  ? do_splice_direct+0x1a8/0x270
[ 2613.505629]  ? do_sendfile+0x549/0xc10
[ 2613.509539]  ? __x64_sys_sendfile64+0x1cc/0x210
[ 2613.514206]  ? do_syscall_64+0xf9/0x620
[ 2613.518195]  ? ext4_file_mmap+0x420/0x420
[ 2613.522342]  ? __lock_is_held+0xad/0x140
[ 2613.526404]  do_iter_readv_writev+0x50c/0x790
[ 2613.530893]  ? vfs_dedupe_file_range+0x6d0/0x6d0
[ 2613.535773]  ? selinux_file_permission+0x87/0x520
[ 2613.540637]  ? security_file_permission+0x84/0x220
[ 2613.545609]  do_iter_write+0x185/0x5e0
[ 2613.549524]  ? rcu_read_lock_sched_held+0x10a/0x130
[ 2613.554549]  ? __kmalloc+0x5f8/0x770
[ 2613.558277]  ? iter_file_splice_write+0x168/0xb30
[ 2613.563128]  vfs_iter_write+0x70/0xa0
[ 2613.566933]  iter_file_splice_write+0x60c/0xb30
[ 2613.571611]  ? page_cache_pipe_buf_release+0x280/0x280
[ 2613.576895]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 2613.581682]  ? retint_kernel+0x2d/0x2d
[ 2613.585570]  ? page_cache_pipe_buf_release+0x280/0x280
[ 2613.590843]  direct_splice_actor+0x115/0x160
[ 2613.595251]  splice_direct_to_actor+0x33f/0x8d0
[ 2613.599923]  ? generic_pipe_buf_nosteal+0x10/0x10
[ 2613.604790]  ? do_splice_to+0x160/0x160
[ 2613.608779]  do_splice_direct+0x1a8/0x270
[ 2613.612922]  ? splice_direct_to_actor+0x8d0/0x8d0
[ 2613.617766]  ? rcu_read_lock_sched_held+0x10a/0x130
[ 2613.622782]  ? rcu_sync_lockdep_assert+0x69/0xa0
[ 2613.627555]  do_sendfile+0x549/0xc10
[ 2613.631287]  ? do_compat_pwritev64+0x1b0/0x1b0
[ 2613.635874]  ? wait_for_completion+0x3c0/0x3c0
[ 2613.640459]  ? vfs_write+0x15b/0x550
[ 2613.644184]  __x64_sys_sendfile64+0x1cc/0x210
[ 2613.648822]  ? __ia32_sys_sendfile+0x220/0x220
[ 2613.653398]  ? __ia32_sys_clock_settime+0x260/0x260
[ 2613.658458]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 2613.663270]  ? trace_hardirqs_off_caller+0x55/0x210
[ 2613.668722]  ? do_syscall_64+0x21/0x620
[ 2613.673382]  do_syscall_64+0xf9/0x620
[ 2613.677205]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 2613.682401] RIP: 0033:0x45c829
[ 2613.685677] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 2613.704747] RSP: 002b:00007f74b8b75c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 2613.712462] RAX: ffffffffffffffda RBX: 00000000004fc2c0 RCX: 000000000045c829
[ 2613.719731] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000003
[ 2613.727007] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 2613.734398] R10: 0000000000000400 R11: 0000000000000246 R12: 0000000000000007
[ 2613.741689] R13: 00000000000008dc R14: 00000000004cb816 R15: 00007f74b8b766d4
00:33:36 executing program 5:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)="0f34", 0x2}], 0x1, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f00000001c0)=""/1, 0x1}], 0x3, 0x0, 0x0, 0x0)
tkill(r0, 0x15)
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0xe7, &(0x7f0000000480)="f71559c80aa4cefd3b79e76a039acbd61caef13fff703cc78e402a21c67dbe3ec9ee6c2a3b818b0000000009eb2b5c9a61000039dfad3ec35ca3dfaa6d0e35475ace78a33eb2b7fcfdd45d247a877bbcdd0307b91e8e05257ee498343d11310dda51e11dc0d92d614498a96fd09b90c0b306ef4fcd32316c48f327739494cfd766e8741d9783e4dc2a1cccb48f7d11a12e7714d3b2ab3f7e145069c031dff4e03cebb733218d3f00c1505b36dae61f9430afbad35132ad1172403fa3de92466d47fa032032453d60b2a1c1080000000000000095c32dd6fb7092e7a73ceffe3f8c450343d34abd"}}], 0x1c)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x2100000000)

00:33:36 executing program 0:
r0 = open(&(0x7f0000000080)='./bus\x00', 0x1410c2, 0x0)
ftruncate(r0, 0x88001)
write$P9_RXATTRCREATE(r0, &(0x7f0000000040)={0x3ba}, 0x7)
r1 = socket(0x11, 0x3, 0x0)
setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0xf, &(0x7f0000000280)="a933fb23", 0x4)
bind(r1, &(0x7f0000000180)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x0, 0x0)
sendfile(r1, r2, 0x0, 0xffffffff010)

00:33:36 executing program 1:
open(&(0x7f0000000200)='./file0\x00', 0x1070c0, 0x0)
syz_mount_image$minix(&(0x7f0000000140)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000040)="600084e002000a0000000001000000c98f13", 0x12, 0x400}, {&(0x7f0000000880)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494fcbcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5fe6b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bd89e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb04e4cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e73872540ef4e5aecb0de86dd2a75bee61a9303a332233f", 0x320, 0x34f9}], 0x0, 0x0)
acct(&(0x7f0000000480)='./file0\x00')
umount2(&(0x7f0000000500)='./file0\x00', 0x0)

[ 2614.799002] audit: type=1800 audit(1588638816.664:141): pid=25306 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="syz-executor.1" name="file0" dev="sda1" ino=16245 res=0
[ 2614.837367] MINIX-fs: mounting unchecked file system, running fsck is recommended
[ 2614.855259] audit: type=1804 audit(1588638816.694:142): pid=25305 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir187076671/syzkaller.vDXwRA/1319/bus" dev="sda1" ino=16247 res=1
[ 2614.929801] Process accounting resumed
00:33:37 executing program 4:
sendmsg$NL80211_CMD_SET_REG(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="a8003ef3", @ANYRES16, @ANYBLOB="00042dbd7000fddbdf251a0000001c00228008000700020000000800010009000000080002000300000005009200010000001c0022800800040021c10000080003007d000000080003000800000008009a00020000004c0022800800040028000000080005000400000008000700010000000800030001000000084fcd971fdcd15cf93b0007000500000008000500b66800000800050001"], 0xa8}}, 0x0)
r0 = socket$unix(0x1, 0x5, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
sendmsg$AUDIT_GET(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000040), 0xc, 0x0}, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x23, &(0x7f0000000240)=[{&(0x7f00000000c0)="800000003804000019000300e60100004c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0x4db, 0x400}], 0x4801, 0x0)

00:33:37 executing program 3:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)="0f34", 0x2}], 0x1, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {&(0x7f00000001c0)=""/1, 0x1}], 0x2, 0x0, 0x0, 0x0)
tkill(r0, 0x15)
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0xe4, &(0x7f0000000480)="f71559c80aa4cefd3b79e76a039acbd61caef13fff703cc78e402a21c67dbe3ec9ee6c2a3b818b0000000009eb2b5c9a61000039dfad3ec35ca3dfaa6d0e35475ace78a33eb2b7fcfdd45d247a877bbcdd0307b91e8e05257ee498343d11310dda51e11dc0d92d614498a96fd09b90c0b306ef4fcd32316c48f327739494cfd766e8741d9783e4dc2a1cccb48f7d11a12e7714d3b2ab3f7e145069c031dff4e03cebb733218d3f00c1505b36dae61f9430afbad35132ad1172403fa3de92466d47fa032032453d60b2a1c1080000000000000095c32dd6fb7092e7a73ceffe3f8c450343"}}], 0x1c)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

00:33:37 executing program 0:
r0 = open(&(0x7f0000000080)='./bus\x00', 0x1410c2, 0x0)
ftruncate(r0, 0x88001)
write$P9_RXATTRCREATE(r0, &(0x7f0000000040)={0x3ba}, 0x7)
r1 = socket(0x11, 0x3, 0x0)
setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0xf, &(0x7f0000000280)="a933fb23", 0x4)
bind(r1, &(0x7f0000000180)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x0, 0x0)
sendfile(r1, r2, 0x0, 0xffffffff010)

00:33:37 executing program 1:
open(&(0x7f0000000200)='./file0\x00', 0x1070c0, 0x0)
syz_mount_image$minix(&(0x7f0000000140)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000040)="600084e002000a0000000001000000c98f13", 0x12, 0x400}, {&(0x7f0000000880)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494fcbcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5fe6b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bd89e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb04e4cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e73872540ef4e5aecb0de86dd2a75bee61a9303a332233f", 0x320, 0x34f9}], 0x0, 0x0)
acct(&(0x7f0000000480)='./file0\x00')
umount2(&(0x7f0000000500)='./file0\x00', 0x0)

00:33:37 executing program 2 (fault-call:5 fault-nth:18):
r0 = open(&(0x7f0000000180)='./bus\x00', 0x151042, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f00000005c0)='/proc/sysvipc/sem\x00', 0x0, 0x0)
sendfile(r0, r3, 0x0, 0x400)

[ 2615.478080] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[ 2615.487520] FAULT_INJECTION: forcing a failure.
[ 2615.487520] name failslab, interval 1, probability 0, space 0, times 0
[ 2615.492231] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[ 2615.499326] audit: type=1800 audit(1588638817.354:143): pid=25334 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="syz-executor.1" name="file0" dev="sda1" ino=16499 res=0
[ 2615.523855] EXT4-fs (loop4): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[ 2615.540465] CPU: 0 PID: 25330 Comm: syz-executor.2 Not tainted 4.19.120-syzkaller #0
[ 2615.548383] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2615.556167] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[ 2615.557792] Call Trace:
[ 2615.568576]  dump_stack+0x188/0x20d
[ 2615.572227]  should_fail.cold+0xa/0x1b
[ 2615.576832]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[ 2615.581951]  ? __lock_acquire+0x6ee/0x49c0
[ 2615.586247]  __should_failslab+0x115/0x180
[ 2615.588473] MINIX-fs: mounting unchecked file system, running fsck is recommended
[ 2615.590499]  should_failslab+0x5/0xf
[ 2615.590514]  kmem_cache_alloc+0x44/0x710
[ 2615.590536]  ? mempool_alloc+0x340/0x340
[ 2615.590547]  mempool_alloc+0x148/0x340
[ 2615.590571]  ? mempool_destroy+0x30/0x30
[ 2615.590586]  ? __lock_is_held+0xad/0x140
[ 2615.590611]  bio_alloc_bioset+0x398/0x610
[ 2615.590626]  ? bvec_alloc+0x2f0/0x2f0
[ 2615.590642]  ? __lock_is_held+0xad/0x140
[ 2615.590658]  submit_bh_wbc+0x141/0x760
[ 2615.590679]  __sync_dirty_buffer+0x105/0x2e0
[ 2615.600125] audit: type=1804 audit(1588638817.474:144): pid=25336 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir187076671/syzkaller.vDXwRA/1320/bus" dev="sda1" ino=16513 res=1
[ 2615.602042]  ext4_write_inode+0x43c/0x4d0
[ 2615.602058]  ? __ext4_iget+0x3f00/0x3f00
[ 2615.602087]  __writeback_single_inode+0xc7d/0x12d0
[ 2615.679677]  writeback_single_inode+0x2a1/0x3f0
[ 2615.684378]  sync_inode_metadata+0x93/0xd0
[ 2615.688633]  ? sync_inode+0x20/0x20
[ 2615.692293]  __generic_file_fsync+0x15d/0x1f0
[ 2615.696810]  ext4_sync_file+0x818/0x1440
[ 2615.700894]  ? ext4_getfsmap+0x950/0x950
[ 2615.705094]  vfs_fsync_range+0x138/0x220
[ 2615.709182]  ext4_file_write_iter+0x75a/0xf90
[ 2615.713786]  ? do_splice_direct+0x1a8/0x270
[ 2615.718135]  ? do_sendfile+0x549/0xc10
[ 2615.722072]  ? __x64_sys_sendfile64+0x1cc/0x210
[ 2615.726778]  ? do_syscall_64+0xf9/0x620
[ 2615.730781]  ? ext4_file_mmap+0x420/0x420
[ 2615.734956]  ? __lock_is_held+0xad/0x140
[ 2615.739051]  do_iter_readv_writev+0x50c/0x790
[ 2615.743607]  ? vfs_dedupe_file_range+0x6d0/0x6d0
[ 2615.748385]  ? selinux_file_permission+0x87/0x520
[ 2615.753256]  ? security_file_permission+0x84/0x220
[ 2615.758215]  do_iter_write+0x185/0x5e0
[ 2615.762122]  ? rcu_read_lock_sched_held+0x10a/0x130
[ 2615.767150]  ? __kmalloc+0x5f8/0x770
[ 2615.770899]  ? iter_file_splice_write+0x168/0xb30
[ 2615.775761]  vfs_iter_write+0x70/0xa0
[ 2615.779588]  iter_file_splice_write+0x60c/0xb30
[ 2615.784397]  ? page_cache_pipe_buf_release+0x280/0x280
[ 2615.789718]  ? security_file_permission+0x84/0x220
[ 2615.794672]  ? page_cache_pipe_buf_release+0x280/0x280
[ 2615.799968]  direct_splice_actor+0x115/0x160
[ 2615.804394]  splice_direct_to_actor+0x33f/0x8d0
[ 2615.809175]  ? generic_pipe_buf_nosteal+0x10/0x10
[ 2615.814034]  ? do_splice_to+0x160/0x160
[ 2615.818041]  do_splice_direct+0x1a8/0x270
[ 2615.822211]  ? splice_direct_to_actor+0x8d0/0x8d0
00:33:37 executing program 4:
sendmsg$NL80211_CMD_SET_REG(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="a8003ef3", @ANYRES16, @ANYBLOB="00042dbd7000fddbdf251a0000001c00228008000700020000000800010009000000080002000300000005009200010000001c0022800800040021c10000080003007d000000080003000800000008009a00020000004c0022800800040028000000080005000400000008000700010000000800030001000000084fcd971fdcd15cf93b0007000500000008000500b66800000800050001"], 0xa8}}, 0x0)
r0 = socket$unix(0x1, 0x5, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
sendmsg$AUDIT_GET(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000040), 0xc, 0x0}, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x23, &(0x7f0000000240)=[{&(0x7f00000000c0)="800000003804000019000300e60100026c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0x4db, 0x400}], 0x4801, 0x0)

[ 2615.827084]  ? rcu_read_lock_sched_held+0x10a/0x130
[ 2615.832115]  ? rcu_sync_lockdep_assert+0x69/0xa0
[ 2615.836894]  do_sendfile+0x549/0xc10
[ 2615.840668]  ? do_compat_pwritev64+0x1b0/0x1b0
[ 2615.845267]  ? wait_for_completion+0x3c0/0x3c0
[ 2615.849867]  ? vfs_write+0x15b/0x550
[ 2615.853623]  __x64_sys_sendfile64+0x1cc/0x210
[ 2615.858136]  ? __ia32_sys_sendfile+0x220/0x220
[ 2615.862749]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 2615.867549]  ? trace_hardirqs_off_caller+0x55/0x210
[ 2615.872588]  ? do_syscall_64+0x21/0x620
[ 2615.876584]  do_syscall_64+0xf9/0x620
[ 2615.880414]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 2615.885608] RIP: 0033:0x45c829
[ 2615.888791] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 2615.908407] RSP: 002b:00007f74b8b75c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 2615.916111] RAX: ffffffffffffffda RBX: 00000000004fc2c0 RCX: 000000000045c829
[ 2615.923376] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000003
[ 2615.930663] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 2615.937927] R10: 0000000000000400 R11: 0000000000000246 R12: 0000000000000007
[ 2615.945198] R13: 00000000000008dc R14: 00000000004cb816 R15: 00007f74b8b766d4
00:33:37 executing program 2 (fault-call:5 fault-nth:19):
r0 = open(&(0x7f0000000180)='./bus\x00', 0x151042, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f00000005c0)='/proc/sysvipc/sem\x00', 0x0, 0x0)
sendfile(r0, r3, 0x0, 0x400)

00:33:37 executing program 0:
r0 = open(&(0x7f0000000080)='./bus\x00', 0x1410c2, 0x0)
ftruncate(r0, 0x88001)
write$P9_RXATTRCREATE(r0, &(0x7f0000000040)={0x3ba}, 0x7)
r1 = socket(0x11, 0x3, 0x0)
setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0xf, &(0x7f0000000280)="a933fb23", 0x4)
bind(r1, &(0x7f0000000180)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x0, 0x0)
sendfile(r1, r2, 0x0, 0xffffffff010)

[ 2615.993974] Process accounting resumed
00:33:38 executing program 1:
open(&(0x7f0000000200)='./file0\x00', 0x1070c0, 0x0)
syz_mount_image$minix(&(0x7f0000000140)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000040)="600084e002000a0000000001000000c98f13", 0x12, 0x400}, {&(0x7f0000000880)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494fcbcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5fe6b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bd89e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb04e4cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e73872540ef4e5aecb0de86dd2a75bee61a9303a332233f", 0x320, 0x34f9}], 0x0, 0x0)
acct(&(0x7f0000000480)='./file0\x00')
umount2(&(0x7f0000000500)='./file0\x00', 0x0)

[ 2616.125028] FAULT_INJECTION: forcing a failure.
[ 2616.125028] name failslab, interval 1, probability 0, space 0, times 0
[ 2616.138421] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[ 2616.138613] CPU: 1 PID: 25356 Comm: syz-executor.2 Not tainted 4.19.120-syzkaller #0
[ 2616.155395] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2616.164773] Call Trace:
[ 2616.166982] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[ 2616.167386]  dump_stack+0x188/0x20d
[ 2616.180037]  should_fail.cold+0xa/0x1b
[ 2616.184379]  ? __schedule+0x86e/0x1d80
[ 2616.187574] EXT4-fs (loop4): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[ 2616.188287]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[ 2616.202392]  ? __lock_acquire+0x6ee/0x49c0
[ 2616.206624]  __should_failslab+0x115/0x180
[ 2616.210850]  should_failslab+0x5/0xf
[ 2616.214559]  kmem_cache_alloc+0x44/0x710
[ 2616.218674]  ? mempool_alloc+0x340/0x340
[ 2616.222745]  mempool_alloc+0x148/0x340
[ 2616.226612] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[ 2616.234801]  ? mempool_destroy+0x30/0x30
[ 2616.238884]  ? mark_held_locks+0xf0/0xf0
[ 2616.242958]  ? init_wait_var_entry+0x1a0/0x1a0
[ 2616.247569]  bio_alloc_bioset+0x398/0x610
[ 2616.251746]  ? bvec_alloc+0x2f0/0x2f0
[ 2616.255566]  ? __lock_is_held+0xad/0x140
[ 2616.259653]  submit_bh_wbc+0x141/0x760
[ 2616.263565]  write_dirty_buffer+0xaf/0x130
[ 2616.267818]  sync_mapping_buffers+0x387/0xad0
[ 2616.272341]  ? write_dirty_buffer+0x130/0x130
[ 2616.276857]  ? _atomic_dec_and_lock_irqsave+0x240/0x240
[ 2616.282228]  ? lock_downgrade+0x740/0x740
[ 2616.286385]  ? iput+0xc8/0x840
[ 2616.289579]  ext4_sync_file+0xd4e/0x1440
[ 2616.293639]  ? ext4_getfsmap+0x950/0x950
[ 2616.297711]  vfs_fsync_range+0x138/0x220
[ 2616.301785]  ext4_file_write_iter+0x75a/0xf90
[ 2616.306277]  ? do_splice_direct+0x1a8/0x270
[ 2616.310604]  ? do_sendfile+0x549/0xc10
[ 2616.314494]  ? __x64_sys_sendfile64+0x1cc/0x210
[ 2616.319171]  ? do_syscall_64+0xf9/0x620
[ 2616.323162]  ? ext4_file_mmap+0x420/0x420
[ 2616.327413]  ? __lock_is_held+0xad/0x140
[ 2616.331498]  do_iter_readv_writev+0x50c/0x790
[ 2616.336016]  ? vfs_dedupe_file_range+0x6d0/0x6d0
[ 2616.340783]  ? selinux_file_permission+0x87/0x520
[ 2616.345648]  ? security_file_permission+0x84/0x220
[ 2616.350606]  do_iter_write+0x185/0x5e0
[ 2616.354504]  ? rcu_read_lock_sched_held+0x10a/0x130
[ 2616.359527]  ? __kmalloc+0x5f8/0x770
[ 2616.363252]  ? iter_file_splice_write+0x168/0xb30
[ 2616.368131]  vfs_iter_write+0x70/0xa0
[ 2616.371938]  iter_file_splice_write+0x60c/0xb30
[ 2616.376613]  ? page_cache_pipe_buf_release+0x280/0x280
[ 2616.381913]  ? security_file_permission+0x84/0x220
[ 2616.386874]  ? page_cache_pipe_buf_release+0x280/0x280
[ 2616.392149]  direct_splice_actor+0x115/0x160
[ 2616.396568]  splice_direct_to_actor+0x33f/0x8d0
[ 2616.401254]  ? generic_pipe_buf_nosteal+0x10/0x10
[ 2616.406109]  ? do_splice_to+0x160/0x160
[ 2616.410124]  do_splice_direct+0x1a8/0x270
[ 2616.414307]  ? splice_direct_to_actor+0x8d0/0x8d0
[ 2616.419438]  ? rcu_read_lock_sched_held+0x10a/0x130
[ 2616.424448]  ? rcu_sync_lockdep_assert+0x69/0xa0
[ 2616.429220]  do_sendfile+0x549/0xc10
[ 2616.432962]  ? do_compat_pwritev64+0x1b0/0x1b0
[ 2616.437592]  ? wait_for_completion+0x3c0/0x3c0
[ 2616.442263]  ? vfs_write+0x15b/0x550
[ 2616.446088]  __x64_sys_sendfile64+0x1cc/0x210
[ 2616.450581]  ? __ia32_sys_sendfile+0x220/0x220
[ 2616.455212]  ? __ia32_sys_clock_settime+0x260/0x260
[ 2616.460291]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 2616.465103]  ? trace_hardirqs_off_caller+0x55/0x210
[ 2616.470250]  ? do_syscall_64+0x21/0x620
[ 2616.474225]  do_syscall_64+0xf9/0x620
[ 2616.478028]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 2616.483312] RIP: 0033:0x45c829
[ 2616.486504] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 2616.505416] RSP: 002b:00007f74b8b75c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 2616.513208] RAX: ffffffffffffffda RBX: 00000000004fc2c0 RCX: 000000000045c829
[ 2616.520484] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000003
[ 2616.527764] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 2616.535030] R10: 0000000000000400 R11: 0000000000000246 R12: 0000000000000007
[ 2616.542569] R13: 00000000000008dc R14: 00000000004cb816 R15: 00007f74b8b766d4
[ 2616.629645] MINIX-fs: mounting unchecked file system, running fsck is recommended
[ 2616.709687] Process accounting resumed
00:33:39 executing program 5:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)="0f34", 0x2}], 0x1, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f00000001c0)=""/1, 0x1}], 0x3, 0x0, 0x0, 0x0)
tkill(r0, 0x15)
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0xe7, &(0x7f0000000480)="f71559c80aa4cefd3b79e76a039acbd61caef13fff703cc78e402a21c67dbe3ec9ee6c2a3b818b0000000009eb2b5c9a61000039dfad3ec35ca3dfaa6d0e35475ace78a33eb2b7fcfdd45d247a877bbcdd0307b91e8e05257ee498343d11310dda51e11dc0d92d614498a96fd09b90c0b306ef4fcd32316c48f327739494cfd766e8741d9783e4dc2a1cccb48f7d11a12e7714d3b2ab3f7e145069c031dff4e03cebb733218d3f00c1505b36dae61f9430afbad35132ad1172403fa3de92466d47fa032032453d60b2a1c1080000000000000095c32dd6fb7092e7a73ceffe3f8c450343d34abd"}}], 0x1c)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x400000000000)

00:33:39 executing program 0:
r0 = open(&(0x7f0000000080)='./bus\x00', 0x1410c2, 0x0)
ftruncate(r0, 0x88001)
write$P9_RXATTRCREATE(r0, &(0x7f0000000040)={0x3ba}, 0x7)
r1 = socket(0x11, 0x3, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, &(0x7f0000000280)="a933fb23", 0x4)
bind(r1, &(0x7f0000000180)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x0, 0x0)
sendfile(r1, r2, 0x0, 0xffffffff010)

00:33:39 executing program 4:
sendmsg$NL80211_CMD_SET_REG(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="a8003ef3", @ANYRES16, @ANYBLOB="00042dbd7000fddbdf251a0000001c00228008000700020000000800010009000000080002000300000005009200010000001c0022800800040021c10000080003007d000000080003000800000008009a00020000004c0022800800040028000000080005000400000008000700010000000800030001000000084fcd971fdcd15cf93b0007000500000008000500b66800000800050001"], 0xa8}}, 0x0)
r0 = socket$unix(0x1, 0x5, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
sendmsg$AUDIT_GET(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000040), 0xc, 0x0}, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x23, &(0x7f0000000240)=[{&(0x7f00000000c0)="800000003804000019000300e60100036c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0x4db, 0x400}], 0x4801, 0x0)

00:33:39 executing program 2 (fault-call:5 fault-nth:20):
r0 = open(&(0x7f0000000180)='./bus\x00', 0x151042, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f00000005c0)='/proc/sysvipc/sem\x00', 0x0, 0x0)
sendfile(r0, r3, 0x0, 0x400)

[ 2617.827784] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[ 2617.847714] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[ 2617.858307] EXT4-fs (loop4): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[ 2617.874188] kauditd_printk_skb: 2 callbacks suppressed
[ 2617.874201] audit: type=1804 audit(1588638819.744:147): pid=25379 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir187076671/syzkaller.vDXwRA/1322/bus" dev="sda1" ino=16610 res=1
[ 2617.877607] FAULT_INJECTION: forcing a failure.
[ 2617.877607] name failslab, interval 1, probability 0, space 0, times 0
[ 2617.916295] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[ 2617.936940] CPU: 1 PID: 25381 Comm: syz-executor.2 Not tainted 4.19.120-syzkaller #0
[ 2617.944907] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2617.954265] Call Trace:
[ 2617.956878]  dump_stack+0x188/0x20d
[ 2617.960549]  should_fail.cold+0xa/0x1b
[ 2617.964455]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[ 2617.969573]  ? __lock_acquire+0x6ee/0x49c0
[ 2617.973836]  __should_failslab+0x115/0x180
[ 2617.978098]  should_failslab+0x5/0xf
[ 2617.981913]  kmem_cache_alloc+0x44/0x710
[ 2617.985999]  ? mempool_alloc+0x340/0x340
[ 2617.990077]  mempool_alloc+0x148/0x340
[ 2617.993986]  ? mempool_destroy+0x30/0x30
[ 2617.998065]  ? __lock_is_held+0xad/0x140
[ 2618.002163]  bio_alloc_bioset+0x398/0x610
[ 2618.006327]  ? bvec_alloc+0x2f0/0x2f0
[ 2618.010136]  ? __lock_is_held+0xad/0x140
[ 2618.014211]  submit_bh_wbc+0x141/0x760
[ 2618.018121]  __sync_dirty_buffer+0x105/0x2e0
[ 2618.022547]  ext4_write_inode+0x43c/0x4d0
[ 2618.026703]  ? __ext4_iget+0x3f00/0x3f00
[ 2618.030762]  __writeback_single_inode+0xc7d/0x12d0
[ 2618.035687]  writeback_single_inode+0x2a1/0x3f0
[ 2618.040391]  sync_inode_metadata+0x93/0xd0
[ 2618.044616]  ? sync_inode+0x20/0x20
[ 2618.048304]  ? iput+0xc8/0x840
[ 2618.051494]  ext4_sync_file+0xd75/0x1440
[ 2618.055689]  ? ext4_getfsmap+0x950/0x950
[ 2618.059761]  vfs_fsync_range+0x138/0x220
[ 2618.063817]  ext4_file_write_iter+0x75a/0xf90
[ 2618.068324]  ? do_splice_direct+0x1a8/0x270
[ 2618.072647]  ? do_sendfile+0x549/0xc10
[ 2618.076550]  ? __x64_sys_sendfile64+0x1cc/0x210
[ 2618.081299]  ? do_syscall_64+0xf9/0x620
[ 2618.085265]  ? ext4_file_mmap+0x420/0x420
[ 2618.089515]  ? __lock_is_held+0xad/0x140
[ 2618.093593]  do_iter_readv_writev+0x50c/0x790
[ 2618.098104]  ? vfs_dedupe_file_range+0x6d0/0x6d0
[ 2618.102925]  ? selinux_file_permission+0x87/0x520
[ 2618.107781]  ? security_file_permission+0x84/0x220
[ 2618.112715]  do_iter_write+0x185/0x5e0
[ 2618.116625]  ? rcu_read_lock_sched_held+0x10a/0x130
[ 2618.121644]  ? __kmalloc+0x5f8/0x770
[ 2618.125352]  ? iter_file_splice_write+0x168/0xb30
[ 2618.130198]  vfs_iter_write+0x70/0xa0
[ 2618.134014]  iter_file_splice_write+0x60c/0xb30
[ 2618.138769]  ? page_cache_pipe_buf_release+0x280/0x280
[ 2618.144049]  ? security_file_permission+0x84/0x220
[ 2618.150997]  ? page_cache_pipe_buf_release+0x280/0x280
[ 2618.156284]  direct_splice_actor+0x115/0x160
[ 2618.160773]  splice_direct_to_actor+0x33f/0x8d0
[ 2618.165462]  ? generic_pipe_buf_nosteal+0x10/0x10
[ 2618.170317]  ? do_splice_to+0x160/0x160
[ 2618.174309]  do_splice_direct+0x1a8/0x270
[ 2618.178499]  ? splice_direct_to_actor+0x8d0/0x8d0
[ 2618.183460]  ? rcu_read_lock_sched_held+0x10a/0x130
[ 2618.188619]  ? rcu_sync_lockdep_assert+0x69/0xa0
[ 2618.193392]  do_sendfile+0x549/0xc10
[ 2618.197107]  ? do_compat_pwritev64+0x1b0/0x1b0
[ 2618.201680]  ? wait_for_completion+0x3c0/0x3c0
[ 2618.206254]  ? vfs_write+0x15b/0x550
[ 2618.209976]  __x64_sys_sendfile64+0x1cc/0x210
[ 2618.214474]  ? __ia32_sys_sendfile+0x220/0x220
[ 2618.219050]  ? __ia32_sys_clock_settime+0x260/0x260
[ 2618.224190]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 2618.228949]  ? trace_hardirqs_off_caller+0x55/0x210
[ 2618.233972]  ? do_syscall_64+0x21/0x620
[ 2618.237957]  do_syscall_64+0xf9/0x620
[ 2618.241762]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 2618.247032] RIP: 0033:0x45c829
[ 2618.250225] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 2618.269195] RSP: 002b:00007f74b8b75c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 2618.276917] RAX: ffffffffffffffda RBX: 00000000004fc2c0 RCX: 000000000045c829
[ 2618.284183] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000003
[ 2618.291467] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 2618.298732] R10: 0000000000000400 R11: 0000000000000246 R12: 0000000000000007
[ 2618.305995] R13: 00000000000008dc R14: 00000000004cb816 R15: 00007f74b8b766d4
00:33:40 executing program 3:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)="0f34", 0x2}], 0x1, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f00000001c0)=""/1, 0x1}], 0x3, 0x0, 0x0, 0x0)
tkill(0x0, 0x15)
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0xe4, &(0x7f0000000480)="f71559c80aa4cefd3b79e76a039acbd61caef13fff703cc78e402a21c67dbe3ec9ee6c2a3b818b0000000009eb2b5c9a61000039dfad3ec35ca3dfaa6d0e35475ace78a33eb2b7fcfdd45d247a877bbcdd0307b91e8e05257ee498343d11310dda51e11dc0d92d614498a96fd09b90c0b306ef4fcd32316c48f327739494cfd766e8741d9783e4dc2a1cccb48f7d11a12e7714d3b2ab3f7e145069c031dff4e03cebb733218d3f00c1505b36dae61f9430afbad35132ad1172403fa3de92466d47fa032032453d60b2a1c1080000000000000095c32dd6fb7092e7a73ceffe3f8c450343"}}], 0x1c)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

00:33:40 executing program 1:
open(&(0x7f0000000200)='./file0\x00', 0x1070c0, 0x0)
syz_mount_image$minix(&(0x7f0000000140)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000040)="600084e002000a0000000001000000c98f13", 0x12, 0x400}, {&(0x7f0000000880)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494fcbcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5fe6b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bd89e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb04e4cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e73872540ef4e5aecb0de86dd2a75bee61a9303a332233ff5a259", 0x323, 0x34f9}], 0x0, 0x0)
acct(&(0x7f0000000480)='./file0\x00')
umount2(&(0x7f0000000500)='./file0\x00', 0x0)

00:33:40 executing program 4:
sendmsg$NL80211_CMD_SET_REG(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="a8003ef3", @ANYRES16, @ANYBLOB="00042dbd7000fddbdf251a0000001c00228008000700020000000800010009000000080002000300000005009200010000001c0022800800040021c10000080003007d000000080003000800000008009a00020000004c0022800800040028000000080005000400000008000700010000000800030001000000084fcd971fdcd15cf93b0007000500000008000500b66800000800050001"], 0xa8}}, 0x0)
r0 = socket$unix(0x1, 0x5, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
sendmsg$AUDIT_GET(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000040), 0xc, 0x0}, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x23, &(0x7f0000000240)=[{&(0x7f00000000c0)="800000003804000019000300e60100046c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0x4db, 0x400}], 0x4801, 0x0)

00:33:40 executing program 0:
r0 = open(&(0x7f0000000080)='./bus\x00', 0x1410c2, 0x0)
ftruncate(r0, 0x88001)
write$P9_RXATTRCREATE(r0, &(0x7f0000000040)={0x3ba}, 0x7)
r1 = socket(0x11, 0x3, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, &(0x7f0000000280)="a933fb23", 0x4)
bind(r1, &(0x7f0000000180)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x0, 0x0)
sendfile(r1, r2, 0x0, 0xffffffff010)

00:33:40 executing program 2 (fault-call:5 fault-nth:21):
r0 = open(&(0x7f0000000180)='./bus\x00', 0x151042, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f00000005c0)='/proc/sysvipc/sem\x00', 0x0, 0x0)
sendfile(r0, r3, 0x0, 0x400)

[ 2618.486375] audit: type=1800 audit(1588638820.354:148): pid=25398 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="syz-executor.1" name="file0" dev="sda1" ino=16547 res=0
[ 2618.502867] FAULT_INJECTION: forcing a failure.
[ 2618.502867] name failslab, interval 1, probability 0, space 0, times 0
[ 2618.529465] MINIX-fs: mounting unchecked file system, running fsck is recommended
[ 2618.535442] CPU: 1 PID: 25401 Comm: syz-executor.2 Not tainted 4.19.120-syzkaller #0
[ 2618.545025] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2618.554399] Call Trace:
[ 2618.557009]  dump_stack+0x188/0x20d
[ 2618.560662]  should_fail.cold+0xa/0x1b
[ 2618.564576]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[ 2618.569714]  ? __schedule+0x86e/0x1d80
[ 2618.573664]  __should_failslab+0x115/0x180
[ 2618.577925]  should_failslab+0x5/0xf
[ 2618.581665]  kmem_cache_alloc+0x44/0x710
[ 2618.585844]  ? mempool_alloc+0x340/0x340
[ 2618.586657] audit: type=1804 audit(1588638820.394:149): pid=25402 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir187076671/syzkaller.vDXwRA/1323/bus" dev="sda1" ino=16626 res=1
[ 2618.589924]  mempool_alloc+0x148/0x340
[ 2618.589944]  ? mempool_destroy+0x30/0x30
[ 2618.589961]  ? mark_held_locks+0xf0/0xf0
[ 2618.589983]  bio_alloc_bioset+0x398/0x610
[ 2618.590001]  ? bvec_alloc+0x2f0/0x2f0
[ 2618.633847]  ? __lock_is_held+0xad/0x140
[ 2618.638028]  submit_bh_wbc+0x141/0x760
[ 2618.641938]  write_dirty_buffer+0xaf/0x130
[ 2618.646205]  sync_mapping_buffers+0x387/0xad0
[ 2618.650738]  ? write_dirty_buffer+0x130/0x130
[ 2618.652543] audit: type=1804 audit(1588638820.404:150): pid=25398 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=ToMToU comm="syz-executor.1" name="/root/syzkaller-testdir147527572/syzkaller.fWXSDR/1297/file0" dev="sda1" ino=16547 res=1
[ 2618.655257]  ? _atomic_dec_and_lock_irqsave+0x240/0x240
[ 2618.655275]  ? lock_downgrade+0x740/0x740
[ 2618.655295]  ? iput+0xc8/0x840
[ 2618.655316]  ext4_sync_file+0xd4e/0x1440
[ 2618.695707]  ? ext4_getfsmap+0x950/0x950
[ 2618.699788]  vfs_fsync_range+0x138/0x220
[ 2618.703866]  ext4_file_write_iter+0x75a/0xf90
[ 2618.708382]  ? do_splice_direct+0x1a8/0x270
[ 2618.712712]  ? do_sendfile+0x549/0xc10
[ 2618.716736]  ? __x64_sys_sendfile64+0x1cc/0x210
[ 2618.721413]  ? do_syscall_64+0xf9/0x620
[ 2618.725402]  ? ext4_file_mmap+0x420/0x420
[ 2618.729560]  ? __lock_is_held+0xad/0x140
[ 2618.733647]  do_iter_readv_writev+0x50c/0x790
[ 2618.738176]  ? vfs_dedupe_file_range+0x6d0/0x6d0
[ 2618.742950]  ? selinux_file_permission+0x87/0x520
[ 2618.747812]  ? security_file_permission+0x84/0x220
[ 2618.752762]  do_iter_write+0x185/0x5e0
[ 2618.756681]  ? rcu_read_lock_sched_held+0x10a/0x130
[ 2618.761728]  ? __kmalloc+0x5f8/0x770
[ 2618.765457]  ? iter_file_splice_write+0x168/0xb30
[ 2618.770321]  vfs_iter_write+0x70/0xa0
[ 2618.774137]  iter_file_splice_write+0x60c/0xb30
[ 2618.778855]  ? page_cache_pipe_buf_release+0x280/0x280
[ 2618.784181]  ? security_file_permission+0x84/0x220
[ 2618.789133]  ? page_cache_pipe_buf_release+0x280/0x280
[ 2618.794452]  direct_splice_actor+0x115/0x160
[ 2618.798898]  splice_direct_to_actor+0x33f/0x8d0
[ 2618.803599]  ? generic_pipe_buf_nosteal+0x10/0x10
[ 2618.808455]  ? do_splice_to+0x160/0x160
[ 2618.812446]  do_splice_direct+0x1a8/0x270
[ 2618.816688]  ? splice_direct_to_actor+0x8d0/0x8d0
[ 2618.821545]  ? rcu_read_lock_sched_held+0x10a/0x130
[ 2618.826585]  ? rcu_sync_lockdep_assert+0x69/0xa0
[ 2618.831357]  do_sendfile+0x549/0xc10
[ 2618.835101]  ? do_compat_pwritev64+0x1b0/0x1b0
[ 2618.839698]  ? wait_for_completion+0x3c0/0x3c0
[ 2618.844298]  ? vfs_write+0x15b/0x550
[ 2618.848053]  __x64_sys_sendfile64+0x1cc/0x210
[ 2618.852572]  ? __ia32_sys_sendfile+0x220/0x220
[ 2618.857172]  ? __ia32_sys_clock_settime+0x260/0x260
[ 2618.862201]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 2618.866964]  ? trace_hardirqs_off_caller+0x55/0x210
[ 2618.872000]  ? do_syscall_64+0x21/0x620
[ 2618.875988]  do_syscall_64+0xf9/0x620
[ 2618.879941]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 2618.885136] RIP: 0033:0x45c829
[ 2618.888328] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 2618.907241] RSP: 002b:00007f74b8b75c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 2618.914963] RAX: ffffffffffffffda RBX: 00000000004fc2c0 RCX: 000000000045c829
[ 2618.922332] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000003
[ 2618.929610] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 2618.936889] R10: 0000000000000400 R11: 0000000000000246 R12: 0000000000000007
[ 2618.944260] R13: 00000000000008dc R14: 00000000004cb816 R15: 00007f74b8b766d4
00:33:40 executing program 0:
r0 = open(&(0x7f0000000080)='./bus\x00', 0x1410c2, 0x0)
ftruncate(r0, 0x88001)
write$P9_RXATTRCREATE(r0, &(0x7f0000000040)={0x3ba}, 0x7)
r1 = socket(0x11, 0x3, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, &(0x7f0000000280)="a933fb23", 0x4)
bind(r1, &(0x7f0000000180)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x0, 0x0)
sendfile(r1, r2, 0x0, 0xffffffff010)

[ 2619.012837] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[ 2619.023374] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[ 2619.052235] Process accounting resumed
00:33:40 executing program 2 (fault-call:5 fault-nth:22):
r0 = open(&(0x7f0000000180)='./bus\x00', 0x151042, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f00000005c0)='/proc/sysvipc/sem\x00', 0x0, 0x0)
sendfile(r0, r3, 0x0, 0x400)

00:33:40 executing program 1:
open(&(0x7f0000000200)='./file0\x00', 0x1070c0, 0x0)
syz_mount_image$minix(&(0x7f0000000140)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000040)="600084e002000a0000000001000000c98f13", 0x12, 0x400}, {&(0x7f0000000880)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494fcbcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5fe6b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bd89e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb04e4cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e73872540ef4e5aecb0de86dd2a75bee61a9303a332233ff5a259", 0x323, 0x34f9}], 0x0, 0x0)
acct(&(0x7f0000000480)='./file0\x00')
umount2(&(0x7f0000000500)='./file0\x00', 0x0)

[ 2619.065484] EXT4-fs (loop4): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[ 2619.103996] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[ 2619.134757] audit: type=1804 audit(1588638821.004:151): pid=25416 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir187076671/syzkaller.vDXwRA/1324/bus" dev="sda1" ino=16530 res=1
[ 2619.172360] FAULT_INJECTION: forcing a failure.
[ 2619.172360] name failslab, interval 1, probability 0, space 0, times 0
[ 2619.212474] MINIX-fs: mounting unchecked file system, running fsck is recommended
[ 2619.226009] CPU: 1 PID: 25419 Comm: syz-executor.2 Not tainted 4.19.120-syzkaller #0
[ 2619.233947] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2619.243323] Call Trace:
[ 2619.244323] audit: type=1800 audit(1588638821.064:152): pid=25423 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="syz-executor.1" name="file0" dev="sda1" ino=16754 res=0
[ 2619.245933]  dump_stack+0x188/0x20d
[ 2619.245957]  should_fail.cold+0xa/0x1b
[ 2619.245978]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[ 2619.278301]  ? __schedule+0x86e/0x1d80
[ 2619.282220]  __should_failslab+0x115/0x180
[ 2619.286481]  should_failslab+0x5/0xf
[ 2619.290381]  kmem_cache_alloc+0x44/0x710
[ 2619.294480]  ? mempool_alloc+0x340/0x340
[ 2619.298560]  mempool_alloc+0x148/0x340
[ 2619.302482]  ? mempool_destroy+0x30/0x30
[ 2619.306571]  ? mark_held_locks+0xf0/0xf0
[ 2619.310662]  bio_alloc_bioset+0x398/0x610
[ 2619.314831]  ? bvec_alloc+0x2f0/0x2f0
[ 2619.318652]  ? __lock_is_held+0xad/0x140
[ 2619.322738]  submit_bh_wbc+0x141/0x760
[ 2619.326648]  write_dirty_buffer+0xaf/0x130
[ 2619.330905]  sync_mapping_buffers+0x387/0xad0
[ 2619.335425]  ? write_dirty_buffer+0x130/0x130
[ 2619.340031]  ? _atomic_dec_and_lock_irqsave+0x240/0x240
[ 2619.345413]  ? lock_downgrade+0x740/0x740
[ 2619.349586]  ? iput+0xc8/0x840
[ 2619.352803]  ext4_sync_file+0xd4e/0x1440
[ 2619.356977]  ? ext4_getfsmap+0x950/0x950
[ 2619.361058]  vfs_fsync_range+0x138/0x220
[ 2619.365169]  ext4_file_write_iter+0x75a/0xf90
[ 2619.369689]  ? do_splice_direct+0x1a8/0x270
[ 2619.374025]  ? do_sendfile+0x549/0xc10
[ 2619.377930]  ? __x64_sys_sendfile64+0x1cc/0x210
[ 2619.382623]  ? do_syscall_64+0xf9/0x620
[ 2619.386617]  ? ext4_file_mmap+0x420/0x420
[ 2619.390785]  ? __lock_is_held+0xad/0x140
[ 2619.394883]  do_iter_readv_writev+0x50c/0x790
[ 2619.399385]  ? vfs_dedupe_file_range+0x6d0/0x6d0
[ 2619.404148]  ? selinux_file_permission+0x87/0x520
[ 2619.408996]  ? security_file_permission+0x84/0x220
[ 2619.414066]  do_iter_write+0x185/0x5e0
[ 2619.417968]  ? rcu_read_lock_sched_held+0x10a/0x130
[ 2619.423004]  ? __kmalloc+0x5f8/0x770
[ 2619.426755]  ? iter_file_splice_write+0x168/0xb30
[ 2619.431612]  vfs_iter_write+0x70/0xa0
[ 2619.435407]  iter_file_splice_write+0x60c/0xb30
[ 2619.440080]  ? page_cache_pipe_buf_release+0x280/0x280
[ 2619.445505]  ? security_file_permission+0x84/0x220
[ 2619.450435]  ? page_cache_pipe_buf_release+0x280/0x280
[ 2619.455721]  direct_splice_actor+0x115/0x160
[ 2619.460144]  splice_direct_to_actor+0x33f/0x8d0
[ 2619.464815]  ? generic_pipe_buf_nosteal+0x10/0x10
[ 2619.469657]  ? do_splice_to+0x160/0x160
[ 2619.473629]  do_splice_direct+0x1a8/0x270
[ 2619.477780]  ? splice_direct_to_actor+0x8d0/0x8d0
[ 2619.482627]  ? rcu_read_lock_sched_held+0x10a/0x130
[ 2619.487640]  ? rcu_sync_lockdep_assert+0x69/0xa0
[ 2619.492441]  do_sendfile+0x549/0xc10
[ 2619.496182]  ? do_compat_pwritev64+0x1b0/0x1b0
[ 2619.500773]  ? wait_for_completion+0x3c0/0x3c0
[ 2619.505354]  ? vfs_write+0x15b/0x550
[ 2619.509074]  __x64_sys_sendfile64+0x1cc/0x210
[ 2619.513577]  ? __ia32_sys_sendfile+0x220/0x220
[ 2619.518166]  ? __ia32_sys_clock_settime+0x260/0x260
[ 2619.523186]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 2619.527939]  ? trace_hardirqs_off_caller+0x55/0x210
[ 2619.533127]  ? do_syscall_64+0x21/0x620
[ 2619.537103]  do_syscall_64+0xf9/0x620
[ 2619.540910]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 2619.546097] RIP: 0033:0x45c829
[ 2619.549282] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 2619.568187] RSP: 002b:00007f74b8b75c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 2619.575907] RAX: ffffffffffffffda RBX: 00000000004fc2c0 RCX: 000000000045c829
[ 2619.583174] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000003
[ 2619.590435] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 2619.597707] R10: 0000000000000400 R11: 0000000000000246 R12: 0000000000000007
[ 2619.604988] R13: 00000000000008dc R14: 00000000004cb816 R15: 00007f74b8b766d4
[ 2619.631776] Process accounting resumed
00:33:42 executing program 5:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)="0f34", 0x2}], 0x1, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f00000001c0)=""/1, 0x1}], 0x3, 0x0, 0x0, 0x0)
tkill(r0, 0x15)
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0xe7, &(0x7f0000000480)="f71559c80aa4cefd3b79e76a039acbd61caef13fff703cc78e402a21c67dbe3ec9ee6c2a3b818b0000000009eb2b5c9a61000039dfad3ec35ca3dfaa6d0e35475ace78a33eb2b7fcfdd45d247a877bbcdd0307b91e8e05257ee498343d11310dda51e11dc0d92d614498a96fd09b90c0b306ef4fcd32316c48f327739494cfd766e8741d9783e4dc2a1cccb48f7d11a12e7714d3b2ab3f7e145069c031dff4e03cebb733218d3f00c1505b36dae61f9430afbad35132ad1172403fa3de92466d47fa032032453d60b2a1c1080000000000000095c32dd6fb7092e7a73ceffe3f8c450343d34abd"}}], 0x1c)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x790000000000)

00:33:42 executing program 4:
sendmsg$NL80211_CMD_SET_REG(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="a8003ef3", @ANYRES16, @ANYBLOB="00042dbd7000fddbdf251a0000001c00228008000700020000000800010009000000080002000300000005009200010000001c0022800800040021c10000080003007d000000080003000800000008009a00020000004c0022800800040028000000080005000400000008000700010000000800030001000000084fcd971fdcd15cf93b0007000500000008000500b66800000800050001"], 0xa8}}, 0x0)
r0 = socket$unix(0x1, 0x5, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
sendmsg$AUDIT_GET(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000040), 0xc, 0x0}, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x23, &(0x7f0000000240)=[{&(0x7f00000000c0)="800000003804000019000300e60100056c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0x4db, 0x400}], 0x4801, 0x0)

00:33:42 executing program 2 (fault-call:5 fault-nth:23):
r0 = open(&(0x7f0000000180)='./bus\x00', 0x151042, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f00000005c0)='/proc/sysvipc/sem\x00', 0x0, 0x0)
sendfile(r0, r3, 0x0, 0x400)

00:33:42 executing program 0:
r0 = open(&(0x7f0000000080)='./bus\x00', 0x1410c2, 0x0)
ftruncate(r0, 0x88001)
write$P9_RXATTRCREATE(r0, &(0x7f0000000040)={0x3ba}, 0x7)
r1 = socket(0x11, 0x3, 0x0)
setsockopt$packet_buf(r1, 0x107, 0xf, 0x0, 0x0)
bind(r1, &(0x7f0000000180)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x0, 0x0)
sendfile(r1, r2, 0x0, 0xffffffff010)

[ 2620.893324] FAULT_INJECTION: forcing a failure.
[ 2620.893324] name failslab, interval 1, probability 0, space 0, times 0
[ 2620.908851] CPU: 0 PID: 25438 Comm: syz-executor.2 Not tainted 4.19.120-syzkaller #0
[ 2620.916776] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2620.926146] Call Trace:
[ 2620.928751]  dump_stack+0x188/0x20d
[ 2620.932391]  should_fail.cold+0xa/0x1b
[ 2620.936299]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[ 2620.941672]  ? __lock_is_held+0xad/0x140
[ 2620.945761]  __should_failslab+0x115/0x180
[ 2620.950008]  should_failslab+0x5/0xf
[ 2620.953726]  kmem_cache_alloc_node_trace+0x272/0x750
[ 2620.958853]  __kmalloc_node+0x38/0x70
[ 2620.962668]  kvmalloc_node+0x61/0xf0
[ 2620.966395]  iov_iter_get_pages_alloc+0x55a/0x1090
[ 2620.971338]  ? debug_check_no_obj_freed+0x20a/0x42e
[ 2620.976419]  ? iov_iter_revert+0xa30/0xa30
[ 2620.980670]  ? debug_check_no_obj_freed+0x20a/0x42e
[ 2620.985705]  ? iov_iter_pipe+0xb4/0x2c0
[ 2620.989693]  default_file_splice_read+0x19c/0x970
[ 2620.994556]  ? check_preemption_disabled+0x41/0x280
[ 2620.999633]  ? trace_hardirqs_off+0x50/0x200
[ 2621.004072]  ? iter_file_splice_write+0xb30/0xb30
[ 2621.008949]  ? mark_held_locks+0xa6/0xf0
[ 2621.013028]  ? iter_file_splice_write+0x516/0xb30
[ 2621.017879]  ? lockdep_hardirqs_on+0x40b/0x5d0
[ 2621.022472]  ? iter_file_splice_write+0x558/0xb30
[ 2621.027327]  ? fsnotify+0x8ba/0xf00
[ 2621.030964]  ? fsnotify_first_mark+0x200/0x200
[ 2621.035557]  ? __inode_security_revalidate+0xd3/0x120
[ 2621.040766]  ? security_file_permission+0x1c0/0x220
[ 2621.045795]  ? security_file_permission+0x84/0x220
[ 2621.050741]  ? rw_verify_area+0x10c/0x330
[ 2621.054894]  ? iter_file_splice_write+0xb30/0xb30
[ 2621.059744]  do_splice_to+0x10e/0x160
[ 2621.063741]  splice_direct_to_actor+0x2b9/0x8d0
[ 2621.068430]  ? generic_pipe_buf_nosteal+0x10/0x10
[ 2621.073283]  ? do_splice_to+0x160/0x160
[ 2621.077272]  do_splice_direct+0x1a8/0x270
[ 2621.081431]  ? splice_direct_to_actor+0x8d0/0x8d0
[ 2621.086293]  ? rcu_read_lock_sched_held+0x10a/0x130
[ 2621.091318]  ? rcu_sync_lockdep_assert+0x69/0xa0
[ 2621.096093]  do_sendfile+0x549/0xc10
[ 2621.099823]  ? do_compat_pwritev64+0x1b0/0x1b0
[ 2621.104436]  ? wait_for_completion+0x3c0/0x3c0
[ 2621.109062]  ? vfs_write+0x15b/0x550
[ 2621.112818]  __x64_sys_sendfile64+0x1cc/0x210
[ 2621.117360]  ? __ia32_sys_sendfile+0x220/0x220
[ 2621.121968]  ? __ia32_sys_clock_settime+0x260/0x260
[ 2621.127019]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 2621.131813]  ? trace_hardirqs_off_caller+0x55/0x210
[ 2621.136841]  ? do_syscall_64+0x21/0x620
[ 2621.140823]  do_syscall_64+0xf9/0x620
[ 2621.144633]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 2621.149829] RIP: 0033:0x45c829
[ 2621.153038] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 2621.171952] RSP: 002b:00007f74b8b75c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 2621.179695] RAX: ffffffffffffffda RBX: 00000000004fc2c0 RCX: 000000000045c829
[ 2621.186975] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000003
[ 2621.194262] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 2621.201556] R10: 0000000000000400 R11: 0000000000000246 R12: 0000000000000007
[ 2621.208839] R13: 00000000000008dc R14: 00000000004cb816 R15: 00007f74b8b766d4
[ 2621.216879] audit: type=1804 audit(1588638822.784:153): pid=25441 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir187076671/syzkaller.vDXwRA/1325/bus" dev="sda1" ino=16851 res=1
[ 2621.314959] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[ 2621.350622] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[ 2621.366885] EXT4-fs (loop4): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[ 2621.386983] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
00:33:43 executing program 3:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)="0f34", 0x2}], 0x1, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f00000001c0)=""/1, 0x1}], 0x3, 0x0, 0x0, 0x0)
tkill(0x0, 0x15)
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0xe4, &(0x7f0000000480)="f71559c80aa4cefd3b79e76a039acbd61caef13fff703cc78e402a21c67dbe3ec9ee6c2a3b818b0000000009eb2b5c9a61000039dfad3ec35ca3dfaa6d0e35475ace78a33eb2b7fcfdd45d247a877bbcdd0307b91e8e05257ee498343d11310dda51e11dc0d92d614498a96fd09b90c0b306ef4fcd32316c48f327739494cfd766e8741d9783e4dc2a1cccb48f7d11a12e7714d3b2ab3f7e145069c031dff4e03cebb733218d3f00c1505b36dae61f9430afbad35132ad1172403fa3de92466d47fa032032453d60b2a1c1080000000000000095c32dd6fb7092e7a73ceffe3f8c450343"}}], 0x1c)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

00:33:43 executing program 1:
open(&(0x7f0000000200)='./file0\x00', 0x1070c0, 0x0)
syz_mount_image$minix(&(0x7f0000000140)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000040)="600084e002000a0000000001000000c98f13", 0x12, 0x400}, {&(0x7f0000000880)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494fcbcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5fe6b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bd89e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb04e4cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e73872540ef4e5aecb0de86dd2a75bee61a9303a332233ff5a259", 0x323, 0x34f9}], 0x0, 0x0)
acct(&(0x7f0000000480)='./file0\x00')
umount2(&(0x7f0000000500)='./file0\x00', 0x0)

00:33:43 executing program 2 (fault-call:5 fault-nth:24):
r0 = open(&(0x7f0000000180)='./bus\x00', 0x151042, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f00000005c0)='/proc/sysvipc/sem\x00', 0x0, 0x0)
sendfile(r0, r3, 0x0, 0x400)

00:33:43 executing program 0:
r0 = open(&(0x7f0000000080)='./bus\x00', 0x1410c2, 0x0)
ftruncate(r0, 0x88001)
write$P9_RXATTRCREATE(r0, &(0x7f0000000040)={0x3ba}, 0x7)
r1 = socket(0x11, 0x3, 0x0)
setsockopt$packet_buf(r1, 0x107, 0xf, 0x0, 0x0)
bind(r1, &(0x7f0000000180)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x0, 0x0)
sendfile(r1, r2, 0x0, 0xffffffff010)

00:33:43 executing program 4:
sendmsg$NL80211_CMD_SET_REG(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="a8003ef3", @ANYRES16, @ANYBLOB="00042dbd7000fddbdf251a0000001c00228008000700020000000800010009000000080002000300000005009200010000001c0022800800040021c10000080003007d000000080003000800000008009a00020000004c0022800800040028000000080005000400000008000700010000000800030001000000084fcd971fdcd15cf93b0007000500000008000500b66800000800050001"], 0xa8}}, 0x0)
r0 = socket$unix(0x1, 0x5, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
sendmsg$AUDIT_GET(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000040), 0xc, 0x0}, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x23, &(0x7f0000000240)=[{&(0x7f00000000c0)="800000003804000019000300e60100066c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0x4db, 0x400}], 0x4801, 0x0)

[ 2621.493257] audit: type=1800 audit(1588638823.364:154): pid=25459 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="syz-executor.1" name="file0" dev="sda1" ino=16254 res=0
[ 2621.543293] MINIX-fs: mounting unchecked file system, running fsck is recommended
[ 2621.550068] FAULT_INJECTION: forcing a failure.
[ 2621.550068] name failslab, interval 1, probability 0, space 0, times 0
[ 2621.584421] audit: type=1804 audit(1588638823.384:155): pid=25461 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir187076671/syzkaller.vDXwRA/1326/bus" dev="sda1" ino=16674 res=1
[ 2621.610779] CPU: 0 PID: 25462 Comm: syz-executor.2 Not tainted 4.19.120-syzkaller #0
[ 2621.621263] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2621.630988] Call Trace:
[ 2621.634304]  dump_stack+0x188/0x20d
[ 2621.637957]  should_fail.cold+0xa/0x1b
[ 2621.641867]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[ 2621.646994]  ? __lock_is_held+0xad/0x140
[ 2621.651089]  __should_failslab+0x115/0x180
[ 2621.655344]  should_failslab+0x5/0xf
[ 2621.659162]  kmem_cache_alloc_node_trace+0x272/0x750
[ 2621.664296]  __kmalloc_node+0x38/0x70
[ 2621.668131]  kvmalloc_node+0x61/0xf0
[ 2621.671865]  iov_iter_get_pages_alloc+0x55a/0x1090
[ 2621.676908]  ? debug_check_no_obj_freed+0x20a/0x42e
[ 2621.680313] Process accounting resumed
[ 2621.681944]  ? iov_iter_revert+0xa30/0xa30
[ 2621.681959]  ? debug_check_no_obj_freed+0x20a/0x42e
[ 2621.681976]  ? iov_iter_pipe+0xb4/0x2c0
[ 2621.681995]  default_file_splice_read+0x19c/0x970
[ 2621.682017]  ? check_preemption_disabled+0x41/0x280
[ 2621.708974]  ? trace_hardirqs_off+0x50/0x200
[ 2621.713440]  ? iter_file_splice_write+0xb30/0xb30
[ 2621.718305]  ? mark_held_locks+0xa6/0xf0
[ 2621.722382]  ? iter_file_splice_write+0x516/0xb30
[ 2621.727251]  ? lockdep_hardirqs_on+0x40b/0x5d0
[ 2621.731848]  ? iter_file_splice_write+0x558/0xb30
[ 2621.736701]  ? fsnotify+0x8ba/0xf00
[ 2621.740347]  ? fsnotify_first_mark+0x200/0x200
[ 2621.745055]  ? __inode_security_revalidate+0xd3/0x120
[ 2621.750281]  ? security_file_permission+0x1c0/0x220
[ 2621.755327]  ? security_file_permission+0x84/0x220
[ 2621.760276]  ? rw_verify_area+0x10c/0x330
[ 2621.764446]  ? iter_file_splice_write+0xb30/0xb30
[ 2621.769310]  do_splice_to+0x10e/0x160
[ 2621.773155]  splice_direct_to_actor+0x2b9/0x8d0
[ 2621.777848]  ? generic_pipe_buf_nosteal+0x10/0x10
[ 2621.782709]  ? do_splice_to+0x160/0x160
[ 2621.786704]  do_splice_direct+0x1a8/0x270
[ 2621.790881]  ? splice_direct_to_actor+0x8d0/0x8d0
[ 2621.795746]  ? rcu_read_lock_sched_held+0x10a/0x130
[ 2621.800780]  ? rcu_sync_lockdep_assert+0x69/0xa0
[ 2621.805575]  do_sendfile+0x549/0xc10
[ 2621.809330]  ? do_compat_pwritev64+0x1b0/0x1b0
[ 2621.813930]  ? wait_for_completion+0x3c0/0x3c0
[ 2621.818525]  ? vfs_write+0x15b/0x550
[ 2621.822251]  __x64_sys_sendfile64+0x1cc/0x210
[ 2621.826759]  ? __ia32_sys_sendfile+0x220/0x220
[ 2621.831344]  ? __ia32_sys_clock_settime+0x260/0x260
[ 2621.836383]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 2621.841169]  ? trace_hardirqs_off_caller+0x55/0x210
[ 2621.846214]  ? do_syscall_64+0x21/0x620
[ 2621.850210]  do_syscall_64+0xf9/0x620
[ 2621.854050]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 2621.859254] RIP: 0033:0x45c829
[ 2621.862456] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 2621.881989] RSP: 002b:00007f74b8b75c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 2621.889731] RAX: ffffffffffffffda RBX: 00000000004fc2c0 RCX: 000000000045c829
[ 2621.897012] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000003
[ 2621.904313] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 2621.911596] R10: 0000000000000400 R11: 0000000000000246 R12: 0000000000000007
[ 2621.918883] R13: 00000000000008dc R14: 00000000004cb816 R15: 00007f74b8b766d4
00:33:43 executing program 0:
r0 = open(&(0x7f0000000080)='./bus\x00', 0x1410c2, 0x0)
ftruncate(r0, 0x88001)
write$P9_RXATTRCREATE(r0, &(0x7f0000000040)={0x3ba}, 0x7)
r1 = socket(0x11, 0x3, 0x0)
setsockopt$packet_buf(r1, 0x107, 0xf, 0x0, 0x0)
bind(r1, &(0x7f0000000180)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x0, 0x0)
sendfile(r1, r2, 0x0, 0xffffffff010)

[ 2621.945692] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[ 2621.977602] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
00:33:43 executing program 2 (fault-call:5 fault-nth:25):
r0 = open(&(0x7f0000000180)='./bus\x00', 0x151042, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f00000005c0)='/proc/sysvipc/sem\x00', 0x0, 0x0)
sendfile(r0, r3, 0x0, 0x400)

[ 2622.044148] EXT4-fs (loop4): ext4_check_descriptors: Inode table for group 0 overlaps superblock
00:33:43 executing program 1:
open(&(0x7f0000000200)='./file0\x00', 0x1070c0, 0x0)
syz_mount_image$minix(&(0x7f0000000140)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000040)="600084e002000a0000000001000000c98f13", 0x12, 0x400}, {&(0x7f0000000880)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494fcbcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5fe6b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bd89e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb04e4cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e73872540ef4e5aecb0de86dd2a75bee61a9303a332233ff5a259b078", 0x325, 0x34f9}], 0x0, 0x0)
acct(&(0x7f0000000480)='./file0\x00')
umount2(&(0x7f0000000500)='./file0\x00', 0x0)

[ 2622.074829] audit: type=1804 audit(1588638823.944:156): pid=25480 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir187076671/syzkaller.vDXwRA/1327/bus" dev="sda1" ino=16674 res=1
[ 2622.134706] FAULT_INJECTION: forcing a failure.
[ 2622.134706] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 2622.148240] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[ 2622.152718] MINIX-fs: mounting unchecked file system, running fsck is recommended
[ 2622.221054] CPU: 0 PID: 25482 Comm: syz-executor.2 Not tainted 4.19.120-syzkaller #0
[ 2622.229846] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2622.229932] Process accounting resumed
[ 2622.239215] Call Trace:
[ 2622.239246]  dump_stack+0x188/0x20d
[ 2622.239265]  should_fail.cold+0xa/0x1b
[ 2622.239280]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[ 2622.239303]  __alloc_pages_nodemask+0x1c7/0x6a0
[ 2622.239321]  ? __alloc_pages_slowpath+0x26a0/0x26a0
[ 2622.239340]  ? __lock_is_held+0xad/0x140
[ 2622.272300]  ? rcu_read_lock_sched_held+0x10a/0x130
[ 2622.277341]  alloc_pages_current+0xff/0x200
[ 2622.281702]  push_pipe+0x3f6/0x780
[ 2622.285258]  iov_iter_get_pages_alloc+0x5a9/0x1090
[ 2622.290327]  ? debug_check_no_obj_freed+0x20a/0x42e
[ 2622.295381]  ? iov_iter_revert+0xa30/0xa30
[ 2622.299623]  ? debug_check_no_obj_freed+0x20a/0x42e
[ 2622.304667]  ? iov_iter_pipe+0xb4/0x2c0
[ 2622.308660]  default_file_splice_read+0x19c/0x970
[ 2622.313529]  ? check_preemption_disabled+0x41/0x280
[ 2622.318689]  ? trace_hardirqs_off+0x50/0x200
[ 2622.323207]  ? iter_file_splice_write+0xb30/0xb30
[ 2622.328066]  ? mark_held_locks+0xa6/0xf0
[ 2622.332138]  ? iter_file_splice_write+0x516/0xb30
[ 2622.336992]  ? lockdep_hardirqs_on+0x40b/0x5d0
[ 2622.341678]  ? iter_file_splice_write+0x558/0xb30
[ 2622.346534]  ? fsnotify+0x8ba/0xf00
[ 2622.350173]  ? fsnotify_first_mark+0x200/0x200
[ 2622.354984]  ? __inode_security_revalidate+0xd3/0x120
[ 2622.360221]  ? security_file_permission+0x1c0/0x220
[ 2622.365273]  ? security_file_permission+0x84/0x220
[ 2622.370238]  ? rw_verify_area+0x10c/0x330
[ 2622.374404]  ? iter_file_splice_write+0xb30/0xb30
[ 2622.380395]  do_splice_to+0x10e/0x160
[ 2622.384215]  splice_direct_to_actor+0x2b9/0x8d0
[ 2622.388908]  ? generic_pipe_buf_nosteal+0x10/0x10
[ 2622.393763]  ? do_splice_to+0x160/0x160
[ 2622.397770]  do_splice_direct+0x1a8/0x270
[ 2622.401934]  ? splice_direct_to_actor+0x8d0/0x8d0
[ 2622.406808]  ? rcu_read_lock_sched_held+0x10a/0x130
[ 2622.411855]  ? rcu_sync_lockdep_assert+0x69/0xa0
[ 2622.416623]  do_sendfile+0x549/0xc10
[ 2622.420349]  ? do_compat_pwritev64+0x1b0/0x1b0
[ 2622.424939]  ? wait_for_completion+0x3c0/0x3c0
[ 2622.429529]  ? vfs_write+0x15b/0x550
[ 2622.433251]  __x64_sys_sendfile64+0x1cc/0x210
[ 2622.437764]  ? __ia32_sys_sendfile+0x220/0x220
[ 2622.442377]  ? __ia32_sys_clock_settime+0x260/0x260
[ 2622.447430]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 2622.452199]  ? trace_hardirqs_off_caller+0x55/0x210
[ 2622.457250]  ? do_syscall_64+0x21/0x620
[ 2622.461233]  do_syscall_64+0xf9/0x620
[ 2622.465043]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 2622.470236] RIP: 0033:0x45c829
[ 2622.473429] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 2622.492334] RSP: 002b:00007f74b8b75c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 2622.500054] RAX: ffffffffffffffda RBX: 00000000004fc2c0 RCX: 000000000045c829
[ 2622.507343] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000003
[ 2622.514625] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 2622.521903] R10: 0000000000000400 R11: 0000000000000246 R12: 0000000000000007
[ 2622.529194] R13: 00000000000008dc R14: 00000000004cb816 R15: 00007f74b8b766d4
00:33:45 executing program 5:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)="0f34", 0x2}], 0x1, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f00000001c0)=""/1, 0x1}], 0x3, 0x0, 0x0, 0x0)
tkill(r0, 0x15)
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0xe7, &(0x7f0000000480)="f71559c80aa4cefd3b79e76a039acbd61caef13fff703cc78e402a21c67dbe3ec9ee6c2a3b818b0000000009eb2b5c9a61000039dfad3ec35ca3dfaa6d0e35475ace78a33eb2b7fcfdd45d247a877bbcdd0307b91e8e05257ee498343d11310dda51e11dc0d92d614498a96fd09b90c0b306ef4fcd32316c48f327739494cfd766e8741d9783e4dc2a1cccb48f7d11a12e7714d3b2ab3f7e145069c031dff4e03cebb733218d3f00c1505b36dae61f9430afbad35132ad1172403fa3de92466d47fa032032453d60b2a1c1080000000000000095c32dd6fb7092e7a73ceffe3f8c450343d34abd"}}], 0x1c)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x7fffffffefff)

00:33:45 executing program 0:
r0 = open(&(0x7f0000000080)='./bus\x00', 0x1410c2, 0x0)
ftruncate(r0, 0x88001)
write$P9_RXATTRCREATE(r0, &(0x7f0000000040)={0x3ba}, 0x7)
r1 = socket(0x11, 0x3, 0x0)
setsockopt$packet_buf(r1, 0x107, 0xf, &(0x7f0000000280), 0x0)
bind(r1, &(0x7f0000000180)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x0, 0x0)
sendfile(r1, r2, 0x0, 0xffffffff010)

00:33:45 executing program 4:
sendmsg$NL80211_CMD_SET_REG(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="a8003ef3", @ANYRES16, @ANYBLOB="00042dbd7000fddbdf251a0000001c00228008000700020000000800010009000000080002000300000005009200010000001c0022800800040021c10000080003007d000000080003000800000008009a00020000004c0022800800040028000000080005000400000008000700010000000800030001000000084fcd971fdcd15cf93b0007000500000008000500b66800000800050001"], 0xa8}}, 0x0)
r0 = socket$unix(0x1, 0x5, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
sendmsg$AUDIT_GET(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000040), 0xc, 0x0}, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x23, &(0x7f0000000240)=[{&(0x7f00000000c0)="800000003804000019000300e60100076c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0x4db, 0x400}], 0x4801, 0x0)

00:33:45 executing program 2 (fault-call:5 fault-nth:26):
r0 = open(&(0x7f0000000180)='./bus\x00', 0x151042, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f00000005c0)='/proc/sysvipc/sem\x00', 0x0, 0x0)
sendfile(r0, r3, 0x0, 0x400)

[ 2623.944176] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[ 2623.972660] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[ 2623.993054] EXT4-fs (loop4): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[ 2624.008334] kauditd_printk_skb: 1 callbacks suppressed
[ 2624.008348] audit: type=1804 audit(1588638825.884:158): pid=25507 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir187076671/syzkaller.vDXwRA/1328/bus" dev="sda1" ino=17091 res=1
[ 2624.078081] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
00:33:46 executing program 2:
r0 = open(&(0x7f0000000180)='./bus\x00', 0x151042, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f00000005c0)='/proc/sysvipc/sem\x00', 0x0, 0x0)
sendfile(r0, r3, 0x0, 0x400)

00:33:46 executing program 4:
sendmsg$NL80211_CMD_SET_REG(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="a8003ef3", @ANYRES16, @ANYBLOB="00042dbd7000fddbdf251a0000001c00228008000700020000000800010009000000080002000300000005009200010000001c0022800800040021c10000080003007d000000080003000800000008009a00020000004c0022800800040028000000080005000400000008000700010000000800030001000000084fcd971fdcd15cf93b0007000500000008000500b66800000800050001"], 0xa8}}, 0x0)
r0 = socket$unix(0x1, 0x5, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
sendmsg$AUDIT_GET(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000040), 0xc, 0x0}, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x23, &(0x7f0000000240)=[{&(0x7f00000000c0)="800000003804000019000300e60100096c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0x4db, 0x400}], 0x4801, 0x0)

00:33:46 executing program 1:
open(&(0x7f0000000200)='./file0\x00', 0x1070c0, 0x0)
syz_mount_image$minix(&(0x7f0000000140)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000040)="600084e002000a0000000001000000c98f13", 0x12, 0x400}, {&(0x7f0000000880)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494fcbcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5fe6b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bd89e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb04e4cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e73872540ef4e5aecb0de86dd2a75bee61a9303a332233ff5a259b078", 0x325, 0x34f9}], 0x0, 0x0)
acct(&(0x7f0000000480)='./file0\x00')
umount2(&(0x7f0000000500)='./file0\x00', 0x0)

00:33:46 executing program 0:
r0 = open(&(0x7f0000000080)='./bus\x00', 0x1410c2, 0x0)
ftruncate(r0, 0x88001)
write$P9_RXATTRCREATE(r0, &(0x7f0000000040)={0x3ba}, 0x7)
r1 = socket(0x11, 0x3, 0x0)
setsockopt$packet_buf(r1, 0x107, 0xf, &(0x7f0000000280), 0x0)
bind(r1, &(0x7f0000000180)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x0, 0x0)
sendfile(r1, r2, 0x0, 0xffffffff010)

00:33:46 executing program 3:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)="0f34", 0x2}], 0x1, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f00000001c0)=""/1, 0x1}], 0x3, 0x0, 0x0, 0x0)
tkill(0x0, 0x15)
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0xe4, &(0x7f0000000480)="f71559c80aa4cefd3b79e76a039acbd61caef13fff703cc78e402a21c67dbe3ec9ee6c2a3b818b0000000009eb2b5c9a61000039dfad3ec35ca3dfaa6d0e35475ace78a33eb2b7fcfdd45d247a877bbcdd0307b91e8e05257ee498343d11310dda51e11dc0d92d614498a96fd09b90c0b306ef4fcd32316c48f327739494cfd766e8741d9783e4dc2a1cccb48f7d11a12e7714d3b2ab3f7e145069c031dff4e03cebb733218d3f00c1505b36dae61f9430afbad35132ad1172403fa3de92466d47fa032032453d60b2a1c1080000000000000095c32dd6fb7092e7a73ceffe3f8c450343"}}], 0x1c)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

[ 2624.608495] audit: type=1800 audit(1588638826.474:159): pid=25529 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="syz-executor.1" name="file0" dev="sda1" ino=17093 res=0
[ 2624.645080] MINIX-fs: mounting unchecked file system, running fsck is recommended
[ 2624.667065] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[ 2624.677242] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[ 2624.694525] EXT4-fs (loop4): ext4_check_descriptors: Inode table for group 0 overlaps superblock
00:33:46 executing program 2:
r0 = open(&(0x7f0000000180)='./bus\x00', 0x151042, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f00000005c0)='/proc/sysvipc/sem\x00', 0x0, 0x0)
sendfile(r0, r3, 0x0, 0x2)

[ 2624.706158] audit: type=1804 audit(1588638826.504:160): pid=25528 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir187076671/syzkaller.vDXwRA/1329/bus" dev="sda1" ino=17092 res=1
[ 2624.732509] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[ 2624.760392] Process accounting resumed
00:33:46 executing program 0:
r0 = open(&(0x7f0000000080)='./bus\x00', 0x1410c2, 0x0)
ftruncate(r0, 0x88001)
write$P9_RXATTRCREATE(r0, &(0x7f0000000040)={0x3ba}, 0x7)
r1 = socket(0x11, 0x3, 0x0)
setsockopt$packet_buf(r1, 0x107, 0xf, &(0x7f0000000280), 0x0)
bind(r1, &(0x7f0000000180)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x0, 0x0)
sendfile(r1, r2, 0x0, 0xffffffff010)

00:33:46 executing program 1:
open(&(0x7f0000000200)='./file0\x00', 0x1070c0, 0x0)
syz_mount_image$minix(&(0x7f0000000140)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000040)="600084e002000a0000000001000000c98f13", 0x12, 0x400}, {&(0x7f0000000880)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494fcbcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5fe6b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bd89e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb04e4cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e73872540ef4e5aecb0de86dd2a75bee61a9303a332233ff5a259b078", 0x325, 0x34f9}], 0x0, 0x0)
acct(&(0x7f0000000480)='./file0\x00')
umount2(&(0x7f0000000500)='./file0\x00', 0x0)

[ 2624.932261] audit: type=1800 audit(1588638826.804:161): pid=25550 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="syz-executor.1" name="file0" dev="sda1" ino=17082 res=0
[ 2624.975933] audit: type=1804 audit(1588638826.834:162): pid=25549 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir187076671/syzkaller.vDXwRA/1330/bus" dev="sda1" ino=17059 res=1
[ 2625.008891] MINIX-fs: mounting unchecked file system, running fsck is recommended
[ 2625.069594] Process accounting resumed
00:33:48 executing program 5:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)="0f34", 0x2}], 0x1, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f00000001c0)=""/1, 0x1}], 0x3, 0x0, 0x0, 0x0)
tkill(r0, 0x15)
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0xe7, &(0x7f0000000480)="f71559c80aa4cefd3b79e76a039acbd61caef13fff703cc78e402a21c67dbe3ec9ee6c2a3b818b0000000009eb2b5c9a61000039dfad3ec35ca3dfaa6d0e35475ace78a33eb2b7fcfdd45d247a877bbcdd0307b91e8e05257ee498343d11310dda51e11dc0d92d614498a96fd09b90c0b306ef4fcd32316c48f327739494cfd766e8741d9783e4dc2a1cccb48f7d11a12e7714d3b2ab3f7e145069c031dff4e03cebb733218d3f00c1505b36dae61f9430afbad35132ad1172403fa3de92466d47fa032032453d60b2a1c1080000000000000095c32dd6fb7092e7a73ceffe3f8c450343d34abd"}}], 0x1c)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x7ffffffff000)

00:33:48 executing program 4:
sendmsg$NL80211_CMD_SET_REG(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="a8003ef3", @ANYRES16, @ANYBLOB="00042dbd7000fddbdf251a0000001c00228008000700020000000800010009000000080002000300000005009200010000001c0022800800040021c10000080003007d000000080003000800000008009a00020000004c0022800800040028000000080005000400000008000700010000000800030001000000084fcd971fdcd15cf93b0007000500000008000500b66800000800050001"], 0xa8}}, 0x0)
r0 = socket$unix(0x1, 0x5, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
sendmsg$AUDIT_GET(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000040), 0xc, 0x0}, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x23, &(0x7f0000000240)=[{&(0x7f00000000c0)="800000003804000019000300e601000a6c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0x4db, 0x400}], 0x4801, 0x0)

00:33:48 executing program 2:
r0 = open(&(0x7f0000000180)='./bus\x00', 0x151042, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f00000005c0)='/proc/sysvipc/sem\x00', 0x0, 0x0)
sendfile(r0, r3, 0x0, 0x3)

00:33:48 executing program 0:
r0 = open(&(0x7f0000000080)='./bus\x00', 0x1410c2, 0x0)
ftruncate(r0, 0x88001)
write$P9_RXATTRCREATE(r0, &(0x7f0000000040)={0x3ba}, 0x7)
r1 = socket(0x11, 0x3, 0x0)
setsockopt$packet_buf(r1, 0x107, 0xf, &(0x7f0000000280)="a933", 0x2)
bind(r1, &(0x7f0000000180)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x0, 0x0)
sendfile(r1, r2, 0x0, 0xffffffff010)

00:33:48 executing program 1:
open(&(0x7f0000000200)='./file0\x00', 0x1070c0, 0x0)
syz_mount_image$minix(&(0x7f0000000140)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000040)="600084e002000a0000000001000000c98f13", 0x12, 0x400}, {&(0x7f0000000880)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494fcbcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5fe6b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bd89e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb04e4cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e73872540ef4e5aecb0de86dd2a75bee61a9303a332233ff5a259b078a6", 0x326}], 0x0, 0x0)
acct(&(0x7f0000000480)='./file0\x00')
umount2(&(0x7f0000000500)='./file0\x00', 0x0)

[ 2627.027052] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[ 2627.038977] audit: type=1804 audit(1588638828.914:163): pid=25568 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir187076671/syzkaller.vDXwRA/1331/bus" dev="sda1" ino=17114 res=1
[ 2627.078433] MINIX-fs: bad superblock or unable to read bitmaps
[ 2627.088961] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[ 2627.133172] audit: type=1800 audit(1588638828.944:164): pid=25566 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="syz-executor.1" name="file0" dev="sda1" ino=17154 res=0
[ 2627.155383] EXT4-fs (loop4): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[ 2627.188704] audit: type=1804 audit(1588638828.974:165): pid=25566 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=ToMToU comm="syz-executor.1" name="/root/syzkaller-testdir147527572/syzkaller.fWXSDR/1303/file0" dev="sda1" ino=17154 res=1
[ 2627.193838] Process accounting resumed
[ 2627.215015] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
00:33:49 executing program 3:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)="0f34", 0x2}], 0x1, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f00000001c0)=""/1, 0x1}], 0x3, 0x0, 0x0, 0x0)
tkill(r0, 0x0)
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0xe4, &(0x7f0000000480)="f71559c80aa4cefd3b79e76a039acbd61caef13fff703cc78e402a21c67dbe3ec9ee6c2a3b818b0000000009eb2b5c9a61000039dfad3ec35ca3dfaa6d0e35475ace78a33eb2b7fcfdd45d247a877bbcdd0307b91e8e05257ee498343d11310dda51e11dc0d92d614498a96fd09b90c0b306ef4fcd32316c48f327739494cfd766e8741d9783e4dc2a1cccb48f7d11a12e7714d3b2ab3f7e145069c031dff4e03cebb733218d3f00c1505b36dae61f9430afbad35132ad1172403fa3de92466d47fa032032453d60b2a1c1080000000000000095c32dd6fb7092e7a73ceffe3f8c450343"}}], 0x1c)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

00:33:49 executing program 2:
r0 = open(&(0x7f0000000180)='./bus\x00', 0x151042, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f00000005c0)='/proc/sysvipc/sem\x00', 0x0, 0x0)
sendfile(r0, r3, 0x0, 0x4)

00:33:49 executing program 0:
r0 = open(&(0x7f0000000080)='./bus\x00', 0x1410c2, 0x0)
ftruncate(r0, 0x88001)
write$P9_RXATTRCREATE(r0, &(0x7f0000000040)={0x3ba}, 0x7)
r1 = socket(0x11, 0x3, 0x0)
setsockopt$packet_buf(r1, 0x107, 0xf, &(0x7f0000000280)="a933", 0x2)
bind(r1, &(0x7f0000000180)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x0, 0x0)
sendfile(r1, r2, 0x0, 0xffffffff010)

00:33:49 executing program 1:
open(&(0x7f0000000200)='./file0\x00', 0x1070c0, 0x0)
syz_mount_image$minix(&(0x7f0000000140)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000040)="600084e002000a0000000001000000c98f13", 0x12, 0x400}, {&(0x7f0000000880)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494fcbcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5fe6b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bd89e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb04e4cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e73872540ef4e5aecb0de86dd2a75bee61a9303a332233ff5a259b078a6", 0x326}], 0x0, 0x0)
acct(&(0x7f0000000480)='./file0\x00')
umount2(&(0x7f0000000500)='./file0\x00', 0x0)

00:33:49 executing program 4:
sendmsg$NL80211_CMD_SET_REG(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="a8003ef3", @ANYRES16, @ANYBLOB="00042dbd7000fddbdf251a0000001c00228008000700020000000800010009000000080002000300000005009200010000001c0022800800040021c10000080003007d000000080003000800000008009a00020000004c0022800800040028000000080005000400000008000700010000000800030001000000084fcd971fdcd15cf93b0007000500000008000500b66800000800050001"], 0xa8}}, 0x0)
r0 = socket$unix(0x1, 0x5, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
sendmsg$AUDIT_GET(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000040), 0xc, 0x0}, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x23, &(0x7f0000000240)=[{&(0x7f00000000c0)="800000003804000019000300e60100226c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0x4db, 0x400}], 0x4801, 0x0)

[ 2627.644837] audit: type=1800 audit(1588638829.514:166): pid=25600 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="syz-executor.1" name="file0" dev="sda1" ino=17114 res=0
[ 2627.682177] audit: type=1804 audit(1588638829.544:167): pid=25598 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir187076671/syzkaller.vDXwRA/1332/bus" dev="sda1" ino=17115 res=1
[ 2627.698922] MINIX-fs: bad superblock or unable to read bitmaps
[ 2627.716671] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
00:33:49 executing program 0:
r0 = open(&(0x7f0000000080)='./bus\x00', 0x1410c2, 0x0)
ftruncate(r0, 0x88001)
write$P9_RXATTRCREATE(r0, &(0x7f0000000040)={0x3ba}, 0x7)
r1 = socket(0x11, 0x3, 0x0)
setsockopt$packet_buf(r1, 0x107, 0xf, &(0x7f0000000280)="a933", 0x2)
bind(r1, &(0x7f0000000180)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x0, 0x0)
sendfile(r1, r2, 0x0, 0xffffffff010)

[ 2627.738768] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[ 2627.754274] EXT4-fs (loop4): ext4_check_descriptors: Inode table for group 0 overlaps superblock
00:33:49 executing program 2:
r0 = open(&(0x7f0000000180)='./bus\x00', 0x151042, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f00000005c0)='/proc/sysvipc/sem\x00', 0x0, 0x0)
sendfile(r0, r3, 0x0, 0x5)

[ 2627.803067] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[ 2627.864804] Process accounting resumed
00:33:51 executing program 5:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)="0f34", 0x2}], 0x1, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f00000001c0)=""/1, 0x1}], 0x3, 0x0, 0x0, 0x0)
tkill(r0, 0x15)
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0xe7, &(0x7f0000000480)="f71559c80aa4cefd3b79e76a039acbd61caef13fff703cc78e402a21c67dbe3ec9ee6c2a3b818b0000000009eb2b5c9a61000039dfad3ec35ca3dfaa6d0e35475ace78a33eb2b7fcfdd45d247a877bbcdd0307b91e8e05257ee498343d11310dda51e11dc0d92d614498a96fd09b90c0b306ef4fcd32316c48f327739494cfd766e8741d9783e4dc2a1cccb48f7d11a12e7714d3b2ab3f7e145069c031dff4e03cebb733218d3f00c1505b36dae61f9430afbad35132ad1172403fa3de92466d47fa032032453d60b2a1c1080000000000000095c32dd6fb7092e7a73ceffe3f8c450343d34abd"}}], 0x1c)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0xb90000000000)

00:33:51 executing program 1:
open(&(0x7f0000000200)='./file0\x00', 0x1070c0, 0x0)
syz_mount_image$minix(&(0x7f0000000140)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000040)="600084e002000a0000000001000000c98f13", 0x12, 0x400}, {&(0x7f0000000880)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494fcbcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5fe6b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bd89e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb04e4cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e73872540ef4e5aecb0de86dd2a75bee61a9303a332233ff5a259b078a6", 0x326}], 0x0, 0x0)
acct(&(0x7f0000000480)='./file0\x00')
umount2(&(0x7f0000000500)='./file0\x00', 0x0)

00:33:51 executing program 4:
sendmsg$NL80211_CMD_SET_REG(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="a8003ef3", @ANYRES16, @ANYBLOB="00042dbd7000fddbdf251a0000001c00228008000700020000000800010009000000080002000300000005009200010000001c0022800800040021c10000080003007d000000080003000800000008009a00020000004c0022800800040028000000080005000400000008000700010000000800030001000000084fcd971fdcd15cf93b0007000500000008000500b66800000800050001"], 0xa8}}, 0x0)
r0 = socket$unix(0x1, 0x5, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
sendmsg$AUDIT_GET(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000040), 0xc, 0x0}, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x23, &(0x7f0000000240)=[{&(0x7f00000000c0)="800000003804000019000300e60100236c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0x4db, 0x400}], 0x4801, 0x0)

00:33:51 executing program 2:
r0 = open(&(0x7f0000000180)='./bus\x00', 0x151042, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f00000005c0)='/proc/sysvipc/sem\x00', 0x0, 0x0)
sendfile(r0, r3, 0x0, 0x6)

00:33:51 executing program 0:
r0 = open(&(0x7f0000000080)='./bus\x00', 0x1410c2, 0x0)
ftruncate(r0, 0x88001)
write$P9_RXATTRCREATE(r0, &(0x7f0000000040)={0x3ba}, 0x7)
r1 = socket(0x11, 0x3, 0x0)
setsockopt$packet_buf(r1, 0x107, 0xf, &(0x7f0000000280)="a933fb", 0x3)
bind(r1, &(0x7f0000000180)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x0, 0x0)
sendfile(r1, r2, 0x0, 0xffffffff010)

[ 2630.061516] kauditd_printk_skb: 2 callbacks suppressed
[ 2630.061530] audit: type=1804 audit(1588638831.934:170): pid=25630 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir187076671/syzkaller.vDXwRA/1334/bus" dev="sda1" ino=17113 res=1
[ 2630.117695] MINIX-fs: bad superblock or unable to read bitmaps
[ 2630.133080] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[ 2630.160996] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[ 2630.169921] audit: type=1800 audit(1588638831.974:171): pid=25632 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="syz-executor.1" name="file0" dev="sda1" ino=17234 res=0
[ 2630.175405] EXT4-fs (loop4): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[ 2630.207003] audit: type=1804 audit(1588638832.074:172): pid=25645 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=ToMToU comm="syz-executor.1" name="/root/syzkaller-testdir147527572/syzkaller.fWXSDR/1305/file0" dev="sda1" ino=17234 res=1
[ 2630.263357] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[ 2630.291530] Process accounting resumed
00:33:52 executing program 3:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)="0f34", 0x2}], 0x1, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f00000001c0)=""/1, 0x1}], 0x3, 0x0, 0x0, 0x0)
tkill(r0, 0x0)
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0xe4, &(0x7f0000000480)="f71559c80aa4cefd3b79e76a039acbd61caef13fff703cc78e402a21c67dbe3ec9ee6c2a3b818b0000000009eb2b5c9a61000039dfad3ec35ca3dfaa6d0e35475ace78a33eb2b7fcfdd45d247a877bbcdd0307b91e8e05257ee498343d11310dda51e11dc0d92d614498a96fd09b90c0b306ef4fcd32316c48f327739494cfd766e8741d9783e4dc2a1cccb48f7d11a12e7714d3b2ab3f7e145069c031dff4e03cebb733218d3f00c1505b36dae61f9430afbad35132ad1172403fa3de92466d47fa032032453d60b2a1c1080000000000000095c32dd6fb7092e7a73ceffe3f8c450343"}}], 0x1c)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

00:33:52 executing program 2:
r0 = open(&(0x7f0000000180)='./bus\x00', 0x151042, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f00000005c0)='/proc/sysvipc/sem\x00', 0x0, 0x0)
sendfile(r0, r3, 0x0, 0x7)

00:33:52 executing program 0:
r0 = open(&(0x7f0000000080)='./bus\x00', 0x1410c2, 0x0)
ftruncate(r0, 0x88001)
write$P9_RXATTRCREATE(r0, &(0x7f0000000040)={0x3ba}, 0x7)
r1 = socket(0x11, 0x3, 0x0)
setsockopt$packet_buf(r1, 0x107, 0xf, &(0x7f0000000280)="a933fb", 0x3)
bind(r1, &(0x7f0000000180)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x0, 0x0)
sendfile(r1, r2, 0x0, 0xffffffff010)

00:33:52 executing program 1:
open(&(0x7f0000000200)='./file0\x00', 0x1070c0, 0x0)
syz_mount_image$minix(&(0x7f0000000140)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f0000000880)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494fcbcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5fe6b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bd89e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb04e4cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e73872540ef4e5aecb0de86dd2a75bee61a9303a332233ff5a259b078a6", 0x326, 0x34f9}], 0x0, 0x0)
acct(&(0x7f0000000480)='./file0\x00')
umount2(&(0x7f0000000500)='./file0\x00', 0x0)

00:33:52 executing program 4:
sendmsg$NL80211_CMD_SET_REG(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="a8003ef3", @ANYRES16, @ANYBLOB="00042dbd7000fddbdf251a0000001c00228008000700020000000800010009000000080002000300000005009200010000001c0022800800040021c10000080003007d000000080003000800000008009a00020000004c0022800800040028000000080005000400000008000700010000000800030001000000084fcd971fdcd15cf93b0007000500000008000500b66800000800050001"], 0xa8}}, 0x0)
r0 = socket$unix(0x1, 0x5, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
sendmsg$AUDIT_GET(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000040), 0xc, 0x0}, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x23, &(0x7f0000000240)=[{&(0x7f00000000c0)="800000003804000019000300e601002c6c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0x4db, 0x400}], 0x4801, 0x0)

[ 2630.684738] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[ 2630.694726] audit: type=1800 audit(1588638832.574:173): pid=25666 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="syz-executor.1" name="file0" dev="sda1" ino=17124 res=0
[ 2630.709598] VFS: Can't find a Minix filesystem V1 | V2 | V3 on device loop1.
[ 2630.769535] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[ 2630.770277] audit: type=1804 audit(1588638832.604:174): pid=25667 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir187076671/syzkaller.vDXwRA/1335/bus" dev="sda1" ino=17120 res=1
[ 2630.826783] EXT4-fs (loop4): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[ 2630.838034] Process accounting resumed
00:33:52 executing program 1:
open(&(0x7f0000000200)='./file0\x00', 0x1070c0, 0x0)
syz_mount_image$minix(&(0x7f0000000140)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f0000000880)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494fcbcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5fe6b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bd89e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb04e4cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e73872540ef4e5aecb0de86dd2a75bee61a9303a332233ff5a259b078a6", 0x326, 0x34f9}], 0x0, 0x0)
acct(&(0x7f0000000480)='./file0\x00')
umount2(&(0x7f0000000500)='./file0\x00', 0x0)

00:33:52 executing program 2:
r0 = open(&(0x7f0000000180)='./bus\x00', 0x151042, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f00000005c0)='/proc/sysvipc/sem\x00', 0x0, 0x0)
sendfile(r0, r3, 0x0, 0x8)

[ 2630.856384] audit: type=1804 audit(1588638832.634:175): pid=25666 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=ToMToU comm="syz-executor.1" name="/root/syzkaller-testdir147527572/syzkaller.fWXSDR/1306/file0" dev="sda1" ino=17124 res=1
[ 2630.886869] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[ 2630.939646] audit: type=1800 audit(1588638832.804:176): pid=25683 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="syz-executor.1" name="file0" dev="sda1" ino=17116 res=0
[ 2630.966077] VFS: Can't find a Minix filesystem V1 | V2 | V3 on device loop1.
[ 2631.015804] audit: type=1804 audit(1588638832.884:177): pid=25683 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=ToMToU comm="syz-executor.1" name="/root/syzkaller-testdir147527572/syzkaller.fWXSDR/1307/file0" dev="sda1" ino=17116 res=1
[ 2631.062374] Process accounting resumed
00:33:54 executing program 5:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)="0f34", 0x2}], 0x1, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f00000001c0)=""/1, 0x1}], 0x3, 0x0, 0x0, 0x0)
tkill(r0, 0x15)
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0xe7, &(0x7f0000000480)="f71559c80aa4cefd3b79e76a039acbd61caef13fff703cc78e402a21c67dbe3ec9ee6c2a3b818b0000000009eb2b5c9a61000039dfad3ec35ca3dfaa6d0e35475ace78a33eb2b7fcfdd45d247a877bbcdd0307b91e8e05257ee498343d11310dda51e11dc0d92d614498a96fd09b90c0b306ef4fcd32316c48f327739494cfd766e8741d9783e4dc2a1cccb48f7d11a12e7714d3b2ab3f7e145069c031dff4e03cebb733218d3f00c1505b36dae61f9430afbad35132ad1172403fa3de92466d47fa032032453d60b2a1c1080000000000000095c32dd6fb7092e7a73ceffe3f8c450343d34abd"}}], 0x1c)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x30740000000000)

00:33:54 executing program 0:
r0 = open(&(0x7f0000000080)='./bus\x00', 0x1410c2, 0x0)
ftruncate(r0, 0x88001)
write$P9_RXATTRCREATE(r0, &(0x7f0000000040)={0x3ba}, 0x7)
r1 = socket(0x11, 0x3, 0x0)
setsockopt$packet_buf(r1, 0x107, 0xf, &(0x7f0000000280)="a933fb", 0x3)
bind(r1, &(0x7f0000000180)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x0, 0x0)
sendfile(r1, r2, 0x0, 0xffffffff010)

00:33:54 executing program 4:
sendmsg$NL80211_CMD_SET_REG(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="a8003ef3", @ANYRES16, @ANYBLOB="00042dbd7000fddbdf251a0000001c00228008000700020000000800010009000000080002000300000005009200010000001c0022800800040021c10000080003007d000000080003000800000008009a00020000004c0022800800040028000000080005000400000008000700010000000800030001000000084fcd971fdcd15cf93b0007000500000008000500b66800000800050001"], 0xa8}}, 0x0)
r0 = socket$unix(0x1, 0x5, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
sendmsg$AUDIT_GET(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000040), 0xc, 0x0}, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x23, &(0x7f0000000240)=[{&(0x7f00000000c0)="800000003804000019000300e601002d6c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0x4db, 0x400}], 0x4801, 0x0)

00:33:54 executing program 2:
r0 = open(&(0x7f0000000180)='./bus\x00', 0x151042, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f00000005c0)='/proc/sysvipc/sem\x00', 0x0, 0x0)
sendfile(r0, r3, 0x0, 0x9)

00:33:54 executing program 1:
open(&(0x7f0000000200)='./file0\x00', 0x1070c0, 0x0)
syz_mount_image$minix(&(0x7f0000000140)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f0000000880)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494fcbcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5fe6b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bd89e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb04e4cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e73872540ef4e5aecb0de86dd2a75bee61a9303a332233ff5a259b078a6", 0x326, 0x34f9}], 0x0, 0x0)
acct(&(0x7f0000000480)='./file0\x00')
umount2(&(0x7f0000000500)='./file0\x00', 0x0)

[ 2633.151435] audit: type=1800 audit(1588638835.024:178): pid=25701 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="syz-executor.1" name="file0" dev="sda1" ino=17477 res=0
[ 2633.185500] VFS: Can't find a Minix filesystem V1 | V2 | V3 on device loop1.
[ 2633.194939] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[ 2633.216397] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[ 2633.228965] audit: type=1804 audit(1588638835.094:179): pid=25706 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir187076671/syzkaller.vDXwRA/1336/bus" dev="sda1" ino=17480 res=1
[ 2633.283629] EXT4-fs (loop4): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[ 2633.306315] Process accounting resumed
[ 2633.347615] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
00:33:55 executing program 3:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)="0f34", 0x2}], 0x1, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f00000001c0)=""/1, 0x1}], 0x3, 0x0, 0x0, 0x0)
tkill(r0, 0x0)
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0xe4, &(0x7f0000000480)="f71559c80aa4cefd3b79e76a039acbd61caef13fff703cc78e402a21c67dbe3ec9ee6c2a3b818b0000000009eb2b5c9a61000039dfad3ec35ca3dfaa6d0e35475ace78a33eb2b7fcfdd45d247a877bbcdd0307b91e8e05257ee498343d11310dda51e11dc0d92d614498a96fd09b90c0b306ef4fcd32316c48f327739494cfd766e8741d9783e4dc2a1cccb48f7d11a12e7714d3b2ab3f7e145069c031dff4e03cebb733218d3f00c1505b36dae61f9430afbad35132ad1172403fa3de92466d47fa032032453d60b2a1c1080000000000000095c32dd6fb7092e7a73ceffe3f8c450343"}}], 0x1c)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

00:33:55 executing program 2:
r0 = open(&(0x7f0000000180)='./bus\x00', 0x151042, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f00000005c0)='/proc/sysvipc/sem\x00', 0x0, 0x0)
sendfile(r0, r3, 0x0, 0xa)

00:33:55 executing program 1:
open(&(0x7f0000000200)='./file0\x00', 0x1070c0, 0x0)
syz_mount_image$minix(&(0x7f0000000140)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{0x0, 0x0, 0x400}, {&(0x7f0000000880)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494fcbcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5fe6b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bd89e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb04e4cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e73872540ef4e5aecb0de86dd2a75bee61a9303a332233ff5a259b078a6", 0x326, 0x34f9}], 0x0, 0x0)
acct(&(0x7f0000000480)='./file0\x00')
umount2(&(0x7f0000000500)='./file0\x00', 0x0)

00:33:55 executing program 0:
r0 = open(&(0x7f0000000080)='./bus\x00', 0x1410c2, 0x0)
ftruncate(r0, 0x88001)
write$P9_RXATTRCREATE(r0, &(0x7f0000000040)={0x3ba}, 0x7)
r1 = socket(0x11, 0x3, 0x0)
setsockopt$packet_buf(r1, 0x107, 0xf, &(0x7f0000000280)="a933fb23", 0x4)
bind(0xffffffffffffffff, &(0x7f0000000180)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x0, 0x0)
sendfile(r1, r2, 0x0, 0xffffffff010)

00:33:55 executing program 4:
sendmsg$NL80211_CMD_SET_REG(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="a8003ef3", @ANYRES16, @ANYBLOB="00042dbd7000fddbdf251a0000001c00228008000700020000000800010009000000080002000300000005009200010000001c0022800800040021c10000080003007d000000080003000800000008009a00020000004c0022800800040028000000080005000400000008000700010000000800030001000000084fcd971fdcd15cf93b0007000500000008000500b66800000800050001"], 0xa8}}, 0x0)
r0 = socket$unix(0x1, 0x5, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
sendmsg$AUDIT_GET(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000040), 0xc, 0x0}, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x23, &(0x7f0000000240)=[{&(0x7f00000000c0)="800000003804000019000300e60100486c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0x4db, 0x400}], 0x4801, 0x0)

[ 2633.738930] VFS: Can't find a Minix filesystem V1 | V2 | V3 on device loop1.
[ 2633.777063] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
00:33:55 executing program 0:
r0 = open(&(0x7f0000000080)='./bus\x00', 0x1410c2, 0x0)
ftruncate(r0, 0x88001)
write$P9_RXATTRCREATE(r0, &(0x7f0000000040)={0x3ba}, 0x7)
r1 = socket(0x11, 0x3, 0x0)
setsockopt$packet_buf(r1, 0x107, 0xf, &(0x7f0000000280)="a933fb23", 0x4)
bind(0xffffffffffffffff, &(0x7f0000000180)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x0, 0x0)
sendfile(r1, r2, 0x0, 0xffffffff010)

00:33:55 executing program 2:
r0 = open(&(0x7f0000000180)='./bus\x00', 0x151042, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f00000005c0)='/proc/sysvipc/sem\x00', 0x0, 0x0)
sendfile(r0, r3, 0x0, 0xb)

[ 2633.817597] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[ 2633.858156] Process accounting resumed
[ 2633.889595] EXT4-fs (loop4): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[ 2633.934507] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
00:33:58 executing program 5:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)="0f34", 0x2}], 0x1, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f00000001c0)=""/1, 0x1}], 0x3, 0x0, 0x0, 0x0)
tkill(r0, 0x15)
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0xe7, &(0x7f0000000480)="f71559c80aa4cefd3b79e76a039acbd61caef13fff703cc78e402a21c67dbe3ec9ee6c2a3b818b0000000009eb2b5c9a61000039dfad3ec35ca3dfaa6d0e35475ace78a33eb2b7fcfdd45d247a877bbcdd0307b91e8e05257ee498343d11310dda51e11dc0d92d614498a96fd09b90c0b306ef4fcd32316c48f327739494cfd766e8741d9783e4dc2a1cccb48f7d11a12e7714d3b2ab3f7e145069c031dff4e03cebb733218d3f00c1505b36dae61f9430afbad35132ad1172403fa3de92466d47fa032032453d60b2a1c1080000000000000095c32dd6fb7092e7a73ceffe3f8c450343d34abd"}}], 0x1c)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0xa0730000000000)

00:33:58 executing program 1:
open(&(0x7f0000000200)='./file0\x00', 0x1070c0, 0x0)
syz_mount_image$minix(&(0x7f0000000140)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{0x0, 0x0, 0x400}, {&(0x7f0000000880)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494fcbcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5fe6b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bd89e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb04e4cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e73872540ef4e5aecb0de86dd2a75bee61a9303a332233ff5a259b078a6", 0x326, 0x34f9}], 0x0, 0x0)
acct(&(0x7f0000000480)='./file0\x00')
umount2(&(0x7f0000000500)='./file0\x00', 0x0)

00:33:58 executing program 0:
r0 = open(&(0x7f0000000080)='./bus\x00', 0x1410c2, 0x0)
ftruncate(r0, 0x88001)
write$P9_RXATTRCREATE(r0, &(0x7f0000000040)={0x3ba}, 0x7)
r1 = socket(0x11, 0x3, 0x0)
setsockopt$packet_buf(r1, 0x107, 0xf, &(0x7f0000000280)="a933fb23", 0x4)
bind(0xffffffffffffffff, &(0x7f0000000180)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x0, 0x0)
sendfile(r1, r2, 0x0, 0xffffffff010)

00:33:58 executing program 2:
r0 = open(&(0x7f0000000180)='./bus\x00', 0x151042, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f00000005c0)='/proc/sysvipc/sem\x00', 0x0, 0x0)
sendfile(r0, r3, 0x0, 0xc)

00:33:58 executing program 4:
sendmsg$NL80211_CMD_SET_REG(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="a8003ef3", @ANYRES16, @ANYBLOB="00042dbd7000fddbdf251a0000001c00228008000700020000000800010009000000080002000300000005009200010000001c0022800800040021c10000080003007d000000080003000800000008009a00020000004c0022800800040028000000080005000400000008000700010000000800030001000000084fcd971fdcd15cf93b0007000500000008000500b66800000800050001"], 0xa8}}, 0x0)
r0 = socket$unix(0x1, 0x5, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
sendmsg$AUDIT_GET(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000040), 0xc, 0x0}, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x23, &(0x7f0000000240)=[{&(0x7f00000000c0)="800000003804000019000300e601004c6c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0x4db, 0x400}], 0x4801, 0x0)

[ 2636.239175] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[ 2636.239850] kauditd_printk_skb: 5 callbacks suppressed
[ 2636.239864] audit: type=1804 audit(1588638838.114:185): pid=25768 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir187076671/syzkaller.vDXwRA/1339/bus" dev="sda1" ino=17492 res=1
[ 2636.252988] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[ 2636.301679] VFS: Can't find a Minix filesystem V1 | V2 | V3 on device loop1.
[ 2636.311393] audit: type=1800 audit(1588638838.144:186): pid=25772 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="syz-executor.1" name="file0" dev="sda1" ino=17496 res=0
[ 2636.318682] EXT4-fs (loop4): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[ 2636.366343] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[ 2636.393389] audit: type=1804 audit(1588638838.264:187): pid=25772 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=ToMToU comm="syz-executor.1" name="/root/syzkaller-testdir147527572/syzkaller.fWXSDR/1310/file0" dev="sda1" ino=17496 res=1
[ 2636.449168] Process accounting resumed
00:33:58 executing program 3:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)="0f34", 0x2}], 0x1, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f00000001c0)=""/1, 0x1}], 0x3, 0x0, 0x0, 0x0)
tkill(r0, 0x15)
write$sndseq(0xffffffffffffffff, 0x0, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

00:33:58 executing program 2:
r0 = open(&(0x7f0000000180)='./bus\x00', 0x151042, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f00000005c0)='/proc/sysvipc/sem\x00', 0x0, 0x0)
sendfile(r0, r3, 0x0, 0xd)

00:33:58 executing program 0:
r0 = open(&(0x7f0000000080)='./bus\x00', 0x1410c2, 0x0)
ftruncate(r0, 0x88001)
write$P9_RXATTRCREATE(r0, &(0x7f0000000040)={0x3ba}, 0x7)
r1 = socket(0x11, 0x3, 0x0)
setsockopt$packet_buf(r1, 0x107, 0xf, &(0x7f0000000280)="a933fb23", 0x4)
bind(r1, 0x0, 0x0)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x0, 0x0)
sendfile(r1, r2, 0x0, 0xffffffff010)

00:33:58 executing program 1:
open(&(0x7f0000000200)='./file0\x00', 0x1070c0, 0x0)
syz_mount_image$minix(&(0x7f0000000140)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{0x0, 0x0, 0x400}, {&(0x7f0000000880)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494fcbcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5fe6b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bd89e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb04e4cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e73872540ef4e5aecb0de86dd2a75bee61a9303a332233ff5a259b078a6", 0x326, 0x34f9}], 0x0, 0x0)
acct(&(0x7f0000000480)='./file0\x00')
umount2(&(0x7f0000000500)='./file0\x00', 0x0)

00:33:58 executing program 4:
sendmsg$NL80211_CMD_SET_REG(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="a8003ef3", @ANYRES16, @ANYBLOB="00042dbd7000fddbdf251a0000001c00228008000700020000000800010009000000080002000300000005009200010000001c0022800800040021c10000080003007d000000080003000800000008009a00020000004c0022800800040028000000080005000400000008000700010000000800030001000000084fcd971fdcd15cf93b0007000500000008000500b66800000800050001"], 0xa8}}, 0x0)
r0 = socket$unix(0x1, 0x5, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
sendmsg$AUDIT_GET(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000040), 0xc, 0x0}, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x23, &(0x7f0000000240)=[{&(0x7f00000000c0)="800000003804000019000300e60100606c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0x4db, 0x400}], 0x4801, 0x0)

[ 2636.780195] audit: type=1800 audit(1588638838.654:188): pid=25801 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="syz-executor.1" name="file0" dev="sda1" ino=17488 res=0
00:33:58 executing program 2:
r0 = open(&(0x7f0000000180)='./bus\x00', 0x151042, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f00000005c0)='/proc/sysvipc/sem\x00', 0x0, 0x0)
sendfile(r0, r3, 0x0, 0xe)

[ 2636.818394] audit: type=1804 audit(1588638838.684:189): pid=25802 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir187076671/syzkaller.vDXwRA/1340/bus" dev="sda1" ino=17492 res=1
[ 2636.851742] VFS: Can't find a Minix filesystem V1 | V2 | V3 on device loop1.
[ 2636.894706] audit: type=1804 audit(1588638838.764:190): pid=25801 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=ToMToU comm="syz-executor.1" name="/root/syzkaller-testdir147527572/syzkaller.fWXSDR/1311/file0" dev="sda1" ino=17488 res=1
00:33:58 executing program 0:
r0 = open(&(0x7f0000000080)='./bus\x00', 0x1410c2, 0x0)
ftruncate(r0, 0x88001)
write$P9_RXATTRCREATE(r0, &(0x7f0000000040)={0x3ba}, 0x7)
r1 = socket(0x11, 0x3, 0x0)
setsockopt$packet_buf(r1, 0x107, 0xf, &(0x7f0000000280)="a933fb23", 0x4)
bind(r1, 0x0, 0x0)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x0, 0x0)
sendfile(r1, r2, 0x0, 0xffffffff010)

[ 2636.945175] Process accounting resumed
[ 2636.952947] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[ 2636.995027] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[ 2637.026697] EXT4-fs (loop4): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[ 2637.058977] audit: type=1804 audit(1588638838.924:191): pid=25820 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir187076671/syzkaller.vDXwRA/1341/bus" dev="sda1" ino=17085 res=1
[ 2637.069624] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
00:34:01 executing program 5:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)="0f34", 0x2}], 0x1, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f00000001c0)=""/1, 0x1}], 0x3, 0x0, 0x0, 0x0)
tkill(r0, 0x15)
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0xe7, &(0x7f0000000480)="f71559c80aa4cefd3b79e76a039acbd61caef13fff703cc78e402a21c67dbe3ec9ee6c2a3b818b0000000009eb2b5c9a61000039dfad3ec35ca3dfaa6d0e35475ace78a33eb2b7fcfdd45d247a877bbcdd0307b91e8e05257ee498343d11310dda51e11dc0d92d614498a96fd09b90c0b306ef4fcd32316c48f327739494cfd766e8741d9783e4dc2a1cccb48f7d11a12e7714d3b2ab3f7e145069c031dff4e03cebb733218d3f00c1505b36dae61f9430afbad35132ad1172403fa3de92466d47fa032032453d60b2a1c1080000000000000095c32dd6fb7092e7a73ceffe3f8c450343d34abd"}}], 0x1c)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0xb0530000000000)

00:34:01 executing program 1:
open(&(0x7f0000000200)='./file0\x00', 0x1070c0, 0x0)
syz_mount_image$minix(&(0x7f0000000140)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000040), 0x0, 0x400}, {&(0x7f0000000880)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494fcbcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5fe6b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bd89e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb04e4cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e73872540ef4e5aecb0de86dd2a75bee61a9303a332233ff5a259b078a6", 0x326, 0x34f9}], 0x0, 0x0)
acct(&(0x7f0000000480)='./file0\x00')
umount2(&(0x7f0000000500)='./file0\x00', 0x0)

00:34:01 executing program 2:
r0 = open(&(0x7f0000000180)='./bus\x00', 0x151042, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f00000005c0)='/proc/sysvipc/sem\x00', 0x0, 0x0)
sendfile(r0, r3, 0x0, 0x55)

00:34:01 executing program 0:
r0 = open(&(0x7f0000000080)='./bus\x00', 0x1410c2, 0x0)
ftruncate(r0, 0x88001)
write$P9_RXATTRCREATE(r0, &(0x7f0000000040)={0x3ba}, 0x7)
r1 = socket(0x11, 0x3, 0x0)
setsockopt$packet_buf(r1, 0x107, 0xf, &(0x7f0000000280)="a933fb23", 0x4)
bind(r1, 0x0, 0x0)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x0, 0x0)
sendfile(r1, r2, 0x0, 0xffffffff010)

00:34:01 executing program 4:
sendmsg$NL80211_CMD_SET_REG(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="a8003ef3", @ANYRES16, @ANYBLOB="00042dbd7000fddbdf251a0000001c00228008000700020000000800010009000000080002000300000005009200010000001c0022800800040021c10000080003007d000000080003000800000008009a00020000004c0022800800040028000000080005000400000008000700010000000800030001000000084fcd971fdcd15cf93b0007000500000008000500b66800000800050001"], 0xa8}}, 0x0)
r0 = socket$unix(0x1, 0x5, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
sendmsg$AUDIT_GET(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000040), 0xc, 0x0}, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x23, &(0x7f0000000240)=[{&(0x7f00000000c0)="800000003804000019000300e60100686c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0x4db, 0x400}], 0x4801, 0x0)

[ 2639.284858] audit: type=1800 audit(1588638841.154:192): pid=25833 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="syz-executor.1" name="file0" dev="sda1" ino=17501 res=0
[ 2639.319444] VFS: Can't find a Minix filesystem V1 | V2 | V3 on device loop1.
[ 2639.329033] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[ 2639.367051] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[ 2639.404375] audit: type=1804 audit(1588638841.194:193): pid=25838 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir187076671/syzkaller.vDXwRA/1342/bus" dev="sda1" ino=17504 res=1
[ 2639.428461] EXT4-fs (loop4): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[ 2639.454361] Process accounting resumed
[ 2639.462195] audit: type=1804 audit(1588638841.304:194): pid=25848 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=ToMToU comm="syz-executor.1" name="/root/syzkaller-testdir147527572/syzkaller.fWXSDR/1312/file0" dev="sda1" ino=17501 res=1
[ 2639.499580] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
00:34:01 executing program 3:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)="0f34", 0x2}], 0x1, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f00000001c0)=""/1, 0x1}], 0x3, 0x0, 0x0, 0x0)
tkill(r0, 0x15)
write$sndseq(0xffffffffffffffff, 0x0, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

00:34:01 executing program 2:
r0 = open(&(0x7f0000000180)='./bus\x00', 0x151042, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f00000005c0)='/proc/sysvipc/sem\x00', 0x0, 0x0)
sendfile(r0, r3, 0x0, 0xaa)

00:34:01 executing program 0:
r0 = open(&(0x7f0000000080)='./bus\x00', 0x1410c2, 0x0)
ftruncate(r0, 0x88001)
write$P9_RXATTRCREATE(r0, &(0x7f0000000040)={0x3ba}, 0x7)
r1 = socket(0x11, 0x3, 0x0)
setsockopt$packet_buf(r1, 0x107, 0xf, &(0x7f0000000280)="a933fb23", 0x4)
bind(r1, &(0x7f0000000180)=@generic={0x0, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x0, 0x0)
sendfile(r1, r2, 0x0, 0xffffffff010)

00:34:01 executing program 1:
open(&(0x7f0000000200)='./file0\x00', 0x1070c0, 0x0)
syz_mount_image$minix(&(0x7f0000000140)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000040), 0x0, 0x400}, {&(0x7f0000000880)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494fcbcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5fe6b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bd89e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb04e4cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e73872540ef4e5aecb0de86dd2a75bee61a9303a332233ff5a259b078a6", 0x326, 0x34f9}], 0x0, 0x0)
acct(&(0x7f0000000480)='./file0\x00')
umount2(&(0x7f0000000500)='./file0\x00', 0x0)

00:34:01 executing program 4:
sendmsg$NL80211_CMD_SET_REG(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="a8003ef3", @ANYRES16, @ANYBLOB="00042dbd7000fddbdf251a0000001c00228008000700020000000800010009000000080002000300000005009200010000001c0022800800040021c10000080003007d000000080003000800000008009a00020000004c0022800800040028000000080005000400000008000700010000000800030001000000084fcd971fdcd15cf93b0007000500000008000500b66800000800050001"], 0xa8}}, 0x0)
r0 = socket$unix(0x1, 0x5, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
sendmsg$AUDIT_GET(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000040), 0xc, 0x0}, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x23, &(0x7f0000000240)=[{&(0x7f00000000c0)="800000003804000019000300e601006c6c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0x4db, 0x400}], 0x4801, 0x0)

[ 2639.834764] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[ 2639.848482] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[ 2639.858531] EXT4-fs (loop4): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[ 2639.869207] VFS: Can't find a Minix filesystem V1 | V2 | V3 on device loop1.
[ 2639.870941] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
00:34:01 executing program 0:
r0 = open(&(0x7f0000000080)='./bus\x00', 0x1410c2, 0x0)
ftruncate(r0, 0x88001)
write$P9_RXATTRCREATE(r0, &(0x7f0000000040)={0x3ba}, 0x7)
r1 = socket(0x11, 0x3, 0x0)
setsockopt$packet_buf(r1, 0x107, 0xf, &(0x7f0000000280)="a933fb23", 0x4)
bind(r1, &(0x7f0000000180)=@generic={0x0, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x0, 0x0)
sendfile(r1, r2, 0x0, 0xffffffff010)

00:34:01 executing program 2:
r0 = open(&(0x7f0000000180)='./bus\x00', 0x151042, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f00000005c0)='/proc/sysvipc/sem\x00', 0x0, 0x0)
sendfile(r0, r3, 0x0, 0x154)

[ 2639.997358] Process accounting resumed
00:34:04 executing program 5:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)="0f34", 0x2}], 0x1, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f00000001c0)=""/1, 0x1}], 0x3, 0x0, 0x0, 0x0)
tkill(r0, 0x15)
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0xe7, &(0x7f0000000480)="f71559c80aa4cefd3b79e76a039acbd61caef13fff703cc78e402a21c67dbe3ec9ee6c2a3b818b0000000009eb2b5c9a61000039dfad3ec35ca3dfaa6d0e35475ace78a33eb2b7fcfdd45d247a877bbcdd0307b91e8e05257ee498343d11310dda51e11dc0d92d614498a96fd09b90c0b306ef4fcd32316c48f327739494cfd766e8741d9783e4dc2a1cccb48f7d11a12e7714d3b2ab3f7e145069c031dff4e03cebb733218d3f00c1505b36dae61f9430afbad35132ad1172403fa3de92466d47fa032032453d60b2a1c1080000000000000095c32dd6fb7092e7a73ceffe3f8c450343d34abd"}}], 0x1c)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0xf0ffffff7f0000)

00:34:04 executing program 4:
sendmsg$NL80211_CMD_SET_REG(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="a8003ef3", @ANYRES16, @ANYBLOB="00042dbd7000fddbdf251a0000001c00228008000700020000000800010009000000080002000300000005009200010000001c0022800800040021c10000080003007d000000080003000800000008009a00020000004c0022800800040028000000080005000400000008000700010000000800030001000000084fcd971fdcd15cf93b0007000500000008000500b66800000800050001"], 0xa8}}, 0x0)
r0 = socket$unix(0x1, 0x5, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
sendmsg$AUDIT_GET(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000040), 0xc, 0x0}, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x23, &(0x7f0000000240)=[{&(0x7f00000000c0)="800000003804000019000300e60100746c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0x4db, 0x400}], 0x4801, 0x0)

00:34:04 executing program 1:
open(&(0x7f0000000200)='./file0\x00', 0x1070c0, 0x0)
syz_mount_image$minix(&(0x7f0000000140)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000040), 0x0, 0x400}, {&(0x7f0000000880)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494fcbcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5fe6b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bd89e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb04e4cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e73872540ef4e5aecb0de86dd2a75bee61a9303a332233ff5a259b078a6", 0x326, 0x34f9}], 0x0, 0x0)
acct(&(0x7f0000000480)='./file0\x00')
umount2(&(0x7f0000000500)='./file0\x00', 0x0)

00:34:04 executing program 2:
r0 = open(&(0x7f0000000180)='./bus\x00', 0x151042, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f00000005c0)='/proc/sysvipc/sem\x00', 0x0, 0x0)
sendfile(r0, r3, 0x0, 0x1a9)

00:34:04 executing program 0:
r0 = open(&(0x7f0000000080)='./bus\x00', 0x1410c2, 0x0)
ftruncate(r0, 0x88001)
write$P9_RXATTRCREATE(r0, &(0x7f0000000040)={0x3ba}, 0x7)
r1 = socket(0x11, 0x3, 0x0)
setsockopt$packet_buf(r1, 0x107, 0xf, &(0x7f0000000280)="a933fb23", 0x4)
bind(r1, &(0x7f0000000180)=@generic={0x0, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x0, 0x0)
sendfile(r1, r2, 0x0, 0xffffffff010)

[ 2642.308698] kauditd_printk_skb: 4 callbacks suppressed
[ 2642.308710] audit: type=1800 audit(1588638844.174:199): pid=25897 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="syz-executor.1" name="file0" dev="sda1" ino=16024 res=0
[ 2642.345613] VFS: Can't find a Minix filesystem V1 | V2 | V3 on device loop1.
[ 2642.360994] audit: type=1804 audit(1588638844.234:200): pid=25898 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir187076671/syzkaller.vDXwRA/1345/bus" dev="sda1" ino=16146 res=1
[ 2642.411231] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[ 2642.417763] audit: type=1804 audit(1588638844.274:201): pid=25897 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=ToMToU comm="syz-executor.1" name="/root/syzkaller-testdir147527572/syzkaller.fWXSDR/1314/file0" dev="sda1" ino=16024 res=1
[ 2642.438014] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[ 2642.483387] EXT4-fs (loop4): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[ 2642.507786] Process accounting resumed
[ 2642.530259] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
00:34:04 executing program 3:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)="0f34", 0x2}], 0x1, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f00000001c0)=""/1, 0x1}], 0x3, 0x0, 0x0, 0x0)
tkill(r0, 0x15)
write$sndseq(0xffffffffffffffff, 0x0, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

00:34:04 executing program 2:
r0 = open(&(0x7f0000000180)='./bus\x00', 0x151042, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f00000005c0)='/proc/sysvipc/sem\x00', 0x0, 0x0)
sendfile(r0, r3, 0x0, 0x1fe)

00:34:04 executing program 0:
r0 = open(&(0x7f0000000080)='./bus\x00', 0x1410c2, 0x0)
ftruncate(r0, 0x88001)
write$P9_RXATTRCREATE(r0, &(0x7f0000000040)={0x3ba}, 0x7)
r1 = socket(0x11, 0x3, 0x0)
setsockopt$packet_buf(r1, 0x107, 0xf, &(0x7f0000000280)="a933fb23", 0x4)
bind(r1, &(0x7f0000000180)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80)
r2 = open(0x0, 0x0, 0x0)
sendfile(r1, r2, 0x0, 0xffffffff010)

00:34:04 executing program 1:
open(&(0x7f0000000200)='./file0\x00', 0x1070c0, 0x0)
syz_mount_image$minix(&(0x7f0000000140)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000040)="600084e002000a0000", 0x9, 0x400}, {&(0x7f0000000880)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494fcbcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5fe6b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bd89e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb04e4cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e73872540ef4e5aecb0de86dd2a75bee61a9303a332233ff5a259b078a6", 0x326, 0x34f9}], 0x0, 0x0)
acct(&(0x7f0000000480)='./file0\x00')
umount2(&(0x7f0000000500)='./file0\x00', 0x0)

00:34:04 executing program 4:
sendmsg$NL80211_CMD_SET_REG(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="a8003ef3", @ANYRES16, @ANYBLOB="00042dbd7000fddbdf251a0000001c00228008000700020000000800010009000000080002000300000005009200010000001c0022800800040021c10000080003007d000000080003000800000008009a00020000004c0022800800040028000000080005000400000008000700010000000800030001000000084fcd971fdcd15cf93b0007000500000008000500b66800000800050001"], 0xa8}}, 0x0)
r0 = socket$unix(0x1, 0x5, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
sendmsg$AUDIT_GET(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000040), 0xc, 0x0}, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x23, &(0x7f0000000240)=[{&(0x7f00000000c0)="800000003804000019000300e601007a6c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0x4db, 0x400}], 0x4801, 0x0)

[ 2642.836376] audit: type=1800 audit(1588638844.704:202): pid=25932 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="syz-executor.1" name="file0" dev="sda1" ino=16177 res=0
[ 2642.863572] VFS: Can't find a Minix filesystem V1 | V2 | V3 on device loop1.
00:34:04 executing program 2:
r0 = open(&(0x7f0000000180)='./bus\x00', 0x151042, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f00000005c0)='/proc/sysvipc/sem\x00', 0x0, 0x0)
sendfile(r0, r3, 0x0, 0x253)

[ 2642.878175] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
00:34:04 executing program 0:
r0 = open(&(0x7f0000000080)='./bus\x00', 0x1410c2, 0x0)
ftruncate(r0, 0x88001)
write$P9_RXATTRCREATE(r0, &(0x7f0000000040)={0x3ba}, 0x7)
r1 = socket(0x11, 0x3, 0x0)
setsockopt$packet_buf(r1, 0x107, 0xf, &(0x7f0000000280)="a933fb23", 0x4)
bind(r1, &(0x7f0000000180)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80)
r2 = open(0x0, 0x0, 0x0)
sendfile(r1, r2, 0x0, 0xffffffff010)

[ 2642.921117] audit: type=1804 audit(1588638844.764:203): pid=25932 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=ToMToU comm="syz-executor.1" name="/root/syzkaller-testdir147527572/syzkaller.fWXSDR/1315/file0" dev="sda1" ino=16177 res=1
[ 2642.953551] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[ 2642.993050] Process accounting resumed
[ 2643.003288] EXT4-fs (loop4): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[ 2643.068704] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
00:34:07 executing program 5:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)="0f34", 0x2}], 0x1, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f00000001c0)=""/1, 0x1}], 0x3, 0x0, 0x0, 0x0)
tkill(r0, 0x15)
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0xe7, &(0x7f0000000480)="f71559c80aa4cefd3b79e76a039acbd61caef13fff703cc78e402a21c67dbe3ec9ee6c2a3b818b0000000009eb2b5c9a61000039dfad3ec35ca3dfaa6d0e35475ace78a33eb2b7fcfdd45d247a877bbcdd0307b91e8e05257ee498343d11310dda51e11dc0d92d614498a96fd09b90c0b306ef4fcd32316c48f327739494cfd766e8741d9783e4dc2a1cccb48f7d11a12e7714d3b2ab3f7e145069c031dff4e03cebb733218d3f00c1505b36dae61f9430afbad35132ad1172403fa3de92466d47fa032032453d60b2a1c1080000000000000095c32dd6fb7092e7a73ceffe3f8c450343d34abd"}}], 0x1c)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x100000000000000)

00:34:07 executing program 1:
open(&(0x7f0000000200)='./file0\x00', 0x1070c0, 0x0)
syz_mount_image$minix(&(0x7f0000000140)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000040)="600084e002000a0000", 0x9, 0x400}, {&(0x7f0000000880)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494fcbcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5fe6b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bd89e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb04e4cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e73872540ef4e5aecb0de86dd2a75bee61a9303a332233ff5a259b078a6", 0x326, 0x34f9}], 0x0, 0x0)
acct(&(0x7f0000000480)='./file0\x00')
umount2(&(0x7f0000000500)='./file0\x00', 0x0)

00:34:07 executing program 2:
r0 = open(&(0x7f0000000180)='./bus\x00', 0x151042, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f00000005c0)='/proc/sysvipc/sem\x00', 0x0, 0x0)
sendfile(r0, r3, 0x0, 0x300)

00:34:07 executing program 4:
sendmsg$NL80211_CMD_SET_REG(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="a8003ef3", @ANYRES16, @ANYBLOB="00042dbd7000fddbdf251a0000001c00228008000700020000000800010009000000080002000300000005009200010000001c0022800800040021c10000080003007d000000080003000800000008009a00020000004c0022800800040028000000080005000400000008000700010000000800030001000000084fcd971fdcd15cf93b0007000500000008000500b66800000800050001"], 0xa8}}, 0x0)
r0 = socket$unix(0x1, 0x5, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
sendmsg$AUDIT_GET(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000040), 0xc, 0x0}, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x23, &(0x7f0000000240)=[{&(0x7f00000000c0)="800000003804000019000300e601000075000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0x4db, 0x400}], 0x4801, 0x0)

00:34:07 executing program 0:
r0 = open(&(0x7f0000000080)='./bus\x00', 0x1410c2, 0x0)
ftruncate(r0, 0x88001)
write$P9_RXATTRCREATE(r0, &(0x7f0000000040)={0x3ba}, 0x7)
r1 = socket(0x11, 0x3, 0x0)
setsockopt$packet_buf(r1, 0x107, 0xf, &(0x7f0000000280)="a933fb23", 0x4)
bind(r1, &(0x7f0000000180)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80)
r2 = open(0x0, 0x0, 0x0)
sendfile(r1, r2, 0x0, 0xffffffff010)

[ 2645.404261] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[ 2645.416691] audit: type=1800 audit(1588638847.284:204): pid=25970 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="syz-executor.1" name="file0" dev="sda1" ino=16357 res=0
[ 2645.418916] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[ 2645.451127] VFS: Can't find a Minix filesystem V1 | V2 | V3 on device loop1.
[ 2645.469088] EXT4-fs (loop4): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[ 2645.491331] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[ 2645.522435] audit: type=1804 audit(1588638847.394:205): pid=25980 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=ToMToU comm="syz-executor.1" name="/root/syzkaller-testdir147527572/syzkaller.fWXSDR/1316/file0" dev="sda1" ino=16357 res=1
[ 2645.572839] Process accounting resumed
00:34:07 executing program 3:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)="0f34", 0x2}], 0x1, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f00000001c0)=""/1, 0x1}], 0x3, 0x0, 0x0, 0x0)
tkill(r0, 0x15)
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0), 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

00:34:07 executing program 2:
r0 = open(&(0x7f0000000180)='./bus\x00', 0x151042, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f00000005c0)='/proc/sysvipc/sem\x00', 0x0, 0x0)
sendfile(r0, r3, 0x0, 0x3f7)

00:34:07 executing program 0:
r0 = open(&(0x7f0000000080)='./bus\x00', 0x1410c2, 0x0)
ftruncate(r0, 0x88001)
write$P9_RXATTRCREATE(r0, &(0x7f0000000040)={0x3ba}, 0x7)
r1 = socket(0x11, 0x3, 0x0)
setsockopt$packet_buf(r1, 0x107, 0xf, &(0x7f0000000280)="a933fb23", 0x4)
bind(r1, &(0x7f0000000180)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x0, 0x0)
sendfile(0xffffffffffffffff, r2, 0x0, 0xffffffff010)

00:34:07 executing program 1:
open(&(0x7f0000000200)='./file0\x00', 0x1070c0, 0x0)
syz_mount_image$minix(&(0x7f0000000140)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000040)="600084e002000a0000", 0x9, 0x400}, {&(0x7f0000000880)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494fcbcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5fe6b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bd89e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb04e4cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e73872540ef4e5aecb0de86dd2a75bee61a9303a332233ff5a259b078a6", 0x326, 0x34f9}], 0x0, 0x0)
acct(&(0x7f0000000480)='./file0\x00')
umount2(&(0x7f0000000500)='./file0\x00', 0x0)

00:34:07 executing program 4:
sendmsg$NL80211_CMD_SET_REG(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="a8003ef3", @ANYRES16, @ANYBLOB="00042dbd7000fddbdf251a0000001c00228008000700020000000800010009000000080002000300000005009200010000001c0022800800040021c10000080003007d000000080003000800000008009a00020000004c0022800800040028000000080005000400000008000700010000000800030001000000084fcd971fdcd15cf93b0007000500000008000500b66800000800050001"], 0xa8}}, 0x0)
r0 = socket$unix(0x1, 0x5, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
sendmsg$AUDIT_GET(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000040), 0xc, 0x0}, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x23, &(0x7f0000000240)=[{&(0x7f00000000c0)="800000003804000019000300e60100000a000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0x4db, 0x400}], 0x4801, 0x0)

[ 2645.878200] audit: type=1800 audit(1588638847.744:206): pid=25997 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="syz-executor.1" name="file0" dev="sda1" ino=16401 res=0
[ 2645.898748] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[ 2645.921318] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[ 2645.923486] VFS: Can't find a Minix filesystem V1 | V2 | V3 on device loop1.
00:34:07 executing program 2:
r0 = open(&(0x7f0000000180)='./bus\x00', 0x151042, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f00000005c0)='/proc/sysvipc/sem\x00', 0x0, 0x0)
sendfile(r0, r3, 0x0, 0x402)

00:34:07 executing program 0:
r0 = open(&(0x7f0000000080)='./bus\x00', 0x1410c2, 0x0)
ftruncate(r0, 0x88001)
write$P9_RXATTRCREATE(r0, &(0x7f0000000040)={0x3ba}, 0x7)
r1 = socket(0x11, 0x3, 0x0)
setsockopt$packet_buf(r1, 0x107, 0xf, &(0x7f0000000280)="a933fb23", 0x4)
bind(r1, &(0x7f0000000180)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x0, 0x0)
sendfile(0xffffffffffffffff, r2, 0x0, 0xffffffff010)

[ 2645.958692] audit: type=1804 audit(1588638847.784:207): pid=25995 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir187076671/syzkaller.vDXwRA/1349/bus" dev="sda1" ino=16393 res=1
[ 2645.963590] EXT4-fs (loop4): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[ 2646.033674] Process accounting resumed
[ 2646.091103] audit: type=1804 audit(1588638847.874:208): pid=25997 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=ToMToU comm="syz-executor.1" name="/root/syzkaller-testdir147527572/syzkaller.fWXSDR/1317/file0" dev="sda1" ino=16401 res=1
[ 2646.123033] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
00:34:10 executing program 5:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)="0f34", 0x2}], 0x1, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f00000001c0)=""/1, 0x1}], 0x3, 0x0, 0x0, 0x0)
tkill(r0, 0x15)
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0xe7, &(0x7f0000000480)="f71559c80aa4cefd3b79e76a039acbd61caef13fff703cc78e402a21c67dbe3ec9ee6c2a3b818b0000000009eb2b5c9a61000039dfad3ec35ca3dfaa6d0e35475ace78a33eb2b7fcfdd45d247a877bbcdd0307b91e8e05257ee498343d11310dda51e11dc0d92d614498a96fd09b90c0b306ef4fcd32316c48f327739494cfd766e8741d9783e4dc2a1cccb48f7d11a12e7714d3b2ab3f7e145069c031dff4e03cebb733218d3f00c1505b36dae61f9430afbad35132ad1172403fa3de92466d47fa032032453d60b2a1c1080000000000000095c32dd6fb7092e7a73ceffe3f8c450343d34abd"}}], 0x1c)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0xe00000000000000)

00:34:10 executing program 1:
open(&(0x7f0000000200)='./file0\x00', 0x1070c0, 0x0)
syz_mount_image$minix(&(0x7f0000000140)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000040)="600084e002000a00000000010000", 0xe, 0x400}, {&(0x7f0000000880)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494fcbcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5fe6b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bd89e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb04e4cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e73872540ef4e5aecb0de86dd2a75bee61a9303a332233ff5a259b078a6", 0x326, 0x34f9}], 0x0, 0x0)
acct(&(0x7f0000000480)='./file0\x00')
umount2(&(0x7f0000000500)='./file0\x00', 0x0)

00:34:10 executing program 2:
r0 = open(&(0x7f0000000180)='./bus\x00', 0x151042, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f00000005c0)='/proc/sysvipc/sem\x00', 0x0, 0x0)
sendfile(r0, r3, 0x0, 0x403)

00:34:10 executing program 4:
sendmsg$NL80211_CMD_SET_REG(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="a8003ef3", @ANYRES16, @ANYBLOB="00042dbd7000fddbdf251a0000001c00228008000700020000000800010009000000080002000300000005009200010000001c0022800800040021c10000080003007d000000080003000800000008009a00020000004c0022800800040028000000080005000400000008000700010000000800030001000000084fcd971fdcd15cf93b0007000500000008000500b66800000800050001"], 0xa8}}, 0x0)
r0 = socket$unix(0x1, 0x5, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
sendmsg$AUDIT_GET(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000040), 0xc, 0x0}, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x23, &(0x7f0000000240)=[{&(0x7f00000000c0)="800000003804000019000300e601000025000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0x4db, 0x400}], 0x4801, 0x0)

00:34:10 executing program 0:
r0 = open(&(0x7f0000000080)='./bus\x00', 0x1410c2, 0x0)
ftruncate(r0, 0x88001)
write$P9_RXATTRCREATE(r0, &(0x7f0000000040)={0x3ba}, 0x7)
r1 = socket(0x11, 0x3, 0x0)
setsockopt$packet_buf(r1, 0x107, 0xf, &(0x7f0000000280)="a933fb23", 0x4)
bind(r1, &(0x7f0000000180)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x0, 0x0)
sendfile(0xffffffffffffffff, r2, 0x0, 0xffffffff010)

[ 2648.398117] kauditd_printk_skb: 1 callbacks suppressed
[ 2648.398129] audit: type=1800 audit(1588638850.264:210): pid=26022 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="syz-executor.1" name="file0" dev="sda1" ino=16329 res=0
[ 2648.438674] VFS: Can't find a Minix filesystem V1 | V2 | V3 on device loop1.
[ 2648.455777] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[ 2648.480285] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[ 2648.492331] audit: type=1804 audit(1588638850.364:211): pid=26033 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir187076671/syzkaller.vDXwRA/1351/bus" dev="sda1" ino=16609 res=1
[ 2648.505305] EXT4-fs (loop4): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[ 2648.555818] audit: type=1804 audit(1588638850.394:212): pid=26046 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=ToMToU comm="syz-executor.1" name="/root/syzkaller-testdir147527572/syzkaller.fWXSDR/1318/file0" dev="sda1" ino=16329 res=1
[ 2648.608458] Process accounting resumed
[ 2648.624016] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
00:34:10 executing program 3:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)="0f34", 0x2}], 0x1, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f00000001c0)=""/1, 0x1}], 0x3, 0x0, 0x0, 0x0)
tkill(r0, 0x15)
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0), 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

00:34:10 executing program 2:
r0 = open(&(0x7f0000000180)='./bus\x00', 0x151042, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f00000005c0)='/proc/sysvipc/sem\x00', 0x0, 0x0)
sendfile(r0, r3, 0x0, 0x404)

00:34:10 executing program 0:
r0 = open(&(0x7f0000000080)='./bus\x00', 0x1410c2, 0x0)
ftruncate(r0, 0x88001)
write$P9_RXATTRCREATE(r0, &(0x7f0000000040)={0x3ba}, 0x7)
r1 = socket(0x11, 0x3, 0x0)
setsockopt$packet_buf(r1, 0x107, 0xf, &(0x7f0000000280)="a933fb23", 0x4)
bind(r1, &(0x7f0000000180)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80)
open(&(0x7f00000000c0)='./bus\x00', 0x0, 0x0)
sendfile(r1, 0xffffffffffffffff, 0x0, 0xffffffff010)

00:34:10 executing program 1:
open(&(0x7f0000000200)='./file0\x00', 0x1070c0, 0x0)
syz_mount_image$minix(&(0x7f0000000140)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000040)="600084e002000a00000000010000", 0xe, 0x400}, {&(0x7f0000000880)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494fcbcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5fe6b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bd89e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb04e4cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e73872540ef4e5aecb0de86dd2a75bee61a9303a332233ff5a259b078a6", 0x326, 0x34f9}], 0x0, 0x0)
acct(&(0x7f0000000480)='./file0\x00')
umount2(&(0x7f0000000500)='./file0\x00', 0x0)

00:34:10 executing program 4:
sendmsg$NL80211_CMD_SET_REG(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="a8003ef3", @ANYRES16, @ANYBLOB="00042dbd7000fddbdf251a0000001c00228008000700020000000800010009000000080002000300000005009200010000001c0022800800040021c10000080003007d000000080003000800000008009a00020000004c0022800800040028000000080005000400000008000700010000000800030001000000084fcd971fdcd15cf93b0007000500000008000500b66800000800050001"], 0xa8}}, 0x0)
r0 = socket$unix(0x1, 0x5, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
sendmsg$AUDIT_GET(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000040), 0xc, 0x0}, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x23, &(0x7f0000000240)=[{&(0x7f00000000c0)="800000003804000019000300e60100002e000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0x4db, 0x400}], 0x4801, 0x0)

[ 2648.913706] audit: type=1800 audit(1588638850.784:213): pid=26061 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="syz-executor.1" name="file0" dev="sda1" ino=16484 res=0
[ 2648.917907] VFS: Can't find a Minix filesystem V1 | V2 | V3 on device loop1.
[ 2648.962727] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[ 2648.985680] audit: type=1804 audit(1588638850.824:214): pid=26065 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir187076671/syzkaller.vDXwRA/1352/bus" dev="sda1" ino=16498 res=1
00:34:10 executing program 0:
r0 = open(&(0x7f0000000080)='./bus\x00', 0x1410c2, 0x0)
ftruncate(r0, 0x88001)
write$P9_RXATTRCREATE(r0, &(0x7f0000000040)={0x3ba}, 0x7)
r1 = socket(0x11, 0x3, 0x0)
setsockopt$packet_buf(r1, 0x107, 0xf, &(0x7f0000000280)="a933fb23", 0x4)
bind(r1, &(0x7f0000000180)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80)
open(&(0x7f00000000c0)='./bus\x00', 0x0, 0x0)
sendfile(r1, 0xffffffffffffffff, 0x0, 0xffffffff010)

00:34:10 executing program 2:
r0 = open(&(0x7f0000000180)='./bus\x00', 0x151042, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f00000005c0)='/proc/sysvipc/sem\x00', 0x0, 0x0)
sendfile(r0, r3, 0x0, 0x405)

[ 2648.998853] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[ 2649.065257] audit: type=1804 audit(1588638850.904:215): pid=26077 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=ToMToU comm="syz-executor.1" name="/root/syzkaller-testdir147527572/syzkaller.fWXSDR/1319/file0" dev="sda1" ino=16484 res=1
[ 2649.067555] EXT4-fs (loop4): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[ 2649.108246] audit: type=1804 audit(1588638850.974:216): pid=26079 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir187076671/syzkaller.vDXwRA/1353/bus" dev="sda1" ino=16290 res=1
[ 2649.157534] Process accounting resumed
[ 2649.157859] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
00:34:13 executing program 5:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)="0f34", 0x2}], 0x1, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f00000001c0)=""/1, 0x1}], 0x3, 0x0, 0x0, 0x0)
tkill(r0, 0x15)
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0xe7, &(0x7f0000000480)="f71559c80aa4cefd3b79e76a039acbd61caef13fff703cc78e402a21c67dbe3ec9ee6c2a3b818b0000000009eb2b5c9a61000039dfad3ec35ca3dfaa6d0e35475ace78a33eb2b7fcfdd45d247a877bbcdd0307b91e8e05257ee498343d11310dda51e11dc0d92d614498a96fd09b90c0b306ef4fcd32316c48f327739494cfd766e8741d9783e4dc2a1cccb48f7d11a12e7714d3b2ab3f7e145069c031dff4e03cebb733218d3f00c1505b36dae61f9430afbad35132ad1172403fa3de92466d47fa032032453d60b2a1c1080000000000000095c32dd6fb7092e7a73ceffe3f8c450343d34abd"}}], 0x1c)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x3f00000000000000)

00:34:13 executing program 1:
open(&(0x7f0000000200)='./file0\x00', 0x1070c0, 0x0)
syz_mount_image$minix(&(0x7f0000000140)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000040)="600084e002000a00000000010000", 0xe, 0x400}, {&(0x7f0000000880)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494fcbcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5fe6b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bd89e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb04e4cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e73872540ef4e5aecb0de86dd2a75bee61a9303a332233ff5a259b078a6", 0x326, 0x34f9}], 0x0, 0x0)
acct(&(0x7f0000000480)='./file0\x00')
umount2(&(0x7f0000000500)='./file0\x00', 0x0)

00:34:13 executing program 0:
r0 = open(&(0x7f0000000080)='./bus\x00', 0x1410c2, 0x0)
ftruncate(r0, 0x88001)
write$P9_RXATTRCREATE(r0, &(0x7f0000000040)={0x3ba}, 0x7)
r1 = socket(0x11, 0x3, 0x0)
setsockopt$packet_buf(r1, 0x107, 0xf, &(0x7f0000000280)="a933fb23", 0x4)
bind(r1, &(0x7f0000000180)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80)
open(&(0x7f00000000c0)='./bus\x00', 0x0, 0x0)
sendfile(r1, 0xffffffffffffffff, 0x0, 0xffffffff010)

00:34:13 executing program 2:
r0 = open(&(0x7f0000000180)='./bus\x00', 0x151042, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f00000005c0)='/proc/sysvipc/sem\x00', 0x0, 0x0)
sendfile(r0, r3, 0x0, 0x406)

00:34:13 executing program 4:
sendmsg$NL80211_CMD_SET_REG(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="a8003ef3", @ANYRES16, @ANYBLOB="00042dbd7000fddbdf251a0000001c00228008000700020000000800010009000000080002000300000005009200010000001c0022800800040021c10000080003007d000000080003000800000008009a00020000004c0022800800040028000000080005000400000008000700010000000800030001000000084fcd971fdcd15cf93b0007000500000008000500b66800000800050001"], 0xa8}}, 0x0)
r0 = socket$unix(0x1, 0x5, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
sendmsg$AUDIT_GET(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000040), 0xc, 0x0}, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x23, &(0x7f0000000240)=[{&(0x7f00000000c0)="800000003804000019000300e60100002f000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0x4db, 0x400}], 0x4801, 0x0)

[ 2651.497323] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[ 2651.503461] audit: type=1804 audit(1588638853.364:217): pid=26094 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir187076671/syzkaller.vDXwRA/1354/bus" dev="sda1" ino=16644 res=1
[ 2651.512085] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[ 2651.551005] EXT4-fs (loop4): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[ 2651.580242] VFS: Can't find a Minix filesystem V1 | V2 | V3 on device loop1.
[ 2651.592530] audit: type=1800 audit(1588638853.424:218): pid=26099 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="syz-executor.1" name="file0" dev="sda1" ino=16673 res=0
[ 2651.628566] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[ 2651.674898] audit: type=1804 audit(1588638853.544:219): pid=26115 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=ToMToU comm="syz-executor.1" name="/root/syzkaller-testdir147527572/syzkaller.fWXSDR/1320/file0" dev="sda1" ino=16673 res=1
[ 2651.747480] Process accounting resumed
00:34:13 executing program 3:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)="0f34", 0x2}], 0x1, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f00000001c0)=""/1, 0x1}], 0x3, 0x0, 0x0, 0x0)
tkill(r0, 0x15)
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0), 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

00:34:13 executing program 2:
r0 = open(&(0x7f0000000180)='./bus\x00', 0x151042, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f00000005c0)='/proc/sysvipc/sem\x00', 0x0, 0x0)
sendfile(r0, r3, 0x0, 0x407)

00:34:13 executing program 0:
r0 = open(&(0x7f0000000080)='./bus\x00', 0x1410c2, 0x0)
ftruncate(r0, 0x88001)
write$P9_RXATTRCREATE(r0, &(0x7f0000000040)={0x3ba}, 0x7)
r1 = socket(0x11, 0x3, 0x0)
setsockopt$packet_buf(r1, 0x107, 0xf, &(0x7f0000000280)="a933fb23", 0x4)
bind(r1, &(0x7f0000000180)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x0, 0x0)
sendfile(r1, r2, 0x0, 0x0)

00:34:13 executing program 4:
sendmsg$NL80211_CMD_SET_REG(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="a8003ef3", @ANYRES16, @ANYBLOB="00042dbd7000fddbdf251a0000001c00228008000700020000000800010009000000080002000300000005009200010000001c0022800800040021c10000080003007d000000080003000800000008009a00020000004c0022800800040028000000080005000400000008000700010000000800030001000000084fcd971fdcd15cf93b0007000500000008000500b66800000800050001"], 0xa8}}, 0x0)
r0 = socket$unix(0x1, 0x5, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
sendmsg$AUDIT_GET(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000040), 0xc, 0x0}, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x23, &(0x7f0000000240)=[{&(0x7f00000000c0)="800000003804000019000300e60100004c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0x4db, 0x400}], 0x4801, 0x0)

00:34:13 executing program 1:
open(&(0x7f0000000200)='./file0\x00', 0x1070c0, 0x0)
syz_mount_image$minix(&(0x7f0000000140)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000040)="600084e002000a0000000001000000c9", 0x10, 0x400}, {&(0x7f0000000880)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494fcbcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5fe6b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bd89e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb04e4cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e73872540ef4e5aecb0de86dd2a75bee61a9303a332233ff5a259b078a6", 0x326, 0x34f9}], 0x0, 0x0)
acct(&(0x7f0000000480)='./file0\x00')
umount2(&(0x7f0000000500)='./file0\x00', 0x0)

[ 2651.982396] VFS: Can't find a Minix filesystem V1 | V2 | V3 on device loop1.
[ 2651.991889] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
00:34:13 executing program 0:
r0 = open(&(0x7f0000000080)='./bus\x00', 0x1410c2, 0x0)
ftruncate(r0, 0x88001)
write$P9_RXATTRCREATE(r0, &(0x7f0000000040)={0x3ba}, 0x7)
r1 = socket(0x11, 0x3, 0x0)
setsockopt$packet_buf(r1, 0x107, 0xf, &(0x7f0000000280)="a933fb23", 0x4)
bind(r1, &(0x7f0000000180)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x0, 0x0)
sendfile(r1, r2, 0x0, 0x0)

00:34:13 executing program 2:
r0 = open(&(0x7f0000000180)='./bus\x00', 0x151042, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f00000005c0)='/proc/sysvipc/sem\x00', 0x0, 0x0)
sendfile(r0, r3, 0x0, 0x408)

[ 2652.038489] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[ 2652.093346] EXT4-fs (loop4): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[ 2652.107773] Process accounting resumed
[ 2652.120837] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
00:34:16 executing program 4:
sendmsg$NL80211_CMD_SET_REG(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="a8003ef3", @ANYRES16, @ANYBLOB="00042dbd7000fddbdf251a0000001c00228008000700020000000800010009000000080002000300000005009200010000001c0022800800040021c10000080003007d000000080003000800000008009a00020000004c0022800800040028000000080005000400000008000700010000000800030001000000084fcd971fdcd15cf93b0007000500000008000500b66800000800050001"], 0xa8}}, 0x0)
r0 = socket$unix(0x1, 0x5, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
sendmsg$AUDIT_GET(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000040), 0xc, 0x0}, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x23, &(0x7f0000000240)=[{&(0x7f00000000c0)="800000003804000019000300e601000075000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0x4db, 0x400}], 0x4801, 0x0)

00:34:16 executing program 5:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)="0f34", 0x2}], 0x1, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f00000001c0)=""/1, 0x1}], 0x3, 0x0, 0x0, 0x0)
tkill(r0, 0x15)
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0xe7, &(0x7f0000000480)="f71559c80aa4cefd3b79e76a039acbd61caef13fff703cc78e402a21c67dbe3ec9ee6c2a3b818b0000000009eb2b5c9a61000039dfad3ec35ca3dfaa6d0e35475ace78a33eb2b7fcfdd45d247a877bbcdd0307b91e8e05257ee498343d11310dda51e11dc0d92d614498a96fd09b90c0b306ef4fcd32316c48f327739494cfd766e8741d9783e4dc2a1cccb48f7d11a12e7714d3b2ab3f7e145069c031dff4e03cebb733218d3f00c1505b36dae61f9430afbad35132ad1172403fa3de92466d47fa032032453d60b2a1c1080000000000000095c32dd6fb7092e7a73ceffe3f8c450343d34abd"}}], 0x1c)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x8000000000000000)

00:34:16 executing program 1:
open(&(0x7f0000000200)='./file0\x00', 0x1070c0, 0x0)
syz_mount_image$minix(&(0x7f0000000140)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000040)="600084e002000a0000000001000000c9", 0x10, 0x400}, {&(0x7f0000000880)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494fcbcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5fe6b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bd89e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb04e4cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e73872540ef4e5aecb0de86dd2a75bee61a9303a332233ff5a259b078a6", 0x326, 0x34f9}], 0x0, 0x0)
acct(&(0x7f0000000480)='./file0\x00')
umount2(&(0x7f0000000500)='./file0\x00', 0x0)

00:34:16 executing program 2:
r0 = open(&(0x7f0000000180)='./bus\x00', 0x151042, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f00000005c0)='/proc/sysvipc/sem\x00', 0x0, 0x0)
sendfile(r0, r3, 0x0, 0x409)

00:34:16 executing program 0:
r0 = open(&(0x7f0000000080)='./bus\x00', 0x1410c2, 0x0)
ftruncate(r0, 0x88001)
write$P9_RXATTRCREATE(r0, &(0x7f0000000040)={0x3ba}, 0x7)
r1 = socket(0x11, 0x3, 0x0)
setsockopt$packet_buf(r1, 0x107, 0xf, &(0x7f0000000280)="a933fb23", 0x4)
bind(r1, &(0x7f0000000180)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x0, 0x0)
sendfile(r1, r2, 0x0, 0x0)

[ 2654.597630] kauditd_printk_skb: 4 callbacks suppressed
[ 2654.597643] audit: type=1800 audit(1588638856.464:224): pid=26153 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="syz-executor.1" name="file0" dev="sda1" ino=16898 res=0
[ 2654.624967] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[ 2654.639610] VFS: Can't find a Minix filesystem V1 | V2 | V3 on device loop1.
[ 2654.643316] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[ 2654.664254] audit: type=1804 audit(1588638856.534:225): pid=26159 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir187076671/syzkaller.vDXwRA/1357/bus" dev="sda1" ino=16947 res=1
[ 2654.686338] EXT4-fs (loop4): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[ 2654.717813] audit: type=1804 audit(1588638856.584:226): pid=26153 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=ToMToU comm="syz-executor.1" name="/root/syzkaller-testdir147527572/syzkaller.fWXSDR/1322/file0" dev="sda1" ino=16898 res=1
[ 2654.726184] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[ 2654.784664] Process accounting resumed
00:34:16 executing program 3:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)="0f34", 0x2}], 0x1, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f00000001c0)=""/1, 0x1}], 0x3, 0x0, 0x0, 0x0)
tkill(r0, 0x15)
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x0, 0x0}}], 0x1c)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

00:34:16 executing program 2:
r0 = open(&(0x7f0000000180)='./bus\x00', 0x151042, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f00000005c0)='/proc/sysvipc/sem\x00', 0x0, 0x0)
sendfile(r0, r3, 0x0, 0x40a)

00:34:16 executing program 1:
open(&(0x7f0000000200)='./file0\x00', 0x1070c0, 0x0)
syz_mount_image$minix(&(0x7f0000000140)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000040)="600084e002000a0000000001000000c9", 0x10, 0x400}, {&(0x7f0000000880)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494fcbcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5fe6b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bd89e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb04e4cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e73872540ef4e5aecb0de86dd2a75bee61a9303a332233ff5a259b078a6", 0x326, 0x34f9}], 0x0, 0x0)
acct(&(0x7f0000000480)='./file0\x00')
umount2(&(0x7f0000000500)='./file0\x00', 0x0)

00:34:16 executing program 0:
open(&(0x7f0000000200)='./file0\x00', 0x1070c0, 0x0)
syz_mount_image$minix(&(0x7f0000000140)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000040)="600084e002000a0000000001000000c98f13", 0x12, 0x400}, {&(0x7f0000000880)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494fcbcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5fe6b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bd89e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb04e4cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e73872540ef4e5aecb0de86dd2a75bee61a9303a332233ff5a259b078a6", 0x326}], 0x0, 0x0)
acct(&(0x7f0000000480)='./file0\x00')
umount2(&(0x7f0000000500)='./file0\x00', 0x0)

00:34:16 executing program 4:
sendmsg$NL80211_CMD_SET_REG(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="a8003ef3", @ANYRES16, @ANYBLOB="00042dbd7000fddbdf251a0000001c00228008000700020000000800010009000000080002000300000005009200010000001c0022800800040021c10000080003007d000000080003000800000008009a00020000004c0022800800040028000000080005000400000008000700010000000800030001000000084fcd971fdcd15cf93b0007000500000008000500b66800000800050001"], 0xa8}}, 0x0)
r0 = socket$unix(0x1, 0x5, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
sendmsg$AUDIT_GET(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000040), 0xc, 0x0}, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x23, &(0x7f0000000240)=[{&(0x7f00000000c0)="800000003804000019000300e60100006c000000000000340000000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0x4db, 0x400}], 0x4801, 0x0)

00:34:16 executing program 2:
r0 = open(&(0x7f0000000180)='./bus\x00', 0x151042, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f00000005c0)='/proc/sysvipc/sem\x00', 0x0, 0x0)
sendfile(r0, r3, 0x0, 0x40d)

[ 2655.002686] audit: type=1800 audit(1588638856.874:227): pid=26190 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="syz-executor.1" name="file0" dev="sda1" ino=16803 res=0
[ 2655.025403] EXT4-fs (loop4): fragment/cluster size (2048) != block size (1024)
[ 2655.032345] VFS: Can't find a Minix filesystem V1 | V2 | V3 on device loop1.
00:34:16 executing program 0:
r0 = open(&(0x7f0000000180)='./bus\x00', 0x151042, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f00000005c0)='/proc/sysvipc/sem\x00', 0x0, 0x0)
sendfile(r0, r3, 0x0, 0x2)

00:34:17 executing program 4:
sendmsg$NL80211_CMD_SET_REG(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="a8003ef3", @ANYRES16, @ANYBLOB="00042dbd7000fddbdf251a0000001c00228008000700020000000800010009000000080002000300000005009200010000001c0022800800040021c10000080003007d000000080003000800000008009a00020000004c0022800800040028000000080005000400000008000700010000000800030001000000084fcd971fdcd15cf93b0007000500000008000500b66800000800050001"], 0xa8}}, 0x0)
r0 = socket$unix(0x1, 0x5, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
sendmsg$AUDIT_GET(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000040), 0xc, 0x0}, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x23, &(0x7f0000000240)=[{&(0x7f00000000c0)="800000003804000019000300e60100006c000000000001770000000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0x4db, 0x400}], 0x4801, 0x0)

[ 2655.096248] audit: type=1800 audit(1588638856.924:228): pid=26191 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="syz-executor.0" name="file0" dev="sda1" ino=16868 res=0
[ 2655.127892] audit: type=1804 audit(1588638856.994:229): pid=26205 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=ToMToU comm="syz-executor.1" name="/root/syzkaller-testdir147527572/syzkaller.fWXSDR/1323/file0" dev="sda1" ino=16803 res=1
[ 2655.207879] Process accounting resumed
[ 2655.234932] EXT4-fs (loop4): fragment/cluster size (2048) != block size (1024)
00:34:19 executing program 0:
sendmsg$NL80211_CMD_SET_REG(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="a8003ef3", @ANYRES16, @ANYBLOB="00042dbd7000fddbdf251a0000001c00228008000700020000000800010009000000080002000300000005009200010000001c0022800800040021c10000080003007d000000080003000800000008009a00020000004c0022800800040028000000080005000400000008000700010000000800030001000000084fcd971fdcd15cf93b0007000500000008000500b66800000800050001"], 0xa8}}, 0x0)
r0 = socket$unix(0x1, 0x5, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
sendmsg$AUDIT_GET(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000040), 0xc, 0x0}, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x23, &(0x7f0000000240)=[{&(0x7f00000000c0)="800000003804000019000300e60100006c000000000000340000000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0x4db, 0x400}], 0x4801, 0x0)

00:34:19 executing program 5:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)="0f34", 0x2}], 0x1, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f00000001c0)=""/1, 0x1}], 0x3, 0x0, 0x0, 0x0)
tkill(r0, 0x15)
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0xe7, &(0x7f0000000480)="f71559c80aa4cefd3b79e76a039acbd61caef13fff703cc78e402a21c67dbe3ec9ee6c2a3b818b0000000009eb2b5c9a61000039dfad3ec35ca3dfaa6d0e35475ace78a33eb2b7fcfdd45d247a877bbcdd0307b91e8e05257ee498343d11310dda51e11dc0d92d614498a96fd09b90c0b306ef4fcd32316c48f327739494cfd766e8741d9783e4dc2a1cccb48f7d11a12e7714d3b2ab3f7e145069c031dff4e03cebb733218d3f00c1505b36dae61f9430afbad35132ad1172403fa3de92466d47fa032032453d60b2a1c1080000000000000095c32dd6fb7092e7a73ceffe3f8c450343d34abd"}}], 0x1c)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0xfeffffff00000000)

00:34:19 executing program 1:
open(&(0x7f0000000200)='./file0\x00', 0x1070c0, 0x0)
syz_mount_image$minix(&(0x7f0000000140)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000040)="600084e002000a0000000001000000c98f", 0x11, 0x400}, {&(0x7f0000000880)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494fcbcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5fe6b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bd89e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb04e4cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e73872540ef4e5aecb0de86dd2a75bee61a9303a332233ff5a259b078a6", 0x326, 0x34f9}], 0x0, 0x0)
acct(&(0x7f0000000480)='./file0\x00')
umount2(&(0x7f0000000500)='./file0\x00', 0x0)

00:34:19 executing program 2:
r0 = open(&(0x7f0000000180)='./bus\x00', 0x151042, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f00000005c0)='/proc/sysvipc/sem\x00', 0x0, 0x0)
sendfile(r0, r3, 0x0, 0x40f)

[ 2657.604255] audit: type=1800 audit(1588638859.474:230): pid=26226 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="syz-executor.1" name="file0" dev="sda1" ino=16834 res=0
[ 2657.635014] VFS: Can't find a Minix filesystem V1 | V2 | V3 on device loop1.
[ 2657.701439] audit: type=1804 audit(1588638859.574:231): pid=26226 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=ToMToU comm="syz-executor.1" name="/root/syzkaller-testdir147527572/syzkaller.fWXSDR/1324/file0" dev="sda1" ino=16834 res=1
[ 2657.752140] Process accounting resumed
00:34:19 executing program 3:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)="0f34", 0x2}], 0x1, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f00000001c0)=""/1, 0x1}], 0x3, 0x0, 0x0, 0x0)
tkill(r0, 0x15)
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x0, 0x0}}], 0x1c)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

00:34:19 executing program 4:
sendmsg$NL80211_CMD_SET_REG(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="a8003ef3", @ANYRES16, @ANYBLOB="00042dbd7000fddbdf251a0000001c00228008000700020000000800010009000000080002000300000005009200010000001c0022800800040021c10000080003007d000000080003000800000008009a00020000004c0022800800040028000000080005000400000008000700010000000800030001000000084fcd971fdcd15cf93b0007000500000008000500b66800000800050001"], 0xa8}}, 0x0)
r0 = socket$unix(0x1, 0x5, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
sendmsg$AUDIT_GET(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000040), 0xc, 0x0}, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x23, &(0x7f0000000240)=[{&(0x7f00000000c0)="800000003804000019000300e60100006c020000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0x4db, 0x400}], 0x4801, 0x0)

00:34:19 executing program 0:
open(&(0x7f0000000200)='./file0\x00', 0x1070c0, 0x0)
syz_mount_image$minix(&(0x7f0000000140)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000040)="600084e002000a0000000001000000c98f13", 0x12, 0x400}, {&(0x7f0000000880)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494fcbcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5fe6b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bd89e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb04e4cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e73872540", 0x30d, 0x34f9}], 0x0, 0x0)
acct(&(0x7f0000000480)='./file0\x00')
umount2(&(0x7f0000000500)='./file0\x00', 0x0)

00:34:19 executing program 2:
r0 = open(&(0x7f0000000180)='./bus\x00', 0x151042, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f00000005c0)='/proc/sysvipc/sem\x00', 0x0, 0x0)
sendfile(r0, r3, 0x0, 0x410)

00:34:19 executing program 1:
open(&(0x7f0000000200)='./file0\x00', 0x1070c0, 0x0)
syz_mount_image$minix(&(0x7f0000000140)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000040)="600084e002000a0000000001000000c98f", 0x11, 0x400}, {&(0x7f0000000880)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494fcbcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5fe6b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bd89e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb04e4cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e73872540ef4e5aecb0de86dd2a75bee61a9303a332233ff5a259b078a6", 0x326, 0x34f9}], 0x0, 0x0)
acct(&(0x7f0000000480)='./file0\x00')
umount2(&(0x7f0000000500)='./file0\x00', 0x0)

00:34:19 executing program 2:
r0 = open(&(0x7f0000000180)='./bus\x00', 0x151042, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f00000005c0)='/proc/sysvipc/sem\x00', 0x0, 0x0)
sendfile(r0, r3, 0x0, 0x448)

[ 2658.017209] audit: type=1800 audit(1588638859.884:232): pid=26251 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="syz-executor.0" name="file0" dev="sda1" ino=17025 res=0
[ 2658.062659] VFS: Can't find a Minix filesystem V1 | V2 | V3 on device loop1.
[ 2658.071479] audit: type=1800 audit(1588638859.924:233): pid=26252 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="syz-executor.1" name="file0" dev="sda1" ino=17122 res=0
00:34:20 executing program 0:
open(&(0x7f0000000200)='./file0\x00', 0x1070c0, 0x0)
syz_mount_image$minix(&(0x7f0000000140)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000040)="600084e002000a0000000001000000c98f13", 0x12, 0x400}, {&(0x7f0000000880)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494fcbcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5fe6b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bd89e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb04e4cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e73872540", 0x30d, 0x34f9}], 0x0, 0x0)
acct(&(0x7f0000000480)='./file0\x00')
umount2(&(0x7f0000000500)='./file0\x00', 0x0)

[ 2658.131003] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[ 2658.142377] Process accounting resumed
[ 2658.166722] Process accounting resumed
00:34:20 executing program 2:
r0 = open(&(0x7f0000000180)='./bus\x00', 0x151042, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f00000005c0)='/proc/sysvipc/sem\x00', 0x0, 0x0)
sendfile(r0, r3, 0x0, 0x44c)

00:34:20 executing program 1:
open(&(0x7f0000000200)='./file0\x00', 0x1070c0, 0x0)
syz_mount_image$minix(&(0x7f0000000140)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000040)="600084e002000a0000000001000000c98f", 0x11, 0x400}, {&(0x7f0000000880)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494fcbcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5fe6b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bd89e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb04e4cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e73872540ef4e5aecb0de86dd2a75bee61a9303a332233ff5a259b078a6", 0x326, 0x34f9}], 0x0, 0x0)
acct(&(0x7f0000000480)='./file0\x00')
umount2(&(0x7f0000000500)='./file0\x00', 0x0)

[ 2658.172773] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[ 2658.207438] EXT4-fs (loop4): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[ 2658.265261] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[ 2658.276380] Process accounting resumed
[ 2658.329575] VFS: Can't find a Minix filesystem V1 | V2 | V3 on device loop1.
[ 2658.423967] Process accounting resumed
00:34:22 executing program 5:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)="0f34", 0x2}], 0x1, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f00000001c0)=""/1, 0x1}], 0x3, 0x0, 0x0, 0x0)
tkill(r0, 0x15)
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0xe7, &(0x7f0000000480)="f71559c80aa4cefd3b79e76a039acbd61caef13fff703cc78e402a21c67dbe3ec9ee6c2a3b818b0000000009eb2b5c9a61000039dfad3ec35ca3dfaa6d0e35475ace78a33eb2b7fcfdd45d247a877bbcdd0307b91e8e05257ee498343d11310dda51e11dc0d92d614498a96fd09b90c0b306ef4fcd32316c48f327739494cfd766e8741d9783e4dc2a1cccb48f7d11a12e7714d3b2ab3f7e145069c031dff4e03cebb733218d3f00c1505b36dae61f9430afbad35132ad1172403fa3de92466d47fa032032453d60b2a1c1080000000000000095c32dd6fb7092e7a73ceffe3f8c450343d34abd"}}], 0x1c)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0xffefffffff7f0000)

00:34:22 executing program 0:
open(&(0x7f0000000200)='./file0\x00', 0x1070c0, 0x0)
syz_mount_image$minix(&(0x7f0000000140)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000040)="600084e002000a0000000001000000c98f13", 0x12, 0x400}, {&(0x7f0000000880)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494fcbcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5fe6b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bd89e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb04e4cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e73872540", 0x30d, 0x34f9}], 0x0, 0x0)
acct(&(0x7f0000000480)='./file0\x00')
umount2(&(0x7f0000000500)='./file0\x00', 0x0)

00:34:22 executing program 4:
sendmsg$NL80211_CMD_SET_REG(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="a8003ef3", @ANYRES16, @ANYBLOB="00042dbd7000fddbdf251a0000001c00228008000700020000000800010009000000080002000300000005009200010000001c0022800800040021c10000080003007d000000080003000800000008009a00020000004c0022800800040028000000080005000400000008000700010000000800030001000000084fcd971fdcd15cf93b0007000500000008000500b66800000800050001"], 0xa8}}, 0x0)
r0 = socket$unix(0x1, 0x5, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
sendmsg$AUDIT_GET(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000040), 0xc, 0x0}, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x23, &(0x7f0000000240)=[{&(0x7f00000000c0)="800000003804000019000300e60100006c030000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0x4db, 0x400}], 0x4801, 0x0)

[ 2660.657121] kauditd_printk_skb: 6 callbacks suppressed
[ 2660.657133] audit: type=1800 audit(1588638862.524:240): pid=26292 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="syz-executor.0" name="file0" dev="sda1" ino=16346 res=0
[ 2660.697736] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[ 2660.723519] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[ 2660.724345] Process accounting resumed
[ 2660.741795] EXT4-fs (loop4): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[ 2660.747243] audit: type=1804 audit(1588638862.554:241): pid=26292 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=ToMToU comm="syz-executor.0" name="/root/syzkaller-testdir187076671/syzkaller.vDXwRA/1363/file0" dev="sda1" ino=16346 res=1
[ 2660.777109] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
00:34:22 executing program 3:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)="0f34", 0x2}], 0x1, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f00000001c0)=""/1, 0x1}], 0x3, 0x0, 0x0, 0x0)
tkill(r0, 0x15)
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x0, 0x0}}], 0x1c)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

00:34:22 executing program 2:
r0 = open(&(0x7f0000000180)='./bus\x00', 0x151042, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f00000005c0)='/proc/sysvipc/sem\x00', 0x0, 0x0)
sendfile(r0, r3, 0x0, 0x44e)

00:34:22 executing program 1:
open(&(0x7f0000000200)='./file0\x00', 0x1070c0, 0x0)
syz_mount_image$minix(&(0x7f0000000140)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000040)="600084e002000a0000000001000000c98f13", 0x12}, {&(0x7f0000000880)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494fcbcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5fe6b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bd89e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb04e4cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e73872540ef4e5aecb0de86dd2a75bee61a9303a332233ff5a259b078a6", 0x326, 0x34f9}], 0x0, 0x0)
acct(&(0x7f0000000480)='./file0\x00')
umount2(&(0x7f0000000500)='./file0\x00', 0x0)

00:34:22 executing program 0 (fault-call:7 fault-nth:0):
r0 = open(&(0x7f0000000080)='./bus\x00', 0x1410c2, 0x0)
ftruncate(r0, 0x88001)
write$P9_RXATTRCREATE(r0, &(0x7f0000000040)={0x3ba}, 0x7)
r1 = socket(0x11, 0x3, 0x0)
setsockopt$packet_buf(r1, 0x107, 0xf, &(0x7f0000000280)="a933fb23", 0x4)
bind(r1, &(0x7f0000000180)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x0, 0x0)
sendfile(r1, r2, 0x0, 0xffffffff010)

00:34:22 executing program 4:
sendmsg$NL80211_CMD_SET_REG(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="a8003ef3", @ANYRES16, @ANYBLOB="00042dbd7000fddbdf251a0000001c00228008000700020000000800010009000000080002000300000005009200010000001c0022800800040021c10000080003007d000000080003000800000008009a00020000004c0022800800040028000000080005000400000008000700010000000800030001000000084fcd971fdcd15cf93b0007000500000008000500b66800000800050001"], 0xa8}}, 0x0)
r0 = socket$unix(0x1, 0x5, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
sendmsg$AUDIT_GET(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000040), 0xc, 0x0}, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x23, &(0x7f0000000240)=[{&(0x7f00000000c0)="800000003804000019000300e60100006c040000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0x4db, 0x400}], 0x4801, 0x0)

[ 2661.060728] audit: type=1800 audit(1588638862.934:242): pid=26314 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="syz-executor.1" name="file0" dev="sda1" ino=17105 res=0
[ 2661.087674] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[ 2661.099275] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[ 2661.108716] VFS: Can't find a Minix filesystem V1 | V2 | V3 on device loop1.
[ 2661.117214] EXT4-fs (loop4): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[ 2661.120897] FAULT_INJECTION: forcing a failure.
[ 2661.120897] name failslab, interval 1, probability 0, space 0, times 0
[ 2661.126582] audit: type=1804 audit(1588638862.994:243): pid=26315 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir187076671/syzkaller.vDXwRA/1364/bus" dev="sda1" ino=17128 res=1
[ 2661.147183] CPU: 1 PID: 26315 Comm: syz-executor.0 Not tainted 4.19.120-syzkaller #0
[ 2661.169313] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2661.174701] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[ 2661.178700] Call Trace:
[ 2661.189477]  dump_stack+0x188/0x20d
[ 2661.193117]  should_fail.cold+0xa/0x1b
[ 2661.197043]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[ 2661.202181]  __should_failslab+0x115/0x180
[ 2661.206446]  should_failslab+0x5/0xf
[ 2661.210181]  kmem_cache_alloc_trace+0x2c6/0x7a0
[ 2661.214870]  ? inode_has_perm.isra.0+0x175/0x210
[ 2661.219663]  ? file_has_perm+0x23f/0x330
[ 2661.223728]  alloc_pipe_info+0xb8/0x410
[ 2661.227727]  splice_direct_to_actor+0x6df/0x8d0
[ 2661.232586]  ? generic_pipe_buf_nosteal+0x10/0x10
[ 2661.237449]  ? selinux_file_permission+0x87/0x520
[ 2661.242289]  ? do_splice_to+0x160/0x160
[ 2661.246271]  ? security_file_permission+0x84/0x220
[ 2661.251313]  do_splice_direct+0x1a8/0x270
[ 2661.255557]  ? splice_direct_to_actor+0x8d0/0x8d0
[ 2661.260659]  ? security_file_permission+0x84/0x220
[ 2661.265605]  do_sendfile+0x549/0xc10
[ 2661.269367]  ? do_compat_pwritev64+0x1b0/0x1b0
[ 2661.273949]  ? wait_for_completion+0x3c0/0x3c0
[ 2661.278527]  ? vfs_write+0x15b/0x550
[ 2661.282237]  __x64_sys_sendfile64+0x1cc/0x210
[ 2661.286847]  ? __ia32_sys_sendfile+0x220/0x220
[ 2661.291556]  ? __ia32_sys_clock_settime+0x260/0x260
[ 2661.296578]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 2661.301398]  ? trace_hardirqs_off_caller+0x55/0x210
[ 2661.306429]  ? do_syscall_64+0x21/0x620
[ 2661.310412]  do_syscall_64+0xf9/0x620
[ 2661.314208]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 2661.319401] RIP: 0033:0x45c829
[ 2661.322632] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 2661.341557] RSP: 002b:00007f328c6c0c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 2661.349289] RAX: ffffffffffffffda RBX: 00000000004fc2c0 RCX: 000000000045c829
[ 2661.356650] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004
[ 2661.364037] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 2661.371393] R10: 00000ffffffff010 R11: 0000000000000246 R12: 0000000000000006
[ 2661.378678] R13: 00000000000008dc R14: 00000000004cb816 R15: 00007f328c6c16d4
00:34:23 executing program 2:
r0 = open(&(0x7f0000000180)='./bus\x00', 0x151042, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f00000005c0)='/proc/sysvipc/sem\x00', 0x0, 0x0)
sendfile(r0, r3, 0x0, 0x468)

[ 2661.398646] audit: type=1804 audit(1588638863.264:244): pid=26328 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=ToMToU comm="syz-executor.1" name="/root/syzkaller-testdir147527572/syzkaller.fWXSDR/1327/file0" dev="sda1" ino=17105 res=1
00:34:23 executing program 1:
open(&(0x7f0000000200)='./file0\x00', 0x1070c0, 0x0)
syz_mount_image$minix(&(0x7f0000000140)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000040)="600084e002000a0000000001000000c98f13", 0x12}, {&(0x7f0000000880)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494fcbcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5fe6b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bd89e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb04e4cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e73872540ef4e5aecb0de86dd2a75bee61a9303a332233ff5a259b078a6", 0x326, 0x34f9}], 0x0, 0x0)
acct(&(0x7f0000000480)='./file0\x00')
umount2(&(0x7f0000000500)='./file0\x00', 0x0)

[ 2661.461340] Process accounting resumed
00:34:23 executing program 0 (fault-call:7 fault-nth:1):
r0 = open(&(0x7f0000000080)='./bus\x00', 0x1410c2, 0x0)
ftruncate(r0, 0x88001)
write$P9_RXATTRCREATE(r0, &(0x7f0000000040)={0x3ba}, 0x7)
r1 = socket(0x11, 0x3, 0x0)
setsockopt$packet_buf(r1, 0x107, 0xf, &(0x7f0000000280)="a933fb23", 0x4)
bind(r1, &(0x7f0000000180)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x0, 0x0)
sendfile(r1, r2, 0x0, 0xffffffff010)

00:34:23 executing program 4:
sendmsg$NL80211_CMD_SET_REG(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="a8003ef3", @ANYRES16, @ANYBLOB="00042dbd7000fddbdf251a0000001c00228008000700020000000800010009000000080002000300000005009200010000001c0022800800040021c10000080003007d000000080003000800000008009a00020000004c0022800800040028000000080005000400000008000700010000000800030001000000084fcd971fdcd15cf93b0007000500000008000500b66800000800050001"], 0xa8}}, 0x0)
r0 = socket$unix(0x1, 0x5, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
sendmsg$AUDIT_GET(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000040), 0xc, 0x0}, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x23, &(0x7f0000000240)=[{&(0x7f00000000c0)="800000003804000019000300e60100006c050000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0x4db, 0x400}], 0x4801, 0x0)

[ 2661.559914] audit: type=1800 audit(1588638863.434:245): pid=26339 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="syz-executor.1" name="file0" dev="sda1" ino=17010 res=0
[ 2661.604235] audit: type=1804 audit(1588638863.474:246): pid=26340 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir187076671/syzkaller.vDXwRA/1365/bus" dev="sda1" ino=16317 res=1
[ 2661.625275] VFS: Can't find a Minix filesystem V1 | V2 | V3 on device loop1.
[ 2661.646570] FAULT_INJECTION: forcing a failure.
[ 2661.646570] name failslab, interval 1, probability 0, space 0, times 0
[ 2661.665491] CPU: 1 PID: 26340 Comm: syz-executor.0 Not tainted 4.19.120-syzkaller #0
[ 2661.673412] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2661.682772] Call Trace:
[ 2661.685373]  dump_stack+0x188/0x20d
[ 2661.689024]  should_fail.cold+0xa/0x1b
[ 2661.692923]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[ 2661.698045]  __should_failslab+0x115/0x180
[ 2661.702285]  should_failslab+0x5/0xf
[ 2661.706001]  __kmalloc+0x2d3/0x770
[ 2661.709564]  ? kmem_cache_alloc_trace+0x342/0x7a0
[ 2661.714411]  ? alloc_pipe_info+0x18e/0x410
[ 2661.718654]  ? file_has_perm+0x23f/0x330
[ 2661.722723]  alloc_pipe_info+0x18e/0x410
[ 2661.726798]  splice_direct_to_actor+0x6df/0x8d0
[ 2661.731475]  ? generic_pipe_buf_nosteal+0x10/0x10
[ 2661.736354]  ? selinux_file_permission+0x87/0x520
[ 2661.741227]  ? do_splice_to+0x160/0x160
[ 2661.745225]  ? security_file_permission+0x84/0x220
[ 2661.750168]  do_splice_direct+0x1a8/0x270
[ 2661.754328]  ? splice_direct_to_actor+0x8d0/0x8d0
[ 2661.759188]  ? security_file_permission+0x84/0x220
[ 2661.764137]  do_sendfile+0x549/0xc10
[ 2661.767866]  ? do_compat_pwritev64+0x1b0/0x1b0
[ 2661.772461]  ? wait_for_completion+0x3c0/0x3c0
[ 2661.777057]  ? vfs_write+0x15b/0x550
[ 2661.780784]  __x64_sys_sendfile64+0x1cc/0x210
[ 2661.785303]  ? __ia32_sys_sendfile+0x220/0x220
[ 2661.789889]  ? __ia32_sys_clock_settime+0x260/0x260
[ 2661.794929]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 2661.799697]  ? trace_hardirqs_off_caller+0x55/0x210
[ 2661.804731]  ? do_syscall_64+0x21/0x620
[ 2661.808722]  do_syscall_64+0xf9/0x620
[ 2661.812565]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 2661.817773] RIP: 0033:0x45c829
[ 2661.820980] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 2661.840854] RSP: 002b:00007f328c6c0c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 2661.848583] RAX: ffffffffffffffda RBX: 00000000004fc2c0 RCX: 000000000045c829
[ 2661.855882] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004
[ 2661.863164] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 2661.870445] R10: 00000ffffffff010 R11: 0000000000000246 R12: 0000000000000006
[ 2661.877732] R13: 00000000000008dc R14: 00000000004cb816 R15: 00007f328c6c16d4
[ 2661.900281] audit: type=1804 audit(1588638863.774:247): pid=26347 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=ToMToU comm="syz-executor.1" name="/root/syzkaller-testdir147527572/syzkaller.fWXSDR/1328/file0" dev="sda1" ino=17010 res=1
[ 2661.948043] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[ 2661.959602] Process accounting resumed
[ 2661.978080] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[ 2661.988534] EXT4-fs (loop4): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[ 2662.010044] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
00:34:25 executing program 1:
open(&(0x7f0000000200)='./file0\x00', 0x1070c0, 0x0)
syz_mount_image$minix(&(0x7f0000000140)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000040)="600084e002000a0000000001000000c98f13", 0x12}, {&(0x7f0000000880)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494fcbcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5fe6b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bd89e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb04e4cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e73872540ef4e5aecb0de86dd2a75bee61a9303a332233ff5a259b078a6", 0x326, 0x34f9}], 0x0, 0x0)
acct(&(0x7f0000000480)='./file0\x00')
umount2(&(0x7f0000000500)='./file0\x00', 0x0)

00:34:25 executing program 2:
r0 = open(&(0x7f0000000180)='./bus\x00', 0x151042, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f00000005c0)='/proc/sysvipc/sem\x00', 0x0, 0x0)
sendfile(r0, r3, 0x0, 0x46c)

00:34:25 executing program 5:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)="0f34", 0x2}], 0x1, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f00000001c0)=""/1, 0x1}], 0x3, 0x0, 0x0, 0x0)
tkill(r0, 0x15)
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0xe7, &(0x7f0000000480)="f71559c80aa4cefd3b79e76a039acbd61caef13fff703cc78e402a21c67dbe3ec9ee6c2a3b818b0000000009eb2b5c9a61000039dfad3ec35ca3dfaa6d0e35475ace78a33eb2b7fcfdd45d247a877bbcdd0307b91e8e05257ee498343d11310dda51e11dc0d92d614498a96fd09b90c0b306ef4fcd32316c48f327739494cfd766e8741d9783e4dc2a1cccb48f7d11a12e7714d3b2ab3f7e145069c031dff4e03cebb733218d3f00c1505b36dae61f9430afbad35132ad1172403fa3de92466d47fa032032453d60b2a1c1080000000000000095c32dd6fb7092e7a73ceffe3f8c450343d34abd"}}], 0x1c)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0xffffffff00000000)

[ 2663.685726] audit: type=1800 audit(1588638865.554:248): pid=26359 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="syz-executor.1" name="file0" dev="sda1" ino=16349 res=0
[ 2663.697591] VFS: Can't find a Minix filesystem V1 | V2 | V3 on device loop1.
[ 2663.779946] audit: type=1804 audit(1588638865.654:249): pid=26359 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=ToMToU comm="syz-executor.1" name="/root/syzkaller-testdir147527572/syzkaller.fWXSDR/1329/file0" dev="sda1" ino=16349 res=1
[ 2663.797056] Process accounting resumed
00:34:25 executing program 3:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)="0f34", 0x2}], 0x1, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f00000001c0)=""/1, 0x1}], 0x3, 0x0, 0x0, 0x0)
tkill(r0, 0x15)
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x0, &(0x7f0000000480)}}], 0x1c)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

00:34:25 executing program 0 (fault-call:7 fault-nth:2):
r0 = open(&(0x7f0000000080)='./bus\x00', 0x1410c2, 0x0)
ftruncate(r0, 0x88001)
write$P9_RXATTRCREATE(r0, &(0x7f0000000040)={0x3ba}, 0x7)
r1 = socket(0x11, 0x3, 0x0)
setsockopt$packet_buf(r1, 0x107, 0xf, &(0x7f0000000280)="a933fb23", 0x4)
bind(r1, &(0x7f0000000180)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x0, 0x0)
sendfile(r1, r2, 0x0, 0xffffffff010)

00:34:25 executing program 4:
sendmsg$NL80211_CMD_SET_REG(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="a8003ef3", @ANYRES16, @ANYBLOB="00042dbd7000fddbdf251a0000001c00228008000700020000000800010009000000080002000300000005009200010000001c0022800800040021c10000080003007d000000080003000800000008009a00020000004c0022800800040028000000080005000400000008000700010000000800030001000000084fcd971fdcd15cf93b0007000500000008000500b66800000800050001"], 0xa8}}, 0x0)
r0 = socket$unix(0x1, 0x5, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
sendmsg$AUDIT_GET(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000040), 0xc, 0x0}, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x23, &(0x7f0000000240)=[{&(0x7f00000000c0)="800000003804000019000300e60100006c060000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0x4db, 0x400}], 0x4801, 0x0)

00:34:25 executing program 2:
r0 = open(&(0x7f0000000180)='./bus\x00', 0x151042, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f00000005c0)='/proc/sysvipc/sem\x00', 0x0, 0x0)
sendfile(r0, r3, 0x0, 0x474)

00:34:25 executing program 1:
open(&(0x7f0000000200)='./file0\x00', 0x1070c0, 0x0)
syz_mount_image$minix(&(0x7f0000000140)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000040)="600084e002000a0000000001000000c98f13", 0x12, 0x400}, {&(0x7f0000000880)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494fcbcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5fe6b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bd89e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb04e4cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e73872540ef4e5aecb0de86dd2a75bee61a9303a332233ff5a259b078a6", 0x326, 0x34f9}], 0x0, 0x0)
acct(0x0)
umount2(&(0x7f0000000500)='./file0\x00', 0x0)

[ 2664.120073] FAULT_INJECTION: forcing a failure.
[ 2664.120073] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 2664.132395] MINIX-fs: mounting unchecked file system, running fsck is recommended
[ 2664.150045] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[ 2664.159578] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
00:34:26 executing program 2:
r0 = open(&(0x7f0000000180)='./bus\x00', 0x151042, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f00000005c0)='/proc/sysvipc/sem\x00', 0x0, 0x0)
sendfile(r0, r3, 0x0, 0x47a)

[ 2664.168753] EXT4-fs (loop4): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[ 2664.191495] CPU: 1 PID: 26384 Comm: syz-executor.0 Not tainted 4.19.120-syzkaller #0
[ 2664.199442] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2664.208805] Call Trace:
[ 2664.211427]  dump_stack+0x188/0x20d
[ 2664.215099]  should_fail.cold+0xa/0x1b
[ 2664.219010]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[ 2664.224152]  __alloc_pages_nodemask+0x1c7/0x6a0
[ 2664.228847]  ? __alloc_pages_slowpath+0x26a0/0x26a0
[ 2664.233889]  ? find_held_lock+0x2d/0x110
[ 2664.237969]  ? __do_page_cache_readahead+0x3a8/0x6b0
[ 2664.243102]  alloc_pages_current+0xff/0x200
[ 2664.247441]  __page_cache_alloc+0x2ba/0x450
[ 2664.251814]  __do_page_cache_readahead+0x1ac/0x6b0
[ 2664.256767]  ? read_pages+0x610/0x610
[ 2664.260589]  ? check_preemption_disabled+0x41/0x280
[ 2664.265626]  ondemand_readahead+0x54d/0xcf0
[ 2664.269972]  page_cache_sync_readahead+0x27b/0x520
[ 2664.274922]  generic_file_read_iter+0x185b/0x2900
[ 2664.279784]  ? kasan_kmalloc+0xbf/0xe0
[ 2664.283691]  ? splice_direct_to_actor+0x6df/0x8d0
[ 2664.288546]  ? do_splice_direct+0x1a8/0x270
[ 2664.292889]  ? filemap_range_has_page+0x360/0x360
[ 2664.297745]  ? mark_held_locks+0xf0/0xf0
[ 2664.301821]  ? check_preemption_disabled+0x41/0x280
[ 2664.306863]  ? avc_has_perm+0x384/0x5b0
[ 2664.310888]  ext4_file_read_iter+0x17b/0x3a0
[ 2664.315316]  generic_file_splice_read+0x3fa/0x6d0
[ 2664.320187]  ? add_to_pipe+0x360/0x360
[ 2664.324112]  ? security_file_permission+0x84/0x220
[ 2664.327843] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[ 2664.329054]  ? add_to_pipe+0x360/0x360
[ 2664.329076]  do_splice_to+0x10e/0x160
[ 2664.329095]  splice_direct_to_actor+0x2b9/0x8d0
[ 2664.329114]  ? generic_pipe_buf_nosteal+0x10/0x10
[ 2664.329131]  ? do_splice_to+0x160/0x160
[ 2664.329150]  do_splice_direct+0x1a8/0x270
[ 2664.362638]  ? splice_direct_to_actor+0x8d0/0x8d0
00:34:26 executing program 2:
r0 = open(&(0x7f0000000180)='./bus\x00', 0x151042, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f00000005c0)='/proc/sysvipc/sem\x00', 0x0, 0x0)
sendfile(r0, r3, 0x0, 0x487)

[ 2664.367504]  ? security_file_permission+0x84/0x220
[ 2664.372457]  do_sendfile+0x549/0xc10
[ 2664.376200]  ? do_compat_pwritev64+0x1b0/0x1b0
[ 2664.380807]  ? wait_for_completion+0x3c0/0x3c0
[ 2664.385408]  ? vfs_write+0x15b/0x550
[ 2664.389145]  __x64_sys_sendfile64+0x1cc/0x210
[ 2664.393677]  ? __ia32_sys_sendfile+0x220/0x220
[ 2664.398274]  ? __ia32_sys_clock_settime+0x260/0x260
[ 2664.403332]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 2664.408108]  ? trace_hardirqs_off_caller+0x55/0x210
[ 2664.413142]  ? do_syscall_64+0x21/0x620
[ 2664.417134]  do_syscall_64+0xf9/0x620
[ 2664.420975]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 2664.426179] RIP: 0033:0x45c829
[ 2664.429383] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 2664.448305] RSP: 002b:00007f328c6c0c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 2664.456035] RAX: ffffffffffffffda RBX: 00000000004fc2c0 RCX: 000000000045c829
[ 2664.463404] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004
[ 2664.470689] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 2664.477980] R10: 00000ffffffff010 R11: 0000000000000246 R12: 0000000000000006
[ 2664.485265] R13: 00000000000008dc R14: 00000000004cb816 R15: 00007f328c6c16d4
00:34:26 executing program 4:
sendmsg$NL80211_CMD_SET_REG(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="a8003ef3", @ANYRES16, @ANYBLOB="00042dbd7000fddbdf251a0000001c00228008000700020000000800010009000000080002000300000005009200010000001c0022800800040021c10000080003007d000000080003000800000008009a00020000004c0022800800040028000000080005000400000008000700010000000800030001000000084fcd971fdcd15cf93b0007000500000008000500b66800000800050001"], 0xa8}}, 0x0)
r0 = socket$unix(0x1, 0x5, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
sendmsg$AUDIT_GET(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000040), 0xc, 0x0}, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x23, &(0x7f0000000240)=[{&(0x7f00000000c0)="800000003804000019000300e60100006c070000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0x4db, 0x400}], 0x4801, 0x0)

00:34:26 executing program 2:
r0 = open(&(0x7f0000000180)='./bus\x00', 0x151042, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f00000005c0)='/proc/sysvipc/sem\x00', 0x0, 0x0)
sendfile(r0, r3, 0x0, 0x4a1)

00:34:26 executing program 1:
open(&(0x7f0000000200)='./file0\x00', 0x1070c0, 0x0)
syz_mount_image$minix(&(0x7f0000000140)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000040)="600084e002000a0000000001000000c98f13", 0x12, 0x400}, {&(0x7f0000000880)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494fcbcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5fe6b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bd89e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb04e4cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e73872540ef4e5aecb0de86dd2a75bee61a9303a332233ff5a259b078a6", 0x326, 0x34f9}], 0x0, 0x0)
acct(0x0)
umount2(&(0x7f0000000500)='./file0\x00', 0x0)

[ 2664.681626] MINIX-fs: mounting unchecked file system, running fsck is recommended
[ 2664.733109] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[ 2664.759989] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[ 2664.773940] EXT4-fs (loop4): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[ 2664.784841] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
00:34:28 executing program 5:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)="0f34", 0x2}], 0x1, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f00000001c0)=""/1, 0x1}], 0x3, 0x0, 0x0, 0x0)
tkill(r0, 0x15)
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0xe7, &(0x7f0000000480)="f71559c80aa4cefd3b79e76a039acbd61caef13fff703cc78e402a21c67dbe3ec9ee6c2a3b818b0000000009eb2b5c9a61000039dfad3ec35ca3dfaa6d0e35475ace78a33eb2b7fcfdd45d247a877bbcdd0307b91e8e05257ee498343d11310dda51e11dc0d92d614498a96fd09b90c0b306ef4fcd32316c48f327739494cfd766e8741d9783e4dc2a1cccb48f7d11a12e7714d3b2ab3f7e145069c031dff4e03cebb733218d3f00c1505b36dae61f9430afbad35132ad1172403fa3de92466d47fa032032453d60b2a1c1080000000000000095c32dd6fb7092e7a73ceffe3f8c450343d34abd"}}], 0x1c)
r1 = socket(0x40000000002, 0x3, 0x2)
setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000100)='batadv0\x00', 0x10)
connect$inet6(r1, &(0x7f0000000000)={0xa, 0x4e22, 0x800, @remote, 0x3}, 0x1c)
ptrace$setregs(0xf, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

00:34:28 executing program 0 (fault-call:7 fault-nth:3):
r0 = open(&(0x7f0000000080)='./bus\x00', 0x1410c2, 0x0)
ftruncate(r0, 0x88001)
write$P9_RXATTRCREATE(r0, &(0x7f0000000040)={0x3ba}, 0x7)
r1 = socket(0x11, 0x3, 0x0)
setsockopt$packet_buf(r1, 0x107, 0xf, &(0x7f0000000280)="a933fb23", 0x4)
bind(r1, &(0x7f0000000180)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x0, 0x0)
sendfile(r1, r2, 0x0, 0xffffffff010)

[ 2666.766707] kauditd_printk_skb: 3 callbacks suppressed
[ 2666.766722] audit: type=1804 audit(1588638868.634:253): pid=26430 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir187076671/syzkaller.vDXwRA/1367/bus" dev="sda1" ino=17136 res=1
[ 2666.767046] FAULT_INJECTION: forcing a failure.
[ 2666.767046] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 2666.808730] CPU: 0 PID: 26430 Comm: syz-executor.0 Not tainted 4.19.120-syzkaller #0
[ 2666.816639] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2666.826005] Call Trace:
[ 2666.828623]  dump_stack+0x188/0x20d
[ 2666.832281]  should_fail.cold+0xa/0x1b
[ 2666.836293]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[ 2666.841423]  __alloc_pages_nodemask+0x1c7/0x6a0
[ 2666.846123]  ? __alloc_pages_slowpath+0x26a0/0x26a0
[ 2666.851165]  ? find_held_lock+0x2d/0x110
[ 2666.855252]  ? __do_page_cache_readahead+0x3a8/0x6b0
[ 2666.860494]  alloc_pages_current+0xff/0x200
[ 2666.865145]  __page_cache_alloc+0x2ba/0x450
[ 2666.869494]  __do_page_cache_readahead+0x1ac/0x6b0
[ 2666.874449]  ? read_pages+0x610/0x610
[ 2666.878273]  ? check_preemption_disabled+0x41/0x280
[ 2666.883330]  ondemand_readahead+0x54d/0xcf0
[ 2666.887677]  page_cache_sync_readahead+0x27b/0x520
[ 2666.892606]  generic_file_read_iter+0x185b/0x2900
[ 2666.897446]  ? kasan_kmalloc+0xbf/0xe0
[ 2666.901336]  ? splice_direct_to_actor+0x6df/0x8d0
[ 2666.906179]  ? do_splice_direct+0x1a8/0x270
[ 2666.910535]  ? filemap_range_has_page+0x360/0x360
[ 2666.915448]  ? mark_held_locks+0xf0/0xf0
[ 2666.919657]  ? check_preemption_disabled+0x41/0x280
[ 2666.924685]  ? avc_has_perm+0x384/0x5b0
[ 2666.928713]  ext4_file_read_iter+0x17b/0x3a0
[ 2666.933141]  generic_file_splice_read+0x3fa/0x6d0
[ 2666.937978]  ? add_to_pipe+0x360/0x360
[ 2666.941885]  ? security_file_permission+0x84/0x220
[ 2666.946825]  ? add_to_pipe+0x360/0x360
[ 2666.950728]  do_splice_to+0x10e/0x160
[ 2666.954542]  splice_direct_to_actor+0x2b9/0x8d0
[ 2666.959341]  ? generic_pipe_buf_nosteal+0x10/0x10
[ 2666.964202]  ? do_splice_to+0x160/0x160
[ 2666.968181]  do_splice_direct+0x1a8/0x270
[ 2666.972333]  ? splice_direct_to_actor+0x8d0/0x8d0
[ 2666.977193]  ? security_file_permission+0x84/0x220
[ 2666.982144]  do_sendfile+0x549/0xc10
[ 2666.985872]  ? do_compat_pwritev64+0x1b0/0x1b0
[ 2666.990465]  ? wait_for_completion+0x3c0/0x3c0
[ 2666.995142]  ? vfs_write+0x15b/0x550
[ 2666.998854]  __x64_sys_sendfile64+0x1cc/0x210
[ 2667.003348]  ? __ia32_sys_sendfile+0x220/0x220
[ 2667.007922]  ? __ia32_sys_clock_settime+0x260/0x260
[ 2667.012987]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 2667.017740]  ? trace_hardirqs_off_caller+0x55/0x210
[ 2667.022769]  ? do_syscall_64+0x21/0x620
[ 2667.026743]  do_syscall_64+0xf9/0x620
[ 2667.030562]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 2667.035768] RIP: 0033:0x45c829
[ 2667.039393] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 2667.058305] RSP: 002b:00007f328c6c0c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
00:34:29 executing program 2:
r0 = open(&(0x7f0000000180)='./bus\x00', 0x151042, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f00000005c0)='/proc/sysvipc/sem\x00', 0x0, 0x0)
sendfile(r0, r3, 0x0, 0x4c0)

00:34:29 executing program 1:
open(&(0x7f0000000200)='./file0\x00', 0x1070c0, 0x0)
syz_mount_image$minix(&(0x7f0000000140)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000040)="600084e002000a0000000001000000c98f13", 0x12, 0x400}, {&(0x7f0000000880)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494fcbcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5fe6b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bd89e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb04e4cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e73872540ef4e5aecb0de86dd2a75bee61a9303a332233ff5a259b078a6", 0x326, 0x34f9}], 0x0, 0x0)
acct(0x0)
umount2(&(0x7f0000000500)='./file0\x00', 0x0)

00:34:29 executing program 3:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)="0f34", 0x2}], 0x1, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f00000001c0)=""/1, 0x1}], 0x3, 0x0, 0x0, 0x0)
tkill(r0, 0x15)
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x0, &(0x7f0000000480)}}], 0x1c)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

00:34:29 executing program 4:
sendmsg$NL80211_CMD_SET_REG(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="a8003ef3", @ANYRES16, @ANYBLOB="00042dbd7000fddbdf251a0000001c00228008000700020000000800010009000000080002000300000005009200010000001c0022800800040021c10000080003007d000000080003000800000008009a00020000004c0022800800040028000000080005000400000008000700010000000800030001000000084fcd971fdcd15cf93b0007000500000008000500b66800000800050001"], 0xa8}}, 0x0)
r0 = socket$unix(0x1, 0x5, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
sendmsg$AUDIT_GET(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000040), 0xc, 0x0}, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x23, &(0x7f0000000240)=[{&(0x7f00000000c0)="800000003804000019000300e60100006c080000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0x4db, 0x400}], 0x4801, 0x0)

[ 2667.066008] RAX: ffffffffffffffda RBX: 00000000004fc2c0 RCX: 000000000045c829
[ 2667.073290] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004
[ 2667.080584] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 2667.087863] R10: 00000ffffffff010 R11: 0000000000000246 R12: 0000000000000006
[ 2667.095132] R13: 00000000000008dc R14: 00000000004cb816 R15: 00007f328c6c16d4
00:34:29 executing program 0 (fault-call:7 fault-nth:4):
r0 = open(&(0x7f0000000080)='./bus\x00', 0x1410c2, 0x0)
ftruncate(r0, 0x88001)
write$P9_RXATTRCREATE(r0, &(0x7f0000000040)={0x3ba}, 0x7)
r1 = socket(0x11, 0x3, 0x0)
setsockopt$packet_buf(r1, 0x107, 0xf, &(0x7f0000000280)="a933fb23", 0x4)
bind(r1, &(0x7f0000000180)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x0, 0x0)
sendfile(r1, r2, 0x0, 0xffffffff010)

[ 2667.193909] audit: type=1800 audit(1588638869.064:254): pid=26442 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="syz-executor.1" name="file0" dev="sda1" ino=17409 res=0
[ 2667.214382] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[ 2667.233233] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[ 2667.259680] MINIX-fs: mounting unchecked file system, running fsck is recommended
[ 2667.284266] EXT4-fs (loop4): ext4_check_descriptors: Inode table for group 0 overlaps superblock
00:34:29 executing program 2:
r0 = open(&(0x7f0000000180)='./bus\x00', 0x151042, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f00000005c0)='/proc/sysvipc/sem\x00', 0x0, 0x0)
sendfile(r0, r3, 0x0, 0x500)

00:34:29 executing program 1:
open(&(0x7f0000000200)='./file0\x00', 0x1070c0, 0x0)
syz_mount_image$minix(&(0x7f0000000140)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000040)="600084e002000a0000000001000000c98f13", 0x12, 0x400}, {&(0x7f0000000880)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494fcbcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5fe6b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bd89e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb04e4cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e73872540ef4e5aecb0de86dd2a75bee61a9303a332233ff5a259b078a6", 0x326, 0x34f9}], 0x0, 0x0)
acct(&(0x7f0000000480)='./file0\x00')
umount2(0x0, 0x0)

[ 2667.334369] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[ 2667.349624] audit: type=1804 audit(1588638869.214:255): pid=26456 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir187076671/syzkaller.vDXwRA/1368/bus" dev="sda1" ino=17136 res=1
[ 2667.392648] FAULT_INJECTION: forcing a failure.
[ 2667.392648] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 2667.423676] CPU: 0 PID: 26456 Comm: syz-executor.0 Not tainted 4.19.120-syzkaller #0
[ 2667.431619] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2667.440994] Call Trace:
[ 2667.443623]  dump_stack+0x188/0x20d
[ 2667.447284]  should_fail.cold+0xa/0x1b
[ 2667.451201]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[ 2667.456349]  __alloc_pages_nodemask+0x1c7/0x6a0
[ 2667.461046]  ? __alloc_pages_slowpath+0x26a0/0x26a0
[ 2667.466087]  ? find_held_lock+0x2d/0x110
[ 2667.470173]  ? __do_page_cache_readahead+0x3a8/0x6b0
[ 2667.475308]  alloc_pages_current+0xff/0x200
[ 2667.479662]  __page_cache_alloc+0x2ba/0x450
[ 2667.484018]  __do_page_cache_readahead+0x1ac/0x6b0
[ 2667.488980]  ? read_pages+0x610/0x610
[ 2667.492808]  ? check_preemption_disabled+0x41/0x280
[ 2667.497941]  ondemand_readahead+0x54d/0xcf0
[ 2667.502290]  page_cache_sync_readahead+0x27b/0x520
[ 2667.507247]  generic_file_read_iter+0x185b/0x2900
[ 2667.512117]  ? kasan_kmalloc+0xbf/0xe0
[ 2667.516028]  ? splice_direct_to_actor+0x6df/0x8d0
[ 2667.520889]  ? do_splice_direct+0x1a8/0x270
[ 2667.525244]  ? filemap_range_has_page+0x360/0x360
[ 2667.530112]  ? mark_held_locks+0xf0/0xf0
[ 2667.534202]  ? check_preemption_disabled+0x41/0x280
[ 2667.539258]  ? avc_has_perm+0x384/0x5b0
[ 2667.543274]  ext4_file_read_iter+0x17b/0x3a0
[ 2667.547716]  generic_file_splice_read+0x3fa/0x6d0
[ 2667.552625]  ? add_to_pipe+0x360/0x360
[ 2667.556363] audit: type=1800 audit(1588638869.424:256): pid=26465 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="syz-executor.1" name="file0" dev="sda1" ino=17377 res=0
[ 2667.556632]  ? security_file_permission+0x84/0x220
[ 2667.556651]  ? add_to_pipe+0x360/0x360
[ 2667.556665]  do_splice_to+0x10e/0x160
[ 2667.556683]  splice_direct_to_actor+0x2b9/0x8d0
[ 2667.593731]  ? generic_pipe_buf_nosteal+0x10/0x10
[ 2667.598596]  ? do_splice_to+0x160/0x160
[ 2667.602601]  do_splice_direct+0x1a8/0x270
[ 2667.606783]  ? splice_direct_to_actor+0x8d0/0x8d0
[ 2667.611660]  ? security_file_permission+0x84/0x220
[ 2667.616623]  do_sendfile+0x549/0xc10
[ 2667.620363]  ? do_compat_pwritev64+0x1b0/0x1b0
[ 2667.624963]  ? wait_for_completion+0x3c0/0x3c0
[ 2667.629573]  ? vfs_write+0x15b/0x550
[ 2667.633342]  __x64_sys_sendfile64+0x1cc/0x210
[ 2667.637860]  ? __ia32_sys_sendfile+0x220/0x220
[ 2667.642461]  ? __ia32_sys_clock_settime+0x260/0x260
[ 2667.647518]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 2667.652471]  ? trace_hardirqs_off_caller+0x55/0x210
[ 2667.656089] MINIX-fs: mounting unchecked file system, running fsck is recommended
[ 2667.657512]  ? do_syscall_64+0x21/0x620
[ 2667.657532]  do_syscall_64+0xf9/0x620
[ 2667.657552]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 2667.657569] RIP: 0033:0x45c829
[ 2667.681378] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 2667.700471] RSP: 002b:00007f328c6c0c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 2667.708200] RAX: ffffffffffffffda RBX: 00000000004fc2c0 RCX: 000000000045c829
[ 2667.715499] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004
[ 2667.722795] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 2667.730109] R10: 00000ffffffff010 R11: 0000000000000246 R12: 0000000000000006
00:34:29 executing program 2:
r0 = open(&(0x7f0000000180)='./bus\x00', 0x151042, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f00000005c0)='/proc/sysvipc/sem\x00', 0x0, 0x0)
sendfile(r0, r3, 0x0, 0x600)

00:34:29 executing program 4:
sendmsg$NL80211_CMD_SET_REG(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="a8003ef3", @ANYRES16, @ANYBLOB="00042dbd7000fddbdf251a0000001c00228008000700020000000800010009000000080002000300000005009200010000001c0022800800040021c10000080003007d000000080003000800000008009a00020000004c0022800800040028000000080005000400000008000700010000000800030001000000084fcd971fdcd15cf93b0007000500000008000500b66800000800050001"], 0xa8}}, 0x0)
r0 = socket$unix(0x1, 0x5, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
sendmsg$AUDIT_GET(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000040), 0xc, 0x0}, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x23, &(0x7f0000000240)=[{&(0x7f00000000c0)="800000003804000019000300e60100006c090000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0x4db, 0x400}], 0x4801, 0x0)

[ 2667.737401] R13: 00000000000008dc R14: 00000000004cb816 R15: 00007f328c6c16d4
00:34:29 executing program 1:
open(&(0x7f0000000200)='./file0\x00', 0x1070c0, 0x0)
syz_mount_image$minix(&(0x7f0000000140)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000040)="600084e002000a0000000001000000c98f13", 0x12, 0x400}, {&(0x7f0000000880)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494fcbcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5fe6b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bd89e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb04e4cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e73872540ef4e5aecb0de86dd2a75bee61a9303a332233ff5a259b078a6", 0x326, 0x34f9}], 0x0, 0x0)
acct(&(0x7f0000000480)='./file0\x00')
umount2(0x0, 0x0)

[ 2667.794826] Process accounting resumed
[ 2667.877089] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[ 2667.898255] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[ 2667.920715] EXT4-fs (loop4): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[ 2667.937510] audit: type=1800 audit(1588638869.804:257): pid=26488 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="syz-executor.1" name="file0" dev="sda1" ino=17190 res=0
[ 2667.969847] MINIX-fs: mounting unchecked file system, running fsck is recommended
[ 2667.980586] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[ 2668.065367] Process accounting resumed
00:34:31 executing program 2:
r0 = open(&(0x7f0000000180)='./bus\x00', 0x151042, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f00000005c0)='/proc/sysvipc/sem\x00', 0x0, 0x0)
sendfile(r0, r3, 0x0, 0x900)

00:34:31 executing program 0 (fault-call:7 fault-nth:5):
r0 = open(&(0x7f0000000080)='./bus\x00', 0x1410c2, 0x0)
ftruncate(r0, 0x88001)
write$P9_RXATTRCREATE(r0, &(0x7f0000000040)={0x3ba}, 0x7)
r1 = socket(0x11, 0x3, 0x0)
setsockopt$packet_buf(r1, 0x107, 0xf, &(0x7f0000000280)="a933fb23", 0x4)
bind(r1, &(0x7f0000000180)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x0, 0x0)
sendfile(r1, r2, 0x0, 0xffffffff010)

00:34:31 executing program 4:
sendmsg$NL80211_CMD_SET_REG(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="a8003ef3", @ANYRES16, @ANYBLOB="00042dbd7000fddbdf251a0000001c00228008000700020000000800010009000000080002000300000005009200010000001c0022800800040021c10000080003007d000000080003000800000008009a00020000004c0022800800040028000000080005000400000008000700010000000800030001000000084fcd971fdcd15cf93b0007000500000008000500b66800000800050001"], 0xa8}}, 0x0)
r0 = socket$unix(0x1, 0x5, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
sendmsg$AUDIT_GET(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000040), 0xc, 0x0}, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x23, &(0x7f0000000240)=[{&(0x7f00000000c0)="800000003804000019000300e60100006c0a0000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0x4db, 0x400}], 0x4801, 0x0)

00:34:31 executing program 5:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)="0f34", 0x2}], 0x1, 0xb)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f00000001c0)=""/1, 0x1}], 0x3, 0x0, 0x0, 0x0)
tkill(r0, 0x1)
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0xe7, &(0x7f0000000480)="f71559c80aa4cefd3b79e76a039acbd61caef13fff703cc78e402a21c67dbe3ec9ee6c2a3b818b0000000009eb2b5c9a61000039dfad3ec35ca3dfaa6d0e35475ace78a33eb2b7fcfdd45d247a877bbcdd0307b91e8e05257ee498343d11310dda51e11dc0d92d614498a96fd09b90c0b306ef4fcd32316c48f327739494cfd766e8741d9783e4dc2a1cccb48f7d11a12e7714d3b2ab3f7e145069c031dff4e03cebb733218d3f00c1505b36dae61f9430afbad35132ad1172403fa3de92466d47fa032032453d60b2a1c1080000000000000095c32dd6fb7092e7a73ceffe3f8c450343d34abd"}}], 0x1c)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

[ 2669.805311] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[ 2669.833678] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[ 2669.853776] audit: type=1804 audit(1588638871.724:258): pid=26509 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir187076671/syzkaller.vDXwRA/1369/bus" dev="sda1" ino=17514 res=1
[ 2669.854380] FAULT_INJECTION: forcing a failure.
[ 2669.854380] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 2669.884438] EXT4-fs (loop4): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[ 2669.909282] CPU: 1 PID: 26509 Comm: syz-executor.0 Not tainted 4.19.120-syzkaller #0
[ 2669.917221] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2669.926600] Call Trace:
[ 2669.929215]  dump_stack+0x188/0x20d
[ 2669.932895]  should_fail.cold+0xa/0x1b
[ 2669.936802]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[ 2669.941940]  __alloc_pages_nodemask+0x1c7/0x6a0
[ 2669.946662]  ? __alloc_pages_slowpath+0x26a0/0x26a0
[ 2669.951711]  ? find_held_lock+0x2d/0x110
[ 2669.955842]  ? __do_page_cache_readahead+0x3a8/0x6b0
[ 2669.961076]  alloc_pages_current+0xff/0x200
[ 2669.965454]  __page_cache_alloc+0x2ba/0x450
[ 2669.969824]  __do_page_cache_readahead+0x1ac/0x6b0
[ 2669.974787]  ? read_pages+0x610/0x610
[ 2669.978606]  ? check_preemption_disabled+0x41/0x280
[ 2669.983648]  ondemand_readahead+0x54d/0xcf0
[ 2669.988033]  page_cache_sync_readahead+0x27b/0x520
[ 2669.992989]  generic_file_read_iter+0x185b/0x2900
[ 2669.998098]  ? kasan_kmalloc+0xbf/0xe0
[ 2670.001996]  ? splice_direct_to_actor+0x6df/0x8d0
[ 2670.006965]  ? do_splice_direct+0x1a8/0x270
[ 2670.011305]  ? filemap_range_has_page+0x360/0x360
[ 2670.016158]  ? mark_held_locks+0xf0/0xf0
[ 2670.020225]  ? check_preemption_disabled+0x41/0x280
[ 2670.025393]  ? avc_has_perm+0x384/0x5b0
[ 2670.029408]  ext4_file_read_iter+0x17b/0x3a0
[ 2670.033826]  generic_file_splice_read+0x3fa/0x6d0
[ 2670.038765]  ? add_to_pipe+0x360/0x360
[ 2670.042669]  ? security_file_permission+0x84/0x220
[ 2670.047619]  ? add_to_pipe+0x360/0x360
[ 2670.051557]  do_splice_to+0x10e/0x160
[ 2670.055384]  splice_direct_to_actor+0x2b9/0x8d0
[ 2670.060091]  ? generic_pipe_buf_nosteal+0x10/0x10
[ 2670.064944]  ? do_splice_to+0x160/0x160
[ 2670.068935]  do_splice_direct+0x1a8/0x270
[ 2670.073090]  ? splice_direct_to_actor+0x8d0/0x8d0
[ 2670.077986]  ? security_file_permission+0x84/0x220
[ 2670.082980]  do_sendfile+0x549/0xc10
[ 2670.086716]  ? do_compat_pwritev64+0x1b0/0x1b0
[ 2670.091323]  ? wait_for_completion+0x3c0/0x3c0
[ 2670.096044]  ? vfs_write+0x15b/0x550
[ 2670.099766]  __x64_sys_sendfile64+0x1cc/0x210
[ 2670.104273]  ? __ia32_sys_sendfile+0x220/0x220
[ 2670.108856]  ? __ia32_sys_clock_settime+0x260/0x260
[ 2670.113894]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 2670.118685]  ? trace_hardirqs_off_caller+0x55/0x210
[ 2670.123744]  ? do_syscall_64+0x21/0x620
[ 2670.127857]  do_syscall_64+0xf9/0x620
[ 2670.131675]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 2670.136889] RIP: 0033:0x45c829
[ 2670.140085] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 2670.159001] RSP: 002b:00007f328c6c0c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 2670.166714] RAX: ffffffffffffffda RBX: 00000000004fc2c0 RCX: 000000000045c829
[ 2670.173999] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004
[ 2670.181322] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 2670.188621] R10: 00000ffffffff010 R11: 0000000000000246 R12: 0000000000000006
[ 2670.195887] R13: 00000000000008dc R14: 00000000004cb816 R15: 00007f328c6c16d4
00:34:32 executing program 3:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)="0f34", 0x2}], 0x1, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f00000001c0)=""/1, 0x1}], 0x3, 0x0, 0x0, 0x0)
tkill(r0, 0x15)
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x0, &(0x7f0000000480)}}], 0x1c)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

00:34:32 executing program 1:
open(&(0x7f0000000200)='./file0\x00', 0x1070c0, 0x0)
syz_mount_image$minix(&(0x7f0000000140)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000040)="600084e002000a0000000001000000c98f13", 0x12, 0x400}, {&(0x7f0000000880)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494fcbcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5fe6b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bd89e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb04e4cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e73872540ef4e5aecb0de86dd2a75bee61a9303a332233ff5a259b078a6", 0x326, 0x34f9}], 0x0, 0x0)
acct(&(0x7f0000000480)='./file0\x00')
umount2(0x0, 0x0)

00:34:32 executing program 2:
r0 = open(&(0x7f0000000180)='./bus\x00', 0x151042, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f00000005c0)='/proc/sysvipc/sem\x00', 0x0, 0x0)
sendfile(r0, r3, 0x0, 0xa00)

[ 2670.210264] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
00:34:32 executing program 4:
sendmsg$NL80211_CMD_SET_REG(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="a8003ef3", @ANYRES16, @ANYBLOB="00042dbd7000fddbdf251a0000001c00228008000700020000000800010009000000080002000300000005009200010000001c0022800800040021c10000080003007d000000080003000800000008009a00020000004c0022800800040028000000080005000400000008000700010000000800030001000000084fcd971fdcd15cf93b0007000500000008000500b66800000800050001"], 0xa8}}, 0x0)
r0 = socket$unix(0x1, 0x5, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
sendmsg$AUDIT_GET(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000040), 0xc, 0x0}, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x23, &(0x7f0000000240)=[{&(0x7f00000000c0)="800000003804000019000300e60100006c0c0000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0x4db, 0x400}], 0x4801, 0x0)

00:34:32 executing program 0 (fault-call:7 fault-nth:6):
r0 = open(&(0x7f0000000080)='./bus\x00', 0x1410c2, 0x0)
ftruncate(r0, 0x88001)
write$P9_RXATTRCREATE(r0, &(0x7f0000000040)={0x3ba}, 0x7)
r1 = socket(0x11, 0x3, 0x0)
setsockopt$packet_buf(r1, 0x107, 0xf, &(0x7f0000000280)="a933fb23", 0x4)
bind(r1, &(0x7f0000000180)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x0, 0x0)
sendfile(r1, r2, 0x0, 0xffffffff010)

[ 2670.313960] audit: type=1800 audit(1588638872.184:259): pid=26526 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="syz-executor.1" name="file0" dev="sda1" ino=16367 res=0
00:34:32 executing program 2:
r0 = open(&(0x7f0000000180)='./bus\x00', 0x151042, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f00000005c0)='/proc/sysvipc/sem\x00', 0x0, 0x0)
sendfile(r0, r3, 0x0, 0xe00)

[ 2670.364282] MINIX-fs: mounting unchecked file system, running fsck is recommended
[ 2670.465903] Process accounting resumed
[ 2670.479020] audit: type=1804 audit(1588638872.344:260): pid=26540 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir187076671/syzkaller.vDXwRA/1370/bus" dev="sda1" ino=17512 res=1
[ 2670.508537] FAULT_INJECTION: forcing a failure.
[ 2670.508537] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 2670.533220] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[ 2670.549218] CPU: 0 PID: 26540 Comm: syz-executor.0 Not tainted 4.19.120-syzkaller #0
[ 2670.557156] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2670.566562] Call Trace:
[ 2670.569187]  dump_stack+0x188/0x20d
[ 2670.572845]  should_fail.cold+0xa/0x1b
[ 2670.576612] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[ 2670.576951]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[ 2670.576979]  __alloc_pages_nodemask+0x1c7/0x6a0
[ 2670.576998]  ? __alloc_pages_slowpath+0x26a0/0x26a0
[ 2670.592495] EXT4-fs (loop4): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[ 2670.595843]  ? find_held_lock+0x2d/0x110
00:34:32 executing program 1 (fault-call:3 fault-nth:0):
open(&(0x7f0000000200)='./file0\x00', 0x1070c0, 0x0)
syz_mount_image$minix(&(0x7f0000000140)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000040)="600084e002000a0000000001000000c98f13", 0x12, 0x400}, {&(0x7f0000000880)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494fcbcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5fe6b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bd89e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb04e4cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e73872540ef4e5aecb0de86dd2a75bee61a9303a332233ff5a259b078a6", 0x326, 0x34f9}], 0x0, 0x0)
acct(&(0x7f0000000480)='./file0\x00')
umount2(&(0x7f0000000500)='./file0\x00', 0x0)

[ 2670.595860]  ? __do_page_cache_readahead+0x3a8/0x6b0
[ 2670.595881]  alloc_pages_current+0xff/0x200
[ 2670.614815] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[ 2670.619007]  __page_cache_alloc+0x2ba/0x450
[ 2670.619028]  __do_page_cache_readahead+0x1ac/0x6b0
[ 2670.619046]  ? read_pages+0x610/0x610
[ 2670.644603]  ? check_preemption_disabled+0x41/0x280
[ 2670.649645]  ondemand_readahead+0x54d/0xcf0
[ 2670.653994]  page_cache_sync_readahead+0x27b/0x520
[ 2670.658946]  generic_file_read_iter+0x185b/0x2900
[ 2670.663842]  ? kasan_kmalloc+0xbf/0xe0
[ 2670.667754]  ? splice_direct_to_actor+0x6df/0x8d0
[ 2670.672589]  ? do_splice_direct+0x1a8/0x270
[ 2670.676917]  ? filemap_range_has_page+0x360/0x360
[ 2670.681756]  ? mark_held_locks+0xf0/0xf0
[ 2670.685811]  ? check_preemption_disabled+0x41/0x280
[ 2670.690821]  ? avc_has_perm+0x384/0x5b0
[ 2670.694793]  ext4_file_read_iter+0x17b/0x3a0
[ 2670.699230]  generic_file_splice_read+0x3fa/0x6d0
[ 2670.704085]  ? add_to_pipe+0x360/0x360
[ 2670.708352]  ? security_file_permission+0x84/0x220
[ 2670.713270]  ? add_to_pipe+0x360/0x360
[ 2670.717265]  do_splice_to+0x10e/0x160
[ 2670.721064]  splice_direct_to_actor+0x2b9/0x8d0
[ 2670.725746]  ? generic_pipe_buf_nosteal+0x10/0x10
[ 2670.730600]  ? do_splice_to+0x160/0x160
[ 2670.734704]  do_splice_direct+0x1a8/0x270
[ 2670.738861]  ? splice_direct_to_actor+0x8d0/0x8d0
[ 2670.743760]  ? security_file_permission+0x84/0x220
[ 2670.748744]  do_sendfile+0x549/0xc10
[ 2670.752458]  ? do_compat_pwritev64+0x1b0/0x1b0
[ 2670.757037]  ? wait_for_completion+0x3c0/0x3c0
[ 2670.761625]  ? vfs_write+0x15b/0x550
[ 2670.765342]  __x64_sys_sendfile64+0x1cc/0x210
[ 2670.769842]  ? __ia32_sys_sendfile+0x220/0x220
[ 2670.774445]  ? __ia32_sys_clock_settime+0x260/0x260
[ 2670.779512]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 2670.784281]  ? trace_hardirqs_off_caller+0x55/0x210
[ 2670.789429]  ? do_syscall_64+0x21/0x620
[ 2670.793449]  do_syscall_64+0xf9/0x620
[ 2670.797264]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 2670.802452] RIP: 0033:0x45c829
[ 2670.805651] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 2670.824637] RSP: 002b:00007f328c6c0c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 2670.832346] RAX: ffffffffffffffda RBX: 00000000004fc2c0 RCX: 000000000045c829
[ 2670.839623] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004
[ 2670.846963] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 2670.854240] R10: 00000ffffffff010 R11: 0000000000000246 R12: 0000000000000006
00:34:32 executing program 2:
r0 = open(&(0x7f0000000180)='./bus\x00', 0x151042, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f00000005c0)='/proc/sysvipc/sem\x00', 0x0, 0x0)
sendfile(r0, r3, 0x0, 0xf00)

[ 2670.861568] R13: 00000000000008dc R14: 00000000004cb816 R15: 00007f328c6c16d4
00:34:32 executing program 0 (fault-call:7 fault-nth:7):
r0 = open(&(0x7f0000000080)='./bus\x00', 0x1410c2, 0x0)
ftruncate(r0, 0x88001)
write$P9_RXATTRCREATE(r0, &(0x7f0000000040)={0x3ba}, 0x7)
r1 = socket(0x11, 0x3, 0x0)
setsockopt$packet_buf(r1, 0x107, 0xf, &(0x7f0000000280)="a933fb23", 0x4)
bind(r1, &(0x7f0000000180)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x0, 0x0)
sendfile(r1, r2, 0x0, 0xffffffff010)

00:34:32 executing program 4:
sendmsg$NL80211_CMD_SET_REG(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="a8003ef3", @ANYRES16, @ANYBLOB="00042dbd7000fddbdf251a0000001c00228008000700020000000800010009000000080002000300000005009200010000001c0022800800040021c10000080003007d000000080003000800000008009a00020000004c0022800800040028000000080005000400000008000700010000000800030001000000084fcd971fdcd15cf93b0007000500000008000500b66800000800050001"], 0xa8}}, 0x0)
r0 = socket$unix(0x1, 0x5, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
sendmsg$AUDIT_GET(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000040), 0xc, 0x0}, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x23, &(0x7f0000000240)=[{&(0x7f00000000c0)="800000003804000019000300e60100006c220000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0x4db, 0x400}], 0x4801, 0x0)

[ 2671.025365] audit: type=1804 audit(1588638872.894:261): pid=26554 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir187076671/syzkaller.vDXwRA/1371/bus" dev="sda1" ino=17441 res=1
[ 2671.026176] FAULT_INJECTION: forcing a failure.
[ 2671.026176] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 2671.075927] MINIX-fs: mounting unchecked file system, running fsck is recommended
[ 2671.089023] CPU: 0 PID: 26554 Comm: syz-executor.0 Not tainted 4.19.120-syzkaller #0
[ 2671.091906] audit: type=1800 audit(1588638872.924:262): pid=26556 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="syz-executor.1" name="file0" dev="sda1" ino=17473 res=0
[ 2671.096941] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
00:34:33 executing program 2:
r0 = open(&(0x7f0000000180)='./bus\x00', 0x151042, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f00000005c0)='/proc/sysvipc/sem\x00', 0x0, 0x0)
sendfile(r0, r3, 0x0, 0x1200)

[ 2671.096947] Call Trace:
[ 2671.096971]  dump_stack+0x188/0x20d
[ 2671.096993]  should_fail.cold+0xa/0x1b
[ 2671.136480]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[ 2671.141613]  __alloc_pages_nodemask+0x1c7/0x6a0
[ 2671.146304]  ? __alloc_pages_slowpath+0x26a0/0x26a0
[ 2671.151345]  ? find_held_lock+0x2d/0x110
[ 2671.155423]  ? __do_page_cache_readahead+0x3a8/0x6b0
[ 2671.160545]  alloc_pages_current+0xff/0x200
[ 2671.162995] FAULT_INJECTION: forcing a failure.
[ 2671.162995] name failslab, interval 1, probability 0, space 0, times 0
[ 2671.164887]  __page_cache_alloc+0x2ba/0x450
[ 2671.164918]  __do_page_cache_readahead+0x1ac/0x6b0
[ 2671.185384]  ? read_pages+0x610/0x610
[ 2671.189206]  ? check_preemption_disabled+0x41/0x280
[ 2671.194363]  ondemand_readahead+0x54d/0xcf0
[ 2671.198714]  page_cache_sync_readahead+0x27b/0x520
[ 2671.203674]  generic_file_read_iter+0x185b/0x2900
[ 2671.208537]  ? kasan_kmalloc+0xbf/0xe0
[ 2671.212433]  ? splice_direct_to_actor+0x6df/0x8d0
[ 2671.217285]  ? do_splice_direct+0x1a8/0x270
[ 2671.221637]  ? filemap_range_has_page+0x360/0x360
[ 2671.226669]  ? mark_held_locks+0xf0/0xf0
[ 2671.230749]  ? check_preemption_disabled+0x41/0x280
[ 2671.235789]  ? avc_has_perm+0x384/0x5b0
[ 2671.239783]  ext4_file_read_iter+0x17b/0x3a0
[ 2671.244205]  generic_file_splice_read+0x3fa/0x6d0
[ 2671.249059]  ? add_to_pipe+0x360/0x360
[ 2671.252968]  ? security_file_permission+0x84/0x220
[ 2671.257923]  ? add_to_pipe+0x360/0x360
[ 2671.261824]  do_splice_to+0x10e/0x160
[ 2671.265636]  splice_direct_to_actor+0x2b9/0x8d0
[ 2671.270314]  ? generic_pipe_buf_nosteal+0x10/0x10
[ 2671.275173]  ? do_splice_to+0x160/0x160
[ 2671.279169]  do_splice_direct+0x1a8/0x270
[ 2671.283328]  ? splice_direct_to_actor+0x8d0/0x8d0
[ 2671.288195]  ? security_file_permission+0x84/0x220
[ 2671.293141]  do_sendfile+0x549/0xc10
[ 2671.296877]  ? do_compat_pwritev64+0x1b0/0x1b0
[ 2671.301468]  ? wait_for_completion+0x3c0/0x3c0
[ 2671.306060]  ? vfs_write+0x15b/0x550
[ 2671.309787]  __x64_sys_sendfile64+0x1cc/0x210
[ 2671.314299]  ? __ia32_sys_sendfile+0x220/0x220
[ 2671.318889]  ? __ia32_sys_clock_settime+0x260/0x260
[ 2671.323919]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 2671.328690]  ? trace_hardirqs_off_caller+0x55/0x210
[ 2671.333721]  ? do_syscall_64+0x21/0x620
[ 2671.337717]  do_syscall_64+0xf9/0x620
[ 2671.341542]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 2671.346751] RIP: 0033:0x45c829
[ 2671.349954] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 2671.368867] RSP: 002b:00007f328c6c0c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 2671.376588] RAX: ffffffffffffffda RBX: 00000000004fc2c0 RCX: 000000000045c829
[ 2671.383865] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004
[ 2671.391230] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 2671.398520] R10: 00000ffffffff010 R11: 0000000000000246 R12: 0000000000000006
[ 2671.405807] R13: 00000000000008dc R14: 00000000004cb816 R15: 00007f328c6c16d4
[ 2671.413123] CPU: 1 PID: 26562 Comm: syz-executor.1 Not tainted 4.19.120-syzkaller #0
[ 2671.421054] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2671.430434] Call Trace:
[ 2671.433049]  dump_stack+0x188/0x20d
[ 2671.436716]  should_fail.cold+0xa/0x1b
[ 2671.440635]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[ 2671.445778]  __should_failslab+0x115/0x180
[ 2671.450039]  should_failslab+0x5/0xf
[ 2671.453771]  kmem_cache_alloc+0x29f/0x710
[ 2671.457939]  ? lock_downgrade+0x740/0x740
[ 2671.462124]  ? vfs_write+0x2e6/0x550
[ 2671.465883]  ? cap_capable+0x1eb/0x250
[ 2671.469793]  getname_flags+0xd2/0x5b0
[ 2671.473603]  ? security_capable+0x8e/0xc0
[ 2671.477780]  user_path_mountpoint_at+0x23/0x40
[ 2671.482389]  ksys_umount+0x14c/0xd90
[ 2671.486236]  ? vfs_write+0x15b/0x550
[ 2671.489971]  ? __detach_mounts+0x320/0x320
[ 2671.494225]  ? ksys_write+0x1c8/0x2a0
[ 2671.498041]  ? __ia32_sys_read+0xb0/0xb0
[ 2671.502120]  ? __ia32_sys_clock_settime+0x260/0x260
[ 2671.507265]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 2671.512040]  ? trace_hardirqs_off_caller+0x55/0x210
[ 2671.517064]  __x64_sys_umount+0x50/0x70
[ 2671.521037]  do_syscall_64+0xf9/0x620
[ 2671.524839]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 2671.530049] RIP: 0033:0x45c829
[ 2671.533256] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 2671.552171] RSP: 002b:00007fadf18a4c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[ 2671.559903] RAX: ffffffffffffffda RBX: 0000000000509dc0 RCX: 000000000045c829
[ 2671.567192] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020000500
[ 2671.574485] RBP: 000000000078bfa0 R08: 0000000000000000 R09: 0000000000000000
[ 2671.581754] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000006
[ 2671.589022] R13: 0000000000000c48 R14: 00000000004ce78c R15: 00007fadf18a56d4
[ 2671.683849] Process accounting resumed
[ 2671.725730] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[ 2671.736611] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[ 2671.772178] EXT4-fs (loop4): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[ 2671.793909] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
00:34:34 executing program 1 (fault-call:3 fault-nth:1):
open(&(0x7f0000000200)='./file0\x00', 0x1070c0, 0x0)
syz_mount_image$minix(&(0x7f0000000140)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000040)="600084e002000a0000000001000000c98f13", 0x12, 0x400}, {&(0x7f0000000880)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494fcbcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5fe6b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bd89e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb04e4cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e73872540ef4e5aecb0de86dd2a75bee61a9303a332233ff5a259b078a6", 0x326, 0x34f9}], 0x0, 0x0)
acct(&(0x7f0000000480)='./file0\x00')
umount2(&(0x7f0000000500)='./file0\x00', 0x0)

[ 2672.862858] audit: type=1800 audit(1588638874.734:263): pid=26583 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="syz-executor.1" name="file0" dev="sda1" ino=17518 res=0
[ 2672.897269] MINIX-fs: mounting unchecked file system, running fsck is recommended
[ 2672.911615] FAULT_INJECTION: forcing a failure.
[ 2672.911615] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 2672.923573] CPU: 1 PID: 26583 Comm: syz-executor.1 Not tainted 4.19.120-syzkaller #0
[ 2672.931483] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2672.941429] Call Trace:
[ 2672.944331]  dump_stack+0x188/0x20d
[ 2672.948033]  should_fail.cold+0xa/0x1b
[ 2672.952435]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[ 2672.957712]  ? mark_held_locks+0xf0/0xf0
[ 2672.961793]  __alloc_pages_nodemask+0x1c7/0x6a0
[ 2672.966603]  ? avc_has_extended_perms+0x1030/0x1030
[ 2672.972035]  ? __alloc_pages_slowpath+0x26a0/0x26a0
[ 2672.977081]  ? fs_reclaim_acquire+0x10/0x10
[ 2672.981418]  ? should_fail+0x142/0x7bc
[ 2672.985408]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[ 2672.990883]  cache_grow_begin+0x8e/0x8a0
[ 2672.995199]  kmem_cache_alloc+0x648/0x710
[ 2672.999481]  ? vfs_write+0x2e6/0x550
[ 2673.003204]  ? cap_capable+0x1eb/0x250
[ 2673.007101]  getname_flags+0xd2/0x5b0
[ 2673.010974]  ? security_capable+0x8e/0xc0
[ 2673.015403]  user_path_mountpoint_at+0x23/0x40
[ 2673.020143]  ksys_umount+0x14c/0xd90
[ 2673.023879]  ? vfs_write+0x15b/0x550
[ 2673.028075]  ? __detach_mounts+0x320/0x320
[ 2673.032373]  ? ksys_write+0x1c8/0x2a0
[ 2673.036225]  ? __ia32_sys_read+0xb0/0xb0
[ 2673.040295]  ? __ia32_sys_clock_settime+0x260/0x260
[ 2673.045410]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 2673.050590]  ? trace_hardirqs_off_caller+0x55/0x210
[ 2673.055797]  __x64_sys_umount+0x50/0x70
[ 2673.059827]  do_syscall_64+0xf9/0x620
[ 2673.063868]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 2673.069867] RIP: 0033:0x45c829
[ 2673.073201] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 2673.093324] RSP: 002b:00007fadf18c5c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[ 2673.101175] RAX: ffffffffffffffda RBX: 0000000000509dc0 RCX: 000000000045c829
[ 2673.108500] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020000500
[ 2673.115779] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 2673.123087] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004
[ 2673.130476] R13: 0000000000000c48 R14: 00000000004ce78c R15: 00007fadf18c66d4
[ 2673.200332] Process accounting resumed
00:34:35 executing program 3:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)="0f34", 0x2}], 0x1, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f00000001c0)=""/1, 0x1}], 0x3, 0x0, 0x0, 0x0)
tkill(r0, 0x15)
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x72, &(0x7f0000000480)="f71559c80aa4cefd3b79e76a039acbd61caef13fff703cc78e402a21c67dbe3ec9ee6c2a3b818b0000000009eb2b5c9a61000039dfad3ec35ca3dfaa6d0e35475ace78a33eb2b7fcfdd45d247a877bbcdd0307b91e8e05257ee498343d11310dda51e11dc0d92d614498a96fd09b90c0b306"}}], 0x1c)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

00:34:35 executing program 0 (fault-call:7 fault-nth:8):
r0 = open(&(0x7f0000000080)='./bus\x00', 0x1410c2, 0x0)
ftruncate(r0, 0x88001)
write$P9_RXATTRCREATE(r0, &(0x7f0000000040)={0x3ba}, 0x7)
r1 = socket(0x11, 0x3, 0x0)
setsockopt$packet_buf(r1, 0x107, 0xf, &(0x7f0000000280)="a933fb23", 0x4)
bind(r1, &(0x7f0000000180)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x0, 0x0)
sendfile(r1, r2, 0x0, 0xffffffff010)

00:34:35 executing program 2:
r0 = open(&(0x7f0000000180)='./bus\x00', 0x151042, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f00000005c0)='/proc/sysvipc/sem\x00', 0x0, 0x0)
sendfile(r0, r3, 0x0, 0x2000)

00:34:35 executing program 4:
sendmsg$NL80211_CMD_SET_REG(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="a8003ef3", @ANYRES16, @ANYBLOB="00042dbd7000fddbdf251a0000001c00228008000700020000000800010009000000080002000300000005009200010000001c0022800800040021c10000080003007d000000080003000800000008009a00020000004c0022800800040028000000080005000400000008000700010000000800030001000000084fcd971fdcd15cf93b0007000500000008000500b66800000800050001"], 0xa8}}, 0x0)
r0 = socket$unix(0x1, 0x5, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
sendmsg$AUDIT_GET(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000040), 0xc, 0x0}, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x23, &(0x7f0000000240)=[{&(0x7f00000000c0)="800000003804000019000300e60100006c230000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0x4db, 0x400}], 0x4801, 0x0)

00:34:35 executing program 5:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
sendto$inet(0xffffffffffffffff, &(0x7f0000000140), 0xffffffffffffff58, 0x20008005, &(0x7f0000000100)={0x2, 0x4e20}, 0x10)
r0 = gettid()
ioctl$sock_FIOSETOWN(0xffffffffffffffff, 0x8901, &(0x7f0000000080)=r0)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r1, &(0x7f000099e000)={0x2, 0x4e20, @multicast1}, 0x10)
sendto$inet(r1, &(0x7f0000000140), 0xffffffffffffff58, 0x20008005, &(0x7f0000000100)={0x2, 0x4e20}, 0x10)
pipe(&(0x7f0000000000))
ioctl$sock_FIOSETOWN(0xffffffffffffffff, 0x8901, &(0x7f0000000080))
shmctl$IPC_SET(0x0, 0x1, &(0x7f0000000140)={{0x3, 0x0, 0x0, 0x0, 0x0, 0x80, 0x1}, 0x8, 0x101, 0x7, 0x2, r0, 0x0, 0x61})
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r2 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)="0f34", 0x2}], 0x1, 0x0)
ptrace$setopts(0x4206, r2, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f00000001c0)=""/1, 0x1}], 0x3, 0x0, 0x0, 0x0)
tkill(r2, 0x15)
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x8, 0x0, @time, {0x2}, {}, @raw32={[0x8, 0x0, 0x1]}}], 0x1c)
ptrace$setregs(0xd, r2, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r2, 0x0, 0x0)

00:34:35 executing program 1 (fault-call:3 fault-nth:2):
open(&(0x7f0000000200)='./file0\x00', 0x1070c0, 0x0)
syz_mount_image$minix(&(0x7f0000000140)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000040)="600084e002000a0000000001000000c98f13", 0x12, 0x400}, {&(0x7f0000000880)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494fcbcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5fe6b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bd89e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb04e4cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e73872540ef4e5aecb0de86dd2a75bee61a9303a332233ff5a259b078a6", 0x326, 0x34f9}], 0x0, 0x0)
acct(&(0x7f0000000480)='./file0\x00')
umount2(&(0x7f0000000500)='./file0\x00', 0x0)

[ 2673.395688] audit: type=1800 audit(1588638875.264:264): pid=26600 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="syz-executor.1" name="file0" dev="sda1" ino=17529 res=0
[ 2673.430177] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[ 2673.431275] FAULT_INJECTION: forcing a failure.
[ 2673.431275] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 2673.443764] audit: type=1804 audit(1588638875.294:265): pid=26598 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir187076671/syzkaller.vDXwRA/1372/bus" dev="sda1" ino=17527 res=1
[ 2673.469859] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[ 2673.481273] MINIX-fs: mounting unchecked file system, running fsck is recommended
[ 2673.494847] CPU: 1 PID: 26598 Comm: syz-executor.0 Not tainted 4.19.120-syzkaller #0
[ 2673.503217] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2673.512822] Call Trace:
[ 2673.515458]  dump_stack+0x188/0x20d
[ 2673.519132]  should_fail.cold+0xa/0x1b
[ 2673.523067]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[ 2673.528456]  __alloc_pages_nodemask+0x1c7/0x6a0
[ 2673.533352]  ? __alloc_pages_slowpath+0x26a0/0x26a0
[ 2673.538678]  ? find_held_lock+0x2d/0x110
[ 2673.543243]  ? __do_page_cache_readahead+0x3a8/0x6b0
[ 2673.548398]  alloc_pages_current+0xff/0x200
[ 2673.552893]  __page_cache_alloc+0x2ba/0x450
[ 2673.557501]  __do_page_cache_readahead+0x1ac/0x6b0
[ 2673.562629]  ? read_pages+0x610/0x610
[ 2673.564625] ptrace attach of "/root/syz-executor.3"[26614] was attempted by "/root/syz-executor.3"[26615]
[ 2673.566459]  ? check_preemption_disabled+0x41/0x280
[ 2673.566481]  ondemand_readahead+0x54d/0xcf0
[ 2673.566502]  page_cache_sync_readahead+0x27b/0x520
[ 2673.566520]  generic_file_read_iter+0x185b/0x2900
[ 2673.596113]  ? kasan_kmalloc+0xbf/0xe0
[ 2673.600221]  ? splice_direct_to_actor+0x6df/0x8d0
[ 2673.604921] EXT4-fs (loop4): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[ 2673.605197]  ? do_splice_direct+0x1a8/0x270
[ 2673.605222]  ? filemap_range_has_page+0x360/0x360
[ 2673.605240]  ? mark_held_locks+0xf0/0xf0
[ 2673.628987]  ? check_preemption_disabled+0x41/0x280
[ 2673.630754] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[ 2673.634055]  ? avc_has_perm+0x384/0x5b0
[ 2673.634080]  ext4_file_read_iter+0x17b/0x3a0
[ 2673.634098]  generic_file_splice_read+0x3fa/0x6d0
[ 2673.634122]  ? add_to_pipe+0x360/0x360
[ 2673.660094]  ? security_file_permission+0x84/0x220
[ 2673.665382]  ? add_to_pipe+0x360/0x360
[ 2673.669302]  do_splice_to+0x10e/0x160
[ 2673.673136]  splice_direct_to_actor+0x2b9/0x8d0
[ 2673.678014]  ? generic_pipe_buf_nosteal+0x10/0x10
[ 2673.682903]  ? do_splice_to+0x160/0x160
[ 2673.686922]  do_splice_direct+0x1a8/0x270
[ 2673.691532]  ? splice_direct_to_actor+0x8d0/0x8d0
[ 2673.697384]  ? security_file_permission+0x84/0x220
[ 2673.702502]  do_sendfile+0x549/0xc10
[ 2673.706283]  ? do_compat_pwritev64+0x1b0/0x1b0
[ 2673.711196]  ? wait_for_completion+0x3c0/0x3c0
[ 2673.716219]  ? vfs_write+0x15b/0x550
[ 2673.720157]  __x64_sys_sendfile64+0x1cc/0x210
[ 2673.725023]  ? __ia32_sys_sendfile+0x220/0x220
[ 2673.729725]  ? __ia32_sys_clock_settime+0x260/0x260
[ 2673.734775]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 2673.739660]  ? trace_hardirqs_off_caller+0x55/0x210
[ 2673.744713]  ? do_syscall_64+0x21/0x620
[ 2673.748727]  do_syscall_64+0xf9/0x620
[ 2673.752687]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 2673.758617] RIP: 0033:0x45c829
[ 2673.760192] audit: type=1804 audit(1588638875.364:266): pid=26613 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=ToMToU comm="syz-executor.1" name="/root/syzkaller-testdir147527572/syzkaller.fWXSDR/1338/file0" dev="sda1" ino=17529 res=1
[ 2673.761896] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 2673.761905] RSP: 002b:00007f328c6c0c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 2673.761919] RAX: ffffffffffffffda RBX: 00000000004fc2c0 RCX: 000000000045c829
[ 2673.761927] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004
[ 2673.761935] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 2673.761943] R10: 00000ffffffff010 R11: 0000000000000246 R12: 0000000000000006
00:34:35 executing program 2:
r0 = open(&(0x7f0000000180)='./bus\x00', 0x151042, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f00000005c0)='/proc/sysvipc/sem\x00', 0x0, 0x0)
sendfile(r0, r3, 0x0, 0x3f00)

00:34:35 executing program 4:
sendmsg$NL80211_CMD_SET_REG(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="a8003ef3", @ANYRES16, @ANYBLOB="00042dbd7000fddbdf251a0000001c00228008000700020000000800010009000000080002000300000005009200010000001c0022800800040021c10000080003007d000000080003000800000008009a00020000004c0022800800040028000000080005000400000008000700010000000800030001000000084fcd971fdcd15cf93b0007000500000008000500b66800000800050001"], 0xa8}}, 0x0)
r0 = socket$unix(0x1, 0x5, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
sendmsg$AUDIT_GET(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000040), 0xc, 0x0}, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x23, &(0x7f0000000240)=[{&(0x7f00000000c0)="800000003804000019000300e60100006c2c0000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0x4db, 0x400}], 0x4801, 0x0)

[ 2673.761957] R13: 00000000000008dc R14: 00000000004cb816 R15: 00007f328c6c16d4
[ 2673.885239] FAULT_INJECTION: forcing a failure.
[ 2673.885239] name failslab, interval 1, probability 0, space 0, times 0
[ 2673.918896] CPU: 0 PID: 26600 Comm: syz-executor.1 Not tainted 4.19.120-syzkaller #0
[ 2673.927189] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2673.936838] Call Trace:
[ 2673.939465]  dump_stack+0x188/0x20d
[ 2673.943124]  should_fail.cold+0xa/0x1b
[ 2673.947050]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[ 2673.952445]  __should_failslab+0x115/0x180
[ 2673.956979]  should_failslab+0x5/0xf
[ 2673.960724]  kmem_cache_alloc+0x44/0x710
[ 2673.965367]  ? mempool_alloc+0x340/0x340
[ 2673.969571]  mempool_alloc+0x148/0x340
[ 2673.973669]  ? mempool_destroy+0x30/0x30
[ 2673.978207]  ? sb_mark_inode_writeback+0xc8/0x490
[ 2673.983553]  ? find_held_lock+0x2d/0x110
[ 2673.987826]  ? __unlock_page_memcg+0x4f/0x100
[ 2673.992755]  bio_alloc_bioset+0x398/0x610
[ 2673.997056]  ? bvec_alloc+0x2f0/0x2f0
[ 2674.000898]  submit_bh_wbc+0x141/0x760
[ 2674.005004]  __block_write_full_page+0x77a/0x10f0
[ 2674.009879]  ? check_disk_change+0x130/0x130
[ 2674.014410]  block_write_full_page+0x21a/0x270
[ 2674.019381]  ? check_disk_change+0x130/0x130
[ 2674.023820]  __writepage+0x5e/0xe0
[ 2674.027797]  write_cache_pages+0x82d/0x1450
[ 2674.032325]  ? tag_pages_for_writeback+0x2f0/0x2f0
[ 2674.037400]  ? clear_page_dirty_for_io+0xfe0/0xfe0
[ 2674.042766]  ? mark_held_locks+0xf0/0xf0
[ 2674.046948]  ? __lock_acquire+0x6ee/0x49c0
[ 2674.051212]  ? find_held_lock+0x2d/0x110
[ 2674.055521]  ? prepare_to_wait_event+0x145/0x6e0
[ 2674.060527]  generic_writepages+0xe6/0x160
[ 2674.064953]  ? write_cache_pages+0x1450/0x1450
[ 2674.069581]  ? blkdev_readpages+0x30/0x30
[ 2674.074423]  do_writepages+0xf3/0x2a0
[ 2674.078255]  ? page_writeback_cpu_online+0x10/0x10
[ 2674.083211]  ? lock_acquire+0x170/0x400
[ 2674.087223]  ? do_raw_spin_unlock+0x171/0x260
[ 2674.091786]  ? _raw_spin_unlock+0x29/0x40
[ 2674.096409]  __filemap_fdatawrite_range+0x27d/0x350
[ 2674.102738]  ? delete_from_page_cache_batch+0xd00/0xd00
[ 2674.108155]  ? get_nr_dirty_inodes+0xd6/0x130
[ 2674.112679]  __sync_blockdev+0x91/0xd0
[ 2674.116639]  sync_filesystem+0x13a/0x250
[ 2674.120906]  generic_shutdown_super+0x70/0x370
[ 2674.125701]  kill_block_super+0x97/0xf0
[ 2674.129793]  deactivate_locked_super+0x8c/0xf0
[ 2674.134554]  deactivate_super+0x18d/0x1b0
[ 2674.138741]  ? mount_ns+0x1d0/0x1d0
[ 2674.142583]  ? dput+0x31/0x650
[ 2674.146066]  cleanup_mnt+0xb8/0x150
[ 2674.149974]  task_work_run+0x13f/0x1b0
[ 2674.154055]  exit_to_usermode_loop+0x25a/0x2b0
[ 2674.158806]  do_syscall_64+0x538/0x620
[ 2674.162868]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 2674.168168] RIP: 0033:0x45c829
[ 2674.171555] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 2674.190783] RSP: 002b:00007fadf18c5c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[ 2674.198518] RAX: 0000000000000000 RBX: 0000000000509dc0 RCX: 000000000045c829
[ 2674.205945] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020000500
[ 2674.213292] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 2674.220639] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004
[ 2674.228225] R13: 0000000000000c48 R14: 00000000004ce78c R15: 00007fadf18c66d4
00:34:36 executing program 0 (fault-call:7 fault-nth:9):
r0 = open(&(0x7f0000000080)='./bus\x00', 0x1410c2, 0x0)
ftruncate(r0, 0x88001)
write$P9_RXATTRCREATE(r0, &(0x7f0000000040)={0x3ba}, 0x7)
r1 = socket(0x11, 0x3, 0x0)
setsockopt$packet_buf(r1, 0x107, 0xf, &(0x7f0000000280)="a933fb23", 0x4)
bind(r1, &(0x7f0000000180)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x0, 0x0)
sendfile(r1, r2, 0x0, 0xffffffff010)

00:34:36 executing program 2:
r0 = open(&(0x7f0000000180)='./bus\x00', 0x151042, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f00000005c0)='/proc/sysvipc/sem\x00', 0x0, 0x0)
sendfile(r0, r3, 0x0, 0x4e04)

[ 2674.360621] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[ 2674.371135] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[ 2674.390317] EXT4-fs (loop4): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[ 2674.406889] audit: type=1804 audit(1588638876.274:267): pid=26637 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir187076671/syzkaller.vDXwRA/1373/bus" dev="sda1" ino=17524 res=1
[ 2674.434940] FAULT_INJECTION: forcing a failure.
[ 2674.434940] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 2674.438938] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[ 2674.469964] CPU: 0 PID: 26637 Comm: syz-executor.0 Not tainted 4.19.120-syzkaller #0
[ 2674.470049] Process accounting resumed
[ 2674.478106] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2674.478114] Call Trace:
[ 2674.478141]  dump_stack+0x188/0x20d
[ 2674.478165]  should_fail.cold+0xa/0x1b
[ 2674.478187]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[ 2674.507007]  __alloc_pages_nodemask+0x1c7/0x6a0
[ 2674.511803]  ? __alloc_pages_slowpath+0x26a0/0x26a0
00:34:36 executing program 4:
sendmsg$NL80211_CMD_SET_REG(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="a8003ef3", @ANYRES16, @ANYBLOB="00042dbd7000fddbdf251a0000001c00228008000700020000000800010009000000080002000300000005009200010000001c0022800800040021c10000080003007d000000080003000800000008009a00020000004c0022800800040028000000080005000400000008000700010000000800030001000000084fcd971fdcd15cf93b0007000500000008000500b66800000800050001"], 0xa8}}, 0x0)
r0 = socket$unix(0x1, 0x5, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
sendmsg$AUDIT_GET(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000040), 0xc, 0x0}, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x23, &(0x7f0000000240)=[{&(0x7f00000000c0)="800000003804000019000300e60100006c2d0000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0x4db, 0x400}], 0x4801, 0x0)

[ 2674.516863]  ? find_held_lock+0x2d/0x110
[ 2674.520958]  ? __do_page_cache_readahead+0x3a8/0x6b0
[ 2674.526174]  alloc_pages_current+0xff/0x200
[ 2674.530537]  __page_cache_alloc+0x2ba/0x450
[ 2674.534892]  __do_page_cache_readahead+0x1ac/0x6b0
[ 2674.540566]  ? read_pages+0x610/0x610
[ 2674.544409]  ? check_preemption_disabled+0x41/0x280
[ 2674.549641]  ondemand_readahead+0x54d/0xcf0
[ 2674.554330]  page_cache_sync_readahead+0x27b/0x520
[ 2674.559506]  generic_file_read_iter+0x185b/0x2900
[ 2674.564567]  ? kasan_kmalloc+0xbf/0xe0
[ 2674.568495]  ? splice_direct_to_actor+0x6df/0x8d0
[ 2674.573532]  ? do_splice_direct+0x1a8/0x270
[ 2674.577898]  ? filemap_range_has_page+0x360/0x360
[ 2674.582864]  ? mark_held_locks+0xf0/0xf0
[ 2674.586964]  ? check_preemption_disabled+0x41/0x280
[ 2674.592072]  ? avc_has_perm+0x384/0x5b0
[ 2674.596178]  ext4_file_read_iter+0x17b/0x3a0
[ 2674.600731]  generic_file_splice_read+0x3fa/0x6d0
[ 2674.606832]  ? add_to_pipe+0x360/0x360
[ 2674.611014]  ? security_file_permission+0x84/0x220
[ 2674.616146]  ? add_to_pipe+0x360/0x360
[ 2674.621023]  do_splice_to+0x10e/0x160
[ 2674.625056]  splice_direct_to_actor+0x2b9/0x8d0
[ 2674.630021]  ? generic_pipe_buf_nosteal+0x10/0x10
[ 2674.634899]  ? do_splice_to+0x160/0x160
[ 2674.638920]  do_splice_direct+0x1a8/0x270
[ 2674.643400]  ? splice_direct_to_actor+0x8d0/0x8d0
[ 2674.648463]  ? security_file_permission+0x84/0x220
[ 2674.653442]  do_sendfile+0x549/0xc10
[ 2674.657733]  ? do_compat_pwritev64+0x1b0/0x1b0
[ 2674.662484]  ? wait_for_completion+0x3c0/0x3c0
[ 2674.667199]  ? vfs_write+0x15b/0x550
[ 2674.671103]  __x64_sys_sendfile64+0x1cc/0x210
[ 2674.676143]  ? __ia32_sys_sendfile+0x220/0x220
[ 2674.680739]  ? __ia32_sys_clock_settime+0x260/0x260
[ 2674.686190]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 2674.691095]  ? trace_hardirqs_off_caller+0x55/0x210
[ 2674.696729]  ? do_syscall_64+0x21/0x620
[ 2674.700911]  do_syscall_64+0xf9/0x620
[ 2674.704738]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 2674.710280] RIP: 0033:0x45c829
[ 2674.713504] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 2674.734274] RSP: 002b:00007f328c6c0c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 2674.742370] RAX: ffffffffffffffda RBX: 00000000004fc2c0 RCX: 000000000045c829
[ 2674.750215] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004
[ 2674.757692] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
00:34:36 executing program 1:
open(&(0x7f0000000200)='./file0\x00', 0x1070c0, 0x0)
syz_mount_image$minix(&(0x7f0000000140)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000040)="600084e002000a0000000001000000c98f13", 0x12, 0x400}, {&(0x7f0000000880)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494fcbcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5fe6b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bd89e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb04e4cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e73872540ef4e5aecb0de86dd2a75bee61a9303a332233ff5a259b078a6", 0x326, 0x34f9}], 0x0, 0x0)
acct(&(0x7f0000000480)='./file0\x00')
umount2(&(0x7f0000000500)='./file0\x00', 0x0)

[ 2674.765560] R10: 00000ffffffff010 R11: 0000000000000246 R12: 0000000000000006
[ 2674.773414] R13: 00000000000008dc R14: 00000000004cb816 R15: 00007f328c6c16d4
[ 2674.828767] audit: type=1800 audit(1588638876.694:268): pid=26644 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="syz-executor.1" name="file0" dev="sda1" ino=17520 res=0
[ 2674.878528] MINIX-fs: mounting unchecked file system, running fsck is recommended
[ 2674.924664] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[ 2674.947980] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[ 2674.958950] Process accounting resumed
[ 2674.986834] EXT4-fs (loop4): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[ 2675.022777] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
00:34:38 executing program 3:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)="0f34", 0x2}], 0x1, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f00000001c0)=""/1, 0x1}], 0x3, 0x0, 0x0, 0x0)
tkill(r0, 0x15)
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x72, &(0x7f0000000480)="f71559c80aa4cefd3b79e76a039acbd61caef13fff703cc78e402a21c67dbe3ec9ee6c2a3b818b0000000009eb2b5c9a61000039dfad3ec35ca3dfaa6d0e35475ace78a33eb2b7fcfdd45d247a877bbcdd0307b91e8e05257ee498343d11310dda51e11dc0d92d614498a96fd09b90c0b306"}}], 0x1c)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

00:34:38 executing program 5:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)="0f34", 0x2}], 0x1, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f00000001c0)=""/1, 0x1}], 0x3, 0x0, 0x0, 0x0)
tkill(r0, 0x15)
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0xe7, &(0x7f0000000480)="f71559c80aa4cefd3b79e76a039acbd61caef13fff703cc78e402a21c67dbe3ec9ee6c2a3b818b0000000009eb2b5c9a61000039dfad3ec35ca3dfaa6d0e35475ace78a33eb2b7fcfdd45d247a877bbcdd0307b91e8e05257ee498343d11310dda51e11dc0d92d614498a96fd09b90c0b306ef4fcd32316c48f327739494cfd766e8741d9783e4dc2a1cccb48f7d11a12e7714d3b2ab3f7e145069c031dff4e03cebb733218d3f00c1505b36dae61f9430afbad35132ad1172403fa3de92466d47fa032032453d60b2a1c1080000000000000095c32dd6fb7092e7a73ceffe3f8c450343d34abd"}}], 0x1c)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
sysfs$2(0x2, 0x1, &(0x7f0000000200)=""/193)
ptrace$cont(0x7, r0, 0x0, 0x0)

00:34:38 executing program 2:
r0 = open(&(0x7f0000000180)='./bus\x00', 0x151042, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f00000005c0)='/proc/sysvipc/sem\x00', 0x0, 0x0)
sendfile(r0, r3, 0x0, 0xf0ff)

00:34:38 executing program 1:
open(&(0x7f0000000200)='./file0\x00', 0x1070c0, 0x0)
syz_mount_image$minix(&(0x7f0000000140)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000040)="600084e002000a0000000001000000c98f13", 0x12, 0x400}, {&(0x7f0000000880)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494fcbcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5fe6b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bd89e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb04e4cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e73872540ef4e5aecb0de86dd2a75bee61a9303a332233ff5a259b078a6", 0x326, 0x34f9}], 0x0, 0x0)
acct(&(0x7f0000000480)='./file0\x00')
umount2(&(0x7f0000000500)='./file0\x00', 0x2)

00:34:38 executing program 4:
sendmsg$NL80211_CMD_SET_REG(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="a8003ef3", @ANYRES16, @ANYBLOB="00042dbd7000fddbdf251a0000001c00228008000700020000000800010009000000080002000300000005009200010000001c0022800800040021c10000080003007d000000080003000800000008009a00020000004c0022800800040028000000080005000400000008000700010000000800030001000000084fcd971fdcd15cf93b0007000500000008000500b66800000800050001"], 0xa8}}, 0x0)
r0 = socket$unix(0x1, 0x5, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
sendmsg$AUDIT_GET(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000040), 0xc, 0x0}, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x23, &(0x7f0000000240)=[{&(0x7f00000000c0)="800000003804000019000300e60100006c480000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0x4db, 0x400}], 0x4801, 0x0)

00:34:38 executing program 0 (fault-call:7 fault-nth:10):
r0 = open(&(0x7f0000000080)='./bus\x00', 0x1410c2, 0x0)
ftruncate(r0, 0x88001)
write$P9_RXATTRCREATE(r0, &(0x7f0000000040)={0x3ba}, 0x7)
r1 = socket(0x11, 0x3, 0x0)
setsockopt$packet_buf(r1, 0x107, 0xf, &(0x7f0000000280)="a933fb23", 0x4)
bind(r1, &(0x7f0000000180)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x0, 0x0)
sendfile(r1, r2, 0x0, 0xffffffff010)

[ 2676.450877] audit: type=1800 audit(1588638878.324:269): pid=26670 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="syz-executor.1" name="file0" dev="sda1" ino=17543 res=0
[ 2676.486310] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[ 2676.494574] MINIX-fs: mounting unchecked file system, running fsck is recommended
[ 2676.530012] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
00:34:38 executing program 2:
r0 = open(&(0x7f0000000180)='./bus\x00', 0x151042, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f00000005c0)='/proc/sysvipc/sem\x00', 0x0, 0x0)
sendfile(r0, r3, 0x0, 0xff7f)

00:34:38 executing program 0:
r0 = open(&(0x7f0000000080)='./bus\x00', 0x1410c2, 0x0)
ftruncate(r0, 0x88001)
write$P9_RXATTRCREATE(r0, &(0x7f0000000040)={0x3ba}, 0x7)
r1 = socket(0x11, 0x3, 0x0)
setsockopt$packet_buf(r1, 0x107, 0xf, &(0x7f0000000280)="a933fb23", 0x4)
bind(r1, &(0x7f0000000180)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x0, 0x0)
sendfile(r1, r2, 0x0, 0xffffffff010)

[ 2676.574322] audit: type=1804 audit(1588638878.384:270): pid=26672 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir187076671/syzkaller.vDXwRA/1374/bus" dev="sda1" ino=17548 res=1
[ 2676.593232] EXT4-fs (loop4): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[ 2676.629819] Process accounting resumed
00:34:38 executing program 1:
open(&(0x7f0000000200)='./file0\x00', 0x1070c0, 0x0)
syz_mount_image$minix(&(0x7f0000000140)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000040)="600084e002000a0000000001000000c98f13", 0x12, 0x400}, {&(0x7f0000000880)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494fcbcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5fe6b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bd89e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb04e4cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e73872540ef4e5aecb0de86dd2a75bee61a9303a332233ff5a259b078a6", 0x326, 0x34f9}], 0x0, 0x0)
acct(&(0x7f0000000480)='./file0\x00')
umount2(&(0x7f0000000500)='./file0\x00', 0x3)

[ 2676.686643] Process accounting resumed
[ 2676.702281] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
00:34:38 executing program 2:
r0 = open(&(0x7f0000000180)='./bus\x00', 0x151042, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f00000005c0)='/proc/sysvipc/sem\x00', 0x0, 0x0)
sendfile(r0, r3, 0x0, 0xffffff)

00:34:38 executing program 4:
sendmsg$NL80211_CMD_SET_REG(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="a8003ef3", @ANYRES16, @ANYBLOB="00042dbd7000fddbdf251a0000001c00228008000700020000000800010009000000080002000300000005009200010000001c0022800800040021c10000080003007d000000080003000800000008009a00020000004c0022800800040028000000080005000400000008000700010000000800030001000000084fcd971fdcd15cf93b0007000500000008000500b66800000800050001"], 0xa8}}, 0x0)
r0 = socket$unix(0x1, 0x5, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
sendmsg$AUDIT_GET(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000040), 0xc, 0x0}, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x23, &(0x7f0000000240)=[{&(0x7f00000000c0)="800000003804000019000300e60100006c4c0000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0x4db, 0x400}], 0x4801, 0x0)

[ 2676.831068] audit: type=1804 audit(1588638878.704:271): pid=26699 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir187076671/syzkaller.vDXwRA/1375/bus" dev="sda1" ino=17541 res=1
[ 2676.876930] MINIX-fs: mounting unchecked file system, running fsck is recommended
[ 2676.911553] audit: type=1800 audit(1588638878.704:272): pid=26705 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="syz-executor.1" name="file0" dev="sda1" ino=17548 res=0
00:34:38 executing program 0:
r0 = open(&(0x7f0000000080)='./bus\x00', 0x1410c2, 0x0)
ftruncate(r0, 0x88001)
write$P9_RXATTRCREATE(r0, &(0x7f0000000040)={0x3ba}, 0x7)
r1 = socket(0x11, 0x3, 0x0)
setsockopt$packet_buf(r1, 0x107, 0xf, &(0x7f0000000280)="a933fb23", 0x4)
bind(r1, &(0x7f0000000180)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x0, 0x0)
sendfile(r1, r2, 0x0, 0xffffffff002)

[ 2676.960142] Process accounting resumed
[ 2677.014745] MINIX-fs: mounting unchecked file system, running fsck is recommended
[ 2677.061555] Process accounting resumed
[ 2677.081226] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[ 2677.108937] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[ 2677.121164] EXT4-fs (loop4): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[ 2677.149110] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
00:34:41 executing program 3:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)="0f34", 0x2}], 0x1, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f00000001c0)=""/1, 0x1}], 0x3, 0x0, 0x0, 0x0)
tkill(r0, 0x15)
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x72, &(0x7f0000000480)="f71559c80aa4cefd3b79e76a039acbd61caef13fff703cc78e402a21c67dbe3ec9ee6c2a3b818b0000000009eb2b5c9a61000039dfad3ec35ca3dfaa6d0e35475ace78a33eb2b7fcfdd45d247a877bbcdd0307b91e8e05257ee498343d11310dda51e11dc0d92d614498a96fd09b90c0b306"}}], 0x1c)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

00:34:41 executing program 5:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)="0f34", 0x2}], 0x1, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f00000001c0)=""/1, 0x1}], 0x3, 0x0, 0x0, 0x0)
r1 = socket(0x40000000002, 0x3, 0x2)
setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000100)='batadv0\x00', 0x10)
ioctl$sock_SIOCGPGRP(r1, 0x8904, &(0x7f0000000140))
tkill(r0, 0x3e)
openat$selinux_attr(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/attr/current\x00', 0x2, 0x0)
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0xe7, &(0x7f0000000480)="f71559c80aa4cefd3b79e76a039acbd61caef13fff703cc78e402a21c67dbe3ec9ee6c2a3b818b0000000009eb2b5c9a61000039dfad3ec35ca3dfaa6d0e35475ace78a33eb2b7fcfdd45d247a877bbcdd0307b91e8e05257ee498343d11310dda51e11dc0d92d614498a96fd09b90c0b306ef4fcd32316c48f327739494cfd766e8741d9783e4dc2a1cccb48f7d11a12e7714d3b2ab3f7e145069c031dff4e03cebb733218d3f00c1505b36dae61f9430afbad35132ad1172403fa3de92466d47fa032032453d60b2a1c1080000000000000095c32dd6fb7092e7a73ceffe3f8c450343d34abd"}}], 0x1c)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

00:34:41 executing program 4:
sendmsg$NL80211_CMD_SET_REG(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="a8003ef3", @ANYRES16, @ANYBLOB="00042dbd7000fddbdf251a0000001c00228008000700020000000800010009000000080002000300000005009200010000001c0022800800040021c10000080003007d000000080003000800000008009a00020000004c0022800800040028000000080005000400000008000700010000000800030001000000084fcd971fdcd15cf93b0007000500000008000500b66800000800050001"], 0xa8}}, 0x0)
r0 = socket$unix(0x1, 0x5, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
sendmsg$AUDIT_GET(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000040), 0xc, 0x0}, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x23, &(0x7f0000000240)=[{&(0x7f00000000c0)="800000003804000019000300e60100006c600000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0x4db, 0x400}], 0x4801, 0x0)

00:34:41 executing program 2:
r0 = open(&(0x7f0000000180)='./bus\x00', 0x151042, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f00000005c0)='/proc/sysvipc/sem\x00', 0x0, 0x0)
sendfile(r0, r3, 0x0, 0x7ffff000)

00:34:41 executing program 1:
open(&(0x7f0000000200)='./file0\x00', 0x1070c0, 0x0)
syz_mount_image$minix(&(0x7f0000000140)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000040)="600084e002000a0000000001000000c98f13", 0x12, 0x400}, {&(0x7f0000000880)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494fcbcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5fe6b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bd89e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb04e4cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e73872540ef4e5aecb0de86dd2a75bee61a9303a332233ff5a259b078a6", 0x326, 0x34f9}], 0x0, 0x0)
acct(&(0x7f0000000480)='./file0\x00')
umount2(&(0x7f0000000500)='./file0\x00', 0x4)

00:34:41 executing program 0:
r0 = open(&(0x7f0000000080)='./bus\x00', 0x1410c2, 0x0)
ftruncate(r0, 0x88001)
write$P9_RXATTRCREATE(r0, &(0x7f0000000040)={0x3ba}, 0x7)
r1 = socket(0x11, 0x3, 0x0)
setsockopt$packet_buf(r1, 0x107, 0xf, &(0x7f0000000280)="a933fb23", 0x4)
bind(r1, &(0x7f0000000180)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x0, 0x0)
sendfile(r1, r2, 0x0, 0xffffffff003)

[ 2679.456724] kauditd_printk_skb: 1 callbacks suppressed
[ 2679.456736] audit: type=1800 audit(1588638881.324:274): pid=26738 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="syz-executor.1" name="file0" dev="sda1" ino=16147 res=0
[ 2679.503342] MINIX-fs: mounting unchecked file system, running fsck is recommended
[ 2679.517893] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[ 2679.554325] Process accounting resumed
[ 2679.572689] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
00:34:41 executing program 2:
r0 = open(&(0x7f0000000180)='./bus\x00', 0x151042, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f00000005c0)='/proc/sysvipc/sem\x00', 0x0, 0x0)
sendfile(r0, r3, 0x0, 0xffffff00)

00:34:41 executing program 1:
open(&(0x7f0000000200)='./file0\x00', 0x1070c0, 0x0)
syz_mount_image$minix(&(0x7f0000000140)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000040)="600084e002000a0000000001000000c98f13", 0x12, 0x400}, {&(0x7f0000000880)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494fcbcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5fe6b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bd89e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb04e4cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e73872540ef4e5aecb0de86dd2a75bee61a9303a332233ff5a259b078a6", 0x326, 0x34f9}], 0x0, 0x0)
acct(&(0x7f0000000480)='./file0\x00')
umount2(&(0x7f0000000500)='./file0\x00', 0x5)

[ 2679.590504] audit: type=1804 audit(1588638881.364:275): pid=26739 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir187076671/syzkaller.vDXwRA/1377/bus" dev="sda1" ino=16306 res=1
[ 2679.624785] Process accounting resumed
[ 2679.644668] EXT4-fs (loop4): ext4_check_descriptors: Inode table for group 0 overlaps superblock
00:34:41 executing program 0:
r0 = open(&(0x7f0000000080)='./bus\x00', 0x1410c2, 0x0)
ftruncate(r0, 0x88001)
write$P9_RXATTRCREATE(r0, &(0x7f0000000040)={0x3ba}, 0x7)
r1 = socket(0x11, 0x3, 0x0)
setsockopt$packet_buf(r1, 0x107, 0xf, &(0x7f0000000280)="a933fb23", 0x4)
bind(r1, &(0x7f0000000180)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x0, 0x0)
sendfile(r1, r2, 0x0, 0xffffffff004)

[ 2679.720291] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
00:34:41 executing program 4:
sendmsg$NL80211_CMD_SET_REG(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="a8003ef3", @ANYRES16, @ANYBLOB="00042dbd7000fddbdf251a0000001c00228008000700020000000800010009000000080002000300000005009200010000001c0022800800040021c10000080003007d000000080003000800000008009a00020000004c0022800800040028000000080005000400000008000700010000000800030001000000084fcd971fdcd15cf93b0007000500000008000500b66800000800050001"], 0xa8}}, 0x0)
r0 = socket$unix(0x1, 0x5, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
sendmsg$AUDIT_GET(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000040), 0xc, 0x0}, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x23, &(0x7f0000000240)=[{&(0x7f00000000c0)="800000003804000019000300e60100006c680000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0x4db, 0x400}], 0x4801, 0x0)

[ 2679.801248] audit: type=1800 audit(1588638881.674:276): pid=26772 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="syz-executor.1" name="file0" dev="sda1" ino=16182 res=0
[ 2679.840814] MINIX-fs: mounting unchecked file system, running fsck is recommended
00:34:41 executing program 2:
r0 = open(&(0x7f0000000180)='./bus\x00', 0x151042, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f00000005c0)='/proc/sysvipc/sem\x00', 0x0, 0x0)
sendfile(r0, r3, 0x0, 0xffff88821b301400)

[ 2679.855949] Process accounting resumed
[ 2679.885578] Process accounting resumed
00:34:41 executing program 1:
open(&(0x7f0000000200)='./file0\x00', 0x1070c0, 0x0)
syz_mount_image$minix(&(0x7f0000000140)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000040)="600084e002000a0000000001000000c98f13", 0x12, 0x400}, {&(0x7f0000000880)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494fcbcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5fe6b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bd89e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb04e4cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e73872540ef4e5aecb0de86dd2a75bee61a9303a332233ff5a259b078a6", 0x326, 0x34f9}], 0x0, 0x0)
acct(&(0x7f0000000480)='./file0\x00')
umount2(&(0x7f0000000500)='./file0\x00', 0x6)

[ 2679.906013] audit: type=1804 audit(1588638881.754:277): pid=26773 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir187076671/syzkaller.vDXwRA/1378/bus" dev="sda1" ino=16061 res=1
[ 2679.952005] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[ 2679.975382] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[ 2679.999717] EXT4-fs (loop4): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[ 2680.031623] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[ 2680.056944] audit: type=1800 audit(1588638881.924:278): pid=26792 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="syz-executor.1" name="file0" dev="sda1" ino=16113 res=0
[ 2680.119850] MINIX-fs: mounting unchecked file system, running fsck is recommended
[ 2680.140508] Process accounting resumed
[ 2680.194710] Process accounting resumed
00:34:44 executing program 4:
sendmsg$NL80211_CMD_SET_REG(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="a8003ef3", @ANYRES16, @ANYBLOB="00042dbd7000fddbdf251a0000001c00228008000700020000000800010009000000080002000300000005009200010000001c0022800800040021c10000080003007d000000080003000800000008009a00020000004c0022800800040028000000080005000400000008000700010000000800030001000000084fcd971fdcd15cf93b0007000500000008000500b66800000800050001"], 0xa8}}, 0x0)
r0 = socket$unix(0x1, 0x5, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
sendmsg$AUDIT_GET(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000040), 0xc, 0x0}, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x23, &(0x7f0000000240)=[{&(0x7f00000000c0)="800000003804000019000300e60100006c6c0000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0x4db, 0x400}], 0x4801, 0x0)

00:34:44 executing program 1:
open(&(0x7f0000000200)='./file0\x00', 0x1070c0, 0x0)
syz_mount_image$minix(&(0x7f0000000140)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000040)="600084e002000a0000000001000000c98f13", 0x12, 0x400}, {&(0x7f0000000880)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494fcbcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5fe6b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bd89e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb04e4cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e73872540ef4e5aecb0de86dd2a75bee61a9303a332233ff5a259b078a6", 0x326, 0x34f9}], 0x0, 0x0)
acct(&(0x7f0000000480)='./file0\x00')
umount2(&(0x7f0000000500)='./file0\x00', 0x7)

00:34:44 executing program 3:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)="0f34", 0x2}], 0x1, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f00000001c0)=""/1, 0x1}], 0x3, 0x0, 0x0, 0x0)
tkill(r0, 0x15)
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0xab, &(0x7f0000000480)="f71559c80aa4cefd3b79e76a039acbd61caef13fff703cc78e402a21c67dbe3ec9ee6c2a3b818b0000000009eb2b5c9a61000039dfad3ec35ca3dfaa6d0e35475ace78a33eb2b7fcfdd45d247a877bbcdd0307b91e8e05257ee498343d11310dda51e11dc0d92d614498a96fd09b90c0b306ef4fcd32316c48f327739494cfd766e8741d9783e4dc2a1cccb48f7d11a12e7714d3b2ab3f7e145069c031dff4e03cebb733218d3f00c1505b"}}], 0x1c)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

00:34:44 executing program 2:
r0 = open(&(0x7f0000000180)='./bus\x00', 0x151042, 0x0)
pipe(&(0x7f0000000000)={<r1=>0xffffffffffffffff})
r2 = socket$inet_udp(0x2, 0x2, 0x0)
close(r2)
connect$inet(r2, &(0x7f0000000180)={0x2, 0x0, @multicast1}, 0x10)
splice(r1, 0x0, r2, 0x0, 0x1ffeb, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$gtp(&(0x7f0000000000)='gtp\x00')
sendmsg$GTP_CMD_NEWPDP(r3, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f00000001c0)={0x34, r4, 0xc694d42685586125, 0x0, 0x0, {}, [@GTPA_MS_ADDRESS={0x8, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @GTPA_LINK={0x8}, @GTPA_VERSION={0x8, 0x2, 0x1}, @GTPA_PEER_ADDRESS={0x8, 0x4, @multicast1}]}, 0x34}}, 0x0)
sendmsg$GTP_CMD_DELPDP(r1, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000040)={0x58, r4, 0x1200, 0x70bd2b, 0x25dfdbfb, {}, [@GTPA_I_TEI={0x8, 0x8, 0x1}, @GTPA_VERSION={0x8, 0x2, 0x1}, @GTPA_PEER_ADDRESS={0x8, 0x4, @local}, @GTPA_O_TEI={0x8, 0x9, 0x4}, @GTPA_FLOW={0x6, 0x6, 0x4}, @GTPA_TID={0xc, 0x3, 0x1}, @GTPA_O_TEI={0x8}, @GTPA_MS_ADDRESS={0x8, 0x5, @rand_addr=0x64010101}]}, 0x58}}, 0x4004881)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
r6 = fcntl$dupfd(r5, 0x0, r5)
ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200)
r7 = openat$procfs(0xffffffffffffff9c, &(0x7f00000005c0)='/proc/sysvipc/sem\x00', 0x0, 0x0)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$tipc2(&(0x7f00000003c0)='TIPCv2\x00')
sendmsg$TIPC_NL_UDP_GET_REMOTEIP(r8, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000400)={0x14, r9, 0x1707, 0x0, 0x0, {0x4}}, 0x14}}, 0x0)
sendmsg$TIPC_NL_BEARER_GET(r1, &(0x7f0000000240)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000200)={&(0x7f0000000880)={0x2ac, r9, 0x800, 0x70bd2c, 0x25dfdbfb, {}, [@TIPC_NLA_BEARER={0x14, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz2\x00'}]}, @TIPC_NLA_PUBL={0x54, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x7f}, @TIPC_NLA_PUBL_TYPE={0x8}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0xfffffff8}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x7}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x3ff}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x3}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x60000000}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0xfffffff8}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x80}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x1f56}]}, @TIPC_NLA_PUBL={0x3c, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x6}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x8}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x1ff}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x722}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x73}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x2}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x9}]}, @TIPC_NLA_SOCK={0x90, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_CON={0x84, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_NODE={0x8}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x91c7}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x7ff}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x6fd}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x9}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x4}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x10000}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x6}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x6}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0xffff9de2}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0xfffffffc}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x7}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x400}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0xe72d}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x8}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x9}]}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0xfffffffe}]}, @TIPC_NLA_MON={0x4c, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_REF={0x8, 0x2, 0x4}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x4}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x80000001}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x3f}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x4}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x9}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x2}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x4}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x2}]}, @TIPC_NLA_NET={0x5c, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x38cc}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x8000}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0xffffffffffffffc0}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x9}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x8}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0x172678b3}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x6}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x7bac4d4a}]}, @TIPC_NLA_LINK={0x34, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_PROP={0x24, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x1}, @TIPC_NLA_PROP_MTU={0x8}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0xfffffff7}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x5}]}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz1\x00'}]}, @TIPC_NLA_NODE={0x10, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_UP={0x4}]}, @TIPC_NLA_MEDIA={0x78, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_PROP={0x2c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xa}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xd}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x7fff}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x4}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x1}]}, @TIPC_NLA_MEDIA_PROP={0x1c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x6}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x19}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x6}]}, @TIPC_NLA_MEDIA_NAME={0x7, 0x1, 'ib\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}, @TIPC_NLA_MEDIA_PROP={0x4}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}]}]}, 0x2ac}, 0x1, 0x0, 0x0, 0x40000}, 0x240400c1)
ioctl$sock_SIOCBRDELBR(0xffffffffffffffff, 0x89a1, &(0x7f0000000280)='bond_slave_1\x00')
sendfile(r0, r7, 0x0, 0x400)

00:34:44 executing program 0:
r0 = open(&(0x7f0000000080)='./bus\x00', 0x1410c2, 0x0)
ftruncate(r0, 0x88001)
write$P9_RXATTRCREATE(r0, &(0x7f0000000040)={0x3ba}, 0x7)
r1 = socket(0x11, 0x3, 0x0)
setsockopt$packet_buf(r1, 0x107, 0xf, &(0x7f0000000280)="a933fb23", 0x4)
bind(r1, &(0x7f0000000180)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x0, 0x0)
sendfile(r1, r2, 0x0, 0xffffffff005)

00:34:44 executing program 5:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)="0f34", 0x2}], 0x1, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f00000001c0)=""/1, 0x1}], 0x3, 0x0, 0x0, 0x0)
pipe(&(0x7f0000000000)={<r1=>0xffffffffffffffff})
r2 = socket$inet_udp(0x2, 0x2, 0x0)
close(r2)
connect$inet(r2, &(0x7f0000000180)={0x2, 0x0, @multicast1}, 0x10)
splice(r1, 0x0, r2, 0x0, 0x80000200001ff, 0x6)
ioctl$VIDIOC_S_PARM(r1, 0xc0cc5616, &(0x7f0000000200)={0x3, @raw_data="182d8741ff5267a2a285b6a1fb83a977668d8399158884780f919fce76b67f818b1f20e1a48d93f8972b4e6dcfdcc4384dc4572a24394052491dd00f15eea05409e772c0848cc7a102422d7ce73a2c4495d30efbf643f09e9958c482374f018d9a56ebbbd3af38127b3f67f89ef2667d0fc4ca8bba302dea1fe8b800a77571bc8c7bd7ab5a5cecb6d8905ec814af5fadd55250794325053d15dca28b62b78f59c4c68eff87f844563dfb15b2eea629812caac4da2748fafb0aa0cfbd3b91189c0d169e6e82ee45f8"})
tkill(r0, 0x15)
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0xe7, &(0x7f0000000480)="f71559c80aa4cefd3b79e76a039acbd61caef13fff703cc78e402a21c67dbe3ec9ee6c2a3b818b0000000009eb2b5c9a61000039dfad3ec35ca3dfaa6d0e35475ace78a33eb2b7fcfdd45d247a877bbcdd0307b91e8e05257ee498343d11310dda51e11dc0d92d614498a96fd09b90c0b306ef4fcd32316c48f327739494cfd766e8741d9783e4dc2a1cccb48f7d11a12e7714d3b2ab3f7e145069c031dff4e03cebb733218d3f00c1505b36dae61f9430afbad35132ad1172403fa3de92466d47fa032032453d60b2a1c1080000000000000095c32dd6fb7092e7a73ceffe3f8c450343d34abd"}}], 0x1c)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

[ 2682.476489] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[ 2682.493510] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[ 2682.510739] EXT4-fs (loop4): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[ 2682.584244] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[ 2682.600326] audit: type=1800 audit(1588638884.474:279): pid=26815 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="syz-executor.1" name="file0" dev="sda1" ino=16469 res=0
[ 2682.638330] MINIX-fs: mounting unchecked file system, running fsck is recommended
[ 2682.656178] audit: type=1804 audit(1588638884.474:280): pid=26817 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir187076671/syzkaller.vDXwRA/1379/bus" dev="sda1" ino=16467 res=1
00:34:44 executing program 4:
sendmsg$NL80211_CMD_SET_REG(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="a8003ef3", @ANYRES16, @ANYBLOB="00042dbd7000fddbdf251a0000001c00228008000700020000000800010009000000080002000300000005009200010000001c0022800800040021c10000080003007d000000080003000800000008009a00020000004c0022800800040028000000080005000400000008000700010000000800030001000000084fcd971fdcd15cf93b0007000500000008000500b66800000800050001"], 0xa8}}, 0x0)
r0 = socket$unix(0x1, 0x5, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
sendmsg$AUDIT_GET(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000040), 0xc, 0x0}, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x23, &(0x7f0000000240)=[{&(0x7f00000000c0)="800000003804000019000300e60100006c740000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0x4db, 0x400}], 0x4801, 0x0)

[ 2682.693186] Process accounting resumed
00:34:44 executing program 2:
r0 = open(&(0x7f0000000180)='./bus\x00', 0x151042, 0xb)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f00000005c0)='/proc/sysvipc/sem\x00', 0x0, 0x0)
sendfile(r0, r3, 0x0, 0x400)

00:34:44 executing program 1:
open(&(0x7f0000000200)='./file0\x00', 0x1070c0, 0x0)
syz_mount_image$minix(&(0x7f0000000140)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000040)="600084e002000a0000000001000000c98f13", 0x12, 0x400}, {&(0x7f0000000880)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494fcbcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5fe6b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bd89e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb04e4cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e73872540ef4e5aecb0de86dd2a75bee61a9303a332233ff5a259b078a6", 0x326, 0x34f9}], 0x0, 0x0)
acct(&(0x7f0000000480)='./file0\x00')
umount2(&(0x7f0000000500)='./file0\x00', 0x8)

[ 2682.764871] Process accounting resumed
00:34:44 executing program 0:
r0 = open(&(0x7f0000000080)='./bus\x00', 0x1410c2, 0x0)
ftruncate(r0, 0x88001)
write$P9_RXATTRCREATE(r0, &(0x7f0000000040)={0x3ba}, 0x7)
r1 = socket(0x11, 0x3, 0x0)
setsockopt$packet_buf(r1, 0x107, 0xf, &(0x7f0000000280)="a933fb23", 0x4)
bind(r1, &(0x7f0000000180)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x0, 0x0)
sendfile(r1, r2, 0x0, 0xffffffff006)

00:34:44 executing program 2:
r0 = open(&(0x7f0000000180)='./bus\x00', 0x151042, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = fcntl$dupfd(r1, 0x0, r1)
pipe2(&(0x7f0000000100), 0x85800)
sendmsg$nl_generic(r2, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x18, 0x2e, 0x100, 0x70bd27, 0x25dfdbfd, {0x1a}, [@typed={0x4, 0x56}]}, 0x18}, 0x1, 0x0, 0x0, 0x8011}, 0x8000)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f00000005c0)='/proc/sysvipc/sem\x00', 0x0, 0x0)
sendfile(r0, r3, 0x0, 0x400)

[ 2682.876984] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[ 2682.903044] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[ 2682.928351] audit: type=1800 audit(1588638884.794:281): pid=26845 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="syz-executor.1" name="file0" dev="sda1" ino=16399 res=0
[ 2682.938276] MINIX-fs: mounting unchecked file system, running fsck is recommended
[ 2682.960956] EXT4-fs (loop4): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[ 2683.016638] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[ 2683.023600] audit: type=1804 audit(1588638884.854:282): pid=26846 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir187076671/syzkaller.vDXwRA/1380/bus" dev="sda1" ino=16418 res=1
[ 2683.080815] Process accounting resumed
00:34:45 executing program 0:
r0 = open(&(0x7f0000000080)='./bus\x00', 0x1410c2, 0x0)
ftruncate(r0, 0x88001)
write$P9_RXATTRCREATE(r0, &(0x7f0000000040)={0x3ba}, 0x7)
r1 = socket(0x11, 0x3, 0x0)
setsockopt$packet_buf(r1, 0x107, 0xf, &(0x7f0000000280)="a933fb23", 0x4)
bind(r1, &(0x7f0000000180)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x0, 0x0)
sendfile(r1, r2, 0x0, 0xffffffff007)

00:34:45 executing program 2:
pipe(&(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
write$binfmt_misc(r0, &(0x7f0000000140)=ANY=[], 0x4240a2a0)
ioctl$KVM_S390_UCAS_UNMAP(r0, 0x4018ae51, &(0x7f0000000000)={0x6, 0x7, 0x6})
r1 = open(&(0x7f0000000180)='./bus\x00', 0x151042, 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
r3 = fcntl$dupfd(r2, 0x0, r2)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
r4 = openat$procfs(0xffffffffffffff9c, &(0x7f00000005c0)='/proc/sysvipc/sem\x00', 0x0, 0x0)
sendfile(r1, r4, 0x0, 0x400)

00:34:45 executing program 4:
sendmsg$NL80211_CMD_SET_REG(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="a8003ef3", @ANYRES16, @ANYBLOB="00042dbd7000fddbdf251a0000001c00228008000700020000000800010009000000080002000300000005009200010000001c0022800800040021c10000080003007d000000080003000800000008009a00020000004c0022800800040028000000080005000400000008000700010000000800030001000000084fcd971fdcd15cf93b0007000500000008000500b66800000800050001"], 0xa8}}, 0x0)
r0 = socket$unix(0x1, 0x5, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
sendmsg$AUDIT_GET(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000040), 0xc, 0x0}, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x23, &(0x7f0000000240)=[{&(0x7f00000000c0)="800000003804000019000300e60100006c7a0000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0x4db, 0x400}], 0x4801, 0x0)

[ 2683.167299] Process accounting resumed
[ 2683.218305] audit: type=1804 audit(1588638885.084:283): pid=26863 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir187076671/syzkaller.vDXwRA/1381/bus" dev="sda1" ino=16425 res=1
[ 2683.288413] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[ 2683.303869] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[ 2683.316752] EXT4-fs (loop4): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[ 2683.338899] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
00:34:47 executing program 3:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)="0f34", 0x2}], 0x1, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f00000001c0)=""/1, 0x1}], 0x3, 0x0, 0x0, 0x0)
tkill(r0, 0x15)
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0xab, &(0x7f0000000480)="f71559c80aa4cefd3b79e76a039acbd61caef13fff703cc78e402a21c67dbe3ec9ee6c2a3b818b0000000009eb2b5c9a61000039dfad3ec35ca3dfaa6d0e35475ace78a33eb2b7fcfdd45d247a877bbcdd0307b91e8e05257ee498343d11310dda51e11dc0d92d614498a96fd09b90c0b306ef4fcd32316c48f327739494cfd766e8741d9783e4dc2a1cccb48f7d11a12e7714d3b2ab3f7e145069c031dff4e03cebb733218d3f00c1505b"}}], 0x1c)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

00:34:47 executing program 1:
open(&(0x7f0000000200)='./file0\x00', 0x1070c0, 0x0)
syz_mount_image$minix(&(0x7f0000000140)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000040)="600084e002000a0000000001000000c98f13", 0x12, 0x400}, {&(0x7f0000000880)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494fcbcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5fe6b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bd89e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb04e4cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e73872540ef4e5aecb0de86dd2a75bee61a9303a332233ff5a259b078a6", 0x326, 0x34f9}], 0x0, 0x0)
acct(&(0x7f0000000480)='./file0\x00')
umount2(&(0x7f0000000500)='./file0\x00', 0x9)

00:34:47 executing program 0:
r0 = open(&(0x7f0000000080)='./bus\x00', 0x1410c2, 0x0)
ftruncate(r0, 0x88001)
write$P9_RXATTRCREATE(r0, &(0x7f0000000040)={0x3ba}, 0x7)
r1 = socket(0x11, 0x3, 0x0)
setsockopt$packet_buf(r1, 0x107, 0xf, &(0x7f0000000280)="a933fb23", 0x4)
bind(r1, &(0x7f0000000180)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x0, 0x0)
sendfile(r1, r2, 0x0, 0xffffffff008)

00:34:47 executing program 5:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)="0f34", 0x2}], 0x1, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f00000001c0)=""/1, 0x1}], 0x3, 0x0, 0x0, 0x0)
tkill(r0, 0x15)
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0), 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

00:34:47 executing program 4:
sendmsg$NL80211_CMD_SET_REG(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="a8003ef3", @ANYRES16, @ANYBLOB="00042dbd7000fddbdf251a0000001c00228008000700020000000800010009000000080002000300000005009200010000001c0022800800040021c10000080003007d000000080003000800000008009a00020000004c0022800800040028000000080005000400000008000700010000000800030001000000084fcd971fdcd15cf93b0007000500000008000500b66800000800050001"], 0xa8}}, 0x0)
r0 = socket$unix(0x1, 0x5, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
sendmsg$AUDIT_GET(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000040), 0xc, 0x0}, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x23, &(0x7f0000000240)=[{&(0x7f00000000c0)="800000003804000019000300e60100006c000300000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0x4db, 0x400}], 0x4801, 0x0)

00:34:47 executing program 2:
r0 = open(&(0x7f0000000180)='./bus\x00', 0x151042, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
setreuid(0x0, 0x0)
r3 = add_key$keyring(&(0x7f0000000080)='keyring\x00', &(0x7f0000000100)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffd)
keyctl$chown(0x4, r3, 0x0, 0x0)
syz_mount_image$jfs(&(0x7f00000001c0)='jfs\x00', &(0x7f0000000200)='./bus\x00', 0x6, 0x5, &(0x7f0000002440)=[{&(0x7f0000000240)="01672d4b14911985c0147601da0a04d2da9f4cecc46a540de639fe302fef9932e174e04983e4b7f086d0a62d8aa3f90529eb4c63f1dda7b2dc3f91a2248d28f5c179bea4cf81151b616caf89a7d802a16fbb2deabcc3bd762140233265", 0x5d, 0xffffffffffff4e72}, {&(0x7f00000002c0)="470c79323ffd533d73f6a28777e8a31f7f7361aa5ff0df8df5e212bf1f07f05e9b78ccae51d1a8e2ef22f82a2790b73e4cf0d038f8c16ef0ac66435aae5bbe81f4989a2b4eacd50af5177bcf1458f526eb593274d227b8f2e086659892531a2809f24a99790669b99f0a50d06202d585ebc4d1652dda806f0414028a236bc8859cba7c7185a1907732efa65904b6a02a73d8e28f74bdb3065acb19751bac1327d3ecebc434dc9753bd49b36aa1e41728c3309f8b322ad3fd8ce0c9b6b2e4be3bad3bcbf3dab2a3566bc74b45f3773e9f1cc55edcc69e8f52158687cf30e3ced3ad0c277bcda3433e0b03a8252af5b95fdc3a6529b9e9b6ca6847890043c0883d2fc138deea0c08ec35837eb9692917c39ce86c4935e4887abca771688399714c7a1faac063ac0c2fb93b76e8c38b339a89301e9e35bb7791e8490dda3a0f0e79c5154326d0b1da8ac3f9a860b0297173f8e1552e0bfaf8ef5475dd0a41685df2520835209e48ef3231a2c059e1e2a0ce36ae3a837044bf231e0e23519f71c56c8e79b6aa5309fae12a35eb2da6ba856c14e6c3c6125b377dc7590c1b7412a74687639128bc205e69c892231061328b7e16112b987e47b69287d35ca0da308f1300bfd613d390aefb4fd530c9cc93474174e9787b41aba3f4e266d860edb6d9b1b4edd3a2f82f495d8478e7a3f0d05b2d14c71a17dd2aa4ab6c57173a3eafb6ced5dd146f2d8cc45617540cf35451a6c13c5ff127781dee7dcc7e0763705ab0e86ac97210423b0e74c61f984e0f3575b1de1d4437e8586d85ed5d0af7fddfec9f4913d7f7a0d72b33bfd305d097b1304f9df77b44a91d3056df8b056b7b3777b9807213942b5e386be6f6fd54f2e487dc66b4b294107dd5e4154461e060d1413c46035d8b541827ae4517394ae256af125c5fb2ae6cc2faa7486d909988643c7a04af111272e7662d95432820746938939fb9d8644f75133eef2e2bb6637b5b947061aaa49fe800569cd8a3bea2afb67bd8d22404ed5300b310515f54359519e3fcf15bfd1cd223d5e389bfdc168ee04d89967d475fab35a4289ded024f04f72f19008b4ef4747e61f41fc2b81f55d77aff7568469a01895037e10bbfd7138c53fd0753ccda1b73594417c3fadaaef9ccaec8a639aed28d23fb4eefc931dd0923bd069912da2b977989968234edb73ec9d9ae3c90e057a1937b48d4499120ee6010d5d66651b10965da5e446f9592fb13a2ecbb4978b4d9f513575f80ed643102fc107416401dad8f208c2c256b936bca6c65a19247ccaa0ff753f2735af1d075279f85825f474cbda0f1cd41c3fad8345b5add1d0c6ad7bba3724e6a88d15c8a9bd5da76ad3ea845e0af870d99044a9243abe41ae95e0c1f64c0294230681b45f58e7d780de8352ae8fc7f050fbb012ecac0b76e585450eb2ef0a434eebed468b11bbe3a68bd14fe374cad4e35db820e4045980a96ab06063550c09ce9ae68d839d6883cd748fdd92567abd8521e55013d758295777d1055bf1c78b1b0b45fadba816a9e68f82f119be3f1e0998d0b1eead81d763d7fd604d0a0d1c1e4a48614a6ee1e6a1ca5adb9e8873b299a37e22ac001fc4e833f2fd6e4e1c1b4c9457a65dd14fcfe8587299f15aca56eb663160f2040485d6eaea39aec2a842a045832b5de445c416972ff69e2fd248a248a406d6da2e42ea0909e2c48a55c49793bb458a66fee097c45d6bdb1a0c6414f10aec33f4e69ebf48223bd894290e8dfda419095a0363832100d51379d0a0c98df7a78a4a73ce93a078f7d987996086a4c3506dddcd22a56bf82e52e5710189d27527422897f0eaf7bfb042d630211ca906ff36feae938f29701a3ded80f624b9f2a40aa5edb758fd7fb0e2b85bce06d6c0251f398729f689b52f4df7ff98e3f9101e84437c9ca499e9c58ae89e541e491bd251e752712eabbe1ca239259f016bb1e85890f35b86ca6f5e49af346123c278bdf3214ced66af69973eda7db9b62c212292e834eabd012aa25ee0576d74cbf86d315b953228806282c316f5f72e243210c631ad53d980b067ab1b746b5aa13eb5142430935e0aaf6788a8d14f2dc744f564562b867bd553ae9141021b4a58012abd4b464aa09a1124449b667fb7b4ba4aef536337e04dc1f05a5291164fe6854a2172a299c3187c52f6e65ba590342809160bbf9df942d7a25587cc299eafab1ed49fd002c4d57c1dcb4b5709b151422b39e5304d297feb66663081a40cb67e41fce27d7e85dc402e40aaa8bcc9b6f9acd12ab07caf4b88681e483b3e74d14fab303037131885e9cd4a45cd81a1c66a0fd6ab77fbdbdf1c1161be32f429f7f94585c114b0c00697f1b4c45cb99319129c854b4aa46547a4c599065598c4fc170ccaa9822b7a3ff244608e0e5106558de70ab332f90a15f0af8cd023144166857c8fa8185f2e246c5ee02ede0e1ed8c3eab533f928c750f80da594c41dd3856da2c6b41603eeee7f55095ba7fd717bb8f33eb1c11d359ac3cff6fcee16c54ae0082f352789df104460202cab336ef3ed6c245fb59ca2dcfb40ed4cbaf3395b79a27004fc476246beb2cc51ebd11a999bef13bb3e8f5af71154a1e449d4f7557a5b753d58c37e3a450ee046e15b31f45df88c60b1112f0ec419a5da0b3f518d17577a9e4d55d8a769eb5d9f49c510e9f881c3d821120ad8463c937a76da2ab8c5910e754ef7255bf95a0ee2b467ae1c9c03eb73787dae3fc77aaa00926380533e31c61c65412e1a66e2bd989f4991e51aab40374636c554058d2cfed21caa1227dfce6d3451a4b822a2e8b26f247ff35eee0d72f39f198d82a5fe148001c08786c70bf2116fc830f836e8235e8a4a04a8008b0b9ec3050990ce3550c92cb969e8fa4ec3e3f9ad981d96d6ece40c3af76ba639dc88f11a9f87ef8b9497f5e4ada9018054e313a7423473f9be9bd8ba8e40edf89b9b782cb5f55003de6d36391bc4492a5a05ef196c1b55f008640189a1a059bee8753911403a9f61715d3131c74e7f6b3f0a8429ab51caf0017fab6379962d633a3c36a8b059cf6329b8e874cc08dd2193daf5f786e60177fa74283b7cd3ff764ec2786710c25f9a8096b11e2c5e98f668f1fe59fe6e181552bd5c2a79f01f5c7689149cb672752af8d7142ad1804adb774a6ebcaf214fd2ea7083e304220e8b36591020c0d984611ba6891c7948e4af2223b3a5a18f376a5ade131ae3141c02469676a76d06814d4dbc1376611162aa1d270903074df14c43b1cf824750f3ad81bcee0f9e47aa66fa012562c063eb4e523bb72576ee681e5992a6dea8886e35898dba74af5fda18cddc7f5e282117921eaf7a569c0afebbbbcbeeb1f20f030aeb673b79ed3c0242de1f294c69b9df9ee672445955b05acc0cb4cc252f2362cf20cbbd5114fc3f17baf4b8f6ed2c06225f719e8d576326115f0ac38210ab2c98502325ed08eb97f5c1cf7b8da5d8593ccf0240a2bc1fa2967bebc8b56c14eb09a77a110d1e1803e220820ee931d17aada9cc61cc06a1d00474cde80e136344130c99553702ebc4ca49c4ab4ca8a53083da3d8e6c1a1ad877157354a5b87d245817afd1f37d2c2937fcbe6e665914da386797c4811e5fc429ec974e08910c61a9f043fc6d08947af02e505be1ba171f50e1d361a63231205cd62e8128c1ae716e41f15544a81cec8c9e5b633e657f846046e945eb7cd637fd674816740628ac1330e1a483f75a405f74d885589afc5dc6fed504c3877402ff36da5a10b81ff3bc27d78cd3d1453bff64029969de20b3c7b244630f9598e5fda383af3747cb14a1bdc7ae5482b766f48e8543df5659d5769e3f3c92086edba069c3492d3e0f9741a2081390dd5b8113f3ad1d9003eb801a143b93cc6ee9180561dbf5887f5f34a4e9d0751215c604f9bd5d42b416f084e7fdf290ec2d0453bf3e71f02810982b7f5642a49f2e79a5690dd69170f441738d5a15f9d05185417bf558d8e866686150c18c247b03937abcf0f0b21f88ebd7d8f45f00ab8e58676560b2336003b8a255a9f204227fc6923c036f3afa61a65da391f5a706c3df87376ab17646427171db06cd90b2e20e1375b98ace778568d2c94a49e4bbc1e8968401346acca98ea9df83ece4a30b31db0cf06c4d2a84a35e45f7df0d03c2495385921ad141e23c663d556cb9025f6fb1b3ca12e1c7585f6d3341382e3a6f717312c06d4745de5954b0ddc9b919de0aa1a9cf831fb2d71d9e7db3e651794138278dd8cfc23cc366baa0e5c19cb8b8adf0c30a2ad2d2a485719426786ddc753bd763f480df536f3388e50b23ef99c7c50a157eba0f95f079c4fa8196f550bec1101144d69bfd95ef4b2b076b1317e86577620df4320ab9d1160b2d23482b2cd3a7ff8ae90ed582dd0ee472599603874312a12a1bfeec15343c7c83285e2e3d584db7bf6804f377960e754373f91422fd1783f5c927df5b2cb9e962cb5eaf12a627f00cf7835f83e712c31d36a6ed404cd8c4e46d1614e3b8df8ba2e58326d43b8eb12b71950ed8f601a0474d23a510aec5f1e0f54936b1769cad26ab4825e8976d18fbe096e7f004629e14f5bc1594afd0e7fb55b5d2323c105395e29d409de0f9e87419a3c7c2dac9b65540ca32be7d378b806239a06d873e6cf558c12251ae9b9456b9521aadc9373f5bc4dce083ec3065f9385035ad34ba272447c5e7f8936563e8c7e73da597cb66f2a527d2ac3fe503ce62769fe916095f56ab2771f0f07ad94df38cb169fe85ffeb92455de131cd554ccd9d25c617b4fcd70335b317daf251131a341f7430b382cf37c77c97e2c14b9e40e8f934eb23588b3d445aa964690cecdeb18e47cc7d7b65974652329d6318f0cf171c3b5bc007121dd22535a7a2497727cd29dd961e897da70802fd76679210667c06a526a9a3a5ee43e784a7d620a3674b8bb82341a37ac75e3a240c1d26a3ba682c50c2ddbcd7f9b17e0e3b33d22c66225f60dc0b94307a85a87268edfa44b134287b2120b19552448c7c0202c99661a41becc3c483c9ae6b2092035265b73870ba6a0afc78678a0f3c61f70ef0d3308e2e8f01e597e0dd6193f2aa4d24e7088ace4b34058f5d541e790ac3cdbdc380af39f693c6ef20e353e01fe1b374f410d62146db82ac78596eca99c895c1e62c10fc595efcc010c6ad0d7811f0610b12b03489493b4529c488764da7f406222a4e7ee880062ac3ae453cc010d667012ee96b6f5dc7aaaeadc26325da8cee020f9499e94a404250a82159684858cc556603d26e1a12a1b1cbd5455b3b3e26fa1559e39ca39bed279f0266d49c2bcbf9cb3696b8621cb46ec96670d05bfc1a1e3719ec136385eae37ed701bad6f0283f428b06184057be89b3a169d4012a197bd9b00d2e8cc1680eb907652b41f3e3cedfa855928970eb2f11d443b80f2c4e464e2060cedc99017e23afa3ec32eefa569912b06aaf558b7a8e2dff74ec82c13e9ad05d9914fa5ac01796dce6425f4e2ffd310cc13500bc37f205a58ebb860a2e562b73ea7e1aee714539e2a6ca3e9f0a3651ce3113762107e6aea5a0ed85e938e25055dc54a03dea519734a632bbc27898ba3784e1ef5cd5eb20462d3afa145a8dd04369e55db33ce40bb394f33fd9bbaf256ab1ae372755966b49346a996be69975881321acd1d979486d281c86dc77d31e9ecec00c271a6bf9abdb4d99189aab597e6335ed724bb51ba90e3374fcd935534537e37a9808c5a41ca96d2077500c6c58ac26c9c56581b69ee04b933a8fe7d06533c8206", 0x1000, 0xffff}, {&(0x7f00000012c0)="b0a6b5088d42ceba28d4c084fc525cff8ae7a71339c89710b3fa1addf20150b6078f8738c664386060026906862e6c77272b34b7eb9d68fbd14a402eef90be5bfc4191dd085c8ca6a9312a7b8d1113d42af00857ee6f6827880819be9a5cb01cf8864e0d016ab670e797a915fee027ce1b3a0ab9", 0x74, 0x7}, {&(0x7f0000001340)="20873f08f5317d2b0db4bc1004039cb4027e0bfee2530bf172eec91d60c9bbea58c3ac51605dcab8eb9ae7e57ee02a3e35b34dba48e96de0ec14e66c69651ff96152c22b8f6c651f72ed4facfd56fa8b9bca1b49a377416c8dc2ad08c201e2841738b2176fc7ddf4c9f8835db303a1f1c65023985dd63eeda62bec87b813ac711da2e729d4fd9db7d18dfa5480658b9751838dd6c7281a123b295889bb518fe1c644bef4407028a8de4b9777cefe2316c84df48444deb8f00b3d414cd49a77a0a91827c52a1328fe1c84021d538b479df44d2dcdac55829ab974170f7dc3ee6daa6d51f678b631fcf6217f864a618246ddec8a0119ae238cf8035a225e52c68ff8dd2bf4107b20149b0843c942518d5b0e457b2208c842493f5dc08090255ef4a0bbdfaee4450a4999539db032b468e556fbac9cf5c57aadc923fcf863e9ca854c0e11e0496eefcaa53718c41283d96a5d8c0ee9b51b0fdd6d90e21c0ab05a5c5e4b6c61f2807c770ae29ee0d703bc1cd44b354dd1611d880fac6af8b71ab7353770e7e102f52ebf1fc1f80a1f4c997ef3e60faea705e789a3d14f6cfb3f00484c2b1416807cbf00459a017d440c0b20c5fd938c8796a57c2616f51803283feeac9a546a850ba442b378d997a4f00465a4624bcfc4a81a7c3a9f8b77827d93086d0b78a27e530a8a28fb43d1375284726afcca51815f5e4536beb88f39447b6038de3d4109a8365c525c3cba8261bbcc16274aa21b3cb0d8ff38703e9a8c92bb4a9f04d71e4a591f519bea662ac14fd982b2ceb4d9d44e623808bcc4383acd2780b3abc9957b1487af33da6ddffb93df832c35e0fc8478a868c277f0e59e2ef9f19c95031a33461c922aa1e71fa7655ddb694a4fb4fd72ee66d3fffeaa92ed14df809d95ab9b190923f692e8d8e258ede8842a2fcb6fd51ad4052d626f3f46fbd0b5119e1b0c255976f27d4dc3f5cb9c136775b88ec1e84cc3f2a2c37e2691235878140353648a6e74aa73a91ba519063ecf33b240c3f84b6da00092aa516221078b8c1fcd615feb0935f30bdd0d15e58cfae13fca996546b48084fe23c7334ab729f00ac2a9083c90ce36878d5d5a43ad2d63821fc199429994a81054f90164e43ded75b6443acc5d0156c3cae2298609786db02ca1e5139469aa6829182ff946d4a8476a0ad14483b78f0625bb80ab130bb5c578b9070c8a095639bfa58b8cbdaf20455c1d9813b1ab8cb94273fa3c3e6dbe9dcb5d7c857a52aa310c7d9c0518bb182e94be470b41038431b2137844108c1d925b2548e32c20eef5d1a367a4fbfa65749ebb3a7b52ecca40e648a9a388df9fc6b92aea92ea590e87fd1d5229e780c867380a39f32f61d37ac73b43656f8ec5e56471ed991bdea22bc3d2da517625b135a76e83170c66aa20df44d05507163a3325b4eb03bc59a1ef4bdd566111a01162bc8a99aae0b5fdc90b2fe7f9474ab578a068262e5385e63ab0cd4b07de0197e88ec3044dba732b4d01585fa6c7300db11dd1c0746be879d8415eeb9792811aeb04372b0d0ed83ae2baae8b99f6102629a6c94f07033c47c94ba01bb989514cbe6eae155a68c6c3d89a7a72a1b307513c810cf5974c21ea2746d52e44dc4244dde7257cce2164b8d4f35b561eb7e770f103e2207f14fdc8bd6c803af9f7bc56b30d70acf716068dcef16583ebd030da62f81664a23ec9ddafdf14429a401de2baf900477cbc8c412e2f637b2e9331cf7c64abf89fc72e607d0db44f23e60c2471817e7a1090adc77b0d1bbfc3d6a1557ca57d89581d3ac91a5f2540a10b19b5553f4a0e62f539a764e416796ac98658a023a5d65d9d83797cf09d5240715c4e09dc2bd79bd8c62e01dfcad389d611b3d7ac860e72edba05d69e647a66325350db127dbccaaa5ff456e55643779273c1e584697de08d93d75eaaeef842c2e61be8d3ae05e0d539c3d426a6e4c8e6ecd46c7f08f0afee11d717d29cdf56dfa07d0880bbd85299a2e5b40a705c38bd4af3717ecd381137cbcce2ec22559cf3602edafcd426a436a304ed78ec2b4e04ac81ce6c157c37006d3f4c737df1409af175377f902a154eca832022d9518008ffbbad177685c1cf66be4dabcc6893eaab5f633babb73aa34c60139085f860af039f8096c961a7307fa3991f74bfbabd3c15f337dff8db45e77aaf6308c8c880aae06e8029ddf8bb04c1a482374060ea91ed91aa5d9806be70fd40b73302c1cf3742b27acac4f27a7bf2f2d4ba1b49af87465b462f9e1ad898dae51b6eb9827d6c877590fd8078234b4e3f333cb85418a3d57d6f1e145e958b5ce38d92e7408d785ebc50fadd5866bc7373a271aec2ca7dd5622f8455aa221a5ed9703143a687ed529ad94130443a127a2712f507eebad835f7a8aada47e972ae869078bc4bad198ad4a34cdc29e07d6c508e94a5b49f516bf07d8270e5fec345dac6e61ea548ec2df6437428763738f2c9f6511e2ec24cdca3d39445a626883bb1a901eb207a5a9d62455c2acc386c09cc93cb7ff01c06b6adf043c178aebd4d95fea26090ea989e0d0a9b8136a5229759c4a5a309e66264d96fc7a69985fd32f007fd65d491b90e513da3fd5f351fee0bf40756e9cef3a8c331f5da55a041f7ff0d947ef1ea0504ebd8d087bc54a2b2390a5b10c49c32c1c7c09e5f76b1cab03356aca681da7144f922467bb1e20f074c80e0d2589cdb813be72795b61f95be533d75fb84d37e5581e83ef6436528f1fd3deb9875fad7c86517960bdaa32f69607e556c9a617bbdba61268a68dac1d1587489ba7f32c9015d83a92cb263a35292f6725c8ca173bdebf96d315ff7d6db1877a53cfd46c5f5aeb21cc7c1191decfc39528adb78b6be5b700ba57d72f26a28d4ff9ede80a83499376c00616f3d5a82b9bf19839d9ed423c26d7bc2e5ee09c112f0e3fa8260d01d9d34b1cf012843ba321525ab08a1107b50f4897600434adebc70914f7ff11c49fcf5dea1ac95327f90ed6706ec6d743f8d939c0bd443da1674cd4e3c2d00f83ccbd0accca4cf521542d324906e7ca141f19d971b7b736f336a960d9013c703ef56ba4c3a22e050bf8083a1a290de8efc06ac1a0f321287920d59bfaa0c1ad99cb08759cedb400d0c6cf76e16e1814d5862980e2f26f16e9c9c36aa843e37f82dd8768520f437a45eea5cca47f8918552586002936fd717f404a435270a76d6ed6f4f18537956af4c4aba4cc4ea9860ceefe26002d49444fef1414044b3adad66054a528fef2078fba0914a4cf70a7dd8e51496e1dfdb8de9165f74b9d5088f52a5335279862bc8d0a730952be6af571392c6aae808f3f2390c5044e8f8e444e30f959baffe3cf5f4e0a7900ba91d5362a527c1160db562c64a0fde830ca31b64824e0c4ac822d8d9b9d45e39d4cc0d02d74c0751ef3b2816bae5dd0af3d356100997371d18ae647730d06a9f4a21194093541a815a11eb45c6d66c709638a1bff1e002ba51291295268b4aaaaf1105b16d3843ae718e7a18687cbb0a49a3480df7c20ec0fad725c54942b885f582301b7354286730fc84243ebdb566237acd6d7aee1722282d2b546a002908a560f7be2c65927e7b6a53ed37e230469bb3fd7764fbbd04313df4c2545edba2bf71680f8d90b32d50c079ed855b107d15f968008212c7f984316e835c73eb152d93f388bfd692494f61434076e42edbf1db5d09305988c405f4f02b8c962cbc9eb640b5efb5120ea16964c9f37f8611b4deb68bcea588305367381c8664937b22e1c7ddd2fd10f238d2e3ebc99ccfe09aa5e9ab37881c097a33f65a2ce090e5ab034ea605930e3860638c21e7c220ea90676a163671f5c6178c907c322ddc58de0a772f538eecd6fd2c40866375c778aaa84dd0821905e77dc4a4bcec8c0d2a86eae539ab8fde8933690a905c56d3cb4df87187d6c08e4a4780bb04a7e05f4545b176d31a94fe4935afbf38ad29aa36227efca84685346ebe8977c0e4a5f912c8e80b600f732ae3f6a0da90f8ffe219d9b89e408512b1a764f41f64494fa3080f9b4cc16185a536d19c267328919af58c038162d7d82a0ba0ffae8efbc2a8197451aa4dec915b5c5849f3e16dccdbe06a4c1d46004245022f1a65055b3ecb7d1c32b79c9f6486680ce1514e7cfa1d6983b1336d112477971d01a28a1c5ec8b590f1b97b71e27125fc6c6d03ab71c888caf0e75e3ba1420c7455576cc878ceca07e4c9103df788027c7a53db8c10b1e8fcf96ffa7d5fd8b4f8d605f95bc1af9c44b7ab251d896bf423a5da5ea2c99700fddcfbeed1e3acf73797e13b60c6f61eec663904dbf042e85b32c581da1351f67ee77167b41c4e4f734745e6c4f8d35a48282f69e08a34a5fd39a1e03d9fb042b510f603231e3324ba1b6523d3b185d89c0ad31194ad7ae1a4e8195d22feb6c682dc09c6af78a8cd63fcf09073519a3f5683c2adc76a56a676f4ece5712b0843cc72c90f49aa958d9a4c0c483f486f9b51d25caad6b36f95c3a808ea616bbbe17785333aae665e0b9a7b64adc167104afc7739f344a36ec6f96142196f4a3ab991edfbe9d4f9a67619ec98f99ad82d673f0aa5d6144eafe476d91f4aec4f8a82a9be6f97b6c628dc6ab497d93f1f8cd3c9c3d741f78e511187dcc1ce962aa249422e62e2ae3a92e5281a00073f33ae42044c820081df1b0c5ac4b8c8fd81b18685577d7076d0b75975ecaff8afb66c2f00f516c4f6a0f34c7bb3cea85c8c717d0395f9b183e572b269a1f58d6c4aca362c9b4aa19201a8678ec5abc17aa77cd2d10d92a9d223f8c1615fedc03e8144fc78f9b0235badc2dd7d23359eb91e88bcbe522b0833fbd8152feeb4d08b6a3dd02cd8d3d982748e8b2d75dd044822624953ef13e1bd875bd48ae20d513a0474cb7dc34695bf549c2fa7c0ee8d3e5c5d9c4d7dd911cb6eae0ec6a7ef3ddb1763af0b3b3be87a3056fec00dce05c675b897b45c50a5185950deffdbdf7a89b8cda6b5605b0ffc3d2f35bdbb0313d45c891085fd31e8666e256f132a66de2c5ee0323bfba9d4c41f5f8f51951eac7907bc7833ebaabea1c4ec9062b2318141cb4bb96a4e68ba67fed334d4c9c73b08609f692970f09423ce55eb2380ac2a690b29b635afba163beed9965744009856044bc713288a1b843ff8e0ff6f000c8870c569390b126d9a140c53f427e0c7d48f78c2e3e9616440aafd3524c209fa978d79d0e5edbc0c9367a1d64fd0cef2703bacf3e122dbf6f7b69849a69399b1b6cdfafe542701a88f3769ffbda3402f50f0caf7a7868af50e6722002b985161dfd89cb3200f2aa17b22152503b28c6068e45b3021d44b84920fbef14bcc560d4d3510096a1006265988ef148707c540e64599442be89a09755a48c9b12269c57ae5a78587bff0758bd5351ed05543d6286718712037e57ecd6b96797cea8eb884a66ffb82d8c2bf0d51a9626a82fd1dd1cb4ef478d9e61e8190db3ee96ba3065a9534692c00b2e72275e0dcc7e54e42540b556ce498916951ced302b0584c3fcb04464f1496290cfaa04b53a4b838fd8d3af74ac1b67b883e526d8140a31f8f7e40be79b8faae570433f778e8f36a6587080a7c66de9f40f105190b77455e3b3d3a72d98f2bc46ef89f1e270e52551459329fcc0ce6d1d3cb87f9cb5eaa647eb194ec43f157a9e5a3d0459f2361370b8067955a064c185e9d54384414b78318caa6b58708f5adcdf8219beb6629d19e30b07f64f97df1c4aeb45c79f6945900455b101608717d5a5e128af08a9fafa721d882f4", 0x1000, 0x9}, {&(0x7f0000002340)="fbc5c0921eed8c1623ad5b205fae236a56874aef552d3d3e2357d37dda185e30a83d4afd86d59e720355d3e9e35bb0c698faec7e7763e3a5ba665ee9185648e4f3062ec37ba1353d90678e6c5688b15d2597ce05c546877d793bbf55cbd0e731ae05d53a79c9d9f361992971e3871287424a07de28f01ea9e7e9a88ed2265a1f1af9951dd471b1bf402c21f5db2ecb9b714f77ddb43f88028601194649adf17f1d960e5fdd841f9cd8d71e546ce7d7dbeef23f72380d2956d02c52bcea8fa00569622d5bce98f9387a48c358abc63e2a8715e2aaf454779a96aae4eba584916a417fffdb", 0xe4, 0x80000001}], 0x4001, &(0x7f0000002640)=ANY=[@ANYBLOB="71756f74612c756d61736b3d307830303030303030e980166f663038303030303030302c646973636172642c726573697a652c6e6f696e746567726974792c6769643d", @ANYRESHEX=0x0, @ANYBLOB=',errors=remount-ro,context=root,uid>', @ANYRESDEC=0x0, @ANYBLOB=',measure,pcr=00000000000000000031,smackfsdef=/dev/dri/card#\x00,obj_user=\'^*bdev,\x00'])
r4 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r5=>0x0}, &(0x7f0000cab000)=0xc)
setreuid(0x0, r5)
r6 = add_key$keyring(&(0x7f0000000080)='keyring\x00', &(0x7f0000000100)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffd)
keyctl$chown(0x4, r6, r5, 0x0)
syz_mount_image$jfs(&(0x7f00000001c0)='jfs\x00', &(0x7f0000000200)='./bus\x00', 0x6, 0x5, &(0x7f0000002440)=[{&(0x7f0000000240)="01672d4b14911985c0147601da0a04d2da9f4cecc46a540de639fe302fef9932e174e04983e4b7f086d0a62d8aa3f90529eb4c63f1dda7b2dc3f91a2248d28f5c179bea4cf81151b616caf89a7d802a16fbb2deabcc3bd762140233265", 0x5d, 0xffffffffffff4e72}, {&(0x7f00000002c0)="470c79323ffd533d73f6a28777e8a31f7f7361aa5ff0df8df5e212bf1f07f05e9b78ccae51d1a8e2ef22f82a2790b73e4cf0d038f8c16ef0ac66435aae5bbe81f4989a2b4eacd50af5177bcf1458f526eb593274d227b8f2e086659892531a2809f24a99790669b99f0a50d06202d585ebc4d1652dda806f0414028a236bc8859cba7c7185a1907732efa65904b6a02a73d8e28f74bdb3065acb19751bac1327d3ecebc434dc9753bd49b36aa1e41728c3309f8b322ad3fd8ce0c9b6b2e4be3bad3bcbf3dab2a3566bc74b45f3773e9f1cc55edcc69e8f52158687cf30e3ced3ad0c277bcda3433e0b03a8252af5b95fdc3a6529b9e9b6ca6847890043c0883d2fc138deea0c08ec35837eb9692917c39ce86c4935e4887abca771688399714c7a1faac063ac0c2fb93b76e8c38b339a89301e9e35bb7791e8490dda3a0f0e79c5154326d0b1da8ac3f9a860b0297173f8e1552e0bfaf8ef5475dd0a41685df2520835209e48ef3231a2c059e1e2a0ce36ae3a837044bf231e0e23519f71c56c8e79b6aa5309fae12a35eb2da6ba856c14e6c3c6125b377dc7590c1b7412a74687639128bc205e69c892231061328b7e16112b987e47b69287d35ca0da308f1300bfd613d390aefb4fd530c9cc93474174e9787b41aba3f4e266d860edb6d9b1b4edd3a2f82f495d8478e7a3f0d05b2d14c71a17dd2aa4ab6c57173a3eafb6ced5dd146f2d8cc45617540cf35451a6c13c5ff127781dee7dcc7e0763705ab0e86ac97210423b0e74c61f984e0f3575b1de1d4437e8586d85ed5d0af7fddfec9f4913d7f7a0d72b33bfd305d097b1304f9df77b44a91d3056df8b056b7b3777b9807213942b5e386be6f6fd54f2e487dc66b4b294107dd5e4154461e060d1413c46035d8b541827ae4517394ae256af125c5fb2ae6cc2faa7486d909988643c7a04af111272e7662d95432820746938939fb9d8644f75133eef2e2bb6637b5b947061aaa49fe800569cd8a3bea2afb67bd8d22404ed5300b310515f54359519e3fcf15bfd1cd223d5e389bfdc168ee04d89967d475fab35a4289ded024f04f72f19008b4ef4747e61f41fc2b81f55d77aff7568469a01895037e10bbfd7138c53fd0753ccda1b73594417c3fadaaef9ccaec8a639aed28d23fb4eefc931dd0923bd069912da2b977989968234edb73ec9d9ae3c90e057a1937b48d4499120ee6010d5d66651b10965da5e446f9592fb13a2ecbb4978b4d9f513575f80ed643102fc107416401dad8f208c2c256b936bca6c65a19247ccaa0ff753f2735af1d075279f85825f474cbda0f1cd41c3fad8345b5add1d0c6ad7bba3724e6a88d15c8a9bd5da76ad3ea845e0af870d99044a9243abe41ae95e0c1f64c0294230681b45f58e7d780de8352ae8fc7f050fbb012ecac0b76e585450eb2ef0a434eebed468b11bbe3a68bd14fe374cad4e35db820e4045980a96ab06063550c09ce9ae68d839d6883cd748fdd92567abd8521e55013d758295777d1055bf1c78b1b0b45fadba816a9e68f82f119be3f1e0998d0b1eead81d763d7fd604d0a0d1c1e4a48614a6ee1e6a1ca5adb9e8873b299a37e22ac001fc4e833f2fd6e4e1c1b4c9457a65dd14fcfe8587299f15aca56eb663160f2040485d6eaea39aec2a842a045832b5de445c416972ff69e2fd248a248a406d6da2e42ea0909e2c48a55c49793bb458a66fee097c45d6bdb1a0c6414f10aec33f4e69ebf48223bd894290e8dfda419095a0363832100d51379d0a0c98df7a78a4a73ce93a078f7d987996086a4c3506dddcd22a56bf82e52e5710189d27527422897f0eaf7bfb042d630211ca906ff36feae938f29701a3ded80f624b9f2a40aa5edb758fd7fb0e2b85bce06d6c0251f398729f689b52f4df7ff98e3f9101e84437c9ca499e9c58ae89e541e491bd251e752712eabbe1ca239259f016bb1e85890f35b86ca6f5e49af346123c278bdf3214ced66af69973eda7db9b62c212292e834eabd012aa25ee0576d74cbf86d315b953228806282c316f5f72e243210c631ad53d980b067ab1b746b5aa13eb5142430935e0aaf6788a8d14f2dc744f564562b867bd553ae9141021b4a58012abd4b464aa09a1124449b667fb7b4ba4aef536337e04dc1f05a5291164fe6854a2172a299c3187c52f6e65ba590342809160bbf9df942d7a25587cc299eafab1ed49fd002c4d57c1dcb4b5709b151422b39e5304d297feb66663081a40cb67e41fce27d7e85dc402e40aaa8bcc9b6f9acd12ab07caf4b88681e483b3e74d14fab303037131885e9cd4a45cd81a1c66a0fd6ab77fbdbdf1c1161be32f429f7f94585c114b0c00697f1b4c45cb99319129c854b4aa46547a4c599065598c4fc170ccaa9822b7a3ff244608e0e5106558de70ab332f90a15f0af8cd023144166857c8fa8185f2e246c5ee02ede0e1ed8c3eab533f928c750f80da594c41dd3856da2c6b41603eeee7f55095ba7fd717bb8f33eb1c11d359ac3cff6fcee16c54ae0082f352789df104460202cab336ef3ed6c245fb59ca2dcfb40ed4cbaf3395b79a27004fc476246beb2cc51ebd11a999bef13bb3e8f5af71154a1e449d4f7557a5b753d58c37e3a450ee046e15b31f45df88c60b1112f0ec419a5da0b3f518d17577a9e4d55d8a769eb5d9f49c510e9f881c3d821120ad8463c937a76da2ab8c5910e754ef7255bf95a0ee2b467ae1c9c03eb73787dae3fc77aaa00926380533e31c61c65412e1a66e2bd989f4991e51aab40374636c554058d2cfed21caa1227dfce6d3451a4b822a2e8b26f247ff35eee0d72f39f198d82a5fe148001c08786c70bf2116fc830f836e8235e8a4a04a8008b0b9ec3050990ce3550c92cb969e8fa4ec3e3f9ad981d96d6ece40c3af76ba639dc88f11a9f87ef8b9497f5e4ada9018054e313a7423473f9be9bd8ba8e40edf89b9b782cb5f55003de6d36391bc4492a5a05ef196c1b55f008640189a1a059bee8753911403a9f61715d3131c74e7f6b3f0a8429ab51caf0017fab6379962d633a3c36a8b059cf6329b8e874cc08dd2193daf5f786e60177fa74283b7cd3ff764ec2786710c25f9a8096b11e2c5e98f668f1fe59fe6e181552bd5c2a79f01f5c7689149cb672752af8d7142ad1804adb774a6ebcaf214fd2ea7083e304220e8b36591020c0d984611ba6891c7948e4af2223b3a5a18f376a5ade131ae3141c02469676a76d06814d4dbc1376611162aa1d270903074df14c43b1cf824750f3ad81bcee0f9e47aa66fa012562c063eb4e523bb72576ee681e5992a6dea8886e35898dba74af5fda18cddc7f5e282117921eaf7a569c0afebbbbcbeeb1f20f030aeb673b79ed3c0242de1f294c69b9df9ee672445955b05acc0cb4cc252f2362cf20cbbd5114fc3f17baf4b8f6ed2c06225f719e8d576326115f0ac38210ab2c98502325ed08eb97f5c1cf7b8da5d8593ccf0240a2bc1fa2967bebc8b56c14eb09a77a110d1e1803e220820ee931d17aada9cc61cc06a1d00474cde80e136344130c99553702ebc4ca49c4ab4ca8a53083da3d8e6c1a1ad877157354a5b87d245817afd1f37d2c2937fcbe6e665914da386797c4811e5fc429ec974e08910c61a9f043fc6d08947af02e505be1ba171f50e1d361a63231205cd62e8128c1ae716e41f15544a81cec8c9e5b633e657f846046e945eb7cd637fd674816740628ac1330e1a483f75a405f74d885589afc5dc6fed504c3877402ff36da5a10b81ff3bc27d78cd3d1453bff64029969de20b3c7b244630f9598e5fda383af3747cb14a1bdc7ae5482b766f48e8543df5659d5769e3f3c92086edba069c3492d3e0f9741a2081390dd5b8113f3ad1d9003eb801a143b93cc6ee9180561dbf5887f5f34a4e9d0751215c604f9bd5d42b416f084e7fdf290ec2d0453bf3e71f02810982b7f5642a49f2e79a5690dd69170f441738d5a15f9d05185417bf558d8e866686150c18c247b03937abcf0f0b21f88ebd7d8f45f00ab8e58676560b2336003b8a255a9f204227fc6923c036f3afa61a65da391f5a706c3df87376ab17646427171db06cd90b2e20e1375b98ace778568d2c94a49e4bbc1e8968401346acca98ea9df83ece4a30b31db0cf06c4d2a84a35e45f7df0d03c2495385921ad141e23c663d556cb9025f6fb1b3ca12e1c7585f6d3341382e3a6f717312c06d4745de5954b0ddc9b919de0aa1a9cf831fb2d71d9e7db3e651794138278dd8cfc23cc366baa0e5c19cb8b8adf0c30a2ad2d2a485719426786ddc753bd763f480df536f3388e50b23ef99c7c50a157eba0f95f079c4fa8196f550bec1101144d69bfd95ef4b2b076b1317e86577620df4320ab9d1160b2d23482b2cd3a7ff8ae90ed582dd0ee472599603874312a12a1bfeec15343c7c83285e2e3d584db7bf6804f377960e754373f91422fd1783f5c927df5b2cb9e962cb5eaf12a627f00cf7835f83e712c31d36a6ed404cd8c4e46d1614e3b8df8ba2e58326d43b8eb12b71950ed8f601a0474d23a510aec5f1e0f54936b1769cad26ab4825e8976d18fbe096e7f004629e14f5bc1594afd0e7fb55b5d2323c105395e29d409de0f9e87419a3c7c2dac9b65540ca32be7d378b806239a06d873e6cf558c12251ae9b9456b9521aadc9373f5bc4dce083ec3065f9385035ad34ba272447c5e7f8936563e8c7e73da597cb66f2a527d2ac3fe503ce62769fe916095f56ab2771f0f07ad94df38cb169fe85ffeb92455de131cd554ccd9d25c617b4fcd70335b317daf251131a341f7430b382cf37c77c97e2c14b9e40e8f934eb23588b3d445aa964690cecdeb18e47cc7d7b65974652329d6318f0cf171c3b5bc007121dd22535a7a2497727cd29dd961e897da70802fd76679210667c06a526a9a3a5ee43e784a7d620a3674b8bb82341a37ac75e3a240c1d26a3ba682c50c2ddbcd7f9b17e0e3b33d22c66225f60dc0b94307a85a87268edfa44b134287b2120b19552448c7c0202c99661a41becc3c483c9ae6b2092035265b73870ba6a0afc78678a0f3c61f70ef0d3308e2e8f01e597e0dd6193f2aa4d24e7088ace4b34058f5d541e790ac3cdbdc380af39f693c6ef20e353e01fe1b374f410d62146db82ac78596eca99c895c1e62c10fc595efcc010c6ad0d7811f0610b12b03489493b4529c488764da7f406222a4e7ee880062ac3ae453cc010d667012ee96b6f5dc7aaaeadc26325da8cee020f9499e94a404250a82159684858cc556603d26e1a12a1b1cbd5455b3b3e26fa1559e39ca39bed279f0266d49c2bcbf9cb3696b8621cb46ec96670d05bfc1a1e3719ec136385eae37ed701bad6f0283f428b06184057be89b3a169d4012a197bd9b00d2e8cc1680eb907652b41f3e3cedfa855928970eb2f11d443b80f2c4e464e2060cedc99017e23afa3ec32eefa569912b06aaf558b7a8e2dff74ec82c13e9ad05d9914fa5ac01796dce6425f4e2ffd310cc13500bc37f205a58ebb860a2e562b73ea7e1aee714539e2a6ca3e9f0a3651ce3113762107e6aea5a0ed85e938e25055dc54a03dea519734a632bbc27898ba3784e1ef5cd5eb20462d3afa145a8dd04369e55db33ce40bb394f33fd9bbaf256ab1ae372755966b49346a996be69975881321acd1d979486d281c86dc77d31e9ecec00c271a6bf9abdb4d99189aab597e6335ed724bb51ba90e3374fcd935534537e37a9808c5a41ca96d2077500c6c58ac26c9c56581b69ee04b933a8fe7d06533c8206", 0x1000, 0xffff}, {&(0x7f00000012c0)="b0a6b5088d42ceba28d4c084fc525cff8ae7a71339c89710b3fa1addf20150b6078f8738c664386060026906862e6c77272b34b7eb9d68fbd14a402eef90be5bfc4191dd085c8ca6a9312a7b8d1113d42af00857ee6f6827880819be9a5cb01cf8864e0d016ab670e797a915fee027ce1b3a0ab9", 0x74, 0x7}, {&(0x7f0000001340)="20873f08f5317d2b0db4bc1004039cb4027e0bfee2530bf172eec91d60c9bbea58c3ac51605dcab8eb9ae7e57ee02a3e35b34dba48e96de0ec14e66c69651ff96152c22b8f6c651f72ed4facfd56fa8b9bca1b49a377416c8dc2ad08c201e2841738b2176fc7ddf4c9f8835db303a1f1c65023985dd63eeda62bec87b813ac711da2e729d4fd9db7d18dfa5480658b9751838dd6c7281a123b295889bb518fe1c644bef4407028a8de4b9777cefe2316c84df48444deb8f00b3d414cd49a77a0a91827c52a1328fe1c84021d538b479df44d2dcdac55829ab974170f7dc3ee6daa6d51f678b631fcf6217f864a618246ddec8a0119ae238cf8035a225e52c68ff8dd2bf4107b20149b0843c942518d5b0e457b2208c842493f5dc08090255ef4a0bbdfaee4450a4999539db032b468e556fbac9cf5c57aadc923fcf863e9ca854c0e11e0496eefcaa53718c41283d96a5d8c0ee9b51b0fdd6d90e21c0ab05a5c5e4b6c61f2807c770ae29ee0d703bc1cd44b354dd1611d880fac6af8b71ab7353770e7e102f52ebf1fc1f80a1f4c997ef3e60faea705e789a3d14f6cfb3f00484c2b1416807cbf00459a017d440c0b20c5fd938c8796a57c2616f51803283feeac9a546a850ba442b378d997a4f00465a4624bcfc4a81a7c3a9f8b77827d93086d0b78a27e530a8a28fb43d1375284726afcca51815f5e4536beb88f39447b6038de3d4109a8365c525c3cba8261bbcc16274aa21b3cb0d8ff38703e9a8c92bb4a9f04d71e4a591f519bea662ac14fd982b2ceb4d9d44e623808bcc4383acd2780b3abc9957b1487af33da6ddffb93df832c35e0fc8478a868c277f0e59e2ef9f19c95031a33461c922aa1e71fa7655ddb694a4fb4fd72ee66d3fffeaa92ed14df809d95ab9b190923f692e8d8e258ede8842a2fcb6fd51ad4052d626f3f46fbd0b5119e1b0c255976f27d4dc3f5cb9c136775b88ec1e84cc3f2a2c37e2691235878140353648a6e74aa73a91ba519063ecf33b240c3f84b6da00092aa516221078b8c1fcd615feb0935f30bdd0d15e58cfae13fca996546b48084fe23c7334ab729f00ac2a9083c90ce36878d5d5a43ad2d63821fc199429994a81054f90164e43ded75b6443acc5d0156c3cae2298609786db02ca1e5139469aa6829182ff946d4a8476a0ad14483b78f0625bb80ab130bb5c578b9070c8a095639bfa58b8cbdaf20455c1d9813b1ab8cb94273fa3c3e6dbe9dcb5d7c857a52aa310c7d9c0518bb182e94be470b41038431b2137844108c1d925b2548e32c20eef5d1a367a4fbfa65749ebb3a7b52ecca40e648a9a388df9fc6b92aea92ea590e87fd1d5229e780c867380a39f32f61d37ac73b43656f8ec5e56471ed991bdea22bc3d2da517625b135a76e83170c66aa20df44d05507163a3325b4eb03bc59a1ef4bdd566111a01162bc8a99aae0b5fdc90b2fe7f9474ab578a068262e5385e63ab0cd4b07de0197e88ec3044dba732b4d01585fa6c7300db11dd1c0746be879d8415eeb9792811aeb04372b0d0ed83ae2baae8b99f6102629a6c94f07033c47c94ba01bb989514cbe6eae155a68c6c3d89a7a72a1b307513c810cf5974c21ea2746d52e44dc4244dde7257cce2164b8d4f35b561eb7e770f103e2207f14fdc8bd6c803af9f7bc56b30d70acf716068dcef16583ebd030da62f81664a23ec9ddafdf14429a401de2baf900477cbc8c412e2f637b2e9331cf7c64abf89fc72e607d0db44f23e60c2471817e7a1090adc77b0d1bbfc3d6a1557ca57d89581d3ac91a5f2540a10b19b5553f4a0e62f539a764e416796ac98658a023a5d65d9d83797cf09d5240715c4e09dc2bd79bd8c62e01dfcad389d611b3d7ac860e72edba05d69e647a66325350db127dbccaaa5ff456e55643779273c1e584697de08d93d75eaaeef842c2e61be8d3ae05e0d539c3d426a6e4c8e6ecd46c7f08f0afee11d717d29cdf56dfa07d0880bbd85299a2e5b40a705c38bd4af3717ecd381137cbcce2ec22559cf3602edafcd426a436a304ed78ec2b4e04ac81ce6c157c37006d3f4c737df1409af175377f902a154eca832022d9518008ffbbad177685c1cf66be4dabcc6893eaab5f633babb73aa34c60139085f860af039f8096c961a7307fa3991f74bfbabd3c15f337dff8db45e77aaf6308c8c880aae06e8029ddf8bb04c1a482374060ea91ed91aa5d9806be70fd40b73302c1cf3742b27acac4f27a7bf2f2d4ba1b49af87465b462f9e1ad898dae51b6eb9827d6c877590fd8078234b4e3f333cb85418a3d57d6f1e145e958b5ce38d92e7408d785ebc50fadd5866bc7373a271aec2ca7dd5622f8455aa221a5ed9703143a687ed529ad94130443a127a2712f507eebad835f7a8aada47e972ae869078bc4bad198ad4a34cdc29e07d6c508e94a5b49f516bf07d8270e5fec345dac6e61ea548ec2df6437428763738f2c9f6511e2ec24cdca3d39445a626883bb1a901eb207a5a9d62455c2acc386c09cc93cb7ff01c06b6adf043c178aebd4d95fea26090ea989e0d0a9b8136a5229759c4a5a309e66264d96fc7a69985fd32f007fd65d491b90e513da3fd5f351fee0bf40756e9cef3a8c331f5da55a041f7ff0d947ef1ea0504ebd8d087bc54a2b2390a5b10c49c32c1c7c09e5f76b1cab03356aca681da7144f922467bb1e20f074c80e0d2589cdb813be72795b61f95be533d75fb84d37e5581e83ef6436528f1fd3deb9875fad7c86517960bdaa32f69607e556c9a617bbdba61268a68dac1d1587489ba7f32c9015d83a92cb263a35292f6725c8ca173bdebf96d315ff7d6db1877a53cfd46c5f5aeb21cc7c1191decfc39528adb78b6be5b700ba57d72f26a28d4ff9ede80a83499376c00616f3d5a82b9bf19839d9ed423c26d7bc2e5ee09c112f0e3fa8260d01d9d34b1cf012843ba321525ab08a1107b50f4897600434adebc70914f7ff11c49fcf5dea1ac95327f90ed6706ec6d743f8d939c0bd443da1674cd4e3c2d00f83ccbd0accca4cf521542d324906e7ca141f19d971b7b736f336a960d9013c703ef56ba4c3a22e050bf8083a1a290de8efc06ac1a0f321287920d59bfaa0c1ad99cb08759cedb400d0c6cf76e16e1814d5862980e2f26f16e9c9c36aa843e37f82dd8768520f437a45eea5cca47f8918552586002936fd717f404a435270a76d6ed6f4f18537956af4c4aba4cc4ea9860ceefe26002d49444fef1414044b3adad66054a528fef2078fba0914a4cf70a7dd8e51496e1dfdb8de9165f74b9d5088f52a5335279862bc8d0a730952be6af571392c6aae808f3f2390c5044e8f8e444e30f959baffe3cf5f4e0a7900ba91d5362a527c1160db562c64a0fde830ca31b64824e0c4ac822d8d9b9d45e39d4cc0d02d74c0751ef3b2816bae5dd0af3d356100997371d18ae647730d06a9f4a21194093541a815a11eb45c6d66c709638a1bff1e002ba51291295268b4aaaaf1105b16d3843ae718e7a18687cbb0a49a3480df7c20ec0fad725c54942b885f582301b7354286730fc84243ebdb566237acd6d7aee1722282d2b546a002908a560f7be2c65927e7b6a53ed37e230469bb3fd7764fbbd04313df4c2545edba2bf71680f8d90b32d50c079ed855b107d15f968008212c7f984316e835c73eb152d93f388bfd692494f61434076e42edbf1db5d09305988c405f4f02b8c962cbc9eb640b5efb5120ea16964c9f37f8611b4deb68bcea588305367381c8664937b22e1c7ddd2fd10f238d2e3ebc99ccfe09aa5e9ab37881c097a33f65a2ce090e5ab034ea605930e3860638c21e7c220ea90676a163671f5c6178c907c322ddc58de0a772f538eecd6fd2c40866375c778aaa84dd0821905e77dc4a4bcec8c0d2a86eae539ab8fde8933690a905c56d3cb4df87187d6c08e4a4780bb04a7e05f4545b176d31a94fe4935afbf38ad29aa36227efca84685346ebe8977c0e4a5f912c8e80b600f732ae3f6a0da90f8ffe219d9b89e408512b1a764f41f64494fa3080f9b4cc16185a536d19c267328919af58c038162d7d82a0ba0ffae8efbc2a8197451aa4dec915b5c5849f3e16dccdbe06a4c1d46004245022f1a65055b3ecb7d1c32b79c9f6486680ce1514e7cfa1d6983b1336d112477971d01a28a1c5ec8b590f1b97b71e27125fc6c6d03ab71c888caf0e75e3ba1420c7455576cc878ceca07e4c9103df788027c7a53db8c10b1e8fcf96ffa7d5fd8b4f8d605f95bc1af9c44b7ab251d896bf423a5da5ea2c99700fddcfbeed1e3acf73797e13b60c6f61eec663904dbf042e85b32c581da1351f67ee77167b41c4e4f734745e6c4f8d35a48282f69e08a34a5fd39a1e03d9fb042b510f603231e3324ba1b6523d3b185d89c0ad31194ad7ae1a4e8195d22feb6c682dc09c6af78a8cd63fcf09073519a3f5683c2adc76a56a676f4ece5712b0843cc72c90f49aa958d9a4c0c483f486f9b51d25caad6b36f95c3a808ea616bbbe17785333aae665e0b9a7b64adc167104afc7739f344a36ec6f96142196f4a3ab991edfbe9d4f9a67619ec98f99ad82d673f0aa5d6144eafe476d91f4aec4f8a82a9be6f97b6c628dc6ab497d93f1f8cd3c9c3d741f78e511187dcc1ce962aa249422e62e2ae3a92e5281a00073f33ae42044c820081df1b0c5ac4b8c8fd81b18685577d7076d0b75975ecaff8afb66c2f00f516c4f6a0f34c7bb3cea85c8c717d0395f9b183e572b269a1f58d6c4aca362c9b4aa19201a8678ec5abc17aa77cd2d10d92a9d223f8c1615fedc03e8144fc78f9b0235badc2dd7d23359eb91e88bcbe522b0833fbd8152feeb4d08b6a3dd02cd8d3d982748e8b2d75dd044822624953ef13e1bd875bd48ae20d513a0474cb7dc34695bf549c2fa7c0ee8d3e5c5d9c4d7dd911cb6eae0ec6a7ef3ddb1763af0b3b3be87a3056fec00dce05c675b897b45c50a5185950deffdbdf7a89b8cda6b5605b0ffc3d2f35bdbb0313d45c891085fd31e8666e256f132a66de2c5ee0323bfba9d4c41f5f8f51951eac7907bc7833ebaabea1c4ec9062b2318141cb4bb96a4e68ba67fed334d4c9c73b08609f692970f09423ce55eb2380ac2a690b29b635afba163beed9965744009856044bc713288a1b843ff8e0ff6f000c8870c569390b126d9a140c53f427e0c7d48f78c2e3e9616440aafd3524c209fa978d79d0e5edbc0c9367a1d64fd0cef2703bacf3e122dbf6f7b69849a69399b1b6cdfafe542701a88f3769ffbda3402f50f0caf7a7868af50e6722002b985161dfd89cb3200f2aa17b22152503b28c6068e45b3021d44b84920fbef14bcc560d4d3510096a1006265988ef148707c540e64599442be89a09755a48c9b12269c57ae5a78587bff0758bd5351ed05543d6286718712037e57ecd6b96797cea8eb884a66ffb82d8c2bf0d51a9626a82fd1dd1cb4ef478d9e61e8190db3ee96ba3065a9534692c00b2e72275e0dcc7e54e42540b556ce498916951ced302b0584c3fcb04464f1496290cfaa04b53a4b838fd8d3af74ac1b67b883e526d8140a31f8f7e40be79b8faae570433f778e8f36a6587080a7c66de9f40f105190b77455e3b3d3a72d98f2bc46ef89f1e270e52551459329fcc0ce6d1d3cb87f9cb5eaa647eb194ec43f157a9e5a3d0459f2361370b8067955a064c185e9d54384414b78318caa6b58708f5adcdf8219beb6629d19e30b07f64f97df1c4aeb45c79f6945900455b101608717d5a5e128af08a9fafa721d882f4", 0x1000, 0x9}, {&(0x7f0000002340)="fbc5c0921eed8c1623ad5b205fae236a56874aef552d3d3e2357d37dda185e30a83d4afd86d59e720355d3e9e35bb0c698faec7e7763e3a5ba665ee9185648e4f3062ec37ba1353d90678e6c5688b15d2597ce05c546877d793bbf55cbd0e731ae05d53a79c9d9f361992971e3871287424a07de28f01ea9e7e9a88ed2265a1f1af9951dd471b1bf402c21f5db2ecb9b714f77ddb43f88028601194649adf17f1d960e5fdd841f9cd8d71e546ce7d7dbeef23f72380d2956d02c52bcea8fa00569622d5bce98f9387a48c358abc63e2a8715e2aaf454779a96aae4eba584916a417fffdb", 0xe4, 0x80000001}], 0x4001, &(0x7f0000002540)={[{@quota='quota'}, {@umask={'umask', 0x3d, 0x80000000}}, {@discard='discard'}, {@resize='resize'}, {@nointegrity='nointegrity'}, {@gid={'gid'}}, {@errors_remount='errors=remount-ro'}], [{@context={'context', 0x3d, 'root'}}, {@uid_gt={'uid>', r5}}, {@measure='measure'}, {@pcr={'pcr', 0x3d, 0x1f}}, {@smackfsdef={'smackfsdef', 0x3d, '/dev/dri/card#\x00'}}, {@obj_user={'obj_user', 0x3d, '\'^*bdev'}}]})
setresuid(0x0, r5, 0xee00)
r7 = openat$procfs(0xffffffffffffff9c, &(0x7f00000005c0)='/proc/sysvipc/sem\x00', 0x0, 0x0)
fcntl$dupfd(r7, 0x406, r7)
r8 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ttyS3\x00', 0x202000, 0x0)
ioctl$TIOCMSET(r8, 0x5418, &(0x7f0000000040)=0x4)
sendfile(r0, r7, 0x0, 0x400)

[ 2685.569044] audit: type=1800 audit(1588638887.434:284): pid=26882 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="syz-executor.1" name="file0" dev="sda1" ino=16391 res=0
[ 2685.621590] MINIX-fs: mounting unchecked file system, running fsck is recommended
[ 2685.634874] audit: type=1804 audit(1588638887.494:285): pid=26884 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir187076671/syzkaller.vDXwRA/1382/bus" dev="sda1" ino=16402 res=1
[ 2685.682799] jfs: Unrecognized mount option "umask=0x0000000é€of080000000" or missing value
[ 2685.695188] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[ 2685.700005] Process accounting resumed
00:34:47 executing program 1:
open(&(0x7f0000000200)='./file0\x00', 0x1070c0, 0x0)
syz_mount_image$minix(&(0x7f0000000140)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000040)="600084e002000a0000000001000000c98f13", 0x12, 0x400}, {&(0x7f0000000880)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494fcbcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5fe6b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bd89e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb04e4cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e73872540ef4e5aecb0de86dd2a75bee61a9303a332233ff5a259b078a6", 0x326, 0x34f9}], 0x0, 0x0)
acct(&(0x7f0000000480)='./file0\x00')
umount2(&(0x7f0000000500)='./file0\x00', 0xc)

[ 2685.736588] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[ 2685.749834] Process accounting resumed
00:34:47 executing program 2:
r0 = open(&(0x7f0000000180)='./bus\x00', 0x151042, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f00000005c0)='/proc/sysvipc/sem\x00', 0x0, 0x0)
sendmsg$NFNL_MSG_ACCT_DEL(r3, &(0x7f0000000200)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f00000001c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="d8000000030701030000000000000000050000010800054000000001340007800800024000000009080a0140000000040800014000000006080002400000000908000140ffffffff080001400000000508000540000000010c00034000000000000000000900010073797a31000000002400078008000140fffbff7f080001400000000608000140000000010800014000000800080005400000000234000780080001400000001f0800024000000007080002400000010008000140000000040800014000000000080002400000003e0800054000000002"], 0xd8}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
sendfile(r0, r3, 0x0, 0x400)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x20, &(0x7f0000000000)={@private1, 0x8001, 0x0, 0x1, 0x3, 0x8, 0x800}, 0x20)
timerfd_create(0x3, 0x40000)

[ 2685.791000] EXT4-fs (loop4): ext4_check_descriptors: Inode table for group 0 overlaps superblock
00:34:47 executing program 0:
r0 = open(&(0x7f0000000080)='./bus\x00', 0x1410c2, 0x0)
ftruncate(r0, 0x88001)
write$P9_RXATTRCREATE(r0, &(0x7f0000000040)={0x3ba}, 0x7)
r1 = socket(0x11, 0x3, 0x0)
setsockopt$packet_buf(r1, 0x107, 0xf, &(0x7f0000000280)="a933fb23", 0x4)
bind(r1, &(0x7f0000000180)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x0, 0x0)
sendfile(r1, r2, 0x0, 0xffffffff009)

[ 2685.868227] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[ 2685.885262] audit: type=1800 audit(1588638887.754:286): pid=26918 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="syz-executor.1" name="file0" dev="sda1" ino=16402 res=0
[ 2685.940706] MINIX-fs: mounting unchecked file system, running fsck is recommended
00:34:47 executing program 4:
sendmsg$NL80211_CMD_SET_REG(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="a8003ef3", @ANYRES16, @ANYBLOB="00042dbd7000fddbdf251a0000001c00228008000700020000000800010009000000080002000300000005009200010000001c0022800800040021c10000080003007d000000080003000800000008009a00020000004c0022800800040028000000080005000400000008000700010000000800030001000000084fcd971fdcd15cf93b0007000500000008000500b66800000800050001"], 0xa8}}, 0x0)
r0 = socket$unix(0x1, 0x5, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
sendmsg$AUDIT_GET(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000040), 0xc, 0x0}, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x23, &(0x7f0000000240)=[{&(0x7f00000000c0)="800000003804000019000300e60100006c100400000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0x4db, 0x400}], 0x4801, 0x0)

[ 2685.971190] audit: type=1804 audit(1588638887.844:287): pid=26925 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir187076671/syzkaller.vDXwRA/1383/bus" dev="sda1" ino=16531 res=1
[ 2686.009061] Process accounting resumed
00:34:47 executing program 1:
open(&(0x7f0000000200)='./file0\x00', 0x1070c0, 0x0)
syz_mount_image$minix(&(0x7f0000000140)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000040)="600084e002000a0000000001000000c98f13", 0x12, 0x400}, {&(0x7f0000000880)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494fcbcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5fe6b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bd89e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb04e4cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e73872540ef4e5aecb0de86dd2a75bee61a9303a332233ff5a259b078a6", 0x326, 0x34f9}], 0x0, 0x0)
acct(&(0x7f0000000480)='./file0\x00')
umount2(&(0x7f0000000500)='./file0\x00', 0xd)

00:34:47 executing program 2:
r0 = open(&(0x7f0000000180)='./bus\x00', 0x151042, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = fcntl$dupfd(r1, 0x0, r1)
r3 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r4=>0x0}, &(0x7f0000cab000)=0xc)
setreuid(0x0, r4)
r5 = add_key$keyring(&(0x7f0000000080)='keyring\x00', &(0x7f0000000100)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffd)
keyctl$chown(0x4, r5, r4, 0x0)
syz_mount_image$jfs(&(0x7f00000001c0)='jfs\x00', &(0x7f0000000200)='./bus\x00', 0x6, 0x5, &(0x7f0000002440)=[{&(0x7f0000000240)="01672d4b14911985c0147601da0a04d2da9f4cecc46a540de639fe302fef9932e174e04983e4b7f086d0a62d8aa3f90529eb4c63f1dda7b2dc3f91a2248d28f5c179bea4cf81151b616caf89a7d802a16fbb2deabcc3bd762140233265", 0x5d, 0xffffffffffff4e72}, {&(0x7f00000002c0)="470c79323ffd533d73f6a28777e8a31f7f7361aa5ff0df8df5e212bf1f07f05e9b78ccae51d1a8e2ef22f82a2790b73e4cf0d038f8c16ef0ac66435aae5bbe81f4989a2b4eacd50af5177bcf1458f526eb593274d227b8f2e086659892531a2809f24a99790669b99f0a50d06202d585ebc4d1652dda806f0414028a236bc8859cba7c7185a1907732efa65904b6a02a73d8e28f74bdb3065acb19751bac1327d3ecebc434dc9753bd49b36aa1e41728c3309f8b322ad3fd8ce0c9b6b2e4be3bad3bcbf3dab2a3566bc74b45f3773e9f1cc55edcc69e8f52158687cf30e3ced3ad0c277bcda3433e0b03a8252af5b95fdc3a6529b9e9b6ca6847890043c0883d2fc138deea0c08ec35837eb9692917c39ce86c4935e4887abca771688399714c7a1faac063ac0c2fb93b76e8c38b339a89301e9e35bb7791e8490dda3a0f0e79c5154326d0b1da8ac3f9a860b0297173f8e1552e0bfaf8ef5475dd0a41685df2520835209e48ef3231a2c059e1e2a0ce36ae3a837044bf231e0e23519f71c56c8e79b6aa5309fae12a35eb2da6ba856c14e6c3c6125b377dc7590c1b7412a74687639128bc205e69c892231061328b7e16112b987e47b69287d35ca0da308f1300bfd613d390aefb4fd530c9cc93474174e9787b41aba3f4e266d860edb6d9b1b4edd3a2f82f495d8478e7a3f0d05b2d14c71a17dd2aa4ab6c57173a3eafb6ced5dd146f2d8cc45617540cf35451a6c13c5ff127781dee7dcc7e0763705ab0e86ac97210423b0e74c61f984e0f3575b1de1d4437e8586d85ed5d0af7fddfec9f4913d7f7a0d72b33bfd305d097b1304f9df77b44a91d3056df8b056b7b3777b9807213942b5e386be6f6fd54f2e487dc66b4b294107dd5e4154461e060d1413c46035d8b541827ae4517394ae256af125c5fb2ae6cc2faa7486d909988643c7a04af111272e7662d95432820746938939fb9d8644f75133eef2e2bb6637b5b947061aaa49fe800569cd8a3bea2afb67bd8d22404ed5300b310515f54359519e3fcf15bfd1cd223d5e389bfdc168ee04d89967d475fab35a4289ded024f04f72f19008b4ef4747e61f41fc2b81f55d77aff7568469a01895037e10bbfd7138c53fd0753ccda1b73594417c3fadaaef9ccaec8a639aed28d23fb4eefc931dd0923bd069912da2b977989968234edb73ec9d9ae3c90e057a1937b48d4499120ee6010d5d66651b10965da5e446f9592fb13a2ecbb4978b4d9f513575f80ed643102fc107416401dad8f208c2c256b936bca6c65a19247ccaa0ff753f2735af1d075279f85825f474cbda0f1cd41c3fad8345b5add1d0c6ad7bba3724e6a88d15c8a9bd5da76ad3ea845e0af870d99044a9243abe41ae95e0c1f64c0294230681b45f58e7d780de8352ae8fc7f050fbb012ecac0b76e585450eb2ef0a434eebed468b11bbe3a68bd14fe374cad4e35db820e4045980a96ab06063550c09ce9ae68d839d6883cd748fdd92567abd8521e55013d758295777d1055bf1c78b1b0b45fadba816a9e68f82f119be3f1e0998d0b1eead81d763d7fd604d0a0d1c1e4a48614a6ee1e6a1ca5adb9e8873b299a37e22ac001fc4e833f2fd6e4e1c1b4c9457a65dd14fcfe8587299f15aca56eb663160f2040485d6eaea39aec2a842a045832b5de445c416972ff69e2fd248a248a406d6da2e42ea0909e2c48a55c49793bb458a66fee097c45d6bdb1a0c6414f10aec33f4e69ebf48223bd894290e8dfda419095a0363832100d51379d0a0c98df7a78a4a73ce93a078f7d987996086a4c3506dddcd22a56bf82e52e5710189d27527422897f0eaf7bfb042d630211ca906ff36feae938f29701a3ded80f624b9f2a40aa5edb758fd7fb0e2b85bce06d6c0251f398729f689b52f4df7ff98e3f9101e84437c9ca499e9c58ae89e541e491bd251e752712eabbe1ca239259f016bb1e85890f35b86ca6f5e49af346123c278bdf3214ced66af69973eda7db9b62c212292e834eabd012aa25ee0576d74cbf86d315b953228806282c316f5f72e243210c631ad53d980b067ab1b746b5aa13eb5142430935e0aaf6788a8d14f2dc744f564562b867bd553ae9141021b4a58012abd4b464aa09a1124449b667fb7b4ba4aef536337e04dc1f05a5291164fe6854a2172a299c3187c52f6e65ba590342809160bbf9df942d7a25587cc299eafab1ed49fd002c4d57c1dcb4b5709b151422b39e5304d297feb66663081a40cb67e41fce27d7e85dc402e40aaa8bcc9b6f9acd12ab07caf4b88681e483b3e74d14fab303037131885e9cd4a45cd81a1c66a0fd6ab77fbdbdf1c1161be32f429f7f94585c114b0c00697f1b4c45cb99319129c854b4aa46547a4c599065598c4fc170ccaa9822b7a3ff244608e0e5106558de70ab332f90a15f0af8cd023144166857c8fa8185f2e246c5ee02ede0e1ed8c3eab533f928c750f80da594c41dd3856da2c6b41603eeee7f55095ba7fd717bb8f33eb1c11d359ac3cff6fcee16c54ae0082f352789df104460202cab336ef3ed6c245fb59ca2dcfb40ed4cbaf3395b79a27004fc476246beb2cc51ebd11a999bef13bb3e8f5af71154a1e449d4f7557a5b753d58c37e3a450ee046e15b31f45df88c60b1112f0ec419a5da0b3f518d17577a9e4d55d8a769eb5d9f49c510e9f881c3d821120ad8463c937a76da2ab8c5910e754ef7255bf95a0ee2b467ae1c9c03eb73787dae3fc77aaa00926380533e31c61c65412e1a66e2bd989f4991e51aab40374636c554058d2cfed21caa1227dfce6d3451a4b822a2e8b26f247ff35eee0d72f39f198d82a5fe148001c08786c70bf2116fc830f836e8235e8a4a04a8008b0b9ec3050990ce3550c92cb969e8fa4ec3e3f9ad981d96d6ece40c3af76ba639dc88f11a9f87ef8b9497f5e4ada9018054e313a7423473f9be9bd8ba8e40edf89b9b782cb5f55003de6d36391bc4492a5a05ef196c1b55f008640189a1a059bee8753911403a9f61715d3131c74e7f6b3f0a8429ab51caf0017fab6379962d633a3c36a8b059cf6329b8e874cc08dd2193daf5f786e60177fa74283b7cd3ff764ec2786710c25f9a8096b11e2c5e98f668f1fe59fe6e181552bd5c2a79f01f5c7689149cb672752af8d7142ad1804adb774a6ebcaf214fd2ea7083e304220e8b36591020c0d984611ba6891c7948e4af2223b3a5a18f376a5ade131ae3141c02469676a76d06814d4dbc1376611162aa1d270903074df14c43b1cf824750f3ad81bcee0f9e47aa66fa012562c063eb4e523bb72576ee681e5992a6dea8886e35898dba74af5fda18cddc7f5e282117921eaf7a569c0afebbbbcbeeb1f20f030aeb673b79ed3c0242de1f294c69b9df9ee672445955b05acc0cb4cc252f2362cf20cbbd5114fc3f17baf4b8f6ed2c06225f719e8d576326115f0ac38210ab2c98502325ed08eb97f5c1cf7b8da5d8593ccf0240a2bc1fa2967bebc8b56c14eb09a77a110d1e1803e220820ee931d17aada9cc61cc06a1d00474cde80e136344130c99553702ebc4ca49c4ab4ca8a53083da3d8e6c1a1ad877157354a5b87d245817afd1f37d2c2937fcbe6e665914da386797c4811e5fc429ec974e08910c61a9f043fc6d08947af02e505be1ba171f50e1d361a63231205cd62e8128c1ae716e41f15544a81cec8c9e5b633e657f846046e945eb7cd637fd674816740628ac1330e1a483f75a405f74d885589afc5dc6fed504c3877402ff36da5a10b81ff3bc27d78cd3d1453bff64029969de20b3c7b244630f9598e5fda383af3747cb14a1bdc7ae5482b766f48e8543df5659d5769e3f3c92086edba069c3492d3e0f9741a2081390dd5b8113f3ad1d9003eb801a143b93cc6ee9180561dbf5887f5f34a4e9d0751215c604f9bd5d42b416f084e7fdf290ec2d0453bf3e71f02810982b7f5642a49f2e79a5690dd69170f441738d5a15f9d05185417bf558d8e866686150c18c247b03937abcf0f0b21f88ebd7d8f45f00ab8e58676560b2336003b8a255a9f204227fc6923c036f3afa61a65da391f5a706c3df87376ab17646427171db06cd90b2e20e1375b98ace778568d2c94a49e4bbc1e8968401346acca98ea9df83ece4a30b31db0cf06c4d2a84a35e45f7df0d03c2495385921ad141e23c663d556cb9025f6fb1b3ca12e1c7585f6d3341382e3a6f717312c06d4745de5954b0ddc9b919de0aa1a9cf831fb2d71d9e7db3e651794138278dd8cfc23cc366baa0e5c19cb8b8adf0c30a2ad2d2a485719426786ddc753bd763f480df536f3388e50b23ef99c7c50a157eba0f95f079c4fa8196f550bec1101144d69bfd95ef4b2b076b1317e86577620df4320ab9d1160b2d23482b2cd3a7ff8ae90ed582dd0ee472599603874312a12a1bfeec15343c7c83285e2e3d584db7bf6804f377960e754373f91422fd1783f5c927df5b2cb9e962cb5eaf12a627f00cf7835f83e712c31d36a6ed404cd8c4e46d1614e3b8df8ba2e58326d43b8eb12b71950ed8f601a0474d23a510aec5f1e0f54936b1769cad26ab4825e8976d18fbe096e7f004629e14f5bc1594afd0e7fb55b5d2323c105395e29d409de0f9e87419a3c7c2dac9b65540ca32be7d378b806239a06d873e6cf558c12251ae9b9456b9521aadc9373f5bc4dce083ec3065f9385035ad34ba272447c5e7f8936563e8c7e73da597cb66f2a527d2ac3fe503ce62769fe916095f56ab2771f0f07ad94df38cb169fe85ffeb92455de131cd554ccd9d25c617b4fcd70335b317daf251131a341f7430b382cf37c77c97e2c14b9e40e8f934eb23588b3d445aa964690cecdeb18e47cc7d7b65974652329d6318f0cf171c3b5bc007121dd22535a7a2497727cd29dd961e897da70802fd76679210667c06a526a9a3a5ee43e784a7d620a3674b8bb82341a37ac75e3a240c1d26a3ba682c50c2ddbcd7f9b17e0e3b33d22c66225f60dc0b94307a85a87268edfa44b134287b2120b19552448c7c0202c99661a41becc3c483c9ae6b2092035265b73870ba6a0afc78678a0f3c61f70ef0d3308e2e8f01e597e0dd6193f2aa4d24e7088ace4b34058f5d541e790ac3cdbdc380af39f693c6ef20e353e01fe1b374f410d62146db82ac78596eca99c895c1e62c10fc595efcc010c6ad0d7811f0610b12b03489493b4529c488764da7f406222a4e7ee880062ac3ae453cc010d667012ee96b6f5dc7aaaeadc26325da8cee020f9499e94a404250a82159684858cc556603d26e1a12a1b1cbd5455b3b3e26fa1559e39ca39bed279f0266d49c2bcbf9cb3696b8621cb46ec96670d05bfc1a1e3719ec136385eae37ed701bad6f0283f428b06184057be89b3a169d4012a197bd9b00d2e8cc1680eb907652b41f3e3cedfa855928970eb2f11d443b80f2c4e464e2060cedc99017e23afa3ec32eefa569912b06aaf558b7a8e2dff74ec82c13e9ad05d9914fa5ac01796dce6425f4e2ffd310cc13500bc37f205a58ebb860a2e562b73ea7e1aee714539e2a6ca3e9f0a3651ce3113762107e6aea5a0ed85e938e25055dc54a03dea519734a632bbc27898ba3784e1ef5cd5eb20462d3afa145a8dd04369e55db33ce40bb394f33fd9bbaf256ab1ae372755966b49346a996be69975881321acd1d979486d281c86dc77d31e9ecec00c271a6bf9abdb4d99189aab597e6335ed724bb51ba90e3374fcd935534537e37a9808c5a41ca96d2077500c6c58ac26c9c56581b69ee04b933a8fe7d06533c8206", 0x1000, 0xffff}, {&(0x7f00000012c0)="b0a6b5088d42ceba28d4c084fc525cff8ae7a71339c89710b3fa1addf20150b6078f8738c664386060026906862e6c77272b34b7eb9d68fbd14a402eef90be5bfc4191dd085c8ca6a9312a7b8d1113d42af00857ee6f6827880819be9a5cb01cf8864e0d016ab670e797a915fee027ce1b3a0ab9", 0x74, 0x7}, {&(0x7f0000001340)="20873f08f5317d2b0db4bc1004039cb4027e0bfee2530bf172eec91d60c9bbea58c3ac51605dcab8eb9ae7e57ee02a3e35b34dba48e96de0ec14e66c69651ff96152c22b8f6c651f72ed4facfd56fa8b9bca1b49a377416c8dc2ad08c201e2841738b2176fc7ddf4c9f8835db303a1f1c65023985dd63eeda62bec87b813ac711da2e729d4fd9db7d18dfa5480658b9751838dd6c7281a123b295889bb518fe1c644bef4407028a8de4b9777cefe2316c84df48444deb8f00b3d414cd49a77a0a91827c52a1328fe1c84021d538b479df44d2dcdac55829ab974170f7dc3ee6daa6d51f678b631fcf6217f864a618246ddec8a0119ae238cf8035a225e52c68ff8dd2bf4107b20149b0843c942518d5b0e457b2208c842493f5dc08090255ef4a0bbdfaee4450a4999539db032b468e556fbac9cf5c57aadc923fcf863e9ca854c0e11e0496eefcaa53718c41283d96a5d8c0ee9b51b0fdd6d90e21c0ab05a5c5e4b6c61f2807c770ae29ee0d703bc1cd44b354dd1611d880fac6af8b71ab7353770e7e102f52ebf1fc1f80a1f4c997ef3e60faea705e789a3d14f6cfb3f00484c2b1416807cbf00459a017d440c0b20c5fd938c8796a57c2616f51803283feeac9a546a850ba442b378d997a4f00465a4624bcfc4a81a7c3a9f8b77827d93086d0b78a27e530a8a28fb43d1375284726afcca51815f5e4536beb88f39447b6038de3d4109a8365c525c3cba8261bbcc16274aa21b3cb0d8ff38703e9a8c92bb4a9f04d71e4a591f519bea662ac14fd982b2ceb4d9d44e623808bcc4383acd2780b3abc9957b1487af33da6ddffb93df832c35e0fc8478a868c277f0e59e2ef9f19c95031a33461c922aa1e71fa7655ddb694a4fb4fd72ee66d3fffeaa92ed14df809d95ab9b190923f692e8d8e258ede8842a2fcb6fd51ad4052d626f3f46fbd0b5119e1b0c255976f27d4dc3f5cb9c136775b88ec1e84cc3f2a2c37e2691235878140353648a6e74aa73a91ba519063ecf33b240c3f84b6da00092aa516221078b8c1fcd615feb0935f30bdd0d15e58cfae13fca996546b48084fe23c7334ab729f00ac2a9083c90ce36878d5d5a43ad2d63821fc199429994a81054f90164e43ded75b6443acc5d0156c3cae2298609786db02ca1e5139469aa6829182ff946d4a8476a0ad14483b78f0625bb80ab130bb5c578b9070c8a095639bfa58b8cbdaf20455c1d9813b1ab8cb94273fa3c3e6dbe9dcb5d7c857a52aa310c7d9c0518bb182e94be470b41038431b2137844108c1d925b2548e32c20eef5d1a367a4fbfa65749ebb3a7b52ecca40e648a9a388df9fc6b92aea92ea590e87fd1d5229e780c867380a39f32f61d37ac73b43656f8ec5e56471ed991bdea22bc3d2da517625b135a76e83170c66aa20df44d05507163a3325b4eb03bc59a1ef4bdd566111a01162bc8a99aae0b5fdc90b2fe7f9474ab578a068262e5385e63ab0cd4b07de0197e88ec3044dba732b4d01585fa6c7300db11dd1c0746be879d8415eeb9792811aeb04372b0d0ed83ae2baae8b99f6102629a6c94f07033c47c94ba01bb989514cbe6eae155a68c6c3d89a7a72a1b307513c810cf5974c21ea2746d52e44dc4244dde7257cce2164b8d4f35b561eb7e770f103e2207f14fdc8bd6c803af9f7bc56b30d70acf716068dcef16583ebd030da62f81664a23ec9ddafdf14429a401de2baf900477cbc8c412e2f637b2e9331cf7c64abf89fc72e607d0db44f23e60c2471817e7a1090adc77b0d1bbfc3d6a1557ca57d89581d3ac91a5f2540a10b19b5553f4a0e62f539a764e416796ac98658a023a5d65d9d83797cf09d5240715c4e09dc2bd79bd8c62e01dfcad389d611b3d7ac860e72edba05d69e647a66325350db127dbccaaa5ff456e55643779273c1e584697de08d93d75eaaeef842c2e61be8d3ae05e0d539c3d426a6e4c8e6ecd46c7f08f0afee11d717d29cdf56dfa07d0880bbd85299a2e5b40a705c38bd4af3717ecd381137cbcce2ec22559cf3602edafcd426a436a304ed78ec2b4e04ac81ce6c157c37006d3f4c737df1409af175377f902a154eca832022d9518008ffbbad177685c1cf66be4dabcc6893eaab5f633babb73aa34c60139085f860af039f8096c961a7307fa3991f74bfbabd3c15f337dff8db45e77aaf6308c8c880aae06e8029ddf8bb04c1a482374060ea91ed91aa5d9806be70fd40b73302c1cf3742b27acac4f27a7bf2f2d4ba1b49af87465b462f9e1ad898dae51b6eb9827d6c877590fd8078234b4e3f333cb85418a3d57d6f1e145e958b5ce38d92e7408d785ebc50fadd5866bc7373a271aec2ca7dd5622f8455aa221a5ed9703143a687ed529ad94130443a127a2712f507eebad835f7a8aada47e972ae869078bc4bad198ad4a34cdc29e07d6c508e94a5b49f516bf07d8270e5fec345dac6e61ea548ec2df6437428763738f2c9f6511e2ec24cdca3d39445a626883bb1a901eb207a5a9d62455c2acc386c09cc93cb7ff01c06b6adf043c178aebd4d95fea26090ea989e0d0a9b8136a5229759c4a5a309e66264d96fc7a69985fd32f007fd65d491b90e513da3fd5f351fee0bf40756e9cef3a8c331f5da55a041f7ff0d947ef1ea0504ebd8d087bc54a2b2390a5b10c49c32c1c7c09e5f76b1cab03356aca681da7144f922467bb1e20f074c80e0d2589cdb813be72795b61f95be533d75fb84d37e5581e83ef6436528f1fd3deb9875fad7c86517960bdaa32f69607e556c9a617bbdba61268a68dac1d1587489ba7f32c9015d83a92cb263a35292f6725c8ca173bdebf96d315ff7d6db1877a53cfd46c5f5aeb21cc7c1191decfc39528adb78b6be5b700ba57d72f26a28d4ff9ede80a83499376c00616f3d5a82b9bf19839d9ed423c26d7bc2e5ee09c112f0e3fa8260d01d9d34b1cf012843ba321525ab08a1107b50f4897600434adebc70914f7ff11c49fcf5dea1ac95327f90ed6706ec6d743f8d939c0bd443da1674cd4e3c2d00f83ccbd0accca4cf521542d324906e7ca141f19d971b7b736f336a960d9013c703ef56ba4c3a22e050bf8083a1a290de8efc06ac1a0f321287920d59bfaa0c1ad99cb08759cedb400d0c6cf76e16e1814d5862980e2f26f16e9c9c36aa843e37f82dd8768520f437a45eea5cca47f8918552586002936fd717f404a435270a76d6ed6f4f18537956af4c4aba4cc4ea9860ceefe26002d49444fef1414044b3adad66054a528fef2078fba0914a4cf70a7dd8e51496e1dfdb8de9165f74b9d5088f52a5335279862bc8d0a730952be6af571392c6aae808f3f2390c5044e8f8e444e30f959baffe3cf5f4e0a7900ba91d5362a527c1160db562c64a0fde830ca31b64824e0c4ac822d8d9b9d45e39d4cc0d02d74c0751ef3b2816bae5dd0af3d356100997371d18ae647730d06a9f4a21194093541a815a11eb45c6d66c709638a1bff1e002ba51291295268b4aaaaf1105b16d3843ae718e7a18687cbb0a49a3480df7c20ec0fad725c54942b885f582301b7354286730fc84243ebdb566237acd6d7aee1722282d2b546a002908a560f7be2c65927e7b6a53ed37e230469bb3fd7764fbbd04313df4c2545edba2bf71680f8d90b32d50c079ed855b107d15f968008212c7f984316e835c73eb152d93f388bfd692494f61434076e42edbf1db5d09305988c405f4f02b8c962cbc9eb640b5efb5120ea16964c9f37f8611b4deb68bcea588305367381c8664937b22e1c7ddd2fd10f238d2e3ebc99ccfe09aa5e9ab37881c097a33f65a2ce090e5ab034ea605930e3860638c21e7c220ea90676a163671f5c6178c907c322ddc58de0a772f538eecd6fd2c40866375c778aaa84dd0821905e77dc4a4bcec8c0d2a86eae539ab8fde8933690a905c56d3cb4df87187d6c08e4a4780bb04a7e05f4545b176d31a94fe4935afbf38ad29aa36227efca84685346ebe8977c0e4a5f912c8e80b600f732ae3f6a0da90f8ffe219d9b89e408512b1a764f41f64494fa3080f9b4cc16185a536d19c267328919af58c038162d7d82a0ba0ffae8efbc2a8197451aa4dec915b5c5849f3e16dccdbe06a4c1d46004245022f1a65055b3ecb7d1c32b79c9f6486680ce1514e7cfa1d6983b1336d112477971d01a28a1c5ec8b590f1b97b71e27125fc6c6d03ab71c888caf0e75e3ba1420c7455576cc878ceca07e4c9103df788027c7a53db8c10b1e8fcf96ffa7d5fd8b4f8d605f95bc1af9c44b7ab251d896bf423a5da5ea2c99700fddcfbeed1e3acf73797e13b60c6f61eec663904dbf042e85b32c581da1351f67ee77167b41c4e4f734745e6c4f8d35a48282f69e08a34a5fd39a1e03d9fb042b510f603231e3324ba1b6523d3b185d89c0ad31194ad7ae1a4e8195d22feb6c682dc09c6af78a8cd63fcf09073519a3f5683c2adc76a56a676f4ece5712b0843cc72c90f49aa958d9a4c0c483f486f9b51d25caad6b36f95c3a808ea616bbbe17785333aae665e0b9a7b64adc167104afc7739f344a36ec6f96142196f4a3ab991edfbe9d4f9a67619ec98f99ad82d673f0aa5d6144eafe476d91f4aec4f8a82a9be6f97b6c628dc6ab497d93f1f8cd3c9c3d741f78e511187dcc1ce962aa249422e62e2ae3a92e5281a00073f33ae42044c820081df1b0c5ac4b8c8fd81b18685577d7076d0b75975ecaff8afb66c2f00f516c4f6a0f34c7bb3cea85c8c717d0395f9b183e572b269a1f58d6c4aca362c9b4aa19201a8678ec5abc17aa77cd2d10d92a9d223f8c1615fedc03e8144fc78f9b0235badc2dd7d23359eb91e88bcbe522b0833fbd8152feeb4d08b6a3dd02cd8d3d982748e8b2d75dd044822624953ef13e1bd875bd48ae20d513a0474cb7dc34695bf549c2fa7c0ee8d3e5c5d9c4d7dd911cb6eae0ec6a7ef3ddb1763af0b3b3be87a3056fec00dce05c675b897b45c50a5185950deffdbdf7a89b8cda6b5605b0ffc3d2f35bdbb0313d45c891085fd31e8666e256f132a66de2c5ee0323bfba9d4c41f5f8f51951eac7907bc7833ebaabea1c4ec9062b2318141cb4bb96a4e68ba67fed334d4c9c73b08609f692970f09423ce55eb2380ac2a690b29b635afba163beed9965744009856044bc713288a1b843ff8e0ff6f000c8870c569390b126d9a140c53f427e0c7d48f78c2e3e9616440aafd3524c209fa978d79d0e5edbc0c9367a1d64fd0cef2703bacf3e122dbf6f7b69849a69399b1b6cdfafe542701a88f3769ffbda3402f50f0caf7a7868af50e6722002b985161dfd89cb3200f2aa17b22152503b28c6068e45b3021d44b84920fbef14bcc560d4d3510096a1006265988ef148707c540e64599442be89a09755a48c9b12269c57ae5a78587bff0758bd5351ed05543d6286718712037e57ecd6b96797cea8eb884a66ffb82d8c2bf0d51a9626a82fd1dd1cb4ef478d9e61e8190db3ee96ba3065a9534692c00b2e72275e0dcc7e54e42540b556ce498916951ced302b0584c3fcb04464f1496290cfaa04b53a4b838fd8d3af74ac1b67b883e526d8140a31f8f7e40be79b8faae570433f778e8f36a6587080a7c66de9f40f105190b77455e3b3d3a72d98f2bc46ef89f1e270e52551459329fcc0ce6d1d3cb87f9cb5eaa647eb194ec43f157a9e5a3d0459f2361370b8067955a064c185e9d54384414b78318caa6b58708f5adcdf8219beb6629d19e30b07f64f97df1c4aeb45c79f6945900455b101608717d5a5e128af08a9fafa721d882f4", 0x1000, 0x9}, {&(0x7f0000002340)="fbc5c0921eed8c1623ad5b205fae236a56874aef552d3d3e2357d37dda185e30a83d4afd86d59e720355d3e9e35bb0c698faec7e7763e3a5ba665ee9185648e4f3062ec37ba1353d90678e6c5688b15d2597ce05c546877d793bbf55cbd0e731ae05d53a79c9d9f361992971e3871287424a07de28f01ea9e7e9a88ed2265a1f1af9951dd471b1bf402c21f5db2ecb9b714f77ddb43f88028601194649adf17f1d960e5fdd841f9cd8d71e546ce7d7dbeef23f72380d2956d02c52bcea8fa00569622d5bce98f9387a48c358abc63e2a8715e2aaf454779a96aae4eba584916a417fffdb", 0xe4, 0x80000001}], 0x4001, &(0x7f0000002540)={[{@quota='quota'}, {@umask={'umask', 0x3d, 0x80000000}}, {@discard='discard'}, {@resize='resize'}, {@nointegrity='nointegrity'}, {@gid={'gid'}}, {@errors_remount='errors=remount-ro'}], [{@context={'context', 0x3d, 'root'}}, {@uid_gt={'uid>', r4}}, {@measure='measure'}, {@pcr={'pcr', 0x3d, 0x1f}}, {@smackfsdef={'smackfsdef', 0x3d, '/dev/dri/card#\x00'}}, {@obj_user={'obj_user', 0x3d, '\'^*bdev'}}]})
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r6=>0x0}, &(0x7f0000cab000)=0xc)
setreuid(0x0, r6)
r7 = add_key$keyring(&(0x7f0000000080)='keyring\x00', &(0x7f0000000100)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffd)
keyctl$chown(0x4, r7, r6, 0x0)
syz_mount_image$jfs(&(0x7f00000001c0)='jfs\x00', &(0x7f0000000200)='./bus\x00', 0x6, 0x5, &(0x7f00000024c0)=[{&(0x7f0000000240)="01672d4b14911985c0147601da0a04d2da9f4cecc46a540de639fe302fef9932e174e04983e4b7f086d0a62d8aa3f90529eb4c63f1dda7b2dc3f91a2248d28f5c179bea4cf81151b616caf89a7d802a16fbb2deabcc3bd762140233265", 0x5d, 0xffffffffffff4e72}, {&(0x7f00000002c0)="470c79323ffd533d73f6a28777e8a31f7f7361aa5ff0df8df5e212bf1f07f05e9b78ccae51d1a8e2ef22f82a2790b73e4cf0d038f8c16ef0ac66435aae5bbe81f4989a2b4eacd50af5177bcf1458f526eb593274d227b8f2e086659892531a2809f24a99790669b99f0a50d06202d585ebc4d1652dda806f0414028a236bc8859cba7c7185a1907732efa65904b6a02a73d8e28f74bdb3065acb19751bac1327d3ecebc434dc9753bd49b36aa1e41728c3309f8b322ad3fd8ce0c9b6b2e4be3bad3bcbf3dab2a3566bc74b45f3773e9f1cc55edcc69e8f52158687cf30e3ced3ad0c277bcda3433e0b03a8252af5b95fdc3a6529b9e9b6ca6847890043c0883d2fc138deea0c08ec35837eb9692917c39ce86c4935e4887abca771688399714c7a1faac063ac0c2fb93b76e8c38b339a89301e9e35bb7791e8490dda3a0f0e79c5154326d0b1da8ac3f9a860b0297173f8e1552e0bfaf8ef5475dd0a41685df2520835209e48ef3231a2c059e1e2a0ce36ae3a837044bf231e0e23519f71c56c8e79b6aa5309fae12a35eb2da6ba856c14e6c3c6125b377dc7590c1b7412a74687639128bc205e69c892231061328b7e16112b987e47b69287d35ca0da308f1300bfd613d390aefb4fd530c9cc93474174e9787b41aba3f4e266d860edb6d9b1b4edd3a2f82f495d8478e7a3f0d05b2d14c71a17dd2aa4ab6c57173a3eafb6ced5dd146f2d8cc45617540cf35451a6c13c5ff127781dee7dcc7e0763705ab0e86ac97210423b0e74c61f984e0f3575b1de1d4437e8586d85ed5d0af7fddfec9f4913d7f7a0d72b33bfd305d097b1304f9df77b44a91d3056df8b056b7b3777b9807213942b5e386be6f6fd54f2e487dc66b4b294107dd5e4154461e060d1413c46035d8b541827ae4517394ae256af125c5fb2ae6cc2faa7486d909988643c7a04af111272e7662d95432820746938939fb9d8644f75133eef2e2bb6637b5b947061aaa49fe800569cd8a3bea2afb67bd8d22404ed5300b310515f54359519e3fcf15bfd1cd223d5e389bfdc168ee04d89967d475fab35a4289ded024f04f72f19008b4ef4747e61f41fc2b81f55d77aff7568469a01895037e10bbfd7138c53fd0753ccda1b73594417c3fadaaef9ccaec8a639aed28d23fb4eefc931dd0923bd069912da2b977989968234edb73ec9d9ae3c90e057a1937b48d4499120ee6010d5d66651b10965da5e446f9592fb13a2ecbb4978b4d9f513575f80ed643102fc107416401dad8f208c2c256b936bca6c65a19247ccaa0ff753f2735af1d075279f85825f474cbda0f1cd41c3fad8345b5add1d0c6ad7bba3724e6a88d15c8a9bd5da76ad3ea845e0af870d99044a9243abe41ae95e0c1f64c0294230681b45f58e7d780de8352ae8fc7f050fbb012ecac0b76e585450eb2ef0a434eebed468b11bbe3a68bd14fe374cad4e35db820e4045980a96ab06063550c09ce9ae68d839d6883cd748fdd92567abd8521e55013d758295777d1055bf1c78b1b0b45fadba816a9e68f82f119be3f1e0998d0b1eead81d763d7fd604d0a0d1c1e4a48614a6ee1e6a1ca5adb9e8873b299a37e22ac001fc4e833f2fd6e4e1c1b4c9457a65dd14fcfe8587299f15aca56eb663160f2040485d6eaea39aec2a842a045832b5de445c416972ff69e2fd248a248a406d6da2e42ea0909e2c48a55c49793bb458a66fee097c45d6bdb1a0c6414f10aec33f4e69ebf48223bd894290e8dfda419095a0363832100d51379d0a0c98df7a78a4a73ce93a078f7d987996086a4c3506dddcd22a56bf82e52e5710189d27527422897f0eaf7bfb042d630211ca906ff36feae938f29701a3ded80f624b9f2a40aa5edb758fd7fb0e2b85bce06d6c0251f398729f689b52f4df7ff98e3f9101e84437c9ca499e9c58ae89e541e491bd251e752712eabbe1ca239259f016bb1e85890f35b86ca6f5e49af346123c278bdf3214ced66af69973eda7db9b62c212292e834eabd012aa25ee0576d74cbf86d315b953228806282c316f5f72e243210c631ad53d980b067ab1b746b5aa13eb5142430935e0aaf6788a8d14f2dc744f564562b867bd553ae9141021b4a58012abd4b464aa09a1124449b667fb7b4ba4aef536337e04dc1f05a5291164fe6854a2172a299c3187c52f6e65ba590342809160bbf9df942d7a25587cc299eafab1ed49fd002c4d57c1dcb4b5709b151422b39e5304d297feb66663081a40cb67e41fce27d7e85dc402e40aaa8bcc9b6f9acd12ab07caf4b88681e483b3e74d14fab303037131885e9cd4a45cd81a1c66a0fd6ab77fbdbdf1c1161be32f429f7f94585c114b0c00697f1b4c45cb99319129c854b4aa46547a4c599065598c4fc170ccaa9822b7a3ff244608e0e5106558de70ab332f90a15f0af8cd023144166857c8fa8185f2e246c5ee02ede0e1ed8c3eab533f928c750f80da594c41dd3856da2c6b41603eeee7f55095ba7fd717bb8f33eb1c11d359ac3cff6fcee16c54ae0082f352789df104460202cab336ef3ed6c245fb59ca2dcfb40ed4cbaf3395b79a27004fc476246beb2cc51ebd11a999bef13bb3e8f5af71154a1e449d4f7557a5b753d58c37e3a450ee046e15b31f45df88c60b1112f0ec419a5da0b3f518d17577a9e4d55d8a769eb5d9f49c510e9f881c3d821120ad8463c937a76da2ab8c5910e754ef7255bf95a0ee2b467ae1c9c03eb73787dae3fc77aaa00926380533e31c61c65412e1a66e2bd989f4991e51aab40374636c554058d2cfed21caa1227dfce6d3451a4b822a2e8b26f247ff35eee0d72f39f198d82a5fe148001c08786c70bf2116fc830f836e8235e8a4a04a8008b0b9ec3050990ce3550c92cb969e8fa4ec3e3f9ad981d96d6ece40c3af76ba639dc88f11a9f87ef8b9497f5e4ada9018054e313a7423473f9be9bd8ba8e40edf89b9b782cb5f55003de6d36391bc4492a5a05ef196c1b55f008640189a1a059bee8753911403a9f61715d3131c74e7f6b3f0a8429ab51caf0017fab6379962d633a3c36a8b059cf6329b8e874cc08dd2193daf5f786e60177fa74283b7cd3ff764ec2786710c25f9a8096b11e2c5e98f668f1fe59fe6e181552bd5c2a79f01f5c7689149cb672752af8d7142ad1804adb774a6ebcaf214fd2ea7083e304220e8b36591020c0d984611ba6891c7948e4af2223b3a5a18f376a5ade131ae3141c02469676a76d06814d4dbc1376611162aa1d270903074df14c43b1cf824750f3ad81bcee0f9e47aa66fa012562c063eb4e523bb72576ee681e5992a6dea8886e35898dba74af5fda18cddc7f5e282117921eaf7a569c0afebbbbcbeeb1f20f030aeb673b79ed3c0242de1f294c69b9df9ee672445955b05acc0cb4cc252f2362cf20cbbd5114fc3f17baf4b8f6ed2c06225f719e8d576326115f0ac38210ab2c98502325ed08eb97f5c1cf7b8da5d8593ccf0240a2bc1fa2967bebc8b56c14eb09a77a110d1e1803e220820ee931d17aada9cc61cc06a1d00474cde80e136344130c99553702ebc4ca49c4ab4ca8a53083da3d8e6c1a1ad877157354a5b87d245817afd1f37d2c2937fcbe6e665914da386797c4811e5fc429ec974e08910c61a9f043fc6d08947af02e505be1ba171f50e1d361a63231205cd62e8128c1ae716e41f15544a81cec8c9e5b633e657f846046e945eb7cd637fd674816740628ac1330e1a483f75a405f74d885589afc5dc6fed504c3877402ff36da5a10b81ff3bc27d78cd3d1453bff64029969de20b3c7b244630f9598e5fda383af3747cb14a1bdc7ae5482b766f48e8543df5659d5769e3f3c92086edba069c3492d3e0f9741a2081390dd5b8113f3ad1d9003eb801a143b93cc6ee9180561dbf5887f5f34a4e9d0751215c604f9bd5d42b416f084e7fdf290ec2d0453bf3e71f02810982b7f5642a49f2e79a5690dd69170f441738d5a15f9d05185417bf558d8e866686150c18c247b03937abcf0f0b21f88ebd7d8f45f00ab8e58676560b2336003b8a255a9f204227fc6923c036f3afa61a65da391f5a706c3df87376ab17646427171db06cd90b2e20e1375b98ace778568d2c94a49e4bbc1e8968401346acca98ea9df83ece4a30b31db0cf06c4d2a84a35e45f7df0d03c2495385921ad141e23c663d556cb9025f6fb1b3ca12e1c7585f6d3341382e3a6f717312c06d4745de5954b0ddc9b919de0aa1a9cf831fb2d71d9e7db3e651794138278dd8cfc23cc366baa0e5c19cb8b8adf0c30a2ad2d2a485719426786ddc753bd763f480df536f3388e50b23ef99c7c50a157eba0f95f079c4fa8196f550bec1101144d69bfd95ef4b2b076b1317e86577620df4320ab9d1160b2d23482b2cd3a7ff8ae90ed582dd0ee472599603874312a12a1bfeec15343c7c83285e2e3d584db7bf6804f377960e754373f91422fd1783f5c927df5b2cb9e962cb5eaf12a627f00cf7835f83e712c31d36a6ed404cd8c4e46d1614e3b8df8ba2e58326d43b8eb12b71950ed8f601a0474d23a510aec5f1e0f54936b1769cad26ab4825e8976d18fbe096e7f004629e14f5bc1594afd0e7fb55b5d2323c105395e29d409de0f9e87419a3c7c2dac9b65540ca32be7d378b806239a06d873e6cf558c12251ae9b9456b9521aadc9373f5bc4dce083ec3065f9385035ad34ba272447c5e7f8936563e8c7e73da597cb66f2a527d2ac3fe503ce62769fe916095f56ab2771f0f07ad94df38cb169fe85ffeb92455de131cd554ccd9d25c617b4fcd70335b317daf251131a341f7430b382cf37c77c97e2c14b9e40e8f934eb23588b3d445aa964690cecdeb18e47cc7d7b65974652329d6318f0cf171c3b5bc007121dd22535a7a2497727cd29dd961e897da70802fd76679210667c06a526a9a3a5ee43e784a7d620a3674b8bb82341a37ac75e3a240c1d26a3ba682c50c2ddbcd7f9b17e0e3b33d22c66225f60dc0b94307a85a87268edfa44b134287b2120b19552448c7c0202c99661a41becc3c483c9ae6b2092035265b73870ba6a0afc78678a0f3c61f70ef0d3308e2e8f01e597e0dd6193f2aa4d24e7088ace4b34058f5d541e790ac3cdbdc380af39f693c6ef20e353e01fe1b374f410d62146db82ac78596eca99c895c1e62c10fc595efcc010c6ad0d7811f0610b12b03489493b4529c488764da7f406222a4e7ee880062ac3ae453cc010d667012ee96b6f5dc7aaaeadc26325da8cee020f9499e94a404250a82159684858cc556603d26e1a12a1b1cbd5455b3b3e26fa1559e39ca39bed279f0266d49c2bcbf9cb3696b8621cb46ec96670d05bfc1a1e3719ec136385eae37ed701bad6f0283f428b06184057be89b3a169d4012a197bd9b00d2e8cc1680eb907652b41f3e3cedfa855928970eb2f11d443b80f2c4e464e2060cedc99017e23afa3ec32eefa569912b06aaf558b7a8e2dff74ec82c13e9ad05d9914fa5ac01796dce6425f4e2ffd310cc13500bc37f205a58ebb860a2e562b73ea7e1aee714539e2a6ca3e9f0a3651ce3113762107e6aea5a0ed85e938e25055dc54a03dea519734a632bbc27898ba3784e1ef5cd5eb20462d3afa145a8dd04369e55db33ce40bb394f33fd9bbaf256ab1ae372755966b49346a996be69975881321acd1d979486d281c86dc77d31e9ecec00c271a6bf9abdb4d99189aab597e6335ed724bb51ba90e3374fcd935534537e37a9808c5a41ca96d2077500c6c58ac26c9c56581b69ee04b933a8fe7d06533c8206", 0x1000, 0xffff}, {&(0x7f00000012c0)="b0a6b5088d42ceba28d4c084fc525cff8ae7a71339c89710b3fa1addf20150b6078f8738c664386060026906862e6c77272b34b7eb9d68fbd14a402eef90be5bfc4191dd085c8ca6a9312a7b8d1113d42af00857ee6f6827880819be9a5cb01cf8864e0d016ab670e797a915fee027ce1b3a0ab9", 0x74, 0x7}, {&(0x7f0000001340)="20873f08f5317d2b0db4bc1004039cb4027e0bfee2530bf172eec91d60c9bbea58c3ac51605dcab8eb9ae7e57ee02a3e35b34dba48e96de0ec14e66c69651ff96152c22b8f6c651f72ed4facfd56fa8b9bca1b49a377416c8dc2ad08c201e2841738b2176fc7ddf4c9f8835db303a1f1c65023985dd63eeda62bec87b813ac711da2e729d4fd9db7d18dfa5480658b9751838dd6c7281a123b295889bb518fe1c644bef4407028a8de4b9777cefe2316c84df48444deb8f00b3d414cd49a77a0a91827c52a1328fe1c84021d538b479df44d2dcdac55829ab974170f7dc3ee6daa6d51f678b631fcf6217f864a618246ddec8a0119ae238cf8035a225e52c68ff8dd2bf4107b20149b0843c942518d5b0e457b2208c842493f5dc08090255ef4a0bbdfaee4450a4999539db032b468e556fbac9cf5c57aadc923fcf863e9ca854c0e11e0496eefcaa53718c41283d96a5d8c0ee9b51b0fdd6d90e21c0ab05a5c5e4b6c61f2807c770ae29ee0d703bc1cd44b354dd1611d880fac6af8b71ab7353770e7e102f52ebf1fc1f80a1f4c997ef3e60faea705e789a3d14f6cfb3f00484c2b1416807cbf00459a017d440c0b20c5fd938c8796a57c2616f51803283feeac9a546a850ba442b378d997a4f00465a4624bcfc4a81a7c3a9f8b77827d93086d0b78a27e530a8a28fb43d1375284726afcca51815f5e4536beb88f39447b6038de3d4109a8365c525c3cba8261bbcc16274aa21b3cb0d8ff38703e9a8c92bb4a9f04d71e4a591f519bea662ac14fd982b2ceb4d9d44e623808bcc4383acd2780b3abc9957b1487af33da6ddffb93df832c35e0fc8478a868c277f0e59e2ef9f19c95031a33461c922aa1e71fa7655ddb694a4fb4fd72ee66d3fffeaa92ed14df809d95ab9b190923f692e8d8e258ede8842a2fcb6fd51ad4052d626f3f46fbd0b5119e1b0c255976f27d4dc3f5cb9c136775b88ec1e84cc3f2a2c37e2691235878140353648a6e74aa73a91ba519063ecf33b240c3f84b6da00092aa516221078b8c1fcd615feb0935f30bdd0d15e58cfae13fca996546b48084fe23c7334ab729f00ac2a9083c90ce36878d5d5a43ad2d63821fc199429994a81054f90164e43ded75b6443acc5d0156c3cae2298609786db02ca1e5139469aa6829182ff946d4a8476a0ad14483b78f0625bb80ab130bb5c578b9070c8a095639bfa58b8cbdaf20455c1d9813b1ab8cb94273fa3c3e6dbe9dcb5d7c857a52aa310c7d9c0518bb182e94be470b41038431b2137844108c1d925b2548e32c20eef5d1a367a4fbfa65749ebb3a7b52ecca40e648a9a388df9fc6b92aea92ea590e87fd1d5229e780c867380a39f32f61d37ac73b43656f8ec5e56471ed991bdea22bc3d2da517625b135a76e83170c66aa20df44d05507163a3325b4eb03bc59a1ef4bdd566111a01162bc8a99aae0b5fdc90b2fe7f9474ab578a068262e5385e63ab0cd4b07de0197e88ec3044dba732b4d01585fa6c7300db11dd1c0746be879d8415eeb9792811aeb04372b0d0ed83ae2baae8b99f6102629a6c94f07033c47c94ba01bb989514cbe6eae155a68c6c3d89a7a72a1b307513c810cf5974c21ea2746d52e44dc4244dde7257cce2164b8d4f35b561eb7e770f103e2207f14fdc8bd6c803af9f7bc56b30d70acf716068dcef16583ebd030da62f81664a23ec9ddafdf14429a401de2baf900477cbc8c412e2f637b2e9331cf7c64abf89fc72e607d0db44f23e60c2471817e7a1090adc77b0d1bbfc3d6a1557ca57d89581d3ac91a5f2540a10b19b5553f4a0e62f539a764e416796ac98658a023a5d65d9d83797cf09d5240715c4e09dc2bd79bd8c62e01dfcad389d611b3d7ac860e72edba05d69e647a66325350db127dbccaaa5ff456e55643779273c1e584697de08d93d75eaaeef842c2e61be8d3ae05e0d539c3d426a6e4c8e6ecd46c7f08f0afee11d717d29cdf56dfa07d0880bbd85299a2e5b40a705c38bd4af3717ecd381137cbcce2ec22559cf3602edafcd426a436a304ed78ec2b4e04ac81ce6c157c37006d3f4c737df1409af175377f902a154eca832022d9518008ffbbad177685c1cf66be4dabcc6893eaab5f633babb73aa34c60139085f860af039f8096c961a7307fa3991f74bfbabd3c15f337dff8db45e77aaf6308c8c880aae06e8029ddf8bb04c1a482374060ea91ed91aa5d9806be70fd40b73302c1cf3742b27acac4f27a7bf2f2d4ba1b49af87465b462f9e1ad898dae51b6eb9827d6c877590fd8078234b4e3f333cb85418a3d57d6f1e145e958b5ce38d92e7408d785ebc50fadd5866bc7373a271aec2ca7dd5622f8455aa221a5ed9703143a687ed529ad94130443a127a2712f507eebad835f7a8aada47e972ae869078bc4bad198ad4a34cdc29e07d6c508e94a5b49f516bf07d8270e5fec345dac6e61ea548ec2df6437428763738f2c9f6511e2ec24cdca3d39445a626883bb1a901eb207a5a9d62455c2acc386c09cc93cb7ff01c06b6adf043c178aebd4d95fea26090ea989e0d0a9b8136a5229759c4a5a309e66264d96fc7a69985fd32f007fd65d491b90e513da3fd5f351fee0bf40756e9cef3a8c331f5da55a041f7ff0d947ef1ea0504ebd8d087bc54a2b2390a5b10c49c32c1c7c09e5f76b1cab03356aca681da7144f922467bb1e20f074c80e0d2589cdb813be72795b61f95be533d75fb84d37e5581e83ef6436528f1fd3deb9875fad7c86517960bdaa32f69607e556c9a617bbdba61268a68dac1d1587489ba7f32c9015d83a92cb263a35292f6725c8ca173bdebf96d315ff7d6db1877a53cfd46c5f5aeb21cc7c1191decfc39528adb78b6be5b700ba57d72f26a28d4ff9ede80a83499376c00616f3d5a82b9bf19839d9ed423c26d7bc2e5ee09c112f0e3fa8260d01d9d34b1cf012843ba321525ab08a1107b50f4897600434adebc70914f7ff11c49fcf5dea1ac95327f90ed6706ec6d743f8d939c0bd443da1674cd4e3c2d00f83ccbd0accca4cf521542d324906e7ca141f19d971b7b736f336a960d9013c703ef56ba4c3a22e050bf8083a1a290de8efc06ac1a0f321287920d59bfaa0c1ad99cb08759cedb400d0c6cf76e16e1814d5862980e2f26f16e9c9c36aa843e37f82dd8768520f437a45eea5cca47f8918552586002936fd717f404a435270a76d6ed6f4f18537956af4c4aba4cc4ea9860ceefe26002d49444fef1414044b3adad66054a528fef2078fba0914a4cf70a7dd8e51496e1dfdb8de9165f74b9d5088f52a5335279862bc8d0a730952be6af571392c6aae808f3f2390c5044e8f8e444e30f959baffe3cf5f4e0a7900ba91d5362a527c1160db562c64a0fde830ca31b64824e0c4ac822d8d9b9d45e39d4cc0d02d74c0751ef3b2816bae5dd0af3d356100997371d18ae647730d06a9f4a21194093541a815a11eb45c6d66c709638a1bff1e002ba51291295268b4aaaaf1105b16d3843ae718e7a18687cbb0a49a3480df7c20ec0fad725c54942b885f582301b7354286730fc84243ebdb566237acd6d7aee1722282d2b546a002908a560f7be2c65927e7b6a53ed37e230469bb3fd7764fbbd04313df4c2545edba2bf71680f8d90b32d50c079ed855b107d15f968008212c7f984316e835c73eb152d93f388bfd692494f61434076e42edbf1db5d09305988c405f4f02b8c962cbc9eb640b5efb5120ea16964c9f37f8611b4deb68bcea588305367381c8664937b22e1c7ddd2fd10f238d2e3ebc99ccfe09aa5e9ab37881c097a33f65a2ce090e5ab034ea605930e3860638c21e7c220ea90676a163671f5c6178c907c322ddc58de0a772f538eecd6fd2c40866375c778aaa84dd0821905e77dc4a4bcec8c0d2a86eae539ab8fde8933690a905c56d3cb4df87187d6c08e4a4780bb04a7e05f4545b176d31a94fe4935afbf38ad29aa36227efca84685346ebe8977c0e4a5f912c8e80b600f732ae3f6a0da90f8ffe219d9b89e408512b1a764f41f64494fa3080f9b4cc16185a536d19c267328919af58c038162d7d82a0ba0ffae8efbc2a8197451aa4dec915b5c5849f3e16dccdbe06a4c1d46004245022f1a65055b3ecb7d1c32b79c9f6486680ce1514e7cfa1d6983b1336d112477971d01a28a1c5ec8b590f1b97b71e27125fc6c6d03ab71c888caf0e75e3ba1420c7455576cc878ceca07e4c9103df788027c7a53db8c10b1e8fcf96ffa7d5fd8b4f8d605f95bc1af9c44b7ab251d896bf423a5da5ea2c99700fddcfbeed1e3acf73797e13b60c6f61eec663904dbf042e85b32c581da1351f67ee77167b41c4e4f734745e6c4f8d35a48282f69e08a34a5fd39a1e03d9fb042b510f603231e3324ba1b6523d3b185d89c0ad31194ad7ae1a4e8195d22feb6c682dc09c6af78a8cd63fcf09073519a3f5683c2adc76a56a676f4ece5712b0843cc72c90f49aa958d9a4c0c483f486f9b51d25caad6b36f95c3a808ea616bbbe17785333aae665e0b9a7b64adc167104afc7739f344a36ec6f96142196f4a3ab991edfbe9d4f9a67619ec98f99ad82d673f0aa5d6144eafe476d91f4aec4f8a82a9be6f97b6c628dc6ab497d93f1f8cd3c9c3d741f78e511187dcc1ce962aa249422e62e2ae3a92e5281a00073f33ae42044c820081df1b0c5ac4b8c8fd81b18685577d7076d0b75975ecaff8afb66c2f00f516c4f6a0f34c7bb3cea85c8c717d0395f9b183e572b269a1f58d6c4aca362c9b4aa19201a8678ec5abc17aa77cd2d10d92a9d223f8c1615fedc03e8144fc78f9b0235badc2dd7d23359eb91e88bcbe522b0833fbd8152feeb4d08b6a3dd02cd8d3d982748e8b2d75dd044822624953ef13e1bd875bd48ae20d513a0474cb7dc34695bf549c2fa7c0ee8d3e5c5d9c4d7dd911cb6eae0ec6a7ef3ddb1763af0b3b3be87a3056fec00dce05c675b897b45c50a5185950deffdbdf7a89b8cda6b5605b0ffc3d2f35bdbb0313d45c891085fd31e8666e256f132a66de2c5ee0323bfba9d4c41f5f8f51951eac7907bc7833ebaabea1c4ec9062b2318141cb4bb96a4e68ba67fed334d4c9c73b08609f692970f09423ce55eb2380ac2a690b29b635afba163beed9965744009856044bc713288a1b843ff8e0ff6f000c8870c569390b126d9a140c53f427e0c7d48f78c2e3e9616440aafd3524c209fa978d79d0e5edbc0c9367a1d64fd0cef2703bacf3e122dbf6f7b69849a69399b1b6cdfafe542701a88f3769ffbda3402f50f0caf7a7868af50e6722002b985161dfd89cb3200f2aa17b22152503b28c6068e45b3021d44b84920fbef14bcc560d4d3510096a1006265988ef148707c540e64599442be89a09755a48c9b12269c57ae5a78587bff0758bd5351ed05543d6286718712037e57ecd6b96797cea8eb884a66ffb82d8c2bf0d51a9626a82fd1dd1cb4ef478d9e61e8190db3ee96ba3065a9534692c00b2e72275e0dcc7e54e42540b556ce498916951ced302b0584c3fcb04464f1496290cfaa04b53a4b838fd8d3af74ac1b67b883e526d8140a31f8f7e40be79b8faae570433f778e8f36a6587080a7c66de9f40f105190b77455e3b3d3a72d98f2bc46ef89f1e270e52551459329fcc0ce6d1d3cb87f9cb5eaa647eb194ec43f157a9e5a3d0459f2361370b8067955a064c185e9d54384414b78318caa6b58708f5adcdf8219beb6629d19e30b07f64f97df1c4aeb45c79f6945900455b101608717d5a5e128af08a9fafa721d882f4", 0x1000, 0x9}, {&(0x7f0000002340)="fbc5c0921eed8c1623ad5b205fae236a56874aef552d3d3e2357d37dda185e30a83d4afd86d59e720355d3e9e35bb0c698faec7e7763e3a5ba665ee9185648e4f3062ec37ba1353d90678e6c5688b15d2597ce05c546877d793bbf55cbd0e731ae05d53a79c9d9f361992971e3871287424a07de28f01ea9e7e9a88ed2265a1f1af9951dd471b1bf402c21f5db2ecb9b714f77ddb43f88028601194649adf17f1d960e5fdd841f9cd8d71e546ce7d7dbeef23f72380d2956d02c52bcea8fa00569622d5bce98f9387a48c358abc63e2a8715e2aaf454779a96aae4eba584916a417fffdb", 0xe4, 0x80000001}], 0x4001, &(0x7f0000002740)={[{@quota='quota'}, {@umask={'umask', 0x3d, 0x80000000}}, {@discard='discard'}, {@resize='resize'}, {@nointegrity='nointegrity'}, {@gid={'gid'}}, {@umask={'umask', 0x3d, 0x401}}], [{@context={'context', 0x3d, 'root'}}, {@fsmagic={'fsmagic', 0x3d, 0x4}}, {@measure='measure'}, {@pcr={'pcr', 0x3d, 0x1f}}, {@smackfsdef={'smackfsdef', 0x3d, '/dev/dri/card#\x00'}}, {@obj_user={'obj_user', 0x3d, '\'^*bdev'}}]})
mount$9p_tcp(&(0x7f0000000000)='127.0.0.1\x00', &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='9p\x00', 0x129f461, &(0x7f00000001c0)={'trans=tcp,', {'port', 0x3d, 0x4e23}, 0x2c, {[{@debug={'debug', 0x3d, 0x2}}, {@fscache='fscache'}, {@cache_mmap='cache=mmap'}, {@msize={'msize', 0x3d, 0x4}}], [{@uid_eq={'uid', 0x3d, r4}}, {@fsuuid={'fsuuid', 0x3d, {[0x0, 0x63, 0x57, 0x34, 0x35, 0x55, 0x35, 0x39], 0x2d, [0x32, 0x35, 0x63, 0x66], 0x2d, [0x63, 0x35, 0x37, 0x37], 0x2d, [0x64, 0x66, 0x36, 0x61], 0x2d, [0x64, 0x38, 0x61, 0x32, 0x66, 0x38, 0x37, 0x63]}}}, {@subj_type={'subj_type', 0x3d, 'ppp1#cgroup\''}}, {@fowner_eq={'fowner', 0x3d, r6}}]}})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
r8 = openat$procfs(0xffffffffffffff9c, &(0x7f00000005c0)='/proc/sysvipc/sem\x00', 0x0, 0x0)
sendfile(r0, r8, 0x0, 0x400)

[ 2686.059183] Process accounting resumed
[ 2686.181974] audit: type=1800 audit(1588638888.054:288): pid=26942 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="syz-executor.1" name="file0" dev="sda1" ino=16531 res=0
[ 2686.220455] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[ 2686.243203] MINIX-fs: mounting unchecked file system, running fsck is recommended
[ 2686.256412] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[ 2686.289028] EXT4-fs (loop4): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[ 2686.318926] Process accounting resumed
[ 2686.360412] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[ 2686.392891] Process accounting resumed
00:34:50 executing program 3:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)="0f34", 0x2}], 0x1, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f00000001c0)=""/1, 0x1}], 0x3, 0x0, 0x0, 0x0)
tkill(r0, 0x15)
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0xab, &(0x7f0000000480)="f71559c80aa4cefd3b79e76a039acbd61caef13fff703cc78e402a21c67dbe3ec9ee6c2a3b818b0000000009eb2b5c9a61000039dfad3ec35ca3dfaa6d0e35475ace78a33eb2b7fcfdd45d247a877bbcdd0307b91e8e05257ee498343d11310dda51e11dc0d92d614498a96fd09b90c0b306ef4fcd32316c48f327739494cfd766e8741d9783e4dc2a1cccb48f7d11a12e7714d3b2ab3f7e145069c031dff4e03cebb733218d3f00c1505b"}}], 0x1c)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

00:34:50 executing program 0:
r0 = open(&(0x7f0000000080)='./bus\x00', 0x1410c2, 0x0)
ftruncate(r0, 0x88001)
write$P9_RXATTRCREATE(r0, &(0x7f0000000040)={0x3ba}, 0x7)
r1 = socket(0x11, 0x3, 0x0)
setsockopt$packet_buf(r1, 0x107, 0xf, &(0x7f0000000280)="a933fb23", 0x4)
bind(r1, &(0x7f0000000180)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x0, 0x0)
sendfile(r1, r2, 0x0, 0xffffffff00a)

00:34:50 executing program 2:
r0 = open(&(0x7f0000000180)='./bus\x00', 0x151042, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = socket(0x40000000002, 0x3, 0x2)
setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000100)='batadv0\x00', 0x10)
pipe(&(0x7f0000000000)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
write$binfmt_misc(r2, &(0x7f0000000140)=ANY=[], 0x4240a2a0)
pipe(&(0x7f0000000000)={<r3=>0xffffffffffffffff})
r4 = socket$inet_udp(0x2, 0x2, 0x0)
close(r4)
connect$inet(r4, &(0x7f0000000180)={0x2, 0x0, @multicast1}, 0x10)
splice(r3, 0x0, r4, 0x0, 0x1ffeb, 0x0)
r5 = fcntl$dupfd(0xffffffffffffffff, 0x406, r3)
ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200)
r6 = openat$procfs(0xffffffffffffff9c, &(0x7f00000005c0)='/proc/sysvipc/sem\x00', 0x0, 0x0)
sendfile(r0, r6, 0x0, 0x400)

[ 2688.597868] audit: type=1804 audit(1588638890.464:289): pid=26962 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir187076671/syzkaller.vDXwRA/1384/bus" dev="sda1" ino=16432 res=1
00:34:50 executing program 1:
open(&(0x7f0000000200)='./file0\x00', 0x1070c0, 0x0)
syz_mount_image$minix(&(0x7f0000000140)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000040)="600084e002000a0000000001000000c98f13", 0x12, 0x400}, {&(0x7f0000000880)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494fcbcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5fe6b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bd89e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb04e4cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e73872540ef4e5aecb0de86dd2a75bee61a9303a332233ff5a259b078a6", 0x326, 0x34f9}], 0x0, 0x0)
acct(&(0x7f0000000480)='./file0\x00')
umount2(&(0x7f0000000500)='./file0\x00', 0xf)

00:34:50 executing program 4:
sendmsg$NL80211_CMD_SET_REG(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="a8003ef3", @ANYRES16, @ANYBLOB="00042dbd7000fddbdf251a0000001c00228008000700020000000800010009000000080002000300000005009200010000001c0022800800040021c10000080003007d000000080003000800000008009a00020000004c0022800800040028000000080005000400000008000700010000000800030001000000084fcd971fdcd15cf93b0007000500000008000500b66800000800050001"], 0xa8}}, 0x0)
r0 = socket$unix(0x1, 0x5, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
sendmsg$AUDIT_GET(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000040), 0xc, 0x0}, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x23, &(0x7f0000000240)=[{&(0x7f00000000c0)="800000003804000019000300e60100006c370400000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0x4db, 0x400}], 0x4801, 0x0)

[ 2688.707521] audit: type=1800 audit(1588638890.574:290): pid=26971 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="syz-executor.1" name="file0" dev="sda1" ino=16645 res=0
[ 2688.734434] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
00:34:50 executing program 0:
r0 = open(&(0x7f0000000080)='./bus\x00', 0x1410c2, 0x0)
ftruncate(r0, 0x88001)
write$P9_RXATTRCREATE(r0, &(0x7f0000000040)={0x3ba}, 0x7)
r1 = socket(0x11, 0x3, 0x0)
setsockopt$packet_buf(r1, 0x107, 0xf, &(0x7f0000000280)="a933fb23", 0x4)
bind(r1, &(0x7f0000000180)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x0, 0x0)
sendfile(r1, r2, 0x0, 0xffffffff00b)

[ 2688.764667] MINIX-fs: mounting unchecked file system, running fsck is recommended
[ 2688.805359] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[ 2688.813532] Process accounting resumed
[ 2688.833630] EXT4-fs (loop4): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[ 2688.868067] audit: type=1804 audit(1588638890.734:291): pid=26981 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir187076671/syzkaller.vDXwRA/1385/bus" dev="sda1" ino=16432 res=1
[ 2688.877243] Process accounting resumed
00:34:50 executing program 1:
open(&(0x7f0000000200)='./file0\x00', 0x1070c0, 0x0)
syz_mount_image$minix(&(0x7f0000000140)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000040)="600084e002000a0000000001000000c98f13", 0x12, 0x400}, {&(0x7f0000000880)="ee9f84a43eccaf1315bb397d00c1b6dd820dd13916181dba620938cb30f1c21afe3d926298b25834e890092d642cafe5db21ba9494fcbcf66079b722e73be3a8708a3624250f9f59fbbe942997c6c1e83a34e5779e8a4f40fdb6ffe59ffe4903500d3cd8c8f3ed19ad176daf94cf7fcaf2922f8aab3becc60c8d39ddf43cd6d2e9301da3caa35719f25a83478559e0e891dcb756ee22964d03f37561f5797490a0b93506482822075ba96db35a440d046e44eb4a79986b518281609003b6fae04a18be9a83ce7efa2ab80f75c90d78f0b4179d674376db1f7ae8745641adcde0d245722744bcea2fac9445014ee2293985119573ffcc0c22eb0769de1e9e5db53aa3378a4426503010a7c6247265838211527a0132ccf883ee08a6ea1a785e47ce16663f1c744af49200d5f3bc326e7d9089a5f17d0ad05f06e48c205f9b6d087ba7d3b6745e65700c009572a65b4bfbf6687821bc723b61b5abe7357e68a9b0640bfb9c01000080000000000e840ecf379c576c05757d44b19de0e2aa364c42156219a72cc943a60f0410891ed134f35f5fe6b4cf3abbcb984436322358a7c9393724860d87253981f9e79dbeb789577ead0ede31e19a2b114a0e4d82b3e1023dd28b6382e67e3246d2912e55cf9928da32c1027cef7c6c610ea8fce149a7af20224b4e028601936ef9a78d80ff5567084ec128766e822d6124186d82e760128dd7de2653939d353c12f96deff3a28b022c784bd37df7f76640bcbcb01a4676d58b3e9c2baae66230e5f54a37527e8129d161b0c06f25648c55a7e5b2db528053c3e3864f41728b7935e575568ad114eb8c811bd89e07a398babbc64fbeab842688554783ed1551949a791e33799e59a34b6bdabc3458c379c735198292e5a272187449249d2c8a9aa58f3835a3e1716083bb04e4cbe140d1587a21e4ec2ae1f3ad81134df55903ffb8e173646352915a2c706709cf46538978224c0d6dc437cbfc37abfbd1b76feb5ca3aeb1ac8cbd40d5ba896f79ee8f76b0809f59b86862648774d2ace98b825e7a465b5dd80e491965971e7797aba3968441c77717a24ca41efb160c030cfc8e73872540ef4e5aecb0de86dd2a75bee61a9303a332233ff5a259b078a6", 0x326, 0x34f9}], 0x0, 0x0)
acct(&(0x7f0000000480)='./file0\x00')
umount2(&(0x7f0000000500)='./file0\x00', 0x10)

[ 2688.917774] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[ 2688.990282] ==================================================================
[ 2688.998241] BUG: KASAN: use-after-free in get_block+0x11e1/0x1300
[ 2689.004522] Write of size 2 at addr ffff88821293b7b8 by task syz-executor.1/6587
[ 2689.012066] 
[ 2689.013714] CPU: 0 PID: 6587 Comm: syz-executor.1 Not tainted 4.19.120-syzkaller #0
[ 2689.021520] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2689.030912] Call Trace:
[ 2689.033551]  dump_stack+0x188/0x20d
00:34:50 executing program 5:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
pipe(&(0x7f0000000000)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
write$binfmt_misc(r1, &(0x7f0000000140)=ANY=[], 0x4240a2a0)
r2 = perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000300)='cgroup.controllers\x00', 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000017c0)={r3, 0xc0, &(0x7f0000001700)={0x0, <r4=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000015c0)=0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000380), 0x0, 0x0, 0x0, 0x0, &(0x7f00000016c0)=0x5}}, 0x10)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000440)={0xffffffffffffffff, r2, 0x0, 0x9, &(0x7f0000000300)='selinux:\x00', r4}, 0x30)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000140)={r0, r1, 0x0, 0x1, &(0x7f0000000000)='\x00', r4}, 0x30)
r5 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r5, &(0x7f000099e000)={0x2, 0x4e20, @multicast1}, 0x10)
wait4(0x0, 0x0, 0x1, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)="0f34", 0x2}], 0x1, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f00000001c0)=""/1, 0x1}], 0x3, 0x0, 0x0, 0x0)
tkill(r0, 0x15)
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0xe7, &(0x7f0000000480)="f71559c80aa4cefd3b79e76a039acbd61caef13fff703cc78e402a21c67dbe3ec9ee6c2a3b818b0000000009eb2b5c9a61000039dfad3ec35ca3dfaa6d0e35475ace78a33eb2b7fcfdd45d247a877bbcdd0307b91e8e05257ee498343d11310dda51e11dc0d92d614498a96fd09b90c0b306ef4fcd32316c48f327739494cfd766e8741d9783e4dc2a1cccb48f7d11a12e7714d3b2ab3f7e145069c031dff4e03cebb733218d3f00c1505b36dae61f9430afbad35132ad1172403fa3de92466d47fa032032453d60b2a1c1080000000000000095c32dd6fb7092e7a73ceffe3f8c450343d34abd"}}], 0x1c)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

[ 2689.037212]  ? get_block+0x11e1/0x1300
[ 2689.045040]  print_address_description.cold+0x7c/0x212
[ 2689.050344]  ? get_block+0x11e1/0x1300
[ 2689.054253]  kasan_report.cold+0x88/0x2b9
[ 2689.058431]  get_block+0x11e1/0x1300
[ 2689.062174]  ? block_to_path.isra.0+0x300/0x300
[ 2689.066876]  ? lock_downgrade+0x740/0x740
[ 2689.071046]  minix_get_block+0xe5/0x110
[ 2689.075043]  __block_write_begin_int+0x480/0x17a0
[ 2689.079925]  ? minix_rename+0x8c0/0x8c0
[ 2689.083927]  ? __breadahead_gfp+0xf0/0xf0
[ 2689.088095]  ? pagecache_get_page+0x1b3/0xb20
00:34:50 executing program 4:
sendmsg$NL80211_CMD_SET_REG(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="a8003ef3", @ANYRES16, @ANYBLOB="00042dbd7000fddbdf251a0000001c00228008000700020000000800010009000000080002000300000005009200010000001c0022800800040021c10000080003007d000000080003000800000008009a00020000004c0022800800040028000000080005000400000008000700010000000800030001000000084fcd971fdcd15cf93b0007000500000008000500b66800000800050001"], 0xa8}}, 0x0)
r0 = socket$unix(0x1, 0x5, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
sendmsg$AUDIT_GET(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000040), 0xc, 0x0}, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x23, &(0x7f0000000240)=[{&(0x7f00000000c0)="800000003804000019000300e60100006c380400000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0x4db, 0x400}], 0x4801, 0x0)

[ 2689.092644]  ? wait_for_stable_page+0x124/0x3b0
[ 2689.097341]  ? minix_rename+0x8c0/0x8c0
[ 2689.101330]  block_write_begin+0x58/0x2e0
[ 2689.105483]  minix_write_begin+0x35/0xe0
[ 2689.109546]  generic_perform_write+0x1f8/0x4d0
[ 2689.114224]  ? page_endio+0x950/0x950
[ 2689.118027]  ? current_time+0x140/0x140
[ 2689.122111]  ? lock_acquire+0x170/0x400
[ 2689.126189]  __generic_file_write_iter+0x24c/0x610
[ 2689.131183]  generic_file_write_iter+0x37f/0x729
[ 2689.135944]  ? mark_held_locks+0xf0/0xf0
[ 2689.140009]  __vfs_write+0x512/0x760
[ 2689.143744]  ? kernel_read+0x110/0x110
[ 2689.147664]  ? lock_acquire+0x170/0x400
[ 2689.151649]  ? do_acct_process+0xebd/0x10e0
[ 2689.156867]  __kernel_write+0x109/0x370
[ 2689.160839]  do_acct_process+0xcd8/0x10e0
[ 2689.164979]  ? acct_on+0x760/0x760
[ 2689.168510]  ? find_held_lock+0x2d/0x110
[ 2689.172656]  ? lock_downgrade+0x740/0x740
[ 2689.176808]  acct_pin_kill+0x29/0xf0
[ 2689.180536]  pin_kill+0x17a/0x7e0
[ 2689.183987]  ? lock_downgrade+0x740/0x740
[ 2689.188145]  ? pin_insert+0x50/0x50
[ 2689.191780]  ? finish_wait+0x260/0x260
[ 2689.195675]  ? mnt_pin_kill+0x6c/0x1c0
[ 2689.199570]  ? check_preemption_disabled+0x41/0x280
[ 2689.204583]  ? mnt_pin_kill+0x6c/0x1c0
[ 2689.208513]  mnt_pin_kill+0x6c/0x1c0
[ 2689.212236]  cleanup_mnt+0x116/0x150
[ 2689.215951]  task_work_run+0x13f/0x1b0
[ 2689.219869]  exit_to_usermode_loop+0x25a/0x2b0
[ 2689.224481]  do_syscall_64+0x538/0x620
[ 2689.228405]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 2689.233621] RIP: 0033:0x45f257
[ 2689.236804] Code: 64 89 04 25 d0 02 00 00 58 5f ff d0 48 89 c7 e8 8f be ff ff 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 a6 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ad 8c fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 2689.259777] RSP: 002b:00007ffd3d5bb578 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[ 2689.267493] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 000000000045f257
[ 2689.274767] RDX: 0000000000402ff8 RSI: 0000000000000002 RDI: 00007ffd3d5bb620
[ 2689.282063] RBP: 0000000000000f65 R08: 0000000000000000 R09: 000000000000000c
[ 2689.289341] R10: 0000000000000005 R11: 0000000000000246 R12: 00007ffd3d5bc6b0
[ 2689.296627] R13: 0000000001779940 R14: 0000000000000000 R15: 00007ffd3d5bc6b0
[ 2689.303946] 
[ 2689.305623] The buggy address belongs to the page:
[ 2689.310686] page:ffffea00084a4ec0 count:0 mapcount:0 mapping:0000000000000000 index:0x1
[ 2689.318822] flags: 0x57ffe0000000000()
[ 2689.322713] raw: 057ffe0000000000 ffffea00084cf348 ffffea00084a4fc8 0000000000000000
[ 2689.330603] raw: 0000000000000001 0000000000000000 00000000ffffffff 0000000000000000
[ 2689.338501] page dumped because: kasan: bad access detected
[ 2689.344292] 
[ 2689.345931] Memory state around the buggy address:
[ 2689.350866]  ffff88821293b680: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 2689.358230]  ffff88821293b700: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 2689.365584] >ffff88821293b780: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 2689.372945]                                         ^
[ 2689.378126]  ffff88821293b800: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 2689.385478]  ffff88821293b880: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 2689.392833] ==================================================================
[ 2689.400181] Disabling lock debugging due to kernel taint
[ 2689.407814] Kernel panic - not syncing: panic_on_warn set ...
[ 2689.407814] 
[ 2689.415209] CPU: 0 PID: 6587 Comm: syz-executor.1 Tainted: G    B             4.19.120-syzkaller #0
[ 2689.424397] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2689.433847] Call Trace:
[ 2689.436470]  dump_stack+0x188/0x20d
[ 2689.440138]  panic+0x26a/0x50e
00:34:51 executing program 2:
r0 = open(&(0x7f0000000180)='./bus\x00', 0x151042, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
lstat(&(0x7f0000000000)='./bus\x00', &(0x7f0000000040))
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f00000005c0)='/proc/sysvipc/sem\x00', 0x0, 0x0)
sendfile(r0, r3, 0x0, 0x400)

[ 2689.443338]  ? __warn_printk+0xf3/0xf3
[ 2689.447281]  ? preempt_schedule_common+0x4a/0xc0
[ 2689.452049]  ? get_block+0x11e1/0x1300
[ 2689.455955]  ? ___preempt_schedule+0x16/0x18
[ 2689.460373]  ? trace_hardirqs_on+0x55/0x210
[ 2689.464709]  ? get_block+0x11e1/0x1300
[ 2689.468612]  kasan_end_report+0x43/0x49
[ 2689.472598]  kasan_report.cold+0xa4/0x2b9
[ 2689.476766]  get_block+0x11e1/0x1300
[ 2689.480502]  ? block_to_path.isra.0+0x300/0x300
[ 2689.485192]  ? lock_downgrade+0x740/0x740
[ 2689.489354]  minix_get_block+0xe5/0x110
[ 2689.493339]  __block_write_begin_int+0x480/0x17a0
[ 2689.498194]  ? minix_rename+0x8c0/0x8c0
[ 2689.502965]  ? __breadahead_gfp+0xf0/0xf0
[ 2689.507125]  ? pagecache_get_page+0x1b3/0xb20
[ 2689.511635]  ? wait_for_stable_page+0x124/0x3b0
[ 2689.516314]  ? minix_rename+0x8c0/0x8c0
[ 2689.520308]  block_write_begin+0x58/0x2e0
[ 2689.524475]  minix_write_begin+0x35/0xe0
[ 2689.528557]  generic_perform_write+0x1f8/0x4d0
[ 2689.533165]  ? page_endio+0x950/0x950
[ 2689.536982]  ? current_time+0x140/0x140
[ 2689.540972]  ? lock_acquire+0x170/0x400
[ 2689.544951]  __generic_file_write_iter+0x24c/0x610
[ 2689.549894]  generic_file_write_iter+0x37f/0x729
[ 2689.554670]  ? mark_held_locks+0xf0/0xf0
[ 2689.558752]  __vfs_write+0x512/0x760
[ 2689.562469]  ? kernel_read+0x110/0x110
[ 2689.566370]  ? lock_acquire+0x170/0x400
[ 2689.570364]  ? do_acct_process+0xebd/0x10e0
[ 2689.574693]  __kernel_write+0x109/0x370
[ 2689.578761]  do_acct_process+0xcd8/0x10e0
[ 2689.582940]  ? acct_on+0x760/0x760
[ 2689.586478]  ? find_held_lock+0x2d/0x110
[ 2689.590539]  ? lock_downgrade+0x740/0x740
[ 2689.594688]  acct_pin_kill+0x29/0xf0
[ 2689.598401]  pin_kill+0x17a/0x7e0
[ 2689.601856]  ? lock_downgrade+0x740/0x740
[ 2689.606009]  ? pin_insert+0x50/0x50
[ 2689.609641]  ? finish_wait+0x260/0x260
[ 2689.613530]  ? mnt_pin_kill+0x6c/0x1c0
[ 2689.617416]  ? check_preemption_disabled+0x41/0x280
[ 2689.622444]  ? mnt_pin_kill+0x6c/0x1c0
[ 2689.626340]  mnt_pin_kill+0x6c/0x1c0
[ 2689.630052]  cleanup_mnt+0x116/0x150
[ 2689.634405]  task_work_run+0x13f/0x1b0
[ 2689.638293]  exit_to_usermode_loop+0x25a/0x2b0
[ 2689.642886]  do_syscall_64+0x538/0x620
[ 2689.646870]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 2689.652070] RIP: 0033:0x45f257
[ 2689.655277] Code: 64 89 04 25 d0 02 00 00 58 5f ff d0 48 89 c7 e8 8f be ff ff 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 a6 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ad 8c fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 2689.674375] RSP: 002b:00007ffd3d5bb578 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[ 2689.682138] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 000000000045f257
[ 2689.689420] RDX: 0000000000402ff8 RSI: 0000000000000002 RDI: 00007ffd3d5bb620
[ 2689.696693] RBP: 0000000000000f65 R08: 0000000000000000 R09: 000000000000000c
[ 2689.704485] R10: 0000000000000005 R11: 0000000000000246 R12: 00007ffd3d5bc6b0
[ 2689.712188] R13: 0000000001779940 R14: 0000000000000000 R15: 00007ffd3d5bc6b0
[ 2689.720762] Kernel Offset: disabled
[ 2689.725202] Rebooting in 86400 seconds..