0000300)={r4}, 0xc)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000980)={0x0, 0xffffffffffffffff, 0x0, 0x5, &(0x7f0000000440)='f2fs\x00', r4}, 0x30)
r5 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r5, &(0x7f0000000200)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103ebd1b6b63ba3a098120488ff4ad8c254b6f73a5eb7532a"], 0x6b)
sendfile(r5, r5, &(0x7f00000001c0), 0x8080fffffffe)
ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_PORT(r5, 0xc0a85352, &(0x7f0000000480)={{0x7, 0x64}, 'port0\x00', 0x1, 0x10840, 0x8, 0x7f, 0x0, 0x3, 0x0, 0x0, 0x1, 0x9})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000440)={0x0, 0xffffffffffffffff, 0x0, 0xc, &(0x7f0000000280)='eth0nodevlo\x00', r4}, 0x30)
fcntl$setown(r2, 0x8, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$P9_RREADLINK(r1, &(0x7f0000000580)=ANY=[@ANYBLOB="3a258211f663a7724bdef6a53bfce1e775d740627227b11e2daf85534aa6f5083067b0248878f07a91df1acc99e664c11cbf51b4f6bff473492cfc5ead68cb6a050655a837ad411cb73394239fdd9e33efb5b63c5ff85708d8994e34841e04ec5f4962c4636b7fb34f186b86bb0467bdd13133ef429bda82f9b8e15eae491432dd2a52707c9ff05a83380901aeeba6a468acc0159117074b79e3eae14d824500eef64107f2ce8e640653058270aa2695952d83c594a125149b91f5ef4021dfcdb74078938059110bd142f3c312c6ecfa636c2567683920c19b877c0100b56a570369b4a3f1d5c222e90a05b5fbfad863ae8a14c85cf21dc7ae5e1ed8ee86c42b4c4b52f5f951d46e18aaa93e909ccf37a43455b24102c998836b67ed7064869a18b2d66a5a45630aad8094ca93f6085a68197469c0ab01a37f699b9cc9"], 0x13d)
sendfile(r1, r1, &(0x7f0000000000), 0x8080fffffffe)
r6 = socket$inet6(0xa, 0x3, 0x2c)
connect$inet6(r6, &(0x7f0000000180)={0xa, 0x0, 0x0, @local, 0x3}, 0x1c)
r7 = open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0)
sendfile(r6, r7, 0x0, 0x8482)
getsockopt$inet_pktinfo(r7, 0x0, 0x8, &(0x7f0000000040)={0x0, @loopback, @initdev}, &(0x7f0000000080)=0xc)

09:54:52 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = dup3(r2, r1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
accept4(0xffffffffffffffff, &(0x7f0000000100)=@rxrpc=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x0, 0x0, @dev}}, &(0x7f0000000000)=0x777, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30)
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004], 0x12000})
ioctl$KVM_RUN(r5, 0xae80, 0x0)

09:54:52 executing program 2:
r0 = perf_event_open(&(0x7f0000000000)={0x2, 0x70, 0x67, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x40082406, &(0x7f0000000180)='cpu\t&-6\n\x00\xff\x00\xdc.\xdf\xbbk\xad\x1b\xf3\xf6_|S\x93>\xb4\x15#b\x91\xec\xf2\x12\xbb\xd0\xcd0\xa4\xda\xa8\xe1o+\xbd}EV\xba0\xae\xee(4\xe4\x8d\x17\b\xa7\xb04G\xc28\xfb\x19\x94\xdf\x11JE\x02\x98Pm\x0f(\x98\xff\x05[\xd9\xad|\xa3\xc9Y~\xf4\xf7\xf9F\x9c\xf0\x83H\xb5\x12\xdeM\x802\x1f\xa6\x8a\x89\x1c')
ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x40082406, &(0x7f00000000c0)='/dev/net/tun\x00')

09:54:52 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = dup3(r2, r1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_ENABLE_CAP_CPU(r5, 0x4068aea3, &(0x7f0000000380)={0x7b})
accept4(0xffffffffffffffff, &(0x7f0000000480)=@rxrpc=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x0, 0x0, @dev}}, &(0x7f0000000000)=0x80, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0)
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r5, 0xae80, 0x14000000)

09:54:52 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = dup3(r2, r1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
accept4(0xffffffffffffffff, &(0x7f0000000100)=@rxrpc=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x0, 0x0, @dev}}, &(0x7f0000000000)=0x777, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30)
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r5, 0xae80, 0x0)

[  910.389351][T22470] FAT-fs (loop1): error, fat_get_cluster: invalid cluster chain (i_pos 17)
09:54:52 executing program 2:
sendmsg$NBD_CMD_STATUS(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000006c0)=ANY=[]}}, 0x0)
r0 = openat$full(0xffffffffffffff9c, &(0x7f0000000200)='/dev/full\x00', 0x10800, 0x0)
epoll_ctl$EPOLL_CTL_DEL(r0, 0x2, 0xffffffffffffffff)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
mkdir(&(0x7f0000000380)='./file0\x00', 0x0)
clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180)='devpts\x00', 0x0, &(0x7f00000001c0)='/selinux/policy\x00')
gettid()
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r1 = getpid()
sched_setattr(r1, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0)
r2 = socket$inet6(0xa, 0x2, 0x0)
recvmmsg(r2, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0)
pipe(&(0x7f00000003c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
fcntl$setpipe(r4, 0x407, 0x0)
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1000000}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r5 = socket(0x10, 0x3, 0x0)
sendmsg(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000100)="24000000560007031dfffd946f610500070000006700000077000000421ba3a20400ff7e", 0x24}], 0x1}, 0x0)
openat$fuse(0xffffffffffffff9c, 0x0, 0x2, 0x0)

[  910.435610][T22470] FAT-fs (loop1): Filesystem has been set read-only
[  910.465738][T22470] FAT-fs (loop1): error, fat_free: invalid cluster chain (i_pos 17)
[  910.492660][   T26] audit: type=1804 audit(1575885292.476:957): pid=22668 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir100869913/syzkaller.GI7b3r/567/file0/bus" dev="loop1" ino=427 res=1
[  910.645358][T22767] devpts: called with bogus options
09:54:52 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = dup3(r2, r1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_ENABLE_CAP_CPU(r5, 0x4068aea3, &(0x7f0000000380)={0x7b})
accept4(0xffffffffffffffff, &(0x7f0000000480)=@rxrpc=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x0, 0x0, @dev}}, &(0x7f0000000000)=0x80, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0)
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r5, 0xae80, 0x15000000)

09:54:52 executing program 1:
setsockopt$IP_VS_SO_SET_STARTDAEMON(0xffffffffffffffff, 0x0, 0x48b, &(0x7f00000000c0)={0x0, 'veth0_to_bond\x00'}, 0x18)
socket(0x0, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000380)=[{&(0x7f0000010000)="eb3c906d6b66732e6661f8", 0xb}], 0x0, 0x0)
r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r0)
syz_open_dev$vcsn(0x0, 0x0, 0x8003)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
connect$can_bcm(0xffffffffffffffff, 0x0, 0x0)
ioctl$sock_bt_bnep_BNEPGETCONNINFO(r1, 0x800442d3, &(0x7f0000000100)={0x0, 0xfff, 0x401, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1c}, 'yam0\x00'})
r2 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r3 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r3, 0x4, 0x2000)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000002c0)={0xffffffffffffffff, 0xc0, &(0x7f00000003c0)={0x0, <r4=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x5, 0x2, 0x8, 0x2}, &(0x7f0000000340)=0x5, 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000300)={r4}, 0xc)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000980)={0x0, 0xffffffffffffffff, 0x0, 0x5, &(0x7f0000000440)='f2fs\x00', r4}, 0x30)
r5 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r5, &(0x7f0000000340)=ANY=[], 0x0)
r6 = socket$inet6(0xa, 0x3, 0x2c)
connect$inet6(r6, &(0x7f0000000180)={0xa, 0x0, 0x0, @local, 0x3}, 0x1c)
r7 = open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0)
sendfile(r6, r7, 0x0, 0x8482)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r7, 0xc00c642d, &(0x7f00000006c0))
r8 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x6000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x200000000000df8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r9 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x11, r9, 0x0)
ioctl$PERF_EVENT_IOC_SET_OUTPUT(r8, 0x2405, r9)
r10 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x6000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x200000000000df8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r11 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x11, r11, 0x0)
ioctl$PERF_EVENT_IOC_SET_OUTPUT(r10, 0x2405, r11)
sendfile(r8, r11, &(0x7f0000000700)=0x100000001, 0x8080fffffffe)
pipe(&(0x7f0000000240)={0xffffffffffffffff, <r12=>0xffffffffffffffff})
ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_PORT(r12, 0xc0a85352, &(0x7f0000000480)={{0x7, 0x5}, 'port0\x00', 0x1, 0x50874, 0x8, 0x1, 0x6, 0x3, 0x0, 0x0, 0x1, 0x7})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000440)={0x0, 0xffffffffffffffff, 0x0, 0xc, &(0x7f0000000280)='eth0nodevlo\x00', r4}, 0x30)
fcntl$setown(r2, 0x8, 0x0)
r13 = gettid()
tkill(r13, 0x1000000000016)
perf_event_open(0x0, r13, 0x0, 0xffffffffffffffff, 0x0)
write$P9_RREADLINK(r1, &(0x7f0000000580)=ANY=[@ANYBLOB="3a258211f663a7724bded740627227b11e2daf85534aa6f5083067b0248878f07a91df1acc99e664c11cbf51b4f6bff473492cfc5ead68cb6a050655a837ad411cb7b394239fdd9e33efb5b63c5ff85708d8994e34841e04ec5f4962c4636b7fb34f186b86bb0467bdd13133ef429bda82f9b8e15eae491432dd2a52707c9ff05a83380901aeeba6a468acc0159117074b79e3eae14d824500eef64107f2ce8e640653058204aa2695952d83c594a125149b91f5ef4021dfcdb74078930559110bd142f3c312ccecfa636c2567683920c19b877c0100b56a570369b4a3f1d5c222a90a05b5fbfad863ae8a14c85cf21dc7ae5e1ed8ee86c42b4c4b52f5f951d46e18aaa93e909ccf37a43455b24102c998836b67ed7064869a18b2d66a5a45630aad8094ca93f6085a68197469c0ab01a37f699b9cc900000000000000"], 0x13d)
sendfile(r1, r1, &(0x7f0000000000), 0x8080fffffffe)
r14 = socket$inet6(0xa, 0x3, 0x2c)
connect$inet6(r14, &(0x7f0000000180)={0xa, 0x0, 0x0, @local, 0x3}, 0x1c)
r15 = open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0)
sendfile(r14, r15, 0x0, 0x8482)
getsockopt$inet_pktinfo(r15, 0x0, 0x8, &(0x7f0000000040)={0x0, @loopback, @initdev}, &(0x7f0000000080)=0xc)

09:54:52 executing program 3:
r0 = syz_open_dev$mouse(&(0x7f00000015c0)='/dev/input/mouse#\x00', 0x101, 0x80202)
pipe(&(0x7f00000006c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
close(0xffffffffffffffff)
sendmsg$nl_xfrm(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000001340)=ANY=[@ANYBLOB="f04000001a0075430000000000000000fe8000000000000000000000000000bbff0200000000000000000001800000000000730982e772f382b8000000001e7a316d8c8c1d789ddbc99e8cfaeb4240cd7c077f73790755339eac7e4f491fad5fa42261a312e06e62bd16552b44d475934ff7000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="ac1e00010000000000000000000000000000000000000000ff02000000000000000000000000000100000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000120000000000000000000000000000000000000000b20015878a77c9d5cbb5a7959fc35c342e82b9006f35b07cd3cd9b2a6f5cca7dc37c2ccb177a7e2da1d498131cd24586d2384a4d75324833904108262d2224e686c817"], 0xf0}}, 0x0)
r2 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r2, &(0x7f0000000200)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6f73a5eb7532a"], 0x6b)
sendfile(r2, r2, &(0x7f00000001c0), 0x8080fffffffe)
setsockopt$SO_VM_SOCKETS_BUFFER_MAX_SIZE(r2, 0x28, 0x2, &(0x7f0000000000)=0x401, 0x8)
r3 = fcntl$dupfd(r0, 0x0, 0xffffffffffffffff)
ioctl$SNDRV_SEQ_IOCTL_UNSUBSCRIBE_PORT(r3, 0x40505331, &(0x7f0000000100)={{0x4, 0x7}, {0x8, 0x6b}, 0x1f, 0x1, 0x7e})
prlimit64(0x0, 0x0, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
epoll_create1(0x0)
r4 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r4, 0x4, 0x42000)
mmap(&(0x7f000005b000/0x4000)=nil, 0x4000, 0x0, 0x10000000000031, 0xffffffffffffffff, 0x0)
mbind(&(0x7f0000012000/0xc00000)=nil, 0xc00000, 0x0, 0x0, 0x0, 0x2000000000002)
close(0xffffffffffffffff)
mkdir(&(0x7f00000000c0)='./file0\x00', 0x0)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)

09:54:52 executing program 2:
perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x6a, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
preadv(0xffffffffffffffff, &(0x7f0000001b00)=[{&(0x7f00000005c0)=""/2, 0x2}], 0x1, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000000)='net/softnet_stat\x00')
preadv(r0, &(0x7f00000017c0), 0x375, 0x0)

09:54:52 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = dup3(r2, r1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
accept4(0xffffffffffffffff, &(0x7f0000000100)=@rxrpc=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x0, 0x0, @dev}}, &(0x7f0000000000)=0x777, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30)
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r5, 0xae80, 0x0)

[  910.989886][T23092] FAT-fs (loop1): bogus number of reserved sectors
[  911.012763][T23092] FAT-fs (loop1): Can't find a valid FAT filesystem
[  911.124121][   T26] audit: type=1804 audit(1575885293.116:958): pid=23092 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir100869913/syzkaller.GI7b3r/568/file0/bus" dev="sda1" ino=16662 res=1
09:54:53 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
socketpair$tipc(0x1e, 0x2, 0x0, 0xfffffffffffffffe)
getpeername$tipc(0xffffffffffffffff, &(0x7f0000000100), &(0x7f0000000140)=0x10)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000000380)={0x7b})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x3000})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

09:54:53 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = dup3(r2, r1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_ENABLE_CAP_CPU(r5, 0x4068aea3, &(0x7f0000000380)={0x7b})
accept4(0xffffffffffffffff, &(0x7f0000000480)=@rxrpc=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x0, 0x0, @dev}}, &(0x7f0000000000)=0x80, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0)
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r5, 0xae80, 0x16000000)

09:54:53 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = dup3(r2, r1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
accept4(0xffffffffffffffff, &(0x7f0000000100)=@rxrpc=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x0, 0x0, @dev}}, &(0x7f0000000000)=0x777, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30)
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r5, 0xae80, 0x0)

09:54:53 executing program 3:
r0 = syz_open_dev$mouse(&(0x7f00000015c0)='/dev/input/mouse#\x00', 0x101, 0x80202)
pipe(&(0x7f00000006c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
close(0xffffffffffffffff)
sendmsg$nl_xfrm(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000001340)=ANY=[@ANYBLOB="f04000001a0075430000000000000000fe8000000000000000000000000000bbff0200000000000000000001800000000000730982e772f382b8000000001e7a316d8c8c1d789ddbc99e8cfaeb4240cd7c077f73790755339eac7e4f491fad5fa42261a312e06e62bd16552b44d475934ff7000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="ac1e00010000000000000000000000000000000000000000ff02000000000000000000000000000100000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000120000000000000000000000000000000000000000b20015878a77c9d5cbb5a7959fc35c342e82b9006f35b07cd3cd9b2a6f5cca7dc37c2ccb177a7e2da1d498131cd24586d2384a4d75324833904108262d2224e686c817"], 0xf0}}, 0x0)
fcntl$dupfd(r0, 0x0, 0xffffffffffffffff)
prlimit64(0x0, 0x0, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
epoll_create1(0x561217ef1698ea15)
r2 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r2, 0x4, 0x42000)
mmap(&(0x7f000005b000/0x4000)=nil, 0x4000, 0x0, 0x10000000000031, 0xffffffffffffffff, 0x0)
mbind(&(0x7f0000012000/0xc00000)=nil, 0xc00000, 0x0, 0x0, 0x0, 0x2000000000002)
close(0xffffffffffffffff)
mkdir(&(0x7f00000000c0)='./file0\x00', 0x0)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)

09:54:53 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ttyS3\x00', 0x0, 0x0)
dup2(r0, 0xffffffffffffffff)
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000900)={&(0x7f0000000300)=ANY=[@ANYBLOB="34c0f8bf4ac6c3a1acd4546853f2be2b3c80d0770000050000000000000100652b2216ca7a4be1f8906c695369438722c6de123ed208a01db3f62fbdf9342385fc844295c6bf54f6"], 0x1}}, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = add_key(&(0x7f0000000100)='id_resolver\x00', &(0x7f0000000140)={'syz', 0x0}, &(0x7f0000000240)="be869d3e515950ac05ece27dfed8a447ef7035baf1cf824127f0d60c36644f5bcb8c90f0a4177284dfe02185d2187fb03ea7bd5ee0a994ed2d3f06688a6feff426b384d350de136f7167516b7209f02a95fd657c00cfb6cfb147b3c4e4411760c5ef18c22d8b4624f186df4251f7dc1c5336050e3f8424da3a8f82362e1507054055aee69c6b23", 0x87, 0xfffffffffffffff9)
keyctl$get_security(0x11, r2, &(0x7f00000003c0)=""/225, 0xe1)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = fcntl$dupfd(r1, 0x0, r3)
ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200)
add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0), &(0x7f0000000100), 0x390, 0xfffffffffffffffb)

[  911.254217][   T26] audit: type=1804 audit(1575885293.166:959): pid=22993 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.1" name="/root/syzkaller-testdir100869913/syzkaller.GI7b3r/568/file0/bus" dev="sda1" ino=16662 res=1
[  911.473058][T23326] Option '                                                                                                                       ' to dns_resolver key: bad/missing value
09:54:53 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x3, 0x7312b9c512174aab, 0x100000, 0x2000, &(0x7f0000008000/0x2000)=nil})
ioctl$KVM_GET_FPU(0xffffffffffffffff, 0x81a0ae8c, &(0x7f0000000400))
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000000380)={0x7b})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0xffffffffffffffed, 0x0}, 0x1012d)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

09:54:53 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = dup3(r2, r1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_ENABLE_CAP_CPU(r5, 0x4068aea3, &(0x7f0000000380)={0x7b})
accept4(0xffffffffffffffff, &(0x7f0000000480)=@rxrpc=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x0, 0x0, @dev}}, &(0x7f0000000000)=0x80, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0)
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r5, 0xae80, 0x17000000)

09:54:53 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = dup3(r2, r1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
accept4(0xffffffffffffffff, &(0x7f0000000100)=@rxrpc=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x0, 0x0, @dev}}, &(0x7f0000000000)=0x777, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30)
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb]})
ioctl$KVM_RUN(r5, 0xae80, 0x0)

09:54:56 executing program 1:
setsockopt$IP_VS_SO_SET_STARTDAEMON(0xffffffffffffffff, 0x0, 0x48b, &(0x7f00000000c0)={0x0, 'veth0_to_bond\x00'}, 0x18)
socket(0x0, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r0)
syz_open_dev$vcsn(0x0, 0x0, 0x8003)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
connect$can_bcm(0xffffffffffffffff, 0x0, 0x0)
r2 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r3 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r3, 0x4, 0x2000)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000002c0)={0xffffffffffffffff, 0xc0, &(0x7f00000003c0)={0x0, <r4=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x5, 0x7, 0x8, 0x2}, &(0x7f0000000200)=0xfff, 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000300)={r4}, 0xc)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000980)={0x0, 0xffffffffffffffff, 0x0, 0x5, &(0x7f0000000440)='f2fs\x00', r4}, 0x30)
r5 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r5, &(0x7f0000000200)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6f73a5eb7532a"], 0x6b)
sendfile(r5, r5, &(0x7f00000001c0), 0x8080fffffffe)
ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_PORT(r5, 0xc0a85352, &(0x7f0000000480)={{0x7, 0x64}, 'port0\x00', 0x1, 0x10840, 0x8, 0x7f, 0x0, 0x3, 0x0, 0x0, 0x1, 0x9})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000440)={0x0, 0xffffffffffffffff, 0x0, 0xc, &(0x7f0000000280)='eth0nodevlo\x00', r4}, 0x30)
r6 = socket$inet6(0xa, 0x3, 0x2c)
connect$inet6(r6, &(0x7f0000000180)={0xa, 0x0, 0x0, @local, 0x3}, 0x1c)
r7 = open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0)
sendfile(r6, r7, 0x0, 0x8482)
setsockopt$inet6_tcp_TCP_REPAIR_WINDOW(r7, 0x6, 0x1d, &(0x7f0000000100)={0x880c, 0x0, 0x5, 0x0, 0x1}, 0x14)
fcntl$setown(r2, 0x8, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$P9_RREADLINK(r1, &(0x7f0000000580)=ANY=[@ANYBLOB="3a258211f663a7724bdef6a53bfce1e775d740627227b11e2daf85534aa6f5083067b0248878f07a91df1acc99e664c11cbf51b4f6bff473492cfc5ead68cb6a050655a837ad411cb73394239fdd9e33efb5b63c5ff85708d8994e34841e04ec5f4962c4636b7fb34f186b86bb0467bdd13133ef429bda82f9b8e15eae491432dd2a52707c9ff05a83380901aeeba6a468acc0159117074b79e3eae14d824500eef64107f2ce8e640653058270aa2695952d83c594a125149b91f5ef4021dfcdb74078938059110bd142f3c312c6ecfa636c2567683920c19b877c0100b56a570369b4a3f1d5c222e90a05b5fbfad863ae8a14c85cf21dc7ae5e1ed8ee86c42b4c4b52f5f951d46e18aaa93e909ccf37a43455b24102c998836b67ed7064869a18b2d66a5a45630aad8094ca93f6085a68197469c0ab01a37f699b9cc9"], 0x13d)
sendfile(r1, r1, &(0x7f0000000000), 0x8080fffffffe)
r8 = socket$inet6(0xa, 0x3, 0x2c)
connect$inet6(r8, &(0x7f0000000180)={0xa, 0x0, 0x0, @local, 0x3}, 0x1c)
r9 = open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0)
sendfile(r8, r9, 0x0, 0x8482)
getsockopt$inet_pktinfo(r9, 0x0, 0x8, &(0x7f0000000040)={0x0, @loopback, @initdev}, &(0x7f0000000080)=0xc)

09:54:56 executing program 2:
creat(&(0x7f00000000c0)='./file1\x00', 0x0)
acct(&(0x7f0000000100)='./file1\x00')

09:54:56 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = dup3(r2, r1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_ENABLE_CAP_CPU(r5, 0x4068aea3, &(0x7f0000000380)={0x7b})
accept4(0xffffffffffffffff, &(0x7f0000000480)=@rxrpc=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x0, 0x0, @dev}}, &(0x7f0000000000)=0x80, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0)
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r5, 0xae80, 0x18000000)

09:54:56 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = dup3(r2, r1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
accept4(0xffffffffffffffff, &(0x7f0000000100)=@rxrpc=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x0, 0x0, @dev}}, &(0x7f0000000000)=0x777, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30)
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb]})
ioctl$KVM_RUN(r5, 0xae80, 0x0)

09:54:56 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000000380)={0x7b})
ioctl$LOOP_SET_STATUS(0xffffffffffffffff, 0x4c02, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x3, 0x1, 0x20, 0x18, "95f3f2e1251495bb2fe3223633dafaede782758328169a3276c3043604c5c8e78b498bad4287acfe1bb25b6f92995f3fe49a025459ce7fd72d6712dfbbeaaa14", "c875b3ef083eab02cc055c980870ce40eac1f57c81f3b2ba28e6aa96a2fab3e6", [0x200, 0x5]})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

09:54:56 executing program 3:
r0 = syz_open_dev$mouse(&(0x7f00000015c0)='/dev/input/mouse#\x00', 0x101, 0x80202)
pipe(&(0x7f00000006c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
close(0xffffffffffffffff)
sendmsg$nl_xfrm(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000001340)=ANY=[@ANYBLOB="f04000001a0075430000000000000000fe8000000000000000000000000000bbff0200000000000000000001800000000000730982e772f382b8000000001e7a316d8c8c1d789ddbc99e8cfaeb4240cd7c077f73790755339eac7e4f491fad5fa42261a312e06e62bd16552b44d475934ff7000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="ac1e00010000000000000000000000000000000000000000ff02000000000000000000000000000100000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000120000000000000000000000000000000000000000b20015878a77c9d5cbb5a7959fc35c342e82b9006f35b07cd3cd9b2a6f5cca7dc37c2ccb177a7e2da1d498131cd24586d2384a4d75324833904108262d2224e686c817"], 0xf0}}, 0x0)
fcntl$dupfd(r0, 0x0, 0xffffffffffffffff)
prlimit64(0x0, 0x0, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
epoll_create1(0x0)
r2 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r2, 0x4, 0x42000)
mmap(&(0x7f000005b000/0x4000)=nil, 0x4000, 0x0, 0x10000000000031, 0xffffffffffffffff, 0x0)
mbind(&(0x7f0000012000/0xc00000)=nil, 0xc00000, 0x0, 0x0, 0x0, 0x2000000000002)
close(0xffffffffffffffff)
mkdir(&(0x7f00000000c0)='./file0\x00', 0x0)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl$KVM_GET_DIRTY_LOG(r1, 0x4010ae42, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000ffd000/0x3000)=nil})

09:54:56 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = dup3(r2, r1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
accept4(0xffffffffffffffff, &(0x7f0000000100)=@rxrpc=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x0, 0x0, @dev}}, &(0x7f0000000000)=0x777, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30)
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb]})
ioctl$KVM_RUN(r5, 0xae80, 0x0)

09:54:56 executing program 2:
sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2}, 0x0)
r0 = socket$inet6(0xa, 0x2, 0x0)
recvmmsg(r0, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0)
pipe(&(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
write(r2, 0x0, 0x0)
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, 0x0, 0x0)
pwritev(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000003040)="02", 0x1}], 0x1, 0x0)
bind$inet(0xffffffffffffffff, 0x0, 0x0)
r3 = syz_open_procfs(0x0, &(0x7f0000000180)='net/igmp6\x00')
preadv(r3, &(0x7f0000000480), 0x100000000000014a, 0xf0ffff)

[  914.437106][T23759] Process accounting resumed
09:54:56 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = dup3(r2, r1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_ENABLE_CAP_CPU(r5, 0x4068aea3, &(0x7f0000000380)={0x7b})
accept4(0xffffffffffffffff, &(0x7f0000000480)=@rxrpc=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x0, 0x0, @dev}}, &(0x7f0000000000)=0x80, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0)
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r5, 0xae80, 0x19000000)

[  914.618912][   T26] audit: type=1804 audit(1575885296.606:960): pid=23876 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir100869913/syzkaller.GI7b3r/569/file0/bus" dev="loop1" ino=428 res=1
[  914.636293][T23876] FAT-fs (loop1): error, fat_get_cluster: invalid cluster chain (i_pos 17)
09:54:56 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000001000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0x1, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000000380)={0x7b})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x3, 0x8, 0x40000004, 0x2, 0x0, 0x0, 0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x3, 0x1, 0x0, 0xfffffffffffffffe], 0x12000, 0x104180})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
r3 = socket$inet6(0xa, 0x3, 0x2c)
connect$inet6(r3, &(0x7f0000000180)={0xa, 0x0, 0x0, @local, 0x3}, 0x1c)
r4 = open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0)
r5 = socket$inet6(0xa, 0x3, 0x2c)
r6 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000000500)={&(0x7f00000004c0)='./bus\x00', 0x0, 0x10}, 0x10)
ftruncate(r6, 0x6)
connect$inet6(r5, &(0x7f0000000180)={0xa, 0x0, 0x0, @local, 0x3}, 0x1c)
r7 = open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0)
sendfile(r5, r7, 0x0, 0x8482)
r8 = syz_genetlink_get_family_id$team(&(0x7f0000000140)='team\x00')
r9 = socket(0x11, 0x800000003, 0x0)
bind(r9, &(0x7f0000000080)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80)
getsockname$packet(r9, &(0x7f0000000040)={0x11, 0x0, <r10=>0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000200)=0x97a73c6a00f90940)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000300)=ANY=[@ANYBLOB="d00800002400ffffff7f00000005ffffa6fffff7", @ANYRES32=r10, @ANYBLOB='W'], 0x3}}, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r7, &(0x7f0000000280)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000200)={&(0x7f0000000400)={0x98, r8, 0x100, 0x70bd2a, 0x25dfdbfc, {}, [{{0x8, 0x1, r10}, {0x7c, 0x2, [{0x38, 0x1, @notify_peers_count={{0x24, 0x1, 'notify_peers_count\x00'}, {0x8}, {0x8, 0x4, 0x10001}}}, {0x40, 0x1, @queue_id={{{0x24, 0x1, 'queue_id\x00'}, {0x8}, {0x8, 0x4, 0x8}}, {0x8}}}]}}]}, 0x98}, 0x1, 0x0, 0x0, 0x200a041}, 0x2400c000)
sendfile(r3, r4, 0x0, 0x8482)
ioctl$KVM_SET_CLOCK(r4, 0x4030ae7b, &(0x7f0000000080)={0xdee, 0x3})

09:54:56 executing program 3:
r0 = syz_open_dev$mouse(&(0x7f00000015c0)='/dev/input/mouse#\x00', 0x101, 0x80202)
pipe(&(0x7f00000006c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
close(0xffffffffffffffff)
sendmsg$nl_xfrm(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000480)=ANY=[@ANYBLOB="f04000001a0075430000000000000000fe8000000000000000000000000000bbff0200000000000000000001800000000000730982e772f382b8000000001e7a316d8c8c1d789ddbc99e8cfaeb4240cd7c077f73790755339eac7e4f491fad5fa42261a312e06e62bd16552b44d475934ff7000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="ac1e00010000000000000000000000000000000000000000ff02000000000000000000000000000100000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000120000000000000000000000000000000000000000b20015878a77c9d5cbb5a7959fc35c342e82b9006f35b07cd3cd9b2a6f5c11ab65ca7dc37c2ccb177a7e2da1d498131cd24586d2384a4d75324833904108262d2224e686c81708473a8c51b9cd117ed7d3759ff4b4a4bf82726ce770dcc85a1dbad8adf6d4b10b9c994baecf59a3ed3dc78bf2acff911ff557ccb15e8dd08fbb323361d9f1853dffbbfdc69bc3ab3c39c80d71da11e307f54c4d0f6e3674510305e54422d658cede063d453808faf17b75254670b1a96de5fe1f70e7af53b370d80975a0f010d05c194ee2b414f8851f2ffb2374856ad377813347c95999d29a0ab630934942626c8bed09310b552e5f35fdd9eb3ea0f3efc7377f399145bc8ec8a17dd49be74ba680d2fb"], 0xf0}}, 0x0)
fcntl$dupfd(r0, 0x0, 0xffffffffffffffff)
prlimit64(0x0, 0x0, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
epoll_create1(0x0)
r2 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r2, 0x4, 0x42000)
mmap(&(0x7f000005b000/0x4000)=nil, 0x4000, 0x0, 0x10000000000031, 0xffffffffffffffff, 0x0)
mbind(&(0x7f0000012000/0xc00000)=nil, 0xc00000, 0x0, 0x0, 0x0, 0x2000000000002)
close(0xffffffffffffffff)
mkdir(&(0x7f00000000c0)='./file0\x00', 0x0)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)

[  914.717150][T23876] FAT-fs (loop1): Filesystem has been set read-only
[  914.760745][T23876] FAT-fs (loop1): error, fat_free: invalid cluster chain (i_pos 17)
[  914.777451][T23849] FAT-fs (loop1): error, fat_get_cluster: invalid cluster chain (i_pos 17)
[  914.847244][T23849] FAT-fs (loop1): error, fat_free: invalid cluster chain (i_pos 17)
[  914.888517][   T26] audit: type=1804 audit(1575885296.866:961): pid=23984 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir100869913/syzkaller.GI7b3r/569/file0/bus" dev="loop1" ino=428 res=1
09:54:57 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = dup3(r2, r1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
accept4(0xffffffffffffffff, &(0x7f0000000100)=@rxrpc=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x0, 0x0, @dev}}, &(0x7f0000000000)=0x777, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30)
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)

09:54:57 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = dup3(r2, r1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_ENABLE_CAP_CPU(r5, 0x4068aea3, &(0x7f0000000380)={0x7b})
accept4(0xffffffffffffffff, &(0x7f0000000480)=@rxrpc=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x0, 0x0, @dev}}, &(0x7f0000000000)=0x80, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0)
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r5, 0xae80, 0x1a000000)

09:54:57 executing program 2:

09:54:57 executing program 1:
setsockopt$IP_VS_SO_SET_STARTDAEMON(0xffffffffffffffff, 0x0, 0x48b, &(0x7f00000000c0)={0x0, 'veth0_to_bond\x00'}, 0x18)
socket(0x0, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./bus\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16, 0xfffffffdfffffffe}], 0x40a010, 0x0)
r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r0)
syz_open_dev$vcsn(0x0, 0x0, 0x8003)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
connect$can_bcm(0xffffffffffffffff, 0x0, 0x0)
r2 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r3 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r3, 0x4, 0x2000)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000002c0)={0xffffffffffffffff, 0xc0, &(0x7f00000003c0)={0x0, <r4=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x5, 0x7, 0x8, 0x2}, &(0x7f0000000200)=0xfff, 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000300)={r4}, 0xc)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000980)={0x0, 0xffffffffffffffff, 0x0, 0x5, &(0x7f0000000440)='f2fs\x00', r4}, 0x30)
r5 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r5, &(0x7f0000000200)=ANY=[@ANYBLOB="d6751d6d4465d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac68f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6f73a5eb7532a"], 0x6b)
sendfile(r5, r5, &(0x7f00000001c0), 0x8080fffffffe)
ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_PORT(r5, 0xc0a85352, &(0x7f0000000480)={{0x7, 0x64}, 'port0\x00', 0x1, 0x10840, 0x8, 0x7f, 0x0, 0x3, 0x0, 0x0, 0x1, 0x9})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000440)={0x0, 0xffffffffffffffff, 0x0, 0xc, &(0x7f0000000280)='eth0nodevlo\x00', r4}, 0x30)
fcntl$setown(r2, 0x8, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$P9_RREADLINK(r1, &(0x7f0000000580)=ANY=[@ANYBLOB="3a258211f663a7724bdef6a53bfce1e775d740627227b11e2daf85534aa6f5083067b0248878f07a91df1acc99e664c11cbf51b4f6bff473492cfc5ead68cb6a050655a837ad411cb73394239fdd9e33efb5b63c5ff85708d8994e34841e04ec5f4962c4636b7fb34f186b86bb0467bdd13133ef429bda82f9b8e15eae491432dd2a52707c9ff05a83380901aeeba6a468acc0159117074b79e3eae14d824500eef64107f2ce8e640653058270aa2695952d83c594a125149b91f5ef4021dfcdb74078938059110bd142f3c312c6ecfa636c2567683920c19b877c0100b56a570369b4a3f1d5c222e90a05b5fbfad863ae8a14c85cf21dc7ae5e1ed8ee86c42b4c4b52f5f951d46e18aaa93e909ccf37a43455b24102c998836b67ed7064869a18b2d66a5a45630aad8094ca93f6085a68197469c0ab01a37f699b9cc9"], 0x13d)
sendfile(r1, r1, &(0x7f0000000000), 0x8080fffffffe)
r6 = socket$inet6(0xa, 0x3, 0x2c)
connect$inet6(r6, &(0x7f0000000180)={0xa, 0x0, 0x0, @local, 0x3}, 0x1c)
r7 = open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0)
sendfile(r6, r7, 0x0, 0x8482)
getsockopt$inet_pktinfo(r7, 0x0, 0x8, &(0x7f0000000040)={0x0, @loopback, @initdev}, &(0x7f0000000080)=0xc)
r8 = socket$inet6(0xa, 0x3, 0x2c)
connect$inet6(r8, &(0x7f0000000180)={0xa, 0x0, 0x0, @local, 0x3}, 0x1c)
r9 = open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0)
sendfile(r8, r9, 0x0, 0x8482)
ioctl$VHOST_SET_VRING_ENDIAN(r9, 0x4008af13, &(0x7f0000000100)={0x2, 0xff})

09:54:57 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000000380)={0x7b})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
r3 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r3, &(0x7f0000000200)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6f73a5eb7532a"], 0x6b)
sendfile(r3, r3, &(0x7f00000001c0), 0x8080fffffffe)
bind$nfc_llcp(r3, &(0x7f0000000100)={0x27, 0x1, 0x1, 0x5, 0x6, 0x4d, "48e3b5a506194e3afa5baa191ec4c34091eaaf33472b1629f9b23b867f93c4d108e06b754c6477d4fba7bdf58af2e6ed587f3672f98639dd6c6621eeaa4a74", 0x32}, 0x60)

09:54:57 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = dup3(r2, r1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
accept4(0xffffffffffffffff, &(0x7f0000000100)=@rxrpc=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x0, 0x0, @dev}}, &(0x7f0000000000)=0x777, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30)
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)

09:54:57 executing program 2:

09:54:57 executing program 3:
r0 = syz_open_dev$mouse(&(0x7f00000015c0)='/dev/input/mouse#\x00', 0x101, 0x80202)
pipe(&(0x7f00000006c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
close(0xffffffffffffffff)
sendmsg$nl_xfrm(r2, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000001340)=ANY=[@ANYBLOB="f04000001a0075430000000000000000fe8000000000000000000000000000bbff0200000000000000000001800000000000730982e772f382b8000000001e7a316d8c8c1d789ddbc99e8cfaeb4240cd7c077f73790755339eac7e4f491fad5fa42261a312e06e62bd16552b44d475934ff7000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="ac1e00010000000000000000000000000000000000000000ff02000000000000000000000000000100000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000120000000000000000000000000000000000000000b20015878a77c9d5cbb5a7959fc35c342e82b9006f35b07cd3cd9b2a6f5cca7dc37c2ccb177a7e2da1d498131cd24586d2384a4d75324833904108262d2224e686c817"], 0xf0}}, 0x0)
r3 = fcntl$dupfd(r0, 0x0, 0xffffffffffffffff)
prlimit64(0x0, 0x0, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
epoll_create1(0x0)
r4 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x4000000105042, 0x0)
write(r4, &(0x7f0000000200)="fdf01ae741043030219708b2e9a22414e8d9058cf44eecab83b2d28ce64965047f8122da91f2e47e046e9fc35c2d106b78bb06f5b13160ed8a0a91995e8bbea8ac66f5be7c659e654eb9a9efdeefbc8d4a0fcd31a782ec5ae3041b5f8e3a500e264144e3a5619c3a4a9f4cb16916f8910013ffc1345747a696f594e72965e81a225914af246f9a4584f20ec6b6135a9e5632230520a7bc370d9291675212ad7eb5673a1c4d7d03c415df3aab729ca15c3322d4b94626a6e508f5f2adf8f408b6799166f31c4e87ccdc3189b590ffba8b409111c7f6d36aae697d578d8024684647314eb25ee33f8392b42e5ecef3b52e19ebf6f1028cb8dcc54a11dd11b8adbb532b99d457453fbe3277a0c98672a9566c339311a4c007a143106f15054e01cafdcf6f9c6a17fb9ca3362a3a01cfedc8dbfe8bffa12dd17ba0be258156d1b4ef6f136711e49103776540bb986882aba0b7cff4e0102b105f9bea091a1b037373fcdc9f1fadfa9d21ff8f42156f74694d55058084ad477ce6c8bf47641c64d1cfe008025d87e5a02d3eba8d253e30062bdc7fe046bd590131d17ccc73a5ea27c8fb4bf752965f16301176416f440d11db988ad92726c693c5aa5b3ca28bc31ced72d0f4d12cb03fb261fe08e79e78f7aad21dc40cd694ec6e2bcb97be1c67fe59a6564924aaaa280aa94e04b9cb05bb8a0325a5d65f16cd0f8f09286a07382dce", 0x2fde00)
sendfile(r3, r4, &(0x7f0000000000)=0xffff, 0x7)
r5 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r5, 0x4, 0x42000)
mmap(&(0x7f000005b000/0x4000)=nil, 0x4000, 0x0, 0x10000000000031, 0xffffffffffffffff, 0x0)
mbind(&(0x7f0000012000/0xc00000)=nil, 0xc00000, 0x0, 0x0, 0x0, 0x2000000000002)
close(0xffffffffffffffff)
mkdir(&(0x7f00000000c0)='./file0\x00', 0x0)
r6 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x4000000105042, 0x0)
write(r6, &(0x7f0000000200)="fdf01ae741043030219708b2e9a22414e8d9058cf44eecab83b2d28ce64965047f8122da91f2e47e046e9fc35c2d106b78bb06f5b13160ed8a0a91995e8bbea8ac66f5be7c659e654eb9a9efdeefbc8d4a0fcd31a782ec5ae3041b5f8e3a500e264144e3a5619c3a4a9f4cb16916f8910013ffc1345747a696f594e72965e81a225914af246f9a4584f20ec6b6135a9e5632230520a7bc370d9291675212ad7eb5673a1c4d7d03c415df3aab729ca15c3322d4b94626a6e508f5f2adf8f408b6799166f31c4e87ccdc3189b590ffba8b409111c7f6d36aae697d578d8024684647314eb25ee33f8392b42e5ecef3b52e19ebf6f1028cb8dcc54a11dd11b8adbb532b99d457453fbe3277a0c98672a9566c339311a4c007a143106f15054e01cafdcf6f9c6a17fb9ca3362a3a01cfedc8dbfe8bffa12dd17ba0be258156d1b4ef6f136711e49103776540bb986882aba0b7cff4e0102b105f9bea091a1b037373fcdc9f1fadfa9d21ff8f42156f74694d55058084ad477ce6c8bf47641c64d1cfe008025d87e5a02d3eba8d253e30062bdc7fe046bd590131d17ccc73a5ea27c8fb4bf752965f16301176416f440d11db988ad92726c693c5aa5b3ca28bc31ced72d0f4d12cb03fb261fe08e79e78f7aad21dc40cd694ec6e2bcb97be1c67fe59a6564924aaaa280aa94e04b9cb05bb8a0325a5d65f16cd0f8f09286a07382dce", 0x2fde00)
r7 = dup3(r6, r4, 0x80000)
ioctl$DRM_IOCTL_SET_MASTER(r7, 0x641e)
ioctl$HDIO_GETGEO(r1, 0x301, &(0x7f0000000540))
r8 = syz_genetlink_get_family_id$fou(&(0x7f0000000140)='fou\x00')
sendmsg$FOU_CMD_ADD(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000480)={&(0x7f0000000180)={0x68, r8, 0x400, 0x70bd2d, 0x25dfdbff, {}, [@FOU_ATTR_TYPE={0x8, 0x4, 0x2}, @FOU_ATTR_PEER_PORT={0x8, 0xa, 0x4e24}, @FOU_ATTR_AF={0x8, 0x2, 0x2}, @FOU_ATTR_PORT={0x8, 0x1, 0x4e21}, @FOU_ATTR_REMCSUM_NOPARTIAL={0x4}, @FOU_ATTR_PEER_V4={0x8, 0x8, @empty}, @FOU_ATTR_REMCSUM_NOPARTIAL={0x4}, @FOU_ATTR_LOCAL_V6={0x14, 0x7, @mcast2}, @FOU_ATTR_PORT={0x8, 0x1, 0x4e24}, @FOU_ATTR_PEER_V4={0x8, 0x8, @multicast2}]}, 0x68}, 0x1, 0x0, 0x0, 0x4000}, 0x28000)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r9 = socket$inet6(0xa, 0x3, 0x2c)
connect$inet6(r9, &(0x7f0000000180)={0xa, 0x0, 0x0, @local, 0x3}, 0x1c)
r10 = open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0)
sendfile(r9, r10, 0x0, 0x8482)
ioctl$sock_inet_sctp_SIOCINQ(r10, 0x541b, &(0x7f0000000500))

09:54:57 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = dup3(r2, r1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_ENABLE_CAP_CPU(r5, 0x4068aea3, &(0x7f0000000380)={0x7b})
accept4(0xffffffffffffffff, &(0x7f0000000480)=@rxrpc=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x0, 0x0, @dev}}, &(0x7f0000000000)=0x80, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0)
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r5, 0xae80, 0x1b000000)

[  915.567436][T24425] kvm_hv_get_msr: 8 callbacks suppressed
[  915.567481][T24425] kvm [24424]: vcpu0, guest rIP: 0x4a Hyper-V unhandled rdmsr: 0x4000008c
[  915.595289][T24425] kvm [24424]: vcpu0, guest rIP: 0x4a Hyper-V unhandled rdmsr: 0x40000087
09:54:57 executing program 2:

[  915.611926][T24438] blk_update_request: I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 32 prio class 0
09:54:57 executing program 1:
setsockopt$IP_VS_SO_SET_STARTDAEMON(0xffffffffffffffff, 0x0, 0x48b, &(0x7f00000000c0)={0x0, 'veth0_to_bond\x00'}, 0x18)
socket(0x0, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r0)
syz_open_dev$vcsn(0x0, 0x0, 0x8003)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
connect$can_bcm(0xffffffffffffffff, 0x0, 0x0)
r2 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r3 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r3, 0x4, 0x2000)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000002c0)={0xffffffffffffffff, 0xc0, &(0x7f00000003c0)={0x0, <r4=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x5, 0x7, 0x8, 0x2}, &(0x7f0000000200)=0xfff, 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000300)={r4}, 0xc)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000980)={0x0, 0xffffffffffffffff, 0x0, 0x5, &(0x7f0000000440)='f2fs\x00', r4}, 0x30)
r5 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r5, &(0x7f00000006c0)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5fe7d0bdb4a37c7c9d80927a2aaea7c4755c1b8438a2d8643807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6f73a5eb7532a00000000000000000000000000000000b5fb474e7b7eeb3cf82c1bc949d3b7ffe8b0c1a67e601a76498ce9466d02fbc842a524debe46f1bea79876e8f0f278cb96f5b1ba37c6ee8822e16628fb2129fedd181ddeda9b1b3c24106a6dbd45209e188d4b521924f31ce8e10aac84dc6555cbac307f698ed0d34ffdaecaa1057f58571b9a72144a14a155a320e17340ea"], 0x6b)
sendfile(r5, r5, &(0x7f00000001c0), 0x8080fffffffe)
ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_PORT(r5, 0xc0a85352, &(0x7f0000000480)={{0x7, 0x64}, 'port0\x00', 0x1, 0x10840, 0x8, 0x7f, 0x0, 0x3, 0x0, 0x0, 0x1, 0x9})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000440)={0x0, 0xffffffffffffffff, 0x0, 0xc, &(0x7f0000000280)='eth0nodevlo\x00', r4}, 0x30)
fcntl$setown(r2, 0x8, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$P9_RREADLINK(r1, &(0x7f0000000580)=ANY=[@ANYBLOB="3a258211f663a7724bdef6a53bfce1e775d740627227b11e2daf85534aa6f5083067b0248878f07a91df1acc99e664c11cbf51b4f6bff473492cfc5ead68cb6a050655a837ad411cb73394239fdd9e33efb5b63c5ff85708d8994e34841e04ec5f4962c4636b7fb34f186b86bb0467bdd13133ef429bda82f9b8e15eae491432dd2a52707c9ff05a83380901aeeba6a468acc0159117074b79e3eae14d824500eef64107f2ce8e640653058270aa2695952d83c594a125149b91f5ef4021dfcdb74078938059110bd142f3c312c6ecfa636c2567683920c19b877c0100b56a570369b4a3f1d5c222e90a05b5fbfad863ae8a14c85cf21dc7ae5e1ed8ee86c42b4c4b52f5f951d46e18aaa93e909ccf37a43455b24102c998836b67ed7064869a18b2d66a5a45630aad8094ca93f6085a68197469c0ab01a37f699b9cc9"], 0x13d)
r6 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r6, &(0x7f0000000200)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6f73a5eb7532a"], 0x6b)
sendfile(r6, r6, &(0x7f00000001c0), 0x8080fffffffe)
setsockopt$inet_mtu(r6, 0x0, 0xa, &(0x7f0000000100)=0xe, 0x4)
sendfile(r1, r1, &(0x7f0000000000), 0x8080fffffffe)
r7 = socket$inet6(0xa, 0x3, 0x2c)
connect$inet6(r7, &(0x7f0000000180)={0xa, 0x0, 0x0, @local, 0x3}, 0x1c)
r8 = open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0)
sendfile(r7, r8, 0x0, 0x8482)
getsockopt$inet_pktinfo(r8, 0x0, 0x8, &(0x7f0000000040)={0x0, @loopback, @initdev}, &(0x7f0000000080)=0xc)

09:54:57 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = dup3(r2, r1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
accept4(0xffffffffffffffff, &(0x7f0000000100)=@rxrpc=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x0, 0x0, @dev}}, &(0x7f0000000000)=0x777, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30)
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)

09:54:57 executing program 2:

09:54:58 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = dup3(r2, r1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_ENABLE_CAP_CPU(r5, 0x4068aea3, &(0x7f0000000380)={0x7b})
accept4(0xffffffffffffffff, &(0x7f0000000480)=@rxrpc=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x0, 0x0, @dev}}, &(0x7f0000000000)=0x80, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0)
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r5, 0xae80, 0x1c000000)

09:54:58 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000000380)={0x7b})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x8, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

09:54:58 executing program 3:
r0 = syz_open_dev$mouse(&(0x7f00000015c0)='/dev/input/mouse#\x00', 0x101, 0x80202)
pipe(&(0x7f00000006c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
close(0xffffffffffffffff)
sendmsg$nl_xfrm(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000001340)=ANY=[@ANYBLOB="f04000001a0075430000000000000000fe8000000000000000000000000000bbff0200000000000000000001800000000000730982e772f382b8000000001e7a316d8c8c1d789ddbc99e8cfaeb4240cd7c077f73790755339eac7e4f491fad5fa42261a312e06e62bd16552b44d475934ff7000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="ac1e00010000000000000000000000000000000000000000ff02000000000000000000000000000100000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000120000000000000000000000000000000000000000b20015878a77c9d5cbb5a7959fc35c342e82b9006f35b07cd3cd9b2a6f5cca7dc37c2ccb177a7e2da1d498131cd24586d2384a4d75324833904108262d2224e686c817"], 0xf0}}, 0x0)
fcntl$dupfd(r0, 0x0, 0xffffffffffffffff)
prlimit64(0x0, 0x0, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
epoll_create1(0x0)
r2 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r1, 0x0)
r3 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r3, &(0x7f0000000200)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6f73a5eb7532a"], 0x6b)
sendfile(r3, r3, &(0x7f00000001c0), 0x8080fffffffe)
ioctl$BINDER_SET_CONTEXT_MGR(r3, 0x40046207, 0x0)
fcntl$setstatus(r2, 0x4, 0x42000)
mmap(&(0x7f000005b000/0x4000)=nil, 0x4000, 0x0, 0x10000000000031, 0xffffffffffffffff, 0x0)
mbind(&(0x7f0000012000/0xc00000)=nil, 0xc00000, 0x0, 0x0, 0x0, 0x2000000000002)
close(0xffffffffffffffff)
mkdir(&(0x7f00000000c0)='./file0\x00', 0x127)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)

09:54:58 executing program 2:

09:54:58 executing program 5:

[  916.396341][T24673] kvm [24671]: vcpu0, guest rIP: 0x4a Hyper-V unhandled rdmsr: 0x40000017
[  916.423351][   T26] audit: type=1804 audit(1575885298.416:962): pid=24675 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir100869913/syzkaller.GI7b3r/571/file0/bus" dev="sda1" ino=17297 res=1
09:54:58 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = dup3(r2, r1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_ENABLE_CAP_CPU(r5, 0x4068aea3, &(0x7f0000000380)={0x7b})
accept4(0xffffffffffffffff, &(0x7f0000000480)=@rxrpc=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x0, 0x0, @dev}}, &(0x7f0000000000)=0x80, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0)
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r5, 0xae80, 0x1d000000)

09:54:58 executing program 2:

[  916.597796][T24784] kvm [24671]: vcpu0, guest rIP: 0x4a Hyper-V unhandled rdmsr: 0x40000018
09:54:58 executing program 5:

09:54:58 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
pipe2(&(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x800)
ioctl$UFFDIO_UNREGISTER(r2, 0x8010aa01, &(0x7f0000000100)={&(0x7f0000ffb000/0x2000)=nil, 0x2000})
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
r4 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r4, &(0x7f0000000200)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6f73a5eb7532a"], 0x6b)
sendfile(r4, r4, &(0x7f00000001c0), 0x8080fffffffe)
ioctl$PPPOEIOCSFWD(r4, 0x4008b100, &(0x7f0000000140)={0x18, 0x0, {0x9, @broadcast, 'veth0\x00'}})
ioctl$KVM_ENABLE_CAP_CPU(r3, 0x4068aea3, &(0x7f0000000380)={0x7b})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30)
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
sched_yield()

[  917.067729][   T26] audit: type=1804 audit(1575885299.056:963): pid=24902 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir100869913/syzkaller.GI7b3r/571/file0/bus" dev="sda1" ino=17297 res=1
09:54:59 executing program 1:
setsockopt$IP_VS_SO_SET_STARTDAEMON(0xffffffffffffffff, 0x0, 0x48b, &(0x7f00000000c0)={0x0, 'veth0_to_bond\x00'}, 0x18)
socket(0x0, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r0)
syz_open_dev$vcsn(0x0, 0x0, 0x8003)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
connect$can_bcm(0xffffffffffffffff, 0x0, 0x0)
r2 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r3 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r3, 0x4, 0x2000)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000002c0)={0xffffffffffffffff, 0xc0, &(0x7f00000003c0)={0x0, <r4=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x5, 0x7, 0x8, 0x2}, &(0x7f0000000200)=0xfff, 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000300)={r4}, 0xc)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000980)={0x0, 0xffffffffffffffff, 0x0, 0x5, &(0x7f0000000440)='f2fs\x00', r4}, 0x30)
r5 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r5, &(0x7f0000000200)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6f73a5eb7532a"], 0x6b)
sendfile(r5, r5, &(0x7f00000001c0), 0x8080fffffffe)
ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_PORT(r5, 0xc0a85352, &(0x7f0000000480)={{0x7, 0x64}, 'port0\x00', 0x1, 0x10840, 0x8, 0x7f, 0x0, 0x3, 0x0, 0x0, 0x1, 0x9})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000440)={0x0, 0xffffffffffffffff, 0x0, 0xc, &(0x7f0000000280)='eth0nodevlo\x00', r4}, 0x30)
fcntl$setown(r2, 0x8, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$P9_RREADLINK(r1, &(0x7f0000000580)=ANY=[@ANYBLOB="3a258211f663a7724bdef6a53bfce1e775d740627227b11e2daf85534aa6f5083067b0248878f07a91df1acc99e664c11cbf51b4f6bff473492cfc5ead68cb6a050655a837ad411cb73394239fdd9e33efb5b63c5ff85708d8994e34841e04ec5f4962c4636b7fb34f186b86bb0467bdd13133ef429bda82f9b8e15eae491432dd2a52707c9ff05a83380901aeeba6a468acc0159117074b79e3eae14d824500eef64107f2ce8e640653058270aa2695952d83c594a125149b91f5ef4021dfcdb74078938059110bd142f3c312c6ecfa636c2567683920c19b877c0100b56a570369b4a3f1d5c222e90a05b5fbfad863ae8a14c85cf21dc7ae5e1ed8ee86c42b4c4b52f5f951d46e18aaa93e909ccf37a43455b24102c998836b67ed7064869a18b2d66a5a45630aad8094ca93f6085a68197469c0ab01a37f699b9cc9"], 0x13d)
sendfile(r1, r1, &(0x7f0000000000), 0x8080fffffffe)
r6 = socket$inet6(0xa, 0x3, 0x2c)
connect$inet6(r6, &(0x7f0000000180)={0xa, 0x0, 0x0, @local, 0x3}, 0x1c)
r7 = open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0)
sendfile(r6, r7, 0x0, 0x8482)
getsockopt$inet_pktinfo(r7, 0x0, 0x8, &(0x7f0000000040)={0x0, @loopback, @initdev}, &(0x7f0000000080)=0xc)

09:54:59 executing program 2:

09:54:59 executing program 3:
r0 = syz_open_dev$mouse(&(0x7f00000015c0)='/dev/input/mouse#\x00', 0x101, 0x80202)
pipe(&(0x7f00000006c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
close(0xffffffffffffffff)
sendmsg$nl_xfrm(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000001340)=ANY=[@ANYBLOB="f04000001a0075430000000000000000fe8000000000000000000000000000bbff0200000000000000000001800000000000730982e772f382b8000000001e7a316d8c8c1d789ddbc99e8cfaeb4240cd7c077f73790755339eac7e4f491fad5fa42261a312e06e62bd16552b44d475934ff7000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="ac1e00010000000000000000000000000000000000000000ff02000000000000000000000000000100000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000120000000000000000000000000000000000000000b20015878a77c9d5cbb5a7959fc35c342e82b9006f35b07cd3cd9b2a6f5cca7dc37c2ccb177a7e2da1d498131cd24586d2384a4d75324833904108262d2224e686c817"], 0xf0}}, 0x0)
fcntl$dupfd(r0, 0x0, 0xffffffffffffffff)
prlimit64(0x0, 0x0, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
epoll_create1(0x0)
r2 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r2, 0x4, 0x42000)
mmap(&(0x7f000005b000/0x4000)=nil, 0x4000, 0x0, 0x10000000000031, 0xffffffffffffffff, 0x0)
setsockopt$inet_sctp6_SCTP_HMAC_IDENT(r0, 0x84, 0x16, &(0x7f0000000000)={0x9, [0x9, 0x0, 0x6, 0x81, 0x6, 0x8, 0xfffb, 0xffff, 0x7]}, 0x16)
mbind(&(0x7f0000012000/0xc00000)=nil, 0xc00000, 0x0, 0x0, 0x0, 0x2000000000002)
close(0xffffffffffffffff)
mkdir(&(0x7f00000000c0)='./file0\x00', 0x0)
r3 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r3, &(0x7f0000000200)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6f73a5eb7532a"], 0x6b)
sendfile(r3, r3, &(0x7f00000001c0), 0x8080fffffffe)
ioctl$SIOCX25SSUBSCRIP(r3, 0x89e1, &(0x7f0000000100)={'veth0_to_bridge\x00', 0x1, 0x1000})
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)

09:54:59 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = dup3(r2, r1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_ENABLE_CAP_CPU(r5, 0x4068aea3, &(0x7f0000000380)={0x7b})
accept4(0xffffffffffffffff, &(0x7f0000000480)=@rxrpc=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x0, 0x0, @dev}}, &(0x7f0000000000)=0x80, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0)
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r5, 0xae80, 0x1e000000)

09:54:59 executing program 5:

09:54:59 executing program 2:

09:54:59 executing program 5:

09:54:59 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = dup3(r2, r1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_ENABLE_CAP_CPU(r5, 0x4068aea3, &(0x7f0000000380)={0x7b})
accept4(0xffffffffffffffff, &(0x7f0000000480)=@rxrpc=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x0, 0x0, @dev}}, &(0x7f0000000000)=0x80, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0)
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r5, 0xae80, 0x20000000)

09:54:59 executing program 5:

09:54:59 executing program 2:

[  917.908860][   T26] audit: type=1804 audit(1575885299.896:964): pid=25119 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir100869913/syzkaller.GI7b3r/572/file0/bus" dev="sda1" ino=17299 res=1
09:54:59 executing program 5:
perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x203, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000140)={<r0=>0x0, <r1=>0x0})
recvmsg$kcm(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000380), 0x10000023, &(0x7f00000002c0)=""/77, 0x42e}, 0x0)
recvmsg$kcm(r0, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)=""/17, 0x11, 0x7301}, 0x0)
sendmsg(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000100), 0x47, &(0x7f0000000000)}, 0x0)

09:55:00 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000000380)={0x7b})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb, 0x0, 0x0, 0x0, 0x1], 0x12000})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  918.385167][   T26] audit: type=1804 audit(1575885300.376:965): pid=25348 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir100869913/syzkaller.GI7b3r/572/file0/bus" dev="sda1" ino=17299 res=1
09:55:00 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000300)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0xfffffffffffffffa, 0x0, 0x0, 0x20})
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)

09:55:00 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = dup3(r2, r1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_ENABLE_CAP_CPU(r5, 0x4068aea3, &(0x7f0000000380)={0x7b})
accept4(0xffffffffffffffff, &(0x7f0000000480)=@rxrpc=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x0, 0x0, @dev}}, &(0x7f0000000000)=0x80, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0)
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r5, 0xae80, 0x29000000)

09:55:00 executing program 1:
setsockopt$IP_VS_SO_SET_STARTDAEMON(0xffffffffffffffff, 0x0, 0x48b, &(0x7f00000000c0)={0x0, 'veth0_to_bond\x00'}, 0x18)
socket(0x0, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000100)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16, 0x100}], 0x0, 0x0)
r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r0)
syz_open_dev$vcsn(0x0, 0x0, 0x8003)
r1 = open(&(0x7f0000000340)='./bus\x00', 0x155142, 0x120)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
connect$can_bcm(0xffffffffffffffff, 0x0, 0x0)
r2 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r3 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r3, 0x4, 0x2000)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000002c0)={0xffffffffffffffff, 0xc0, &(0x7f00000003c0)={0x0, <r4=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x5, 0x7, 0x8, 0x2}, &(0x7f0000000200)=0xfff, 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000300)={r4}, 0xc)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000980)={0x0, 0xffffffffffffffff, 0x0, 0x5, &(0x7f0000000440)='f2fs\x00', r4}, 0x30)
r5 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r5, &(0x7f0000000200)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6f73a5eb7532a"], 0x6b)
sendfile(r5, r5, &(0x7f00000001c0), 0x8080fffffffe)
ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_PORT(r5, 0xc0a85352, &(0x7f0000000480)={{0x7, 0x64}, 'port0\x00', 0x1, 0x10840, 0x8, 0x7f, 0x0, 0x3, 0x0, 0x0, 0x1, 0x9})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000440)={0x0, 0xffffffffffffffff, 0x0, 0xc, &(0x7f0000000280)='eth0nodevlo\x00', r4}, 0x30)
fcntl$setown(r2, 0x8, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$P9_RREADLINK(r1, &(0x7f0000000580)=ANY=[@ANYBLOB="3a258211f663a7724bdef6a53bfce1e775d740627227b11e2daf85534aa6f5083067b0248878f07a91df1acc99e664c11cbf51b4f6bff473492cfc5ead68cb6a050655a837ad411cb73394239fdd9e33efb5b63c5ff85708d8994e34841e04ec5f4962c4636b7fb34f186b86bb0467bdd13133ef429bda82f9b8e15eae491432dd2a52707c9ff05a83380901aeeba6a468acc0159117074b79e3eae14d824500eef64107f2ce8e640653058270aa2695952d83c594a125149b91f5ef4021dfcdb74078938059110bd142f3c312c6ecfa636c2567683920c19b877c0100b56a570369b4a3f1d5c222e90a05b5fbfad863ae8a14c85cf21dc7ae5e1ed8ee86c42b4c4b52f5f951d46e18aaa93e909ccf37a43455b24102c998836b67ed7064869a18b2d66a5a45630aad8094ca93f6085a68197469c0ab01a37f699b9cc9"], 0x13d)
sendfile(r1, r1, &(0x7f0000000000), 0x8080fffffffe)
r6 = socket$inet6(0xa, 0x3, 0x2c)
connect$inet6(r6, &(0x7f0000000180)={0xa, 0x0, 0x0, @local, 0x3}, 0x1c)
r7 = open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0)
sendfile(r6, r7, 0x0, 0x8482)
getsockopt$inet_pktinfo(r7, 0x0, 0x8, &(0x7f0000000040)={0x0, @loopback, @initdev}, &(0x7f0000000080)=0xc)

09:55:00 executing program 3:
syz_open_dev$mouse(&(0x7f00000015c0)='/dev/input/mouse#\x00', 0x101, 0x80202)
pipe(&(0x7f00000006c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
close(0xffffffffffffffff)
sendmsg$nl_xfrm(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000001340)=ANY=[@ANYBLOB="f04000001a0075430000000000000000fe8000000000000000000000000000bbff0200000000000000000001800000000000730982e772f382b8000000001e7a316d8c8c1d789ddbc99e8cfaeb4240cd7c077f73790755339eac7e4f491fad5fa42261a312e06e62bd16552b44d475934ff7000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="ac1e00010000000000000000000000000000000000000000ff02000000000000000000000000000100000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000120000000000000000000000000000000000000000b20015878a77c9d5cbb5a7959fc35c342e82b9006f35b07cd3cd9b2a6f5cca7dc37c2ccb177a7e2da1d498131cd24586d2384a4d75324833904108262d2224e686c817"], 0xf0}}, 0x0)
r2 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x6000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x200000000000df8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x11, r3, 0x0)
ioctl$PERF_EVENT_IOC_SET_OUTPUT(r2, 0x2405, r3)
socket$l2tp(0x18, 0x1, 0x1)
fcntl$dupfd(r2, 0x406, 0xffffffffffffffff)
prlimit64(0x0, 0x0, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
epoll_create1(0x0)
r4 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r4, 0x4, 0x42000)
mmap(&(0x7f000005b000/0x4000)=nil, 0x4000, 0x0, 0x10000000000031, 0xffffffffffffffff, 0x0)
write$char_usb(r0, &(0x7f0000000100)="6724c7bfe91c29f2fbba596454d3957a50bae9161cde030d7aa7d839a7cf9e4dfee18861cd0627e52f31c2360ec1b6d3eb1301ffc1dff5204d287f4fff3a6268ee195a5119833728f192908305a01b54ddf3dca593ede55dc9f94ac10fe535f9f6dc9df3f3afd9f2dd2a6415b3bc0448d69c273ccef7b000ffa2dd4af907618449c57f12fdc0864cbbff", 0x8a)
mbind(&(0x7f0000012000/0xc00000)=nil, 0xc00000, 0x0, 0x0, 0x0, 0x2000000000002)
close(0xffffffffffffffff)
mkdir(&(0x7f00000000c0)='./file0\x00', 0x0)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)

[  918.470344][T25351] kvm [25350]: vcpu0, guest rIP: 0x4a Hyper-V unhandled rdmsr: 0x4000008c
[  918.495292][T25351] kvm [25350]: vcpu0, guest rIP: 0x4a Hyper-V unhandled rdmsr: 0x40000087
[  918.513248][T25351] kvm [25350]: vcpu0, guest rIP: 0x4a Hyper-V unhandled rdmsr: 0x4000007d
[  918.521967][T25351] kvm [25350]: vcpu0, guest rIP: 0x4a Hyper-V unhandled rdmsr: 0x40000078
[  918.530992][T25351] kvm [25350]: vcpu0, guest rIP: 0x4a Hyper-V unhandled rdmsr: 0x4000006e
[  918.539817][T25351] kvm [25350]: vcpu0, guest rIP: 0x4a Hyper-V unhandled rdmsr: 0x40000069
09:55:00 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = dup3(r2, r1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_ENABLE_CAP_CPU(r5, 0x4068aea3, &(0x7f0000000380)={0x7b})
accept4(0xffffffffffffffff, &(0x7f0000000480)=@rxrpc=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x0, 0x0, @dev}}, &(0x7f0000000000)=0x80, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0)
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r5, 0xae80, 0x3e000000)

[  918.751314][T25463] FAT-fs (loop1): bogus number of reserved sectors
[  918.774411][T25463] FAT-fs (loop1): Can't find a valid FAT filesystem
09:55:00 executing program 2:
syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000240)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4dd2f873", 0x4b, 0x10000}], 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)

[  918.878628][   T26] audit: type=1800 audit(1575885300.866:966): pid=25463 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.1" name="bus" dev="sda1" ino=16560 res=0
[  918.948955][   T26] audit: type=1804 audit(1575885300.936:967): pid=25571 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir100869913/syzkaller.GI7b3r/573/file0/bus" dev="sda1" ino=16560 res=1
[  919.041069][   T26] audit: type=1804 audit(1575885301.016:968): pid=25463 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.1" name="/root/syzkaller-testdir100869913/syzkaller.GI7b3r/573/file0/bus" dev="sda1" ino=16560 res=1
09:55:01 executing program 5:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000040)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_ENUM_FMT(r0, 0xc0585611, &(0x7f0000000000)={0x0, 0x1, 0x0, "c4919f507759dfd1877b7a53eb0a22a41c404ccea275d6850cc3711772cec40d"})

[  919.113457][T25584] BTRFS: device fsid ecf6f2a2-2997-48ae-b81e-1b00920efd9a devid 0 transid 7600338 /dev/loop2
[  919.127536][T25571] FAT-fs (loop1): bogus number of reserved sectors
[  919.187035][T25571] FAT-fs (loop1): Can't find a valid FAT filesystem
09:55:01 executing program 3:
r0 = syz_open_dev$mouse(&(0x7f00000015c0)='/dev/input/mouse#\x00', 0x101, 0x80202)
pipe(&(0x7f00000006c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
close(0xffffffffffffffff)
sendmsg$nl_xfrm(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000100)=ANY=[@ANYBLOB="f04000001a0075430000000000000004000000000000000200000000000000000001800000000000730982e772f382b800000000d60000008c8c1d789ddbc99e8cfaeb4240cd7c077f73790755339eac7e4f491fad5fa42261a312e06e62bd16552b44d475934ff700000000000000000000000000000000e743253889fc269d4e05143540f8fdce0986", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="ac1e00010000000000000000000000000000000000000000ff020000000000000000000000000001000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000000e8bccf40000000000000000000000000000000000000000000000000000000000000000000000000000000120000000000000000000000000000000000000000b20015878a77c9d5cbb5a7959fc35c342e82b9006f35b07cd3cd9b2a6f5cca7dc37c2ccb177a7e2da1d498131cd24586d2384a4d75324833904108262d2224e686c817"], 0xf0}}, 0x0)
fcntl$dupfd(r0, 0x0, 0xffffffffffffffff)
prlimit64(0x0, 0x0, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
epoll_create1(0x0)
r2 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r2, 0x4, 0x42000)
mmap(&(0x7f000005b000/0x4000)=nil, 0x4000, 0x0, 0x10000000000031, 0xffffffffffffffff, 0x0)
mbind(&(0x7f0000012000/0xc00000)=nil, 0xc00000, 0x0, 0x0, 0x0, 0x2000000000002)
close(0xffffffffffffffff)
mkdir(&(0x7f00000000c0)='./file0\x00', 0x0)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)

[  919.217446][   T26] audit: type=1804 audit(1575885301.146:969): pid=25598 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir100869913/syzkaller.GI7b3r/573/file0/bus" dev="sda1" ino=16560 res=1
09:55:01 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = dup3(r2, r1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_ENABLE_CAP_CPU(r5, 0x4068aea3, &(0x7f0000000380)={0x7b})
accept4(0xffffffffffffffff, &(0x7f0000000480)=@rxrpc=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x0, 0x0, @dev}}, &(0x7f0000000000)=0x80, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0)
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r5, 0xae80, 0x40000000)

09:55:01 executing program 2:
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000003c0)={0x0, 0x0}, 0x20)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socketpair(0x1e, 0x0, 0x0, &(0x7f0000000140)={<r0=>0x0, 0x0})
close(r0)
socketpair(0x1e, 0x80805, 0x0, 0x0)
close(0xffffffffffffffff)
perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x203, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000140)={<r1=>0x0, <r2=>0x0})
recvmsg$kcm(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000380), 0x10000023, &(0x7f00000002c0)=""/77, 0x42e}, 0x0)
recvmsg$kcm(r1, &(0x7f0000000200)={&(0x7f0000000040)=@ax25, 0x2, &(0x7f0000000000)=[{&(0x7f0000000080)=""/151, 0x6129cde3}], 0x6e, &(0x7f00000001c0)=""/17, 0x10036, 0x7301}, 0x3f00)
sendmsg(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000100), 0x47, &(0x7f0000000000)}, 0x0)
ioctl$PERF_EVENT_IOC_SET_FILTER(0xffffffffffffffff, 0x40082406, 0x0)

09:55:01 executing program 1:
setsockopt$IP_VS_SO_SET_STARTDAEMON(0xffffffffffffffff, 0x0, 0x48b, &(0x7f00000000c0)={0x0, 'veth0_to_bond\x00'}, 0x18)
socket(0x0, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r0)
syz_open_dev$vcsn(0x0, 0x0, 0x8003)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
connect$can_bcm(0xffffffffffffffff, 0x0, 0x0)
r2 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r3 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r3, 0x4, 0x2000)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000002c0)={0xffffffffffffffff, 0xc0, &(0x7f00000003c0)={0x0, <r4=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x1005, 0x7, 0x8, 0x2}, &(0x7f0000000200)=0xfff, 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000300)={r4}, 0xc)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000980)={0x0, 0xffffffffffffffff, 0x0, 0x5, &(0x7f0000000440)='f2fs\x00', r4}, 0x30)
r5 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r5, &(0x7f0000000200)=ANY=[@ANYBLOB="d6751d6d4465cecb724eabb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6f73a5e7a532a"], 0x6b)
sendfile(r5, r5, &(0x7f00000001c0), 0x8080fffffffe)
ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_PORT(r5, 0xc0a85352, &(0x7f0000000480)={{0x7, 0x64}, 'port0\x00', 0x1, 0x10840, 0x8, 0x7f, 0x0, 0x3, 0x0, 0x0, 0x1, 0x9})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000440)={0x0, 0xffffffffffffffff, 0x0, 0xc, &(0x7f0000000280)='eth0nodevlo\x00', r4}, 0x30)
fcntl$setown(r2, 0x8, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$P9_RREADLINK(r1, &(0x7f0000000580)=ANY=[@ANYBLOB="3a258211f663a7724bdef6a53bfce1e775d740627227b11e2daf85534aa6f5083067b0248878f07a91df1acc99e664c11cbf51b4f6bff473492cfc5ead68cb6a050655a837ad411cb73394239fdd9e33efb5b63c5ff85708d8994e34841e04ec5f4962c4636b7fb34f186b86bb0467bdd13133ef429bda82f9b8e15eae491432dd2a52707c9ff05a83380901aeeba6a468acc0159117074b79e3eae14d824500eef64107f2ce8e640653058270aa2695952d83c594a125149b91f5ef4021dfcdb74078938059110bd142f3c312c6ecfa636c2567683920c19b877c0100b56a570369b4a3f1d5c222e90a05b5fbfad863ae8a14c85cf21dc7ae5e1ed8ee86c42b4c4b52f5f951d46e18aaa93e909ccf37a43455b24102c998836b67ed7064869a18b2d66a5a45630aad8094ca93f6085a68197469c0ab01a37f699b9cc9"], 0x13d)
sendfile(r1, r1, &(0x7f0000000000), 0x8080fffffffe)
r6 = socket$inet6(0xa, 0x3, 0x2c)
connect$inet6(r6, &(0x7f0000000180)={0xa, 0x0, 0x0, @local, 0x3}, 0x1c)
r7 = open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0)
sendfile(r6, r7, 0x0, 0x8482)
getsockopt$inet_pktinfo(r7, 0x0, 0x8, &(0x7f0000000040)={0x0, @loopback, @initdev}, &(0x7f0000000080)=0xc)

09:55:01 executing program 5:
setsockopt$IP_VS_SO_SET_STARTDAEMON(0xffffffffffffffff, 0x0, 0x48b, &(0x7f00000000c0)={0x0, 'veth0_to_bond\x00'}, 0x18)
socket(0x0, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r0)
syz_open_dev$vcsn(0x0, 0x0, 0x8003)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
connect$can_bcm(0xffffffffffffffff, 0x0, 0x0)
r2 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r3 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r3, 0x4, 0x2000)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000002c0)={0xffffffffffffffff, 0xc0, &(0x7f00000003c0)={0x0, <r4=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x5, 0x7, 0x8, 0x2}, &(0x7f0000000200)=0xfff, 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000300)={r4}, 0xc)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000980)={0x0, 0xffffffffffffffff, 0x0, 0x5, &(0x7f0000000440)='f2fs\x00', r4}, 0x30)
r5 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r5, &(0x7f00000006c0)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5fe7d0bdb4a37c7c9d80927a2aaea7c4755c1b8438a2d8643807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6f73a5eb7532a00000000000000000000000000000000b5fb474e7b7eeb3cf82c1bc949d3b7ffe8b0c1a67e601a76498ce9466d02fbc842a524debe46f1bea79876e8f0f278cb96f5b1ba37c6ee8822e16628fb2129fedd181ddeda9b1b3c24106a6dbd45209e188d4b521924f31ce8e10aac84dc6555cbac307f698ed0d34ffdaecaa1057f58571b9a72144a14a155a320e17340ea"], 0x6b)
sendfile(r5, r5, &(0x7f00000001c0), 0x8080fffffffe)
ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_PORT(r5, 0xc0a85352, &(0x7f0000000480)={{0x7, 0x64}, 'port0\x00', 0x1, 0x10840, 0x8, 0x7f, 0x0, 0x3, 0x0, 0x0, 0x1, 0x9})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000440)={0x0, 0xffffffffffffffff, 0x0, 0xc, &(0x7f0000000280)='eth0nodevlo\x00', r4}, 0x30)
fcntl$setown(r2, 0x8, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$P9_RREADLINK(r1, &(0x7f0000000580)=ANY=[@ANYBLOB="3a258211f663a7724bdef6a53bfce1e775d740627227b11e2daf85534aa6f5083067b0248878f07a91df1acc99e664c11cbf51b4f6bff473492cfc5ead68cb6a050655a837ad411cb73394239fdd9e33efb5b63c5ff85708d8994e34841e04ec5f4962c4636b7fb34f186b86bb0467bdd13133ef429bda82f9b8e15eae491432dd2a52707c9ff05a83380901aeeba6a468acc0159117074b79e3eae14d824500eef64107f2ce8e640653058270aa2695952d83c594a125149b91f5ef4021dfcdb74078938059110bd142f3c312c6ecfa636c2567683920c19b877c0100b56a570369b4a3f1d5c222e90a05b5fbfad863ae8a14c85cf21dc7ae5e1ed8ee86c42b4c4b52f5f951d46e18aaa93e909ccf37a43455b24102c998836b67ed7064869a18b2d66a5a45630aad8094ca93f6085a68197469c0ab01a37f699b9cc9"], 0x13d)
r6 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r6, &(0x7f0000000200)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6f73a5eb7532a"], 0x6b)
sendfile(r6, r6, &(0x7f00000001c0), 0x8080fffffffe)
setsockopt$inet_mtu(r6, 0x0, 0xa, &(0x7f0000000100)=0xe, 0x4)
sendfile(r1, r1, &(0x7f0000000000), 0x8080fffffffe)
r7 = socket$inet6(0xa, 0x3, 0x2c)
connect$inet6(r7, &(0x7f0000000180)={0xa, 0x0, 0x0, @local, 0x3}, 0x1c)
r8 = open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0)
sendfile(r7, r8, 0x0, 0x8482)
getsockopt$inet_pktinfo(r8, 0x0, 0x8, &(0x7f0000000040)={0x0, @loopback, @initdev}, &(0x7f0000000080)=0xc)

09:55:01 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text64={0x40, &(0x7f0000000100)="b9bb080000b8e75e0000ba000000000f30440f00d0b9800000c00f3235000400000f300f3266ba4000ed0fc72d34e3ffff450f929800900000c4819dde4232f34502d2c48379629e00b8ffff00", 0x4d}], 0x1, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000000380)={0x7b})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  919.736981][T26046] kvm [25904]: vcpu0, guest rIP: 0x10f Hyper-V uhandled wrmsr: 0x40000004 data 0x5ee7
09:55:01 executing program 3:
r0 = syz_open_dev$mouse(&(0x7f00000015c0)='/dev/input/mouse#\x00', 0x101, 0x80202)
pipe(&(0x7f00000006c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
close(0xffffffffffffffff)
sendmsg$nl_xfrm(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000001340)=ANY=[@ANYBLOB="f04000001a0075430000000000000000fe8000000000000000000000000000bbff0200000000000000000001800000000000730982e772f382b8000000001e7a316d8c8c1d789ddbc99e8cfaeb4240cd7c077f73790755339eac7e4f491fad5fa42261a312e06e62bd16552b44d475934ff7000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="ac1e00010000000000000000000000000000000000000000ff02000000000000000000000000000100000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000120000000000000000000000000000000000000000b20015878a77c9d5cbb5a7959fc35c342e82b9006f35b07cd3cd9b2a6f5cca7dc37c2ccb177a7e2da1d498131cd24586d2384a4d75324833904108262d2224e686c817"], 0xf0}}, 0x0)
ioctl$DRM_IOCTL_DROP_MASTER(r1, 0x641f)
fcntl$dupfd(r0, 0x0, 0xffffffffffffffff)
prlimit64(0x0, 0x0, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
epoll_create1(0x0)
r2 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r2, 0x4, 0x42000)
mmap(&(0x7f000005b000/0x4000)=nil, 0x4000, 0x0, 0x10000000000031, 0xffffffffffffffff, 0x0)
mbind(&(0x7f0000012000/0xc00000)=nil, 0xc00000, 0x0, 0x0, 0x0, 0x2000000000002)
close(0xffffffffffffffff)
mkdir(&(0x7f00000000c0)='./file0\x00', 0x0)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)

[  919.789132][T26046] kvm [25904]: vcpu0, guest rIP: 0x10f Hyper-V uhandled wrmsr: 0x40000004 data 0x5ee7
[  919.822876][T26046] kvm [25904]: vcpu0, guest rIP: 0x10f Hyper-V uhandled wrmsr: 0x40000004 data 0x5ee7
09:55:01 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = dup3(r2, r1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_ENABLE_CAP_CPU(r5, 0x4068aea3, &(0x7f0000000380)={0x7b})
accept4(0xffffffffffffffff, &(0x7f0000000480)=@rxrpc=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x0, 0x0, @dev}}, &(0x7f0000000000)=0x80, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0)
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r5, 0xae80, 0x60182300)

[  919.863033][T26046] kvm [25904]: vcpu0, guest rIP: 0x10f Hyper-V uhandled wrmsr: 0x40000004 data 0x5ee7
09:55:01 executing program 2:
setsockopt$IP_VS_SO_SET_STARTDAEMON(0xffffffffffffffff, 0x0, 0x48b, &(0x7f00000000c0)={0x0, 'veth0_to_bond\x00'}, 0x18)
socket(0x0, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r0)
syz_open_dev$vcsn(0x0, 0x0, 0x8003)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
connect$can_bcm(0xffffffffffffffff, 0x0, 0x0)
r2 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r3 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r3, 0x4, 0x2000)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000002c0)={0xffffffffffffffff, 0xc0, &(0x7f00000003c0)={0x0, <r4=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x5, 0x7, 0x8, 0x2}, &(0x7f0000000200)=0xfff, 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000300)={r4}, 0xc)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000980)={0x0, 0xffffffffffffffff, 0x0, 0x5, &(0x7f0000000440)='f2fs\x00', r4}, 0x30)
r5 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r5, &(0x7f0000000200)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6f73a5eb7532a"], 0x6b)
sendfile(r5, r5, &(0x7f00000001c0), 0x8080fffffffe)
ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_PORT(r5, 0xc0a85352, &(0x7f0000000480)={{0x7, 0x64}, 'port0\x00', 0x1, 0x10840, 0x8, 0x7f, 0x0, 0x3, 0x0, 0x0, 0x1, 0x9})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000440)={0x0, 0xffffffffffffffff, 0x0, 0xc, &(0x7f0000000280)='eth0nodevlo\x00', r4}, 0x30)
r6 = socket$inet6(0xa, 0x3, 0x2c)
connect$inet6(r6, &(0x7f0000000180)={0xa, 0x0, 0x0, @local, 0x3}, 0x1c)
r7 = open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0)
sendfile(r6, r7, 0x0, 0x8482)
setsockopt$inet6_tcp_TCP_REPAIR_WINDOW(r7, 0x6, 0x1d, &(0x7f0000000100)={0x880c, 0x0, 0x5, 0x0, 0x1}, 0x14)
fcntl$setown(r2, 0x8, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$P9_RREADLINK(r1, &(0x7f0000000580)=ANY=[@ANYBLOB="3a258211f663a7724bdef6a53bfce1e775d740627227b11e2daf85534aa6f5083067b0248878f07a91df1acc99e664c11cbf51b4f6bff473492cfc5ead68cb6a050655a837ad411cb73394239fdd9e33efb5b63c5ff85708d8994e34841e04ec5f4962c4636b7fb34f186b86bb0467bdd13133ef429bda82f9b8e15eae491432dd2a52707c9ff05a83380901aeeba6a468acc0159117074b79e3eae14d824500eef64107f2ce8e640653058270aa2695952d83c594a125149b91f5ef4021dfcdb74078938059110bd142f3c312c6ecfa636c2567683920c19b877c0100b56a570369b4a3f1d5c222e90a05b5fbfad863ae8a14c85cf21dc7ae5e1ed8ee86c42b4c4b52f5f951d46e18aaa93e909ccf37a43455b24102c998836b67ed7064869a18b2d66a5a45630aad8094ca93f6085a68197469c0ab01a37f699b9cc9"], 0x13d)
sendfile(r1, r1, &(0x7f0000000000), 0x8080fffffffe)
r8 = socket$inet6(0xa, 0x3, 0x2c)
connect$inet6(r8, &(0x7f0000000180)={0xa, 0x0, 0x0, @local, 0x3}, 0x1c)
r9 = open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0)
sendfile(r8, r9, 0x0, 0x8482)
getsockopt$inet_pktinfo(r9, 0x0, 0x8, &(0x7f0000000040)={0x0, @loopback, @initdev}, &(0x7f0000000080)=0xc)

[  919.984310][   T26] audit: type=1804 audit(1575885301.976:970): pid=26228 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir100869913/syzkaller.GI7b3r/574/file0/bus" dev="loop1" ino=430 res=1
[  920.023090][T26046] kvm [25904]: vcpu0, guest rIP: 0x10f Hyper-V uhandled wrmsr: 0x40000004 data 0x5ee7
[  920.032955][T26046] kvm [25904]: vcpu0, guest rIP: 0x10f Hyper-V uhandled wrmsr: 0x40000004 data 0x5ee7
[  920.042722][T26046] kvm [25904]: vcpu0, guest rIP: 0x10f Hyper-V uhandled wrmsr: 0x40000004 data 0x5ee7
[  920.052342][T26046] kvm [25904]: vcpu0, guest rIP: 0x10f Hyper-V uhandled wrmsr: 0x40000004 data 0x5ee7
[  920.062187][T26046] kvm [25904]: vcpu0, guest rIP: 0x10f Hyper-V uhandled wrmsr: 0x40000004 data 0x5ee7
[  920.080232][T26046] kvm [25904]: vcpu0, guest rIP: 0x10f Hyper-V uhandled wrmsr: 0x40000004 data 0x5ee7
[  920.142969][T26220] FAT-fs (loop1): error, fat_get_cluster: invalid cluster chain (i_pos 17)
[  920.174331][   T26] audit: type=1804 audit(1575885302.076:971): pid=26180 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.1" name="/root/syzkaller-testdir100869913/syzkaller.GI7b3r/574/file0/bus" dev="loop1" ino=430 res=1
[  920.202237][T26220] FAT-fs (loop1): Filesystem has been set read-only
[  920.209430][T26220] FAT-fs (loop1): error, fat_free: invalid cluster chain (i_pos 17)
09:55:02 executing program 2:
setsockopt$IP_VS_SO_SET_STARTDAEMON(0xffffffffffffffff, 0x0, 0x48b, &(0x7f00000000c0)={0x0, 'veth0_to_bond\x00'}, 0x18)
socket(0x0, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r0)
syz_open_dev$vcsn(0x0, 0x0, 0x8003)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
connect$can_bcm(0xffffffffffffffff, 0x0, 0x0)
r2 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r3 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r3, 0x4, 0x2000)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000002c0)={0xffffffffffffffff, 0xc0, &(0x7f00000003c0)={0x0, <r4=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x5, 0x7, 0x8, 0x2}, &(0x7f0000000200)=0xfff, 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000300)={r4}, 0xc)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000980)={0x0, 0xffffffffffffffff, 0x0, 0x5, &(0x7f0000000440)='f2fs\x00', r4}, 0x30)
r5 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r5, &(0x7f0000000200)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6f73a5eb7532a"], 0x6b)
sendfile(r5, r5, &(0x7f00000001c0), 0x8080fffffffe)
ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_PORT(r5, 0xc0a85352, &(0x7f0000000480)={{0x7, 0x64}, 'port0\x00', 0x1, 0x10840, 0x8, 0x7f, 0x0, 0x3, 0x0, 0x0, 0x1, 0x9})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000440)={0x0, 0xffffffffffffffff, 0x0, 0xc, &(0x7f0000000280)='eth0nodevlo\x00', r4}, 0x30)
r6 = socket$inet6(0xa, 0x3, 0x2c)
connect$inet6(r6, &(0x7f0000000180)={0xa, 0x0, 0x0, @local, 0x3}, 0x1c)
r7 = open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0)
sendfile(r6, r7, 0x0, 0x8482)
setsockopt$inet6_tcp_TCP_REPAIR_WINDOW(r7, 0x6, 0x1d, &(0x7f0000000100)={0x880c, 0x0, 0x5, 0x0, 0x1}, 0x14)
fcntl$setown(r2, 0x8, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$P9_RREADLINK(r1, &(0x7f0000000580)=ANY=[@ANYBLOB="3a258211f663a7724bdef6a53bfce1e775d740627227b11e2daf85534aa6f5083067b0248878f07a91df1acc99e664c11cbf51b4f6bff473492cfc5ead68cb6a050655a837ad411cb73394239fdd9e33efb5b63c5ff85708d8994e34841e04ec5f4962c4636b7fb34f186b86bb0467bdd13133ef429bda82f9b8e15eae491432dd2a52707c9ff05a83380901aeeba6a468acc0159117074b79e3eae14d824500eef64107f2ce8e640653058270aa2695952d83c594a125149b91f5ef4021dfcdb74078938059110bd142f3c312c6ecfa636c2567683920c19b877c0100b56a570369b4a3f1d5c222e90a05b5fbfad863ae8a14c85cf21dc7ae5e1ed8ee86c42b4c4b52f5f951d46e18aaa93e909ccf37a43455b24102c998836b67ed7064869a18b2d66a5a45630aad8094ca93f6085a68197469c0ab01a37f699b9cc9"], 0x13d)
sendfile(r1, r1, &(0x7f0000000000), 0x8080fffffffe)
r8 = socket$inet6(0xa, 0x3, 0x2c)
connect$inet6(r8, &(0x7f0000000180)={0xa, 0x0, 0x0, @local, 0x3}, 0x1c)
r9 = open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0)
sendfile(r8, r9, 0x0, 0x8482)
getsockopt$inet_pktinfo(r9, 0x0, 0x8, &(0x7f0000000040)={0x0, @loopback, @initdev}, &(0x7f0000000080)=0xc)

09:55:02 executing program 3:
r0 = syz_open_dev$mouse(&(0x7f00000015c0)='/dev/input/mouse#\x00', 0x101, 0x80202)
pipe(&(0x7f00000006c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
close(0xffffffffffffffff)
sendmsg$nl_xfrm(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000001340)=ANY=[@ANYBLOB="f04000001a0075430000000000000000fe8000000000000000000000000000bbff0200000000000000000001800000000000730982e772f382b8000000001e7a316d8c8c1d789ddbc99e8cfaeb4240cd7c077f73790755339eac7e4f491fad5fa42261a312e06e62bd16552b44d475934ff7000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="ac1e00010000000000000000000000000000000000000000ff02000000000000000000000000000100000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000120000000000000000000000000000000000000000b20015878a77c9d5cbb5a7959fc35c342e82b9006f35b07cd3cd9b2a6f5cca7dc37c2ccb177a7e2da1d498131cd24586d2384a4d75324833904108262d2224e686c817"], 0xf0}}, 0x0)
fcntl$dupfd(r0, 0x0, 0xffffffffffffffff)
prlimit64(0x0, 0x0, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
epoll_create1(0x0)
r2 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r2, 0x4, 0x42000)
mmap(&(0x7f000005b000/0x4000)=nil, 0x4000, 0x0, 0x10000000000031, 0xffffffffffffffff, 0x0)
mbind(&(0x7f0000012000/0xc00000)=nil, 0xc00000, 0x0, 0x0, 0x0, 0x2000000000002)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000340)='memory.events\x000Y\b/\xe5I\xdd\xdd/fu7\xc6{\x06\xa2\bW]\x05\x7f\xfa\xc3\xed\xbdA~\xb1\xb0+\x1dw{\x12\xd8p\xf9\xd0s\xc2jP\xdd\xca\x9e\x1f\xe8\xe3\xce\xc7\x05\xf7s\xd6\x19\xadj\x90N\\\xf3\x86\xbb\xa9}\x9feIM\xbb\xb7b\vc\xe1c\xf6~}\x0f\xa9\x92x&T\xe7\xc8o\xaa\x86\xfa\xee\xda`H\x87\v\x04b\xc5\x9f%\xd6N\vR^\x13\x84\xddE\xe9', 0x7a05, 0x1700)
write$cgroup_subtree(r3, &(0x7f0000000000)=ANY=[], 0x0)
perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x2da8020000100000, 0x500001c)
openat$cgroup_int(0xffffffffffffffff, 0x0, 0x2, 0x0)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[], 0x0)
socket$kcm(0xa, 0x3, 0x11)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0xa)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
r5 = socket$kcm(0x10, 0x803, 0x0)
sendmsg$kcm(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f00000017c0)="23000000560081aee4f80b00000f00fe078bc36f16000072fd670c87594d0063dac37b", 0x23}], 0x1}, 0x0)
recvmsg$kcm(r5, &(0x7f0000001480)={0x0, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f00000002c0)={0x0, 0x70, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0xfffffffffffffff9, 0x5, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x266, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x2, @perf_bp={0x0}, 0x200, 0x0, 0x3}, 0xffffffffffffffff, 0x0, r4, 0x0)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000580)={[{0x0, 'io'}, {0x6, 'pids'}]}, 0xa)
r6 = socket$kcm(0x10, 0x2, 0x10)
setsockopt$sock_attach_bpf(r6, 0x1, 0x32, &(0x7f0000000040), 0x4)
bpf$BPF_GET_BTF_INFO(0xf, 0x0, 0x0)

09:55:02 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000000380)={0x7b, 0x0, [0x800000000000000, 0x0, 0x0, 0xffffffffffffffff]})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  920.432041][T26229] FAT-fs (loop5): error, fat_get_cluster: invalid cluster chain (i_pos 17)
09:55:02 executing program 1:
setsockopt$IP_VS_SO_SET_STARTDAEMON(0xffffffffffffffff, 0x0, 0x48b, &(0x7f00000000c0)={0x0, 'veth0_to_bond\x00'}, 0x18)
socket(0x0, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r0)
syz_open_dev$vcsn(0x0, 0x0, 0x8003)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
connect$can_bcm(0xffffffffffffffff, 0x0, 0x0)
r2 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r3 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r3, 0x4, 0x2000)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000002c0)={0xffffffffffffffff, 0xc0, &(0x7f00000003c0)={0x0, <r4=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x5, 0x7, 0x8, 0x2}, &(0x7f0000000200)=0xfff, 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000300)={r4}, 0xc)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000100)=<r5=>0x0)
perf_event_open(&(0x7f0000000340)={0x3, 0x70, 0x9, 0x7, 0x4, 0x9, 0x0, 0x6, 0x30300, 0x4, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x2, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x40, 0xd, @perf_config_ext={0x7, 0x7f}, 0x40, 0x5, 0x9548, 0x6, 0xede, 0x9, 0x5}, r5, 0xe, 0xffffffffffffffff, 0x1)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000980)={0x0, 0xffffffffffffffff, 0x0, 0x5, &(0x7f0000000440)='f2fs\x00', r4}, 0x30)
r6 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r6, &(0x7f0000000200)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6f73a5eb7532a"], 0x6b)
sendfile(r6, r6, &(0x7f00000001c0), 0x8080fffffffe)
ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_PORT(r6, 0xc0a85352, &(0x7f0000000480)={{0x7, 0x64}, 'port0\x00', 0x1, 0x10840, 0x8, 0x7f, 0x0, 0x3, 0x0, 0x0, 0x1, 0x9})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000440)={0x0, 0xffffffffffffffff, 0x0, 0xc, &(0x7f0000000280)='eth0nodevlo\x00', r4}, 0x30)
fcntl$setown(r2, 0x8, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$P9_RREADLINK(r1, &(0x7f00000006c0)=ANY=[@ANYBLOB="3a258211f663a7724bdef6a53bfce1e775d740627227b11e2daf85534aa6f5083067b0a998ac317a91df1acc99e664c1de9d56ec73cfdcd1492cfc5ead68cb6a050655a837ad411cb73394239fdd9e33efb5b63c5ff85708d8994e34841e04ec5f4962c4636b7fb34f186b86bb0467bdd13133ef429bda82f9b8e15eae491432dd2a52707c9ff05a83380901aeeba6a468acc0159117074b79e3eae14d824500eef64107f2ce8e6406530582902e70aa2695952d83c594a125149b91f5ef4021dfcdb740789380bfdc321e436659110bd142f3c312c6ecfa636c2567683920c19b877c0100b56a570369b4a3f1d5c222e90a05b5fbfad863ae8a14c85cf21dc7ae5e1ed8ee86c42b4c4b52f5f951d46e18aaa93e909ccf37a43455b24102c998836b67ca7064869a18b2d66a5a45630aad8094ca93f6085a68197469c0ab01"], 0x13d)
sendfile(r1, r1, &(0x7f0000000000), 0x8080fffffffe)
r7 = socket$inet6(0xa, 0x3, 0x2c)
connect$inet6(r7, &(0x7f0000000180)={0xa, 0x0, 0x0, @local, 0x3}, 0x1c)
r8 = open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0)
sendfile(r7, r8, 0x0, 0x8482)
getsockopt$inet_pktinfo(r8, 0x0, 0x8, &(0x7f0000000040)={0x0, @loopback, @initdev}, &(0x7f0000000080)=0xc)

09:55:02 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = dup3(r2, r1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_ENABLE_CAP_CPU(r5, 0x4068aea3, &(0x7f0000000380)={0x7b})
accept4(0xffffffffffffffff, &(0x7f0000000480)=@rxrpc=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x0, 0x0, @dev}}, &(0x7f0000000000)=0x80, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0)
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r5, 0xae80, 0x80040000)

[  920.558260][T26229] FAT-fs (loop5): Filesystem has been set read-only
[  920.597795][T26229] FAT-fs (loop5): error, fat_free: invalid cluster chain (i_pos 17)
09:55:02 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = dup3(r2, r1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_ENABLE_CAP_CPU(r5, 0x4068aea3, &(0x7f0000000380)={0x7b})
accept4(0xffffffffffffffff, &(0x7f0000000480)=@rxrpc=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x0, 0x0, @dev}}, &(0x7f0000000000)=0x80, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0)
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r5, 0xae80, 0xe8030000)

[  920.801985][T26555] kvm_hv_get_msr: 20 callbacks suppressed
[  920.802001][T26555] kvm [26546]: vcpu0, guest rIP: 0x4a Hyper-V unhandled rdmsr: 0x4000008c
09:55:02 executing program 2:
setsockopt$IP_VS_SO_SET_STARTDAEMON(0xffffffffffffffff, 0x0, 0x48b, &(0x7f00000000c0)={0x0, 'veth0_to_bond\x00'}, 0x18)
socket(0x0, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r0)
syz_open_dev$vcsn(0x0, 0x0, 0x8003)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
connect$can_bcm(0xffffffffffffffff, 0x0, 0x0)
r2 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r3 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r3, 0x4, 0x2000)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000002c0)={0xffffffffffffffff, 0xc0, &(0x7f00000003c0)={0x0, <r4=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x5, 0x7, 0x8, 0x2}, &(0x7f0000000200)=0xfff, 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000300)={r4}, 0xc)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000980)={0x0, 0xffffffffffffffff, 0x0, 0x5, &(0x7f0000000440)='f2fs\x00', r4}, 0x30)
r5 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r5, &(0x7f0000000200)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6f73a5eb7532a"], 0x6b)
sendfile(r5, r5, &(0x7f00000001c0), 0x8080fffffffe)
ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_PORT(r5, 0xc0a85352, &(0x7f0000000480)={{0x7, 0x64}, 'port0\x00', 0x1, 0x10840, 0x8, 0x7f, 0x0, 0x3, 0x0, 0x0, 0x1, 0x9})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000440)={0x0, 0xffffffffffffffff, 0x0, 0xc, &(0x7f0000000280)='eth0nodevlo\x00', r4}, 0x30)
r6 = socket$inet6(0xa, 0x3, 0x2c)
connect$inet6(r6, &(0x7f0000000180)={0xa, 0x0, 0x0, @local, 0x3}, 0x1c)
r7 = open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0)
sendfile(r6, r7, 0x0, 0x8482)
setsockopt$inet6_tcp_TCP_REPAIR_WINDOW(r7, 0x6, 0x1d, &(0x7f0000000100)={0x880c, 0x0, 0x5, 0x0, 0x1}, 0x14)
fcntl$setown(r2, 0x8, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$P9_RREADLINK(r1, &(0x7f0000000580)=ANY=[@ANYBLOB="3a258211f663a7724bdef6a53bfce1e775d740627227b11e2daf85534aa6f5083067b0248878f07a91df1acc99e664c11cbf51b4f6bff473492cfc5ead68cb6a050655a837ad411cb73394239fdd9e33efb5b63c5ff85708d8994e34841e04ec5f4962c4636b7fb34f186b86bb0467bdd13133ef429bda82f9b8e15eae491432dd2a52707c9ff05a83380901aeeba6a468acc0159117074b79e3eae14d824500eef64107f2ce8e640653058270aa2695952d83c594a125149b91f5ef4021dfcdb74078938059110bd142f3c312c6ecfa636c2567683920c19b877c0100b56a570369b4a3f1d5c222e90a05b5fbfad863ae8a14c85cf21dc7ae5e1ed8ee86c42b4c4b52f5f951d46e18aaa93e909ccf37a43455b24102c998836b67ed7064869a18b2d66a5a45630aad8094ca93f6085a68197469c0ab01a37f699b9cc9"], 0x13d)
sendfile(r1, r1, &(0x7f0000000000), 0x8080fffffffe)
r8 = socket$inet6(0xa, 0x3, 0x2c)
connect$inet6(r8, &(0x7f0000000180)={0xa, 0x0, 0x0, @local, 0x3}, 0x1c)
r9 = open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0)
sendfile(r8, r9, 0x0, 0x8482)
getsockopt$inet_pktinfo(r9, 0x0, 0x8, &(0x7f0000000040)={0x0, @loopback, @initdev}, &(0x7f0000000080)=0xc)

09:55:02 executing program 5:
setsockopt$IP_VS_SO_SET_STARTDAEMON(0xffffffffffffffff, 0x0, 0x48b, &(0x7f00000000c0)={0x0, 'veth0_to_bond\x00'}, 0x18)
socket(0x0, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r0)
syz_open_dev$vcsn(0x0, 0x0, 0x8003)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
connect$can_bcm(0xffffffffffffffff, 0x0, 0x0)
r2 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r3 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r3, 0x4, 0x2000)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000002c0)={0xffffffffffffffff, 0xc0, &(0x7f00000003c0)={0x0, <r4=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x5, 0x7, 0x8, 0x2}, &(0x7f0000000200)=0xfff, 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000300)={r4}, 0xc)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000980)={0x0, 0xffffffffffffffff, 0x0, 0x5, &(0x7f0000000440)='f2fs\x00', r4}, 0x30)
r5 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r5, &(0x7f0000000200)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6f73a5eb7532a"], 0x6b)
sendfile(r5, r5, &(0x7f00000001c0), 0x8080fffffffe)
ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_PORT(r5, 0xc0a85352, &(0x7f0000000480)={{0x7, 0x64}, 'port0\x00', 0x1, 0x10840, 0x8, 0x7f, 0x0, 0x3, 0x0, 0x0, 0x1, 0x9})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000440)={0x0, 0xffffffffffffffff, 0x0, 0xc, &(0x7f0000000280)='eth0nodevlo\x00', r4}, 0x30)
fcntl$setown(r2, 0x8, 0x0)
r6 = socket$rxrpc(0x21, 0x2, 0x0)
fcntl$setstatus(r6, 0x4, 0x40000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$P9_RREADLINK(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="3a258211f663a7724bdef6a53bfce1f5083067b0248878f07a91df1acc99e664c11cbf51b4f6bff473492cfc5ead68cb6a050655a837ad411cb73394239fdd9e33efb5b63c5ff85708d8994e34841e04ec5f4962c4636b7fb34f186b86bb0467bdd13133ef429bda82f9b8e15eae491432dd2a52707c9ff05a83380901aeeba6a468acc0159117074b79e3eae14d824500eef64107f2ce8e640653058270aa2695952d83c594a125149b91f5ef4021dfcdb74078938059110bd142f3c394c6ecfa636c2567683920c19b877c0100b56a570369b4a3f1d5c222e90a05b5fbfad863ae8a14c85cf21dc7ae5e1ed8ee86c42b4c4b52f5f951d46e18aaa93e909ccf37a43455b24102c998836b67ed7064869a18b2d66a5a45630aad8094ca93f6085a68197469c0ab01a37f699b9cc9ecf58e2c112e03edf349ca63f0e54d4eef0ff18108b020834f0ee77f8cc42be0d56c72f5cfc721387be223c26ae7f75ed6961107fba1ee587cadf827885ed0a8d69f3606d54b78a06314ad2c0266329d3f9a14770cb65366fce5053c48c76c7a71ac39b66fc9fbbb7db70d24a8779e519d22ba4d13361dde269ce36d31a287368521c812c01f485f21d7c207d075a6200f2cf7228a5e11e1197e81a23c20bb4162e629bedb1d5257c4ce830e96d465a7e79a0ab6f37d00"/499], 0x13d)
sendfile(r1, r1, &(0x7f0000000000), 0x8080fffffffe)
r7 = socket$inet6(0xa, 0x3, 0x2c)
connect$inet6(r7, &(0x7f0000000180)={0xa, 0x0, 0x0, @local, 0x3}, 0x1c)
r8 = open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0)
sendfile(r7, r8, 0x0, 0x8482)
getsockopt$inet_pktinfo(r8, 0x0, 0x8, &(0x7f0000000040)={0x0, @loopback, @initdev}, &(0x7f0000000080)=0xc)

[  920.893018][T26555] kvm [26546]: vcpu0, guest rIP: 0x4a Hyper-V unhandled rdmsr: 0x40000087
[  920.918144][T26555] kvm [26546]: vcpu0, guest rIP: 0x4a Hyper-V unhandled rdmsr: 0x4000007d
[  920.927553][T26555] kvm [26546]: vcpu0, guest rIP: 0x4a Hyper-V unhandled rdmsr: 0x40000078
[  920.943254][T26555] kvm [26546]: vcpu0, guest rIP: 0x4a Hyper-V unhandled rdmsr: 0x4000006e
[  920.970434][T26555] kvm [26546]: vcpu0, guest rIP: 0x4a Hyper-V unhandled rdmsr: 0x40000069
[  920.999499][T26555] kvm [26546]: vcpu0, guest rIP: 0x4a Hyper-V unhandled rdmsr: 0x40000064
[  921.113240][T26555] kvm [26546]: vcpu0, guest rIP: 0x4a Hyper-V unhandled rdmsr: 0x4000005f
[  921.216325][T26555] kvm [26546]: vcpu0, guest rIP: 0x4a Hyper-V unhandled rdmsr: 0x4000005a
[  921.235732][T26555] kvm [26546]: vcpu0, guest rIP: 0x4a Hyper-V unhandled rdmsr: 0x40000055
09:55:03 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000)={<r2=>0xffffffffffffffff})
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
rt_sigaction(0x7, &(0x7f00000009c0)={&(0x7f0000000400)="c4c261ae1b6711ab00000000c4017850ddc4410ddc5d69f20f1f00646666400f6b1e410f1818c402791d34fd36f90000f0408198b000000007000000660fc5ef9f", {0x3}, 0xcec6bf53849f54fc, &(0x7f0000000480)="c423916bef6ac481f5fd53c5c4427d13b783b5ceeecff0816a0000008020f2abc4a2adb8690440d1e5c4c2e5b8717fc483fd79d784"}, &(0x7f0000000ac0)={&(0x7f0000000a00)="660f382904b50ef0ffff2e3ef30f2d8ff1070000660f2f61db47691b000000000ffd48ac26f30f2cb186550000d2810f00000040729c440f01f9f20f1a8e01000000", {}, 0x0, &(0x7f0000000a80)="66420f5a3f8f295801d16744dcfa42de2cd740740fc421b9f4573af30fbc2243ff1d00000000c44301685d05512e66430faef6"}, 0x8, &(0x7f0000000b00))
ioctl$KVM_ENABLE_CAP_CPU(r3, 0x4068aea3, &(0x7f0000000380)={0x7b})
r4 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r4, 0x4, 0x42000)
getpeername(r2, &(0x7f00000007c0)=@pppol2tp={0x18, 0x1, {0x0, <r5=>0xffffffffffffffff, {0x2, 0x0, @initdev}}}, &(0x7f0000000840)=0x80)
getsockopt$inet_mreqn(r5, 0x0, 0xc6532e926443aff5, &(0x7f0000000880)={@dev, @broadcast}, &(0x7f00000008c0)=0xc)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000000b40)=ANY=[@ANYBLOB="bf160000b7ff0000b7070000010000004870000000000000bc7000000000000095000000000000005213e4bd5061a27b7c790a7fa4afe2ab58a23e097d213800d9e0b7e4ff3718cdff2a2e8d4073bfebf24baa9471293249230355a5b9925cc1317fb7678a02a14c53b288e6c744b763df656a68864d155b427f15ca0449362e690d7e79787fe12e56e9e1d601010000000000006f85e788d012e4a36f6133656c33803aea873112f39fff1502373907f8bfe90bfb9c6dc1ccfa95102cbb7003fc00004600e4f3cc057a07"], &(0x7f0000000140)='vS\xfdIG|\x8aL[\xf2\'\x9c\xea\xb1\xc0\xb1\x19\x91\x9d/Q\xd9\xe3T\xce\xdax;\x02%\xc5\x1c\xd5GA\xad[(\xbblZ\x01\x1dF\x92#]%sj\xd0i\xc6C\x1f&\xe2\xc5\xa5z\x7f\xe1 \xfb\xc27\x03\x84\x8e\xef\x82-\xfc$$\xaf\v\xbd\x95\x1e\x0f\xbeVI\xec\r!\f\x86\xf5\xfb[Y\x1e\xd4\xdfc\xb1\xc8\xa2\xc1/5\xffr\x1f\x80@\xb8F\xea\xde\x93\xa1\xcb6\xee\xf2\xce\x95\xf2\xfdxR\x17F\xad\xc1~\xa2\x97=O^o\"\xbb\xa8\x9746'}, 0x48)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000740)={r6, 0xc0, &(0x7f0000000200)={0x0, <r7=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000001c0)={0x0, r4, 0x0, 0x5, &(0x7f0000000040)='.em0\x00', r7}, 0x30)
r8 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x4000000105042, 0x0)
write(r8, &(0x7f0000000200)="fdf01ae741043030219708b2e9a22414e8d9058cf44eecab83b2d28ce64965047f8122da91f2e47e046e9fc35c2d106b78bb06f5b13160ed8a0a91995e8bbea8ac66f5be7c659e654eb9a9efdeefbc8d4a0fcd31a782ec5ae3041b5f8e3a500e264144e3a5619c3a4a9f4cb16916f8910013ffc1345747a696f594e72965e81a225914af246f9a4584f20ec6b6135a9e5632230520a7bc370d9291675212ad7eb5673a1c4d7d03c415df3aab729ca15c3322d4b94626a6e508f5f2adf8f408b6799166f31c4e87ccdc3189b590ffba8b409111c7f6d36aae697d578d8024684647314eb25ee33f8392b42e5ecef3b52e19ebf6f1028cb8dcc54a11dd11b8adbb532b99d457453fbe3277a0c98672a9566c339311a4c007a143106f15054e01cafdcf6f9c6a17fb9ca3362a3a01cfedc8dbfe8bffa12dd17ba0be258156d1b4ef6f136711e49103776540bb986882aba0b7cff4e0102b105f9bea091a1b037373fcdc9f1fadfa9d21ff8f42156f74694d55058084ad477ce6c8bf47641c64d1cfe008025d87e5a02d3eba8d253e30062bdc7fe046bd590131d17ccc73a5ea27c8fb4bf752965f16301176416f440d11db988ad92726c693c5aa5b3ca28bc31ced72d0f4d12cb03fb261fe08e79e78f7aad21dc40cd694ec6e2bcb97be1c67fe59a6564924aaaa280aa94e04b9cb05bb8a0325a5d65f16cd0f8f09286a07382dce", 0x2fde00)
r9 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x6000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x200000000000df8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r10 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x11, r10, 0x0)
ioctl$PERF_EVENT_IOC_SET_OUTPUT(r9, 0x2405, r10)
fcntl$dupfd(r8, 0x406, r10)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000004c0)={0xffffffffffffffff, 0xc0, &(0x7f0000000900)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000100)=0x1f, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x4, 0x1}, 0x0, 0x0, &(0x7f0000000180)={0x2, 0x10, 0x4, 0x1ce}, &(0x7f0000000200)=0x9, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000280)=0x9}}, 0x10)
r11 = getpgrp(0x0)
r12 = syz_open_dev$mice(&(0x7f0000000540)='/dev/input/mice\x00', 0x0, 0x10d281)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000780)={0xffffffffffffffff, 0xc0, &(0x7f00000006c0)={0x0, <r13=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000580)=0x4, 0x0, 0x0, 0x0, &(0x7f00000005c0)={0x5, 0x1}, 0x0, 0x0, &(0x7f0000000600)={0x5, 0xe, 0x37, 0x6}, &(0x7f0000000640)=0x8001, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000680)=0x8}}, 0x10)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000500)={r11, r12, 0x0, 0xffba, 0x0, r13}, 0x2ff)
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

09:55:03 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = dup3(r2, r1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_ENABLE_CAP_CPU(r5, 0x4068aea3, &(0x7f0000000380)={0x7b})
accept4(0xffffffffffffffff, &(0x7f0000000480)=@rxrpc=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x0, 0x0, @dev}}, &(0x7f0000000000)=0x80, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0)
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r5, 0xae80, 0xffff8000)

[  921.499228][T27083] FAT-fs (loop5): error, fat_get_cluster: invalid cluster chain (i_pos 17)
[  921.509693][T27083] FAT-fs (loop5): Filesystem has been set read-only
[  921.582883][T27083] FAT-fs (loop5): error, fat_free: invalid cluster chain (i_pos 17)
09:55:03 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000)={<r2=>0xffffffffffffffff})
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
rt_sigaction(0x7, &(0x7f00000009c0)={&(0x7f0000000400)="c4c261ae1b6711ab00000000c4017850ddc4410ddc5d69f20f1f00646666400f6b1e410f1818c402791d34fd36f90000f0408198b000000007000000660fc5ef9f", {0x3}, 0xcec6bf53849f54fc, &(0x7f0000000480)="c423916bef6ac481f5fd53c5c4427d13b783b5ceeecff0816a0000008020f2abc4a2adb8690440d1e5c4c2e5b8717fc483fd79d784"}, &(0x7f0000000ac0)={&(0x7f0000000a00)="660f382904b50ef0ffff2e3ef30f2d8ff1070000660f2f61db47691b000000000ffd48ac26f30f2cb186550000d2810f00000040729c440f01f9f20f1a8e01000000", {}, 0x0, &(0x7f0000000a80)="66420f5a3f8f295801d16744dcfa42de2cd740740fc421b9f4573af30fbc2243ff1d00000000c44301685d05512e66430faef6"}, 0x8, &(0x7f0000000b00))
ioctl$KVM_ENABLE_CAP_CPU(r3, 0x4068aea3, &(0x7f0000000380)={0x7b})
r4 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r4, 0x4, 0x42000)
getpeername(r2, &(0x7f00000007c0)=@pppol2tp={0x18, 0x1, {0x0, <r5=>0xffffffffffffffff, {0x2, 0x0, @initdev}}}, &(0x7f0000000840)=0x80)
getsockopt$inet_mreqn(r5, 0x0, 0xc6532e926443aff5, &(0x7f0000000880)={@dev, @broadcast}, &(0x7f00000008c0)=0xc)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000000b40)=ANY=[@ANYBLOB="bf160000b7ff0000b7070000010000004870000000000000bc7000000000000095000000000000005213e4bd5061a27b7c790a7fa4afe2ab58a23e097d213800d9e0b7e4ff3718cdff2a2e8d4073bfebf24baa9471293249230355a5b9925cc1317fb7678a02a14c53b288e6c744b763df656a68864d155b427f15ca0449362e690d7e79787fe12e56e9e1d601010000000000006f85e788d012e4a36f6133656c33803aea873112f39fff1502373907f8bfe90bfb9c6dc1ccfa95102cbb7003fc00004600e4f3cc057a07"], &(0x7f0000000140)='vS\xfdIG|\x8aL[\xf2\'\x9c\xea\xb1\xc0\xb1\x19\x91\x9d/Q\xd9\xe3T\xce\xdax;\x02%\xc5\x1c\xd5GA\xad[(\xbblZ\x01\x1dF\x92#]%sj\xd0i\xc6C\x1f&\xe2\xc5\xa5z\x7f\xe1 \xfb\xc27\x03\x84\x8e\xef\x82-\xfc$$\xaf\v\xbd\x95\x1e\x0f\xbeVI\xec\r!\f\x86\xf5\xfb[Y\x1e\xd4\xdfc\xb1\xc8\xa2\xc1/5\xffr\x1f\x80@\xb8F\xea\xde\x93\xa1\xcb6\xee\xf2\xce\x95\xf2\xfdxR\x17F\xad\xc1~\xa2\x97=O^o\"\xbb\xa8\x9746'}, 0x48)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000740)={r6, 0xc0, &(0x7f0000000200)={0x0, <r7=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000001c0)={0x0, r4, 0x0, 0x5, &(0x7f0000000040)='.em0\x00', r7}, 0x30)
r8 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x4000000105042, 0x0)
write(r8, &(0x7f0000000200)="fdf01ae741043030219708b2e9a22414e8d9058cf44eecab83b2d28ce64965047f8122da91f2e47e046e9fc35c2d106b78bb06f5b13160ed8a0a91995e8bbea8ac66f5be7c659e654eb9a9efdeefbc8d4a0fcd31a782ec5ae3041b5f8e3a500e264144e3a5619c3a4a9f4cb16916f8910013ffc1345747a696f594e72965e81a225914af246f9a4584f20ec6b6135a9e5632230520a7bc370d9291675212ad7eb5673a1c4d7d03c415df3aab729ca15c3322d4b94626a6e508f5f2adf8f408b6799166f31c4e87ccdc3189b590ffba8b409111c7f6d36aae697d578d8024684647314eb25ee33f8392b42e5ecef3b52e19ebf6f1028cb8dcc54a11dd11b8adbb532b99d457453fbe3277a0c98672a9566c339311a4c007a143106f15054e01cafdcf6f9c6a17fb9ca3362a3a01cfedc8dbfe8bffa12dd17ba0be258156d1b4ef6f136711e49103776540bb986882aba0b7cff4e0102b105f9bea091a1b037373fcdc9f1fadfa9d21ff8f42156f74694d55058084ad477ce6c8bf47641c64d1cfe008025d87e5a02d3eba8d253e30062bdc7fe046bd590131d17ccc73a5ea27c8fb4bf752965f16301176416f440d11db988ad92726c693c5aa5b3ca28bc31ced72d0f4d12cb03fb261fe08e79e78f7aad21dc40cd694ec6e2bcb97be1c67fe59a6564924aaaa280aa94e04b9cb05bb8a0325a5d65f16cd0f8f09286a07382dce", 0x2fde00)
r9 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x6000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x200000000000df8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r10 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x11, r10, 0x0)
ioctl$PERF_EVENT_IOC_SET_OUTPUT(r9, 0x2405, r10)
fcntl$dupfd(r8, 0x406, r10)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000004c0)={0xffffffffffffffff, 0xc0, &(0x7f0000000900)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000100)=0x1f, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x4, 0x1}, 0x0, 0x0, &(0x7f0000000180)={0x2, 0x10, 0x4, 0x1ce}, &(0x7f0000000200)=0x9, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000280)=0x9}}, 0x10)
r11 = getpgrp(0x0)
r12 = syz_open_dev$mice(&(0x7f0000000540)='/dev/input/mice\x00', 0x0, 0x10d281)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000780)={0xffffffffffffffff, 0xc0, &(0x7f00000006c0)={0x0, <r13=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000580)=0x4, 0x0, 0x0, 0x0, &(0x7f00000005c0)={0x5, 0x1}, 0x0, 0x0, &(0x7f0000000600)={0x5, 0xe, 0x37, 0x6}, &(0x7f0000000640)=0x8001, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000680)=0x8}}, 0x10)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000500)={r11, r12, 0x0, 0xffba, 0x0, r13}, 0x2ff)
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

09:55:03 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000000380)={0x7b})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30)
ioctl$KVM_DEASSIGN_DEV_IRQ(r1, 0x4040ae75, &(0x7f0000000080)={0x1, 0xfffffeff, 0x6, 0x600})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
r3 = openat$ttynull(0xffffffffffffff9c, &(0x7f0000000140)='/dev/ttynull\x00', 0x22a00, 0x0)
ioctl$PIO_FONTX(r3, 0x4b6c, &(0x7f0000000180)={0xe6, 0xb, &(0x7f0000000400)="43f9957d50988036028c5997461a4fde3db5f0520b8503741bfad889884f42b3b17271549f77a748a57c39a2c3e0b2b31ca99bbc3eaa638d9adc10625fd87cee0e56a62beec460c9b63fab8ad555b0fb9a83ade437ee14d65d0b07327acbfe6bec62c3ba1048537f411747cafc86e1e4fe21e02fa64592cab35c8c49845045dbb9f0a5b6c7990f435bcd5ae96d97a92938ad07b1771104be35386f1388754af82156e9cfd7279773d0d00141cc687a9acc4595bf7f575b00fa8881cb04ea67ca3a0f3a97773eeb96eb78ea197ddc32eaa5460bd1694acfa8b1406b6aeebda7be6bdb5f40c6c04556cb1f5da83c5fd599c3638c36748559ac344b8ade2cd900f4bbbfb85a25e49f499924dcb94ebef409ea59bc9f9687dc6e8857db0914b6540a9da98d00636b2c0bd3dca2de4ad5153f11e1b1a30928f4ce808f2865b66159f42c1deb1e045a45557598708c92c414993f94e8720614242c4d9048ed996260c036e0762425a270c8f9cc8119f6fe5941fa0885c521808179c76be938e63f830d5ba8750eb7e74fa90b3fe9c87fa8f0c81a18472ae1802d71078be2f20d25dedd181996c54e72b780bc678d7f74d7a113a32d1c133d137f48b7a852c1d31cb54b63890573416a7479168fdf540b5f302a7ed66b99e9ef3faed6432a1c9abe81eba36d970b5985fadb373d042c37cfcd926ca1b01c44970fbc1894513d77c12e479f0b054f5f63c199181632a98fcc9ac6e3f186989da1f3e057eb75bcca8808f46777f4a308365317475bb89adce76076557ca5cf3aef2c2536215ae551034bd4fd26e76920c79fc4f1d4bca8a9aa080dedc08584ec2691c200a6dbd1803d815793d411390a864a27b8a7278f07e9409e76273282aa28168bc3d2560a6939b20ab36c5c243dc8c827f6000dad1899f2a0b6f764b4b81a74ea861ba249a1fc96fe1ec14436ee4149e3b0b316b748be207960c6fdcdb46249148bc399084a72438e7666e82d5b9093c060ff734f48b401b36d43b8abb8d33427d5a2d964a5513aea1b238d3233f8339b7b302c97b343e8ba99aa1e0f1c5d442f13a7518da182c8eee856718844db0be08c19d61ea5f25bfb8d35ca85a7bb63bb2199e13694f697d4d61e88fdd78938de584204f298fc73ae3b72485eedd7df0458b3c5a75783a6cb51b4bc6c908045f74594c99645279d0f378a5c5bee7974d4107cb2e981a99fc3cca51bab698b702ae6dd60299074476cb15074a8c0e6f5d37e94b03b455bf4de48032796edd633e96765b0a1df7e79c3ec650f664d329649b71f66c30e728e1ebda216690efe70ea82f7a7350db696d59307334a4b136e9774f8a0b019a97e5759d7eb2270252b42e10ddd9006a4b43d97fb2c09addc0a5b2c49375a8eccc25d5ce2527092087d3f67bf6a590c95195503634e6eb2606a3b275d233abc922100"})
r4 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r4, &(0x7f0000000200)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189eedddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f00007a7519e4053ac302a6a3a098120488ff4ad8c254b6f7b7532a58a3"], 0x6b)
sendfile(r4, r4, &(0x7f00000001c0), 0x8080fffffffe)
r5 = gettid()
tkill(r5, 0x1000000000016)
write$cgroup_pid(r4, &(0x7f0000000100)=r5, 0x12)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  921.786500][   T26] kauditd_printk_skb: 3 callbacks suppressed
[  921.786520][   T26] audit: type=1804 audit(1575885303.776:975): pid=27198 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir100869913/syzkaller.GI7b3r/575/file0/bus" dev="sda1" ino=16611 res=1
[  921.964765][   T26] audit: type=1804 audit(1575885303.896:976): pid=26979 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir334181620/syzkaller.4JfTNJ/860/file0/bus" dev="loop5" ino=431 res=1
09:55:04 executing program 1:
setsockopt$IP_VS_SO_SET_STARTDAEMON(0xffffffffffffffff, 0x0, 0x48b, &(0x7f00000000c0)={0x0, 'veth0_to_bond\x00'}, 0x18)
socket(0x0, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r0)
syz_open_dev$vcsn(0x0, 0x0, 0x8003)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
connect$can_bcm(0xffffffffffffffff, 0x0, 0x0)
r2 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r3 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x1}, 0x0, 0x80}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r3, 0x4, 0x2000)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000002c0)={0xffffffffffffffff, 0xc0, &(0x7f00000003c0)={0x0, <r4=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x5, 0x7, 0x8, 0x2}, &(0x7f0000000200)=0xfff, 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000300)={r4}, 0xc)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000980)={0x0, 0xffffffffffffffff, 0x0, 0x5, &(0x7f0000000440)='f2fs\x00', r4}, 0x30)
r5 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r5, &(0x7f0000000200)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6f73a5eb7532a"], 0x6b)
sendfile(r5, r5, &(0x7f00000001c0), 0x8080fffffffe)
ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_PORT(r5, 0xc0a85352, &(0x7f0000000480)={{0x7, 0x64}, 'port0\x00', 0x1, 0x10840, 0x8, 0x7f, 0x0, 0x3, 0x0, 0x0, 0x1, 0x9})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000440)={0x0, 0xffffffffffffffff, 0x0, 0xc, &(0x7f0000000280)='eth0nodevlo\x00', r4}, 0x30)
fcntl$setown(r2, 0x8, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$P9_RREADLINK(r1, &(0x7f0000000580)=ANY=[@ANYBLOB="3a258211f663a7724bdef6a53bfce1e775d740627227b11e2daf85534aa6f5083067b0248878f07a91df1acc99e664c11cbf51b4f6bff473492cfc5ead68cb6a050655a837ad411cb73394239fdd9e33efb5b63c5ff85708d8994e34841e04ec5f4962c4636b7fb34f186b86bb0467bdd13133ef429bda82f9b8e15eae491432dd2a52707c9ff05a83380901aeeba6a468acc0159117074b79e3eae14d824500eef64107f2ce8e640653058270aa2695952d83c594a125149b91f5ef4021dfcdb74078938059110bd142f3c312c6ecfa636c2567683920c19b877c0100b56a570369b4a3f1d5c222e90a05b5fbfad863ae8a14c85cf21dc7ae5e1ed8ee86c42b4c4b52f5f951d46e18aaa93e909ccf37a43455b24102c998836b67ed7064869a18b2d66a5a45630aad8094ca93f6085a68197469c0ab01a37f699b9cc9"], 0x13d)
sendfile(r1, r1, &(0x7f0000000000), 0x8080fffffffe)
r6 = socket$inet6(0xa, 0x3, 0x2c)
connect$inet6(r6, &(0x7f0000000180)={0xa, 0x0, 0x0, @local, 0x3}, 0x1c)
r7 = open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0)
sendfile(r6, r7, 0x0, 0x8482)
getsockopt$inet_pktinfo(r7, 0x0, 0x8, &(0x7f0000000040)={0x0, @loopback, @initdev}, &(0x7f0000000080)=0xc)

09:55:04 executing program 3:
r0 = openat$dlm_monitor(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dlm-monitor\x00', 0x121103, 0x0)
ioctl$VIDIOC_G_DV_TIMINGS(r0, 0xc0845658, &(0x7f0000000100)={0x0, @reserved})
r1 = syz_open_dev$mouse(&(0x7f00000015c0)='/dev/input/mouse#\x00', 0x101, 0x80202)
pipe(&(0x7f00000006c0)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
close(0xffffffffffffffff)
sendmsg$nl_xfrm(r2, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000480)=ANY=[@ANYBLOB="f04000001a0075430000000000000000fe8000000000000000000000000000bbff0200000000000000000001800000000000730982e772f382b8000000001e7a316d8c8c1d789ddbc99e8cfaeb4240cd7c077f73790755339eac7e4f491fad5fa42261a312e06e62bd16552b44d475934ff7000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="ac1e00010000000000000000000000000000000000000000ff020000000000000000000000000001000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000000120000000000000000000000000000000000000000b20015878a77c9d5cbb5a7959fc35c342e82b9006f35b07cd3cd9b2a6f5cca7dc37c2ccb177a7e2da1d498131cd24586d2384a4d75324833904108262d2224e686c817379be19d1252e8edb0923e7365c8056bcc517ef459fd2f9be4383e66e64222ea053ab8f0bd0d5dc52d320a31a780dc38d1bb7dde4ad1301d71c93df458ab1a5a1d417333fe668d263fa47e418fb6e0f5c23fc31a640ae4b28610cee22ae35a444f4e6d20aa4ee8cf4589953523e6b19eab32282d0971f62faecc0cc6f9937670aa65003399d5d4ed8377d21e7593b4c5c0211516ecdcd688be8819b691c8507ccba5b2a000"/395], 0xf0}}, 0x0)
r3 = fcntl$dupfd(r1, 0x0, 0xffffffffffffffff)
prlimit64(0x0, 0xb, &(0x7f0000000200)={0x9, 0x5}, 0x0)
epoll_create1(0x0)
ioctl$EVIOCGKEYCODE(r3, 0x80084504, &(0x7f00000001c0)=""/56)
r4 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r4, 0x4, 0x42000)
mmap(&(0x7f000005b000/0x4000)=nil, 0x4000, 0x0, 0x10000000000031, 0xffffffffffffffff, 0x0)
mbind(&(0x7f0000012000/0xc00000)=nil, 0xc00000, 0x0, 0x0, 0x0, 0x2000000000002)
close(0xffffffffffffffff)
mkdir(&(0x7f00000000c0)='./file0\x00', 0x0)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)

09:55:04 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = dup3(r2, r1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_ENABLE_CAP_CPU(r5, 0x4068aea3, &(0x7f0000000380)={0x7b})
accept4(0xffffffffffffffff, &(0x7f0000000480)=@rxrpc=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x0, 0x0, @dev}}, &(0x7f0000000000)=0x80, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0)
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r5, 0xae80, 0x2000000000)

09:55:04 executing program 5:
setsockopt$IP_VS_SO_SET_STARTDAEMON(0xffffffffffffffff, 0x0, 0x48b, &(0x7f00000000c0)={0x0, 'veth0_to_bond\x00'}, 0x18)
socket(0x0, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r0)
syz_open_dev$vcsn(0x0, 0x0, 0x8003)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
connect$can_bcm(0xffffffffffffffff, 0x0, 0x0)
r2 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r3 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r3, 0x4, 0x2000)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000002c0)={0xffffffffffffffff, 0xc0, &(0x7f00000003c0)={0x0, <r4=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x5, 0x7, 0x8, 0x2}, &(0x7f0000000200)=0xfff, 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000300)={r4}, 0xc)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000980)={0x0, 0xffffffffffffffff, 0x0, 0x5, &(0x7f0000000440)='f2fs\x00', r4}, 0x30)
r5 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r5, &(0x7f0000000200)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6f73a5eb7532a"], 0x6b)
sendfile(r5, r5, &(0x7f00000001c0), 0x8080fffffffe)
ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_PORT(r5, 0xc0a85352, &(0x7f0000000480)={{0x7, 0x64}, 'port0\x00', 0x1, 0x10840, 0x8, 0x7f, 0x0, 0x3, 0x0, 0x0, 0x1, 0x9})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000440)={0x0, 0xffffffffffffffff, 0x0, 0xc, &(0x7f0000000280)='eth0nodevlo\x00', r4}, 0x30)
fcntl$setown(r2, 0x8, 0x0)
r6 = socket$rxrpc(0x21, 0x2, 0x0)
fcntl$setstatus(r6, 0x4, 0x40000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$P9_RREADLINK(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="3a258211f663a7724bdef6a53bfce1f5083067b0248878f07a91df1acc99e664c11cbf51b4f6bff473492cfc5ead68cb6a050655a837ad411cb73394239fdd9e33efb5b63c5ff85708d8994e34841e04ec5f4962c4636b7fb34f186b86bb0467bdd13133ef429bda82f9b8e15eae491432dd2a52707c9ff05a83380901aeeba6a468acc0159117074b79e3eae14d824500eef64107f2ce8e640653058270aa2695952d83c594a125149b91f5ef4021dfcdb74078938059110bd142f3c394c6ecfa636c2567683920c19b877c0100b56a570369b4a3f1d5c222e90a05b5fbfad863ae8a14c85cf21dc7ae5e1ed8ee86c42b4c4b52f5f951d46e18aaa93e909ccf37a43455b24102c998836b67ed7064869a18b2d66a5a45630aad8094ca93f6085a68197469c0ab01a37f699b9cc9ecf58e2c112e03edf349ca63f0e54d4eef0ff18108b020834f0ee77f8cc42be0d56c72f5cfc721387be223c26ae7f75ed6961107fba1ee587cadf827885ed0a8d69f3606d54b78a06314ad2c0266329d3f9a14770cb65366fce5053c48c76c7a71ac39b66fc9fbbb7db70d24a8779e519d22ba4d13361dde269ce36d31a287368521c812c01f485f21d7c207d075a6200f2cf7228a5e11e1197e81a23c20bb4162e629bedb1d5257c4ce830e96d465a7e79a0ab6f37d00"/499], 0x13d)
sendfile(r1, r1, &(0x7f0000000000), 0x8080fffffffe)
r7 = socket$inet6(0xa, 0x3, 0x2c)
connect$inet6(r7, &(0x7f0000000180)={0xa, 0x0, 0x0, @local, 0x3}, 0x1c)
r8 = open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0)
sendfile(r7, r8, 0x0, 0x8482)
getsockopt$inet_pktinfo(r8, 0x0, 0x8, &(0x7f0000000040)={0x0, @loopback, @initdev}, &(0x7f0000000080)=0xc)

09:55:04 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000)={<r2=>0xffffffffffffffff})
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
rt_sigaction(0x7, &(0x7f00000009c0)={&(0x7f0000000400)="c4c261ae1b6711ab00000000c4017850ddc4410ddc5d69f20f1f00646666400f6b1e410f1818c402791d34fd36f90000f0408198b000000007000000660fc5ef9f", {0x3}, 0xcec6bf53849f54fc, &(0x7f0000000480)="c423916bef6ac481f5fd53c5c4427d13b783b5ceeecff0816a0000008020f2abc4a2adb8690440d1e5c4c2e5b8717fc483fd79d784"}, &(0x7f0000000ac0)={&(0x7f0000000a00)="660f382904b50ef0ffff2e3ef30f2d8ff1070000660f2f61db47691b000000000ffd48ac26f30f2cb186550000d2810f00000040729c440f01f9f20f1a8e01000000", {}, 0x0, &(0x7f0000000a80)="66420f5a3f8f295801d16744dcfa42de2cd740740fc421b9f4573af30fbc2243ff1d00000000c44301685d05512e66430faef6"}, 0x8, &(0x7f0000000b00))
ioctl$KVM_ENABLE_CAP_CPU(r3, 0x4068aea3, &(0x7f0000000380)={0x7b})
r4 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r4, 0x4, 0x42000)
getpeername(r2, &(0x7f00000007c0)=@pppol2tp={0x18, 0x1, {0x0, <r5=>0xffffffffffffffff, {0x2, 0x0, @initdev}}}, &(0x7f0000000840)=0x80)
getsockopt$inet_mreqn(r5, 0x0, 0xc6532e926443aff5, &(0x7f0000000880)={@dev, @broadcast}, &(0x7f00000008c0)=0xc)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000000b40)=ANY=[@ANYBLOB="bf160000b7ff0000b7070000010000004870000000000000bc7000000000000095000000000000005213e4bd5061a27b7c790a7fa4afe2ab58a23e097d213800d9e0b7e4ff3718cdff2a2e8d4073bfebf24baa9471293249230355a5b9925cc1317fb7678a02a14c53b288e6c744b763df656a68864d155b427f15ca0449362e690d7e79787fe12e56e9e1d601010000000000006f85e788d012e4a36f6133656c33803aea873112f39fff1502373907f8bfe90bfb9c6dc1ccfa95102cbb7003fc00004600e4f3cc057a07"], &(0x7f0000000140)='vS\xfdIG|\x8aL[\xf2\'\x9c\xea\xb1\xc0\xb1\x19\x91\x9d/Q\xd9\xe3T\xce\xdax;\x02%\xc5\x1c\xd5GA\xad[(\xbblZ\x01\x1dF\x92#]%sj\xd0i\xc6C\x1f&\xe2\xc5\xa5z\x7f\xe1 \xfb\xc27\x03\x84\x8e\xef\x82-\xfc$$\xaf\v\xbd\x95\x1e\x0f\xbeVI\xec\r!\f\x86\xf5\xfb[Y\x1e\xd4\xdfc\xb1\xc8\xa2\xc1/5\xffr\x1f\x80@\xb8F\xea\xde\x93\xa1\xcb6\xee\xf2\xce\x95\xf2\xfdxR\x17F\xad\xc1~\xa2\x97=O^o\"\xbb\xa8\x9746'}, 0x48)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000740)={r6, 0xc0, &(0x7f0000000200)={0x0, <r7=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000001c0)={0x0, r4, 0x0, 0x5, &(0x7f0000000040)='.em0\x00', r7}, 0x30)
r8 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x4000000105042, 0x0)
write(r8, &(0x7f0000000200)="fdf01ae741043030219708b2e9a22414e8d9058cf44eecab83b2d28ce64965047f8122da91f2e47e046e9fc35c2d106b78bb06f5b13160ed8a0a91995e8bbea8ac66f5be7c659e654eb9a9efdeefbc8d4a0fcd31a782ec5ae3041b5f8e3a500e264144e3a5619c3a4a9f4cb16916f8910013ffc1345747a696f594e72965e81a225914af246f9a4584f20ec6b6135a9e5632230520a7bc370d9291675212ad7eb5673a1c4d7d03c415df3aab729ca15c3322d4b94626a6e508f5f2adf8f408b6799166f31c4e87ccdc3189b590ffba8b409111c7f6d36aae697d578d8024684647314eb25ee33f8392b42e5ecef3b52e19ebf6f1028cb8dcc54a11dd11b8adbb532b99d457453fbe3277a0c98672a9566c339311a4c007a143106f15054e01cafdcf6f9c6a17fb9ca3362a3a01cfedc8dbfe8bffa12dd17ba0be258156d1b4ef6f136711e49103776540bb986882aba0b7cff4e0102b105f9bea091a1b037373fcdc9f1fadfa9d21ff8f42156f74694d55058084ad477ce6c8bf47641c64d1cfe008025d87e5a02d3eba8d253e30062bdc7fe046bd590131d17ccc73a5ea27c8fb4bf752965f16301176416f440d11db988ad92726c693c5aa5b3ca28bc31ced72d0f4d12cb03fb261fe08e79e78f7aad21dc40cd694ec6e2bcb97be1c67fe59a6564924aaaa280aa94e04b9cb05bb8a0325a5d65f16cd0f8f09286a07382dce", 0x2fde00)
r9 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x6000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x200000000000df8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r10 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x11, r10, 0x0)
ioctl$PERF_EVENT_IOC_SET_OUTPUT(r9, 0x2405, r10)
fcntl$dupfd(r8, 0x406, r10)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000004c0)={0xffffffffffffffff, 0xc0, &(0x7f0000000900)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000100)=0x1f, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x4, 0x1}, 0x0, 0x0, &(0x7f0000000180)={0x2, 0x10, 0x4, 0x1ce}, &(0x7f0000000200)=0x9, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000280)=0x9}}, 0x10)
r11 = getpgrp(0x0)
r12 = syz_open_dev$mice(&(0x7f0000000540)='/dev/input/mice\x00', 0x0, 0x10d281)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000780)={0xffffffffffffffff, 0xc0, &(0x7f00000006c0)={0x0, <r13=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000580)=0x4, 0x0, 0x0, 0x0, &(0x7f00000005c0)={0x5, 0x1}, 0x0, 0x0, &(0x7f0000000600)={0x5, 0xe, 0x37, 0x6}, &(0x7f0000000640)=0x8001, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000680)=0x8}}, 0x10)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000500)={r11, r12, 0x0, 0xffba, 0x0, r13}, 0x2ff)
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

09:55:04 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = dup3(r2, r1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_ENABLE_CAP_CPU(r5, 0x4068aea3, &(0x7f0000000380)={0x7b})
accept4(0xffffffffffffffff, &(0x7f0000000480)=@rxrpc=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x0, 0x0, @dev}}, &(0x7f0000000000)=0x80, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0)
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r5, 0xae80, 0x8000000000)

[  922.728995][   T26] audit: type=1804 audit(1575885304.706:977): pid=27410 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir100869913/syzkaller.GI7b3r/576/file0/bus" dev="sda1" ino=16513 res=1
09:55:04 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000)={<r2=>0xffffffffffffffff})
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
rt_sigaction(0x7, &(0x7f00000009c0)={&(0x7f0000000400)="c4c261ae1b6711ab00000000c4017850ddc4410ddc5d69f20f1f00646666400f6b1e410f1818c402791d34fd36f90000f0408198b000000007000000660fc5ef9f", {0x3}, 0xcec6bf53849f54fc, &(0x7f0000000480)="c423916bef6ac481f5fd53c5c4427d13b783b5ceeecff0816a0000008020f2abc4a2adb8690440d1e5c4c2e5b8717fc483fd79d784"}, &(0x7f0000000ac0)={&(0x7f0000000a00)="660f382904b50ef0ffff2e3ef30f2d8ff1070000660f2f61db47691b000000000ffd48ac26f30f2cb186550000d2810f00000040729c440f01f9f20f1a8e01000000", {}, 0x0, &(0x7f0000000a80)="66420f5a3f8f295801d16744dcfa42de2cd740740fc421b9f4573af30fbc2243ff1d00000000c44301685d05512e66430faef6"}, 0x8, &(0x7f0000000b00))
ioctl$KVM_ENABLE_CAP_CPU(r3, 0x4068aea3, &(0x7f0000000380)={0x7b})
r4 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r4, 0x4, 0x42000)
getpeername(r2, &(0x7f00000007c0)=@pppol2tp={0x18, 0x1, {0x0, <r5=>0xffffffffffffffff, {0x2, 0x0, @initdev}}}, &(0x7f0000000840)=0x80)
getsockopt$inet_mreqn(r5, 0x0, 0xc6532e926443aff5, &(0x7f0000000880)={@dev, @broadcast}, &(0x7f00000008c0)=0xc)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000000b40)=ANY=[@ANYBLOB="bf160000b7ff0000b7070000010000004870000000000000bc7000000000000095000000000000005213e4bd5061a27b7c790a7fa4afe2ab58a23e097d213800d9e0b7e4ff3718cdff2a2e8d4073bfebf24baa9471293249230355a5b9925cc1317fb7678a02a14c53b288e6c744b763df656a68864d155b427f15ca0449362e690d7e79787fe12e56e9e1d601010000000000006f85e788d012e4a36f6133656c33803aea873112f39fff1502373907f8bfe90bfb9c6dc1ccfa95102cbb7003fc00004600e4f3cc057a07"], &(0x7f0000000140)='vS\xfdIG|\x8aL[\xf2\'\x9c\xea\xb1\xc0\xb1\x19\x91\x9d/Q\xd9\xe3T\xce\xdax;\x02%\xc5\x1c\xd5GA\xad[(\xbblZ\x01\x1dF\x92#]%sj\xd0i\xc6C\x1f&\xe2\xc5\xa5z\x7f\xe1 \xfb\xc27\x03\x84\x8e\xef\x82-\xfc$$\xaf\v\xbd\x95\x1e\x0f\xbeVI\xec\r!\f\x86\xf5\xfb[Y\x1e\xd4\xdfc\xb1\xc8\xa2\xc1/5\xffr\x1f\x80@\xb8F\xea\xde\x93\xa1\xcb6\xee\xf2\xce\x95\xf2\xfdxR\x17F\xad\xc1~\xa2\x97=O^o\"\xbb\xa8\x9746'}, 0x48)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000740)={r6, 0xc0, &(0x7f0000000200)={0x0, <r7=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000001c0)={0x0, r4, 0x0, 0x5, &(0x7f0000000040)='.em0\x00', r7}, 0x30)
r8 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x4000000105042, 0x0)
write(r8, &(0x7f0000000200)="fdf01ae741043030219708b2e9a22414e8d9058cf44eecab83b2d28ce64965047f8122da91f2e47e046e9fc35c2d106b78bb06f5b13160ed8a0a91995e8bbea8ac66f5be7c659e654eb9a9efdeefbc8d4a0fcd31a782ec5ae3041b5f8e3a500e264144e3a5619c3a4a9f4cb16916f8910013ffc1345747a696f594e72965e81a225914af246f9a4584f20ec6b6135a9e5632230520a7bc370d9291675212ad7eb5673a1c4d7d03c415df3aab729ca15c3322d4b94626a6e508f5f2adf8f408b6799166f31c4e87ccdc3189b590ffba8b409111c7f6d36aae697d578d8024684647314eb25ee33f8392b42e5ecef3b52e19ebf6f1028cb8dcc54a11dd11b8adbb532b99d457453fbe3277a0c98672a9566c339311a4c007a143106f15054e01cafdcf6f9c6a17fb9ca3362a3a01cfedc8dbfe8bffa12dd17ba0be258156d1b4ef6f136711e49103776540bb986882aba0b7cff4e0102b105f9bea091a1b037373fcdc9f1fadfa9d21ff8f42156f74694d55058084ad477ce6c8bf47641c64d1cfe008025d87e5a02d3eba8d253e30062bdc7fe046bd590131d17ccc73a5ea27c8fb4bf752965f16301176416f440d11db988ad92726c693c5aa5b3ca28bc31ced72d0f4d12cb03fb261fe08e79e78f7aad21dc40cd694ec6e2bcb97be1c67fe59a6564924aaaa280aa94e04b9cb05bb8a0325a5d65f16cd0f8f09286a07382dce", 0x2fde00)
r9 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x6000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x200000000000df8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r10 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x11, r10, 0x0)
ioctl$PERF_EVENT_IOC_SET_OUTPUT(r9, 0x2405, r10)
fcntl$dupfd(r8, 0x406, r10)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000004c0)={0xffffffffffffffff, 0xc0, &(0x7f0000000900)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000100)=0x1f, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x4, 0x1}, 0x0, 0x0, &(0x7f0000000180)={0x2, 0x10, 0x4, 0x1ce}, &(0x7f0000000200)=0x9, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000280)=0x9}}, 0x10)
r11 = getpgrp(0x0)
r12 = syz_open_dev$mice(&(0x7f0000000540)='/dev/input/mice\x00', 0x0, 0x10d281)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000780)={0xffffffffffffffff, 0xc0, &(0x7f00000006c0)={0x0, <r13=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000580)=0x4, 0x0, 0x0, 0x0, &(0x7f00000005c0)={0x5, 0x1}, 0x0, 0x0, &(0x7f0000000600)={0x5, 0xe, 0x37, 0x6}, &(0x7f0000000640)=0x8001, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000680)=0x8}}, 0x10)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000500)={r11, r12, 0x0, 0xffba, 0x0, r13}, 0x2ff)
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

09:55:04 executing program 3:
r0 = syz_open_dev$mouse(&(0x7f00000015c0)='/dev/input/mouse#\x00', 0x101, 0x80202)
r1 = socket$inet6(0xa, 0x3, 0x2c)
connect$inet6(r1, &(0x7f0000000180)={0xa, 0x0, 0x0, @local, 0x3}, 0x1c)
r2 = open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0)
sendfile(r1, r2, 0x0, 0x8482)
ioctl$SG_GET_SG_TABLESIZE(r2, 0x227f, &(0x7f0000000000))
pipe(&(0x7f00000006c0)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
close(0xffffffffffffffff)
syz_open_pts(r0, 0x0)
sendmsg$nl_xfrm(r3, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000001340)=ANY=[@ANYBLOB="f04000001a0075430000000000000000fe8000000000000000000000000000bbff0200000000000000000001800000000000730982e772f382b8000000001e7a316d8c8c1d789ddbc99e8cfaeb4240cd7c077f73790755339eac7e4f491fad5fa42261a312e06e62bd16552b44d475934ff7000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="ac1e00010000000000000000000000000000000000000000ff02000000000000000000000000000100000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000120000000000000000000000000000000000000000b20015878a77c9d5cbb5a7959fc35c342e82b9006f35b07cd3cd9b2a6f5cca7dc37c2ccb177a7e2da1d498131cd24586d2384a4d75324833904108262d2224e686c817"], 0xf0}}, 0x0)
fcntl$dupfd(r0, 0x0, 0xffffffffffffffff)
prlimit64(0x0, 0x0, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
epoll_create1(0x0)
r4 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r4, 0x4, 0x42000)
mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x300000c, 0x80010, 0xffffffffffffffff, 0x0)
mbind(&(0x7f0000012000/0xc00000)=nil, 0xc00000, 0x0, 0x0, 0x0, 0x2000000000002)
close(0xffffffffffffffff)
mkdir(&(0x7f00000000c0)='./file0\x00', 0x0)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r5 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r5, &(0x7f0000000200)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6f73a5eb7532a"], 0x6b)
sendfile(r5, r5, &(0x7f00000001c0), 0x8080fffffffe)
getsockopt$TIPC_GROUP_JOIN(r5, 0x10f, 0x87, &(0x7f0000000100), &(0x7f0000000140)=0x4)

09:55:05 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = dup3(r2, r1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_ENABLE_CAP_CPU(r5, 0x4068aea3, &(0x7f0000000380)={0x7b})
accept4(0xffffffffffffffff, &(0x7f0000000480)=@rxrpc=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x0, 0x0, @dev}}, &(0x7f0000000000)=0x80, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0)
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r5, 0xae80, 0x7feb1fd8b700)

[  923.102754][   T26] audit: type=1804 audit(1575885305.076:978): pid=27927 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir334181620/syzkaller.4JfTNJ/861/bus" dev="sda1" ino=17489 res=1
09:55:05 executing program 3:
r0 = syz_open_dev$mouse(&(0x7f00000015c0)='/dev/input/mouse#\x00', 0x101, 0x80202)
pipe(&(0x7f00000006c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
close(0xffffffffffffffff)
sendmsg$nl_xfrm(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000001340)=ANY=[@ANYBLOB="f04000001a0075430000000000000000fe8000000000000000000000000000bbff0200000000000000000001800000000000730982e772f382b8000000001e7a316d8c8c1d789ddbc99e8cfaeb4240cd7c077f73790755339eac7e4f491fad5fa42261a312e06e62bd16552b44d475934ff7000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="ac1e00010000000000000000000000000000000000000000ff02000000000000000000000000000100000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000120000000000000000000000000000000000000000b20015878a77c9d5cbb5a7959fc35c342e82b9006f35b07cd3cd9b2a6f5cca7dc37c2ccb177a7e2da1d498131cd24586d2384a4d75324833904108262d2224e686c817"], 0xf0}}, 0x0)
fcntl$dupfd(r0, 0x0, 0xffffffffffffffff)
prlimit64(0x0, 0x0, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
epoll_create1(0x0)
r2 = gettid()
r3 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x1, 0x9}}, r2, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r3, 0x4, 0x42000)
mmap(&(0x7f000005b000/0x4000)=nil, 0x4000, 0x0, 0x10000000000031, 0xffffffffffffffff, 0x0)
mbind(&(0x7f0000012000/0xc00000)=nil, 0xc00000, 0x0, 0x0, 0x0, 0x2000000000002)
close(0xffffffffffffffff)
mkdir(&(0x7f00000000c0)='./file0\x00', 0x0)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)

09:55:05 executing program 1:
setsockopt$IP_VS_SO_SET_STARTDAEMON(0xffffffffffffffff, 0x0, 0x48b, &(0x7f00000000c0)={0x0, 'veth0_to_bond\x00'}, 0x18)
socket(0x0, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0)
fchdir(0xffffffffffffffff)
syz_open_dev$vcsn(0x0, 0x0, 0x8003)
r0 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
connect$can_bcm(0xffffffffffffffff, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r2, 0x4, 0x2000)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000002c0)={0xffffffffffffffff, 0xc0, &(0x7f00000003c0)={0x0, <r3=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x5, 0x7, 0x8, 0x2}, &(0x7f0000000200)=0xfff, 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000300)={r3}, 0xc)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000980)={0x0, 0xffffffffffffffff, 0x0, 0x5, &(0x7f0000000440)='f2fs\x00', r3}, 0x30)
ioctl$SIOCRSGCAUSE(r0, 0x89e0, &(0x7f0000000100))
r4 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r4, &(0x7f0000000200)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdbb679da7cd0126936fe7a91b21bec42314a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a0"], 0x6b)
sendfile(r4, r4, &(0x7f00000001c0), 0x8080fffffffe)
ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_PORT(r4, 0xc0a85352, &(0x7f0000000480)={{0x7, 0x64}, 'port0\x00', 0x1, 0x10840, 0x8, 0x7f, 0x0, 0x3, 0x0, 0x0, 0x1, 0x9})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000440)={0x0, 0xffffffffffffffff, 0x0, 0xc, &(0x7f0000000280)='eth0nodevlo\x00', r3}, 0x30)
fcntl$setown(r1, 0x8, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$P9_RREADLINK(r0, &(0x7f0000000580)=ANY=[@ANYBLOB="3a258211f663a7724bdef6a53bfce1e775d740627227b11e2daf85534aa6f5083067b0248878f07a91df1acc99e664c11cbf51b4f6bff473492cfc5ead68cb6a050655a837ad411cb73394239fdd9e33efb5b63c5ff85708d8994e34841e04ec5f4962c4636b7fb34f186b86bb0467bdd13133ef429bda82f9b8e15eae491432dd2a52707c9ff05a83380901aeeba6a468acc0159117074b79e3eae14d824500eef64107f2ce8e640653058270aa2695952d83c594a125149b91f5ef4021dfcdb74078938059110bd142f3c312c6ecfa636c2567683920c19b877c0100b56a570369b4a3f1d5c222e90a05b5fbfad863ae8a14c85cf21dc7ae5e1ed8ee86c42b4c4b52f5f951d46e18aaa93e909ccf37a43455b24102c998836b67ed7064869a18b2d66a5a45630aad8094ca93f6085a68197469c0ab01a37f699b9cc9"], 0x13d)
sendfile(r0, r0, &(0x7f0000000000), 0x8080fffffffe)
r5 = socket$inet6(0xa, 0x3, 0x2c)
connect$inet6(r5, &(0x7f0000000180)={0xa, 0x0, 0x0, @local, 0x3}, 0x1c)
r6 = open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0)
sendfile(r5, r6, 0x0, 0x8482)
getsockopt$inet_pktinfo(r6, 0x0, 0x8, &(0x7f0000000040)={0x0, @loopback, @initdev}, &(0x7f0000000080)=0xc)

[  923.235570][   T26] audit: type=1804 audit(1575885305.156:979): pid=28051 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir100869913/syzkaller.GI7b3r/576/file0/bus" dev="sda1" ino=16513 res=1
[  923.749846][   T26] audit: type=1804 audit(1575885305.736:980): pid=28162 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir100869913/syzkaller.GI7b3r/577/bus" dev="sda1" ino=16518 res=1
[  924.321964][   T26] audit: type=1804 audit(1575885306.306:981): pid=28272 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir100869913/syzkaller.GI7b3r/577/bus" dev="sda1" ino=16518 res=1
09:55:06 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000000380)={0x7b})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000588ff8)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
fcntl$lock(r4, 0x26, &(0x7f0000000080))
fcntl$lock(r4, 0x26, &(0x7f0000000180)={0x40001, 0x0, 0x0, 0x3ac})
dup3(r3, r4, 0x0)
clock_gettime(0x0, &(0x7f00000070c0)={<r5=>0x0, <r6=>0x0})
recvmmsg(r3, &(0x7f0000006f00)=[{{&(0x7f0000000100)=@pppol2tp={0x18, 0x1, {0x0, <r7=>0xffffffffffffffff, {0x2, 0x0, @loopback}}}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000080)=""/24, 0x18}, {&(0x7f0000000180)=""/58, 0x3a}], 0x2}, 0x1}, {{&(0x7f0000000400)=@sco, 0x80, &(0x7f0000000480)=[{&(0x7f0000000280)}], 0x1, &(0x7f00000004c0)=""/54, 0x36}, 0x7f}, {{&(0x7f0000000500)=@pptp={0x18, 0x2, {0x0, @dev}}, 0x80, &(0x7f0000000880)=[{&(0x7f0000000580)=""/182, 0xb6}, {&(0x7f0000000640)=""/49, 0x31}, {&(0x7f0000000680)=""/108, 0x6c}, {&(0x7f0000000700)=""/163, 0xa3}, {&(0x7f00000007c0)=""/100, 0x64}, {&(0x7f0000000840)=""/3, 0x3}], 0x6}, 0x40}, {{&(0x7f0000000900)=@in={0x2, 0x0, @multicast2}, 0x80, &(0x7f0000001cc0)=[{&(0x7f0000000980)=""/187, 0xbb}, {&(0x7f0000000a40)=""/225, 0xe1}, {&(0x7f0000000b40)=""/237, 0xed}, {&(0x7f0000000c40)=""/4096, 0x1000}, {&(0x7f0000001c40)=""/70, 0x46}], 0x5, &(0x7f0000001d40)=""/229, 0xe5}, 0x5}, {{&(0x7f0000001e40)=@generic, 0x80, &(0x7f00000023c0)=[{&(0x7f0000001ec0)=""/205, 0xcd}, {&(0x7f0000001fc0)=""/165, 0xa5}, {&(0x7f0000002080)=""/104, 0x68}, {&(0x7f0000002100)}, {&(0x7f0000002140)=""/89, 0x59}, {&(0x7f00000021c0)=""/172, 0xac}, {&(0x7f0000002280)=""/18, 0x12}, {&(0x7f00000022c0)=""/59, 0x3b}, {&(0x7f0000002300)=""/67, 0x43}, {&(0x7f0000002380)=""/15, 0xf}], 0xa, &(0x7f0000002480)=""/159, 0x9f}, 0xfffffff8}, {{&(0x7f0000002540)=@can, 0x80, &(0x7f0000004880)=[{&(0x7f00000025c0)=""/130, 0x82}, {&(0x7f0000002680)=""/4096, 0x1000}, {&(0x7f0000003680)=""/52, 0x34}, {&(0x7f00000036c0)=""/65, 0x41}, {&(0x7f0000003740)=""/177, 0xb1}, {&(0x7f0000003800)=""/4096, 0x1000}, {&(0x7f0000004800)=""/95, 0x5f}], 0x7, &(0x7f0000004900)=""/4096, 0x1000}, 0xb6}, {{0x0, 0x0, &(0x7f0000006e00)=[{&(0x7f0000005900)=""/202, 0xca}, {&(0x7f0000005a00)=""/229, 0xe5}, {&(0x7f0000005b00)=""/144, 0x90}, {&(0x7f0000005bc0)=""/74, 0x4a}, {&(0x7f0000005c40)=""/100, 0x64}, {&(0x7f0000005cc0)=""/252, 0xfc}, {&(0x7f0000005dc0)=""/4096, 0x1000}, {&(0x7f0000006dc0)=""/11, 0xb}], 0x8, &(0x7f0000006e80)=""/123, 0x7b}, 0xff}], 0x7, 0x1, &(0x7f0000007100)={r5, r6+10000000})
getsockopt$inet_sctp6_SCTP_I_WANT_MAPPED_V4_ADDR(r7, 0x84, 0xc, &(0x7f0000007140), &(0x7f0000007180)=0x4)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

09:55:06 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = dup3(r2, r1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_ENABLE_CAP_CPU(r5, 0x4068aea3, &(0x7f0000000380)={0x7b})
accept4(0xffffffffffffffff, &(0x7f0000000480)=@rxrpc=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x0, 0x0, @dev}}, &(0x7f0000000000)=0x80, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0)
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r5, 0xae80, 0x4000000000000)

09:55:06 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000)={<r2=>0xffffffffffffffff})
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
rt_sigaction(0x7, &(0x7f00000009c0)={&(0x7f0000000400)="c4c261ae1b6711ab00000000c4017850ddc4410ddc5d69f20f1f00646666400f6b1e410f1818c402791d34fd36f90000f0408198b000000007000000660fc5ef9f", {0x3}, 0xcec6bf53849f54fc, &(0x7f0000000480)="c423916bef6ac481f5fd53c5c4427d13b783b5ceeecff0816a0000008020f2abc4a2adb8690440d1e5c4c2e5b8717fc483fd79d784"}, &(0x7f0000000ac0)={&(0x7f0000000a00)="660f382904b50ef0ffff2e3ef30f2d8ff1070000660f2f61db47691b000000000ffd48ac26f30f2cb186550000d2810f00000040729c440f01f9f20f1a8e01000000", {}, 0x0, &(0x7f0000000a80)="66420f5a3f8f295801d16744dcfa42de2cd740740fc421b9f4573af30fbc2243ff1d00000000c44301685d05512e66430faef6"}, 0x8, &(0x7f0000000b00))
ioctl$KVM_ENABLE_CAP_CPU(r3, 0x4068aea3, &(0x7f0000000380)={0x7b})
r4 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r4, 0x4, 0x42000)
getpeername(r2, &(0x7f00000007c0)=@pppol2tp={0x18, 0x1, {0x0, <r5=>0xffffffffffffffff, {0x2, 0x0, @initdev}}}, &(0x7f0000000840)=0x80)
getsockopt$inet_mreqn(r5, 0x0, 0xc6532e926443aff5, &(0x7f0000000880)={@dev, @broadcast}, &(0x7f00000008c0)=0xc)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000000b40)=ANY=[@ANYBLOB="bf160000b7ff0000b7070000010000004870000000000000bc7000000000000095000000000000005213e4bd5061a27b7c790a7fa4afe2ab58a23e097d213800d9e0b7e4ff3718cdff2a2e8d4073bfebf24baa9471293249230355a5b9925cc1317fb7678a02a14c53b288e6c744b763df656a68864d155b427f15ca0449362e690d7e79787fe12e56e9e1d601010000000000006f85e788d012e4a36f6133656c33803aea873112f39fff1502373907f8bfe90bfb9c6dc1ccfa95102cbb7003fc00004600e4f3cc057a07"], &(0x7f0000000140)='vS\xfdIG|\x8aL[\xf2\'\x9c\xea\xb1\xc0\xb1\x19\x91\x9d/Q\xd9\xe3T\xce\xdax;\x02%\xc5\x1c\xd5GA\xad[(\xbblZ\x01\x1dF\x92#]%sj\xd0i\xc6C\x1f&\xe2\xc5\xa5z\x7f\xe1 \xfb\xc27\x03\x84\x8e\xef\x82-\xfc$$\xaf\v\xbd\x95\x1e\x0f\xbeVI\xec\r!\f\x86\xf5\xfb[Y\x1e\xd4\xdfc\xb1\xc8\xa2\xc1/5\xffr\x1f\x80@\xb8F\xea\xde\x93\xa1\xcb6\xee\xf2\xce\x95\xf2\xfdxR\x17F\xad\xc1~\xa2\x97=O^o\"\xbb\xa8\x9746'}, 0x48)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000740)={r6, 0xc0, &(0x7f0000000200)={0x0, <r7=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000001c0)={0x0, r4, 0x0, 0x5, &(0x7f0000000040)='.em0\x00', r7}, 0x30)
r8 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x4000000105042, 0x0)
write(r8, &(0x7f0000000200)="fdf01ae741043030219708b2e9a22414e8d9058cf44eecab83b2d28ce64965047f8122da91f2e47e046e9fc35c2d106b78bb06f5b13160ed8a0a91995e8bbea8ac66f5be7c659e654eb9a9efdeefbc8d4a0fcd31a782ec5ae3041b5f8e3a500e264144e3a5619c3a4a9f4cb16916f8910013ffc1345747a696f594e72965e81a225914af246f9a4584f20ec6b6135a9e5632230520a7bc370d9291675212ad7eb5673a1c4d7d03c415df3aab729ca15c3322d4b94626a6e508f5f2adf8f408b6799166f31c4e87ccdc3189b590ffba8b409111c7f6d36aae697d578d8024684647314eb25ee33f8392b42e5ecef3b52e19ebf6f1028cb8dcc54a11dd11b8adbb532b99d457453fbe3277a0c98672a9566c339311a4c007a143106f15054e01cafdcf6f9c6a17fb9ca3362a3a01cfedc8dbfe8bffa12dd17ba0be258156d1b4ef6f136711e49103776540bb986882aba0b7cff4e0102b105f9bea091a1b037373fcdc9f1fadfa9d21ff8f42156f74694d55058084ad477ce6c8bf47641c64d1cfe008025d87e5a02d3eba8d253e30062bdc7fe046bd590131d17ccc73a5ea27c8fb4bf752965f16301176416f440d11db988ad92726c693c5aa5b3ca28bc31ced72d0f4d12cb03fb261fe08e79e78f7aad21dc40cd694ec6e2bcb97be1c67fe59a6564924aaaa280aa94e04b9cb05bb8a0325a5d65f16cd0f8f09286a07382dce", 0x2fde00)
r9 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x6000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x200000000000df8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r10 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x11, r10, 0x0)
ioctl$PERF_EVENT_IOC_SET_OUTPUT(r9, 0x2405, r10)
fcntl$dupfd(r8, 0x406, r10)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000004c0)={0xffffffffffffffff, 0xc0, &(0x7f0000000900)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000100)=0x1f, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x4, 0x1}, 0x0, 0x0, &(0x7f0000000180)={0x2, 0x10, 0x4, 0x1ce}, &(0x7f0000000200)=0x9, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000280)=0x9}}, 0x10)
r11 = getpgrp(0x0)
r12 = syz_open_dev$mice(&(0x7f0000000540)='/dev/input/mice\x00', 0x0, 0x10d281)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000780)={0xffffffffffffffff, 0xc0, &(0x7f00000006c0)={0x0, <r13=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000580)=0x4, 0x0, 0x0, 0x0, &(0x7f00000005c0)={0x5, 0x1}, 0x0, 0x0, &(0x7f0000000600)={0x5, 0xe, 0x37, 0x6}, &(0x7f0000000640)=0x8001, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000680)=0x8}}, 0x10)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000500)={r11, r12, 0x0, 0xffba, 0x0, r13}, 0x2ff)
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

09:55:06 executing program 3:
r0 = syz_open_dev$mouse(&(0x7f00000015c0)='/dev/input/mouse#\x00', 0x101, 0x80202)
pipe(&(0x7f00000006c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
close(0xffffffffffffffff)
sendmsg$nl_xfrm(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000001340)=ANY=[@ANYBLOB="f04000001a0075430000000000000000fe8000000000000000000000000000bbff0200000000000000000001800000000000730982e772f382b8000000001e7a316d8c8c1d789ddbc99e8cfaeb4240cd7c077f73790755339eac7e4f491fad5fa42261a312e06e62bd16552b44d475934ff7000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="ac1e00010000000000000000000000000000000000000000ff02000000000000000000000000000100000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000120000000000000000000000000000000000000000b20015878a77c9d5cbb5a7959fc35c342e82b9006f35b07cd3cd9b2a6f5cca7dc37c2ccb177a7e2da1d498131cd24586d2384a4d75324833904108262d2224e686c817"], 0xf0}}, 0x0)
fcntl$dupfd(r0, 0x0, 0xffffffffffffffff)
prlimit64(0x0, 0x0, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
epoll_create1(0x0)
r2 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r2, 0x4, 0x42000)
r3 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r3, &(0x7f0000000200)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6f73a5eb7532a"], 0x6b)
sendfile(r3, r3, &(0x7f00000001c0), 0x8080fffffffe)
getsockopt$IP6T_SO_GET_INFO(r3, 0x29, 0x40, &(0x7f0000000100)={'security\x00'}, &(0x7f0000000000)=0x54)
mmap(&(0x7f000005b000/0x4000)=nil, 0x4000, 0x0, 0x10000000000031, 0xffffffffffffffff, 0x0)
mbind(&(0x7f0000012000/0xc00000)=nil, 0xc00000, 0x0, 0x0, 0x0, 0x2000000000002)
close(0xffffffffffffffff)
mkdir(&(0x7f00000000c0)='./file0\x00', 0x0)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)

09:55:06 executing program 5:
setsockopt$IP_VS_SO_SET_STARTDAEMON(0xffffffffffffffff, 0x0, 0x48b, &(0x7f00000000c0)={0x0, 'veth0_to_bond\x00'}, 0x18)
socket(0x0, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r0)
syz_open_dev$vcsn(0x0, 0x0, 0x8003)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
connect$can_bcm(0xffffffffffffffff, 0x0, 0x0)
r2 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r2, &(0x7f0000000200)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6d73a5eb7532a"], 0x6b)
sendfile(r2, r2, &(0x7f00000001c0), 0x8080fffffffe)
r3 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r3, &(0x7f00000006c0)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6f73a5eb7532a7950878e24d651199437ae46d4d1ff26f0b5946a6396c2d8e4b77cc3ad4b78c8e2980c0a056eb39a52737f8b87f1309b50668495e595f9be98a59817f360d811644caf42f3084a082c39eebccfb665503ba3ffc3afaee683dabbbe94f420f9a301d6"], 0x6b)
sendfile(r3, r3, &(0x7f00000001c0), 0x8080fffffffe)
r4 = socket$inet(0x2, 0x100000000805, 0x0)
r5 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r5, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r6=>0x0]}, &(0x7f000095dffc)=0x1bb)
setsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(r4, 0x84, 0x72, &(0x7f0000000100)={r6}, 0xc)
getsockopt$inet_sctp_SCTP_RESET_STREAMS(r3, 0x84, 0x77, &(0x7f0000000100)={<r7=>r6, 0x0, 0x4, [0x7f, 0x3, 0x2, 0xff]}, &(0x7f0000000340)=0x10)
setsockopt$inet_sctp_SCTP_AUTH_DELETE_KEY(r2, 0x84, 0x19, &(0x7f0000000380)={r7, 0x8}, 0x8)
r8 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r9 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
fcntl$setstatus(r9, 0x4, 0x2000)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000002c0)={0xffffffffffffffff, 0xc0, &(0x7f00000003c0)={0x0, <r10=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x5, 0x7, 0x8, 0x2}, &(0x7f0000000200)=0xfff, 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000300)={r10}, 0xc)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000980)={0x0, 0xffffffffffffffff, 0x0, 0x5, &(0x7f0000000440)='f2fs\x00', r10}, 0x30)
r11 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r11, &(0x7f0000000200)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6f73a5eb7532a"], 0x6b)
sendfile(r11, r11, &(0x7f00000001c0), 0x8080fffffffe)
ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_PORT(r11, 0xc0a85352, &(0x7f0000000480)={{0x7, 0x64}, 'port0\x00', 0x1, 0x10840, 0x8, 0x7f, 0x0, 0x3, 0x0, 0x0, 0x1, 0x9})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000440)={0x0, 0xffffffffffffffff, 0x0, 0xc, &(0x7f0000000280)='eth0nodevlo\x00', r10}, 0x30)
fcntl$setown(r8, 0x8, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$P9_RREADLINK(r1, &(0x7f0000000580)=ANY=[@ANYBLOB="3a258211f663a7724bdef6a53bfce1e775d740627227b11e2daf85534aa6f5083067b0248878f07a91df1acc99e664c11cbf51b4f6bff473492cfc5ead68cb6a050655a837ad411cb73394239fdd9e33efb5b63c5ff85708d8994e34841e04ec5f4962c4636b7fb34f186b86bb0467bdd13133ef429bda82f9b8e15eae491432dd2a52707c9ff05a83380901aeeba6a468acc0159117074b79e3eae14d824500eef64107f2ce8e640653058270aa2695952d83c594a125149b91f5ef4021dfcdb74078938059110bd142f3c312c6ecfa636c2567683920c19b877c0100b56a570369b4a3f1d5c222e90a05b5fbfad863ae8a14c85cf21dc7ae5e1ed8ee86c42b4c4b52f5f951d46e18aaa93e909ccf37a43455b24102c998836b67ed7064869a18b2d66a5a45630aad8094ca93f6085a68197469c0ab01a37f699b9cc9"], 0x13d)
sendfile(r1, r1, &(0x7f0000000000), 0x8080fffffffe)
r12 = socket$inet6(0xa, 0x3, 0x2c)
connect$inet6(r12, &(0x7f0000000180)={0xa, 0x0, 0x0, @local, 0x3}, 0x1c)
r13 = open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0)
sendfile(r12, r13, 0x0, 0x8482)
getsockopt$inet_pktinfo(r13, 0x0, 0x8, &(0x7f0000000040)={0x0, @loopback, @initdev}, &(0x7f0000000080)=0xc)

09:55:06 executing program 1:
setsockopt$IP_VS_SO_SET_STARTDAEMON(0xffffffffffffffff, 0x0, 0x48b, &(0x7f00000000c0)={0x0, 'veth0_to_bond\x00'}, 0x18)
socket(0x0, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r0)
syz_open_dev$vcsn(0x0, 0x0, 0x8003)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
connect$can_bcm(0xffffffffffffffff, 0x0, 0x0)
r2 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r3 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r3, 0x4, 0x2000)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000002c0)={0xffffffffffffffff, 0xc0, &(0x7f00000003c0)={0x0, <r4=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x5, 0x7, 0x8, 0x2}, &(0x7f0000000200)=0xfff, 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000300)={r4}, 0xc)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000980)={0x0, 0xffffffffffffffff, 0x0, 0x5, &(0x7f0000000440)='f2fs\x00', r4}, 0x30)
r5 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r5, &(0x7f0000000200)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6f73a5eb7532a"], 0x6b)
sendfile(r5, r5, &(0x7f00000001c0), 0x8080fffffffe)
ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_PORT(r5, 0xc0a85352, &(0x7f0000000480)={{0x7, 0x64}, 'port0\x00', 0x1, 0x10840, 0x8, 0x7f, 0x0, 0x3, 0x0, 0x0, 0x1, 0x9})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000440)={0x0, 0xffffffffffffffff, 0x0, 0xc, &(0x7f0000000280)='eth0nodevlo\x00', r4}, 0x30)
fcntl$setown(r2, 0x8, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$P9_RREADLINK(r1, &(0x7f00000009c0)=ANY=[@ANYBLOB="3a258211f663a7724bdef6a53bfce1e775d740627227b11e2daf85534aa6f5083067b0248878f07a91df1a0000e664c11cbf51b4f6bff473492cfc5ead68cb6a050655a837ad411cb73394239fdd9e33efb5b63c5ff857081b79ac087200dec0253ed8994e34841e04ec5f4962c4636b7fb34f186b86bb0467bdd13133ef429bda82f9b8e15eae491432dd2a52707c9ff05a83380901aeeba6a468acc0159117074b79e3eae14d824500eef64107f2ce8e640653058270aa2695952d83c594a12514b491f5ef4021dfcdb74078938059110bd142f3c312c6ec02636c2567683920c19b877c0100b56a570369b4a3f1d5c222e90a05b5fbfad863ae8a14c85cf21dc7ae5e1ed8ee86c42b4c4b52f57951d46e18aaa93e909ccf37a43455b24102c998836b67ed7064869a18b2d66a5a45630aad8094ca93f6085a6819744e7ee53cb283cf702293e3e0ecfcfea13f3a84f6676923262a551e395cc20a1c240f996394349050a113c9005d8ed78fc9373836ef2df66044d96e812a0f3406521e6121f5bf62ca745a5c8cabd4a7e852742ff7634bc66b1747b431f839b1dc8d756d3bee1dd5d67cb285f1141611c7d29ea8e2b1ec0facf2c8b3fb0d1a2c0dae92137429edd921b726072e0ec6990446b3f4a818637e3d712731d4fd0f38661bc0cd22a329f842bf4d24c647774352d169339e24ab901604308e489b5bab29e6b10d2428a3dd516d073cbc6c8194d8a0eee0"], 0x13d)
sendfile(r1, r1, &(0x7f0000000000), 0x8080fffffffe)
r6 = socket$inet6(0xa, 0x3, 0x2c)
connect$inet6(r6, &(0x7f0000000180)={0xa, 0x0, 0x0, @local, 0x3}, 0x1c)
r7 = open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0)
sendfile(r6, r7, 0x0, 0x8482)
r8 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r8, &(0x7f0000000200)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6f73a5eb7532a"], 0x6b)
sendfile(r8, r8, &(0x7f00000001c0), 0x8080fffffffe)
r9 = socket$inet6(0xa, 0x3, 0x2c)
connect$inet6(r9, &(0x7f0000000180)={0xa, 0x0, 0x0, @local, 0x3}, 0x1c)
r10 = open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0)
sendfile(r9, r10, 0x0, 0x8482)
r11 = socket$inet6(0xa, 0x3, 0x2c)
connect$inet6(r11, &(0x7f0000000180)={0xa, 0x0, 0x0, @local, 0x3}, 0x1c)
r12 = open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0)
sendfile(r11, r12, 0x0, 0x8482)
getsockopt$inet_pktinfo(r12, 0x0, 0x8, &(0x7f0000000040)={0x0, @loopback, @initdev}, &(0x7f0000000080)=0x101)

[  925.353701][   T26] audit: type=1804 audit(1575885307.346:982): pid=28605 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir100869913/syzkaller.GI7b3r/578/file0/bus" dev="sda1" ino=17612 res=1
09:55:07 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = dup3(r2, r1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_ENABLE_CAP_CPU(r5, 0x4068aea3, &(0x7f0000000380)={0x7b})
accept4(0xffffffffffffffff, &(0x7f0000000480)=@rxrpc=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x0, 0x0, @dev}}, &(0x7f0000000000)=0x80, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0)
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r5, 0xae80, 0x80ffff00000000)

09:55:07 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000)={<r2=>0xffffffffffffffff})
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
rt_sigaction(0x7, &(0x7f00000009c0)={&(0x7f0000000400)="c4c261ae1b6711ab00000000c4017850ddc4410ddc5d69f20f1f00646666400f6b1e410f1818c402791d34fd36f90000f0408198b000000007000000660fc5ef9f", {0x3}, 0xcec6bf53849f54fc, &(0x7f0000000480)="c423916bef6ac481f5fd53c5c4427d13b783b5ceeecff0816a0000008020f2abc4a2adb8690440d1e5c4c2e5b8717fc483fd79d784"}, &(0x7f0000000ac0)={&(0x7f0000000a00)="660f382904b50ef0ffff2e3ef30f2d8ff1070000660f2f61db47691b000000000ffd48ac26f30f2cb186550000d2810f00000040729c440f01f9f20f1a8e01000000", {}, 0x0, &(0x7f0000000a80)="66420f5a3f8f295801d16744dcfa42de2cd740740fc421b9f4573af30fbc2243ff1d00000000c44301685d05512e66430faef6"}, 0x8, &(0x7f0000000b00))
ioctl$KVM_ENABLE_CAP_CPU(r3, 0x4068aea3, &(0x7f0000000380)={0x7b})
r4 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r4, 0x4, 0x42000)
getpeername(r2, &(0x7f00000007c0)=@pppol2tp={0x18, 0x1, {0x0, <r5=>0xffffffffffffffff, {0x2, 0x0, @initdev}}}, &(0x7f0000000840)=0x80)
getsockopt$inet_mreqn(r5, 0x0, 0xc6532e926443aff5, &(0x7f0000000880)={@dev, @broadcast}, &(0x7f00000008c0)=0xc)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000000b40)=ANY=[@ANYBLOB="bf160000b7ff0000b7070000010000004870000000000000bc7000000000000095000000000000005213e4bd5061a27b7c790a7fa4afe2ab58a23e097d213800d9e0b7e4ff3718cdff2a2e8d4073bfebf24baa9471293249230355a5b9925cc1317fb7678a02a14c53b288e6c744b763df656a68864d155b427f15ca0449362e690d7e79787fe12e56e9e1d601010000000000006f85e788d012e4a36f6133656c33803aea873112f39fff1502373907f8bfe90bfb9c6dc1ccfa95102cbb7003fc00004600e4f3cc057a07"], &(0x7f0000000140)='vS\xfdIG|\x8aL[\xf2\'\x9c\xea\xb1\xc0\xb1\x19\x91\x9d/Q\xd9\xe3T\xce\xdax;\x02%\xc5\x1c\xd5GA\xad[(\xbblZ\x01\x1dF\x92#]%sj\xd0i\xc6C\x1f&\xe2\xc5\xa5z\x7f\xe1 \xfb\xc27\x03\x84\x8e\xef\x82-\xfc$$\xaf\v\xbd\x95\x1e\x0f\xbeVI\xec\r!\f\x86\xf5\xfb[Y\x1e\xd4\xdfc\xb1\xc8\xa2\xc1/5\xffr\x1f\x80@\xb8F\xea\xde\x93\xa1\xcb6\xee\xf2\xce\x95\xf2\xfdxR\x17F\xad\xc1~\xa2\x97=O^o\"\xbb\xa8\x9746'}, 0x48)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000740)={r6, 0xc0, &(0x7f0000000200)={0x0, <r7=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000001c0)={0x0, r4, 0x0, 0x5, &(0x7f0000000040)='.em0\x00', r7}, 0x30)
r8 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x4000000105042, 0x0)
write(r8, &(0x7f0000000200)="fdf01ae741043030219708b2e9a22414e8d9058cf44eecab83b2d28ce64965047f8122da91f2e47e046e9fc35c2d106b78bb06f5b13160ed8a0a91995e8bbea8ac66f5be7c659e654eb9a9efdeefbc8d4a0fcd31a782ec5ae3041b5f8e3a500e264144e3a5619c3a4a9f4cb16916f8910013ffc1345747a696f594e72965e81a225914af246f9a4584f20ec6b6135a9e5632230520a7bc370d9291675212ad7eb5673a1c4d7d03c415df3aab729ca15c3322d4b94626a6e508f5f2adf8f408b6799166f31c4e87ccdc3189b590ffba8b409111c7f6d36aae697d578d8024684647314eb25ee33f8392b42e5ecef3b52e19ebf6f1028cb8dcc54a11dd11b8adbb532b99d457453fbe3277a0c98672a9566c339311a4c007a143106f15054e01cafdcf6f9c6a17fb9ca3362a3a01cfedc8dbfe8bffa12dd17ba0be258156d1b4ef6f136711e49103776540bb986882aba0b7cff4e0102b105f9bea091a1b037373fcdc9f1fadfa9d21ff8f42156f74694d55058084ad477ce6c8bf47641c64d1cfe008025d87e5a02d3eba8d253e30062bdc7fe046bd590131d17ccc73a5ea27c8fb4bf752965f16301176416f440d11db988ad92726c693c5aa5b3ca28bc31ced72d0f4d12cb03fb261fe08e79e78f7aad21dc40cd694ec6e2bcb97be1c67fe59a6564924aaaa280aa94e04b9cb05bb8a0325a5d65f16cd0f8f09286a07382dce", 0x2fde00)
r9 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x6000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x200000000000df8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r10 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x11, r10, 0x0)
ioctl$PERF_EVENT_IOC_SET_OUTPUT(r9, 0x2405, r10)
fcntl$dupfd(r8, 0x406, r10)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000004c0)={0xffffffffffffffff, 0xc0, &(0x7f0000000900)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000100)=0x1f, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x4, 0x1}, 0x0, 0x0, &(0x7f0000000180)={0x2, 0x10, 0x4, 0x1ce}, &(0x7f0000000200)=0x9, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000280)=0x9}}, 0x10)
r11 = getpgrp(0x0)
r12 = syz_open_dev$mice(&(0x7f0000000540)='/dev/input/mice\x00', 0x0, 0x10d281)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000780)={0xffffffffffffffff, 0xc0, &(0x7f00000006c0)={0x0, <r13=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000580)=0x4, 0x0, 0x0, 0x0, &(0x7f00000005c0)={0x5, 0x1}, 0x0, 0x0, &(0x7f0000000600)={0x5, 0xe, 0x37, 0x6}, &(0x7f0000000640)=0x8001, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000680)=0x8}}, 0x10)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000500)={r11, r12, 0x0, 0xffba, 0x0, r13}, 0x2ff)
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

[  925.535907][   T26] audit: type=1804 audit(1575885307.456:983): pid=28605 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir100869913/syzkaller.GI7b3r/578/file0/bus" dev="sda1" ino=17612 res=1
[  925.676576][   T26] audit: type=1804 audit(1575885307.466:984): pid=28605 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir100869913/syzkaller.GI7b3r/578/file0/bus" dev="sda1" ino=17612 res=1
09:55:07 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = dup3(r2, r1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_ENABLE_CAP_CPU(r5, 0x4068aea3, &(0x7f0000000380)={0x7b})
accept4(0xffffffffffffffff, &(0x7f0000000480)=@rxrpc=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x0, 0x0, @dev}}, &(0x7f0000000000)=0x80, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0)
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r5, 0xae80, 0xb7d81feb7f0000)

09:55:08 executing program 3:
r0 = syz_open_dev$mouse(&(0x7f00000015c0)='/dev/input/mouse#\x00', 0x101, 0x80202)
pipe(&(0x7f00000006c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
close(0xffffffffffffffff)
sendmsg$nl_xfrm(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000001340)=ANY=[@ANYBLOB="f04000001a0075430000000000000000fe8000000000000000000000000000bbff0200000000000000000001800000000000730982e772f382b8000000001e7a316d8c8c1d789ddbc99e8cfaeb4240cd7c077f73790755339eac7e4f491fad5fa42261a312e06e62bd16552b44d475934ff7000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="ac1e0001000000000000000000000000002e72bc71000000ff02000000000000000000000000000100000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000120000000000000000000000000000000000000000b20015878a77c9d5cbb5a7959fc35c342e82b9006f35b07cd3cd9b2a6f5cca7dc37c2ccb17ff070000d498131cd24586d2384a4d75324833904108262d2224e686c817"], 0xf0}}, 0x0)
fcntl$dupfd(r0, 0x0, 0xffffffffffffffff)
prlimit64(0x0, 0x0, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
epoll_create1(0x0)
r2 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r2, 0x4, 0x42000)
mmap(&(0x7f000005b000/0x4000)=nil, 0x4000, 0x0, 0x10000000000031, 0xffffffffffffffff, 0x0)
mbind(&(0x7f0000012000/0xc00000)=nil, 0xc00000, 0x0, 0x0, 0x0, 0x2000000000002)
close(0xffffffffffffffff)
mkdir(&(0x7f00000000c0)='./file0\x00', 0x0)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)

09:55:08 executing program 2:
r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snapshot\x00', 0x0, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$sock_netdev_private(0xffffffffffffffff, 0x89fd, &(0x7f0000000140)="e17c9e5913085f8ededb41139d9c00893f9f97ca3aa2063bbb8d5245a8da423c7d268eb82b02ecc575e2f72a7bd736b0b9d7ab07553d89c70a743e9b20095f0c99717d7917188a066bc82f0fe6f0602bb337349815c3563aff4628be629bd9cce356a41064b2d910")
ioctl$KVM_ENABLE_CAP_CPU(r3, 0x4068aea3, &(0x7f0000000380)={0x7b})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30)
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb, 0x9], 0x12000})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000588ff8)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
fcntl$lock(r5, 0x26, &(0x7f0000000080))
fcntl$lock(r5, 0x26, &(0x7f0000000180)={0x40001, 0x0, 0x0, 0x3ac})
dup3(r4, r5, 0x0)
ioctl$sock_FIOGETOWN(r5, 0x8903, &(0x7f0000000280))
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r6 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r6, &(0x7f0000000200)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6f73a5eb7532a"], 0x6b)
sendfile(r6, r6, &(0x7f00000001c0), 0x8080fffffffe)
ioctl$KVM_HYPERV_EVENTFD(r0, 0x4018aebd, &(0x7f0000000100)={0x1, r6})

09:55:08 executing program 1:
setsockopt$IP_VS_SO_SET_STARTDAEMON(0xffffffffffffffff, 0x0, 0x48b, &(0x7f00000000c0)={0x0, 'veth0_to_bond\x00'}, 0x18)
socket(0x0, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r0)
syz_open_dev$vcsn(0x0, 0x0, 0x8003)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
connect$can_bcm(0xffffffffffffffff, 0x0, 0x0)
r2 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r3 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r3, 0x4, 0x2000)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000002c0)={0xffffffffffffffff, 0xc0, &(0x7f00000003c0)={0x0, <r4=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x5, 0x7, 0x8, 0x2}, &(0x7f0000000200)=0xfff, 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000300)={r4}, 0xc)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000980)={0x0, 0xffffffffffffffff, 0x0, 0x5, &(0x7f0000000440)='f2fs\x00', r4}, 0x30)
r5 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r5, &(0x7f0000000a00)=ANY=[@ANYBLOB="d6751d6d44e680678896ab7290a973f5cb2ca1abb39655e1da420fcf76d189ee76e5ddb334d22db69a611e1ed465a8b1dd29fe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6f73a5eb7532a644f7736c9c83292891ef1d220ef530312dc97e1286dfb59fc2181a914f08bab251edaf0c333d93f939754b6831e3796670d7a"], 0x6b)
sendfile(0xffffffffffffffff, r5, &(0x7f00000001c0)=0x200000000000004, 0x8080ffffff7e)
ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_PORT(r5, 0xc0a85352, &(0x7f0000000480)={{0x7, 0x64}, 'port0\x00', 0x1, 0x10840, 0x8, 0x7f, 0x0, 0x3, 0x0, 0x0, 0x1, 0x9})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000440)={<r6=>0x0, 0xffffffffffffffff, 0x0, 0xc, &(0x7f0000000280)='eth0nodevlo\x00', r4}, 0x30)
fcntl$setown(r2, 0x8, 0x0)
r7 = perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r8 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x6000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x200000000000df8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r9 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x11, r9, 0x0)
ioctl$PERF_EVENT_IOC_SET_OUTPUT(r8, 0x2405, r9)
r10 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x4000000105042, 0x0)
write(r10, &(0x7f0000000200)="fdf01ae741043030219708b2e9a22414e8d9058cf44eecab83b2d28ce64965047f8122da91f2e47e046e9fc35c2d106b78bb06f5b13160ed8a0a91995e8bbea8ac66f5be7c659e654eb9a9efdeefbc8d4a0fcd31a782ec5ae3041b5f8e3a500e264144e3a5619c3a4a9f4cb16916f8910013ffc1345747a696f594e72965e81a225914af246f9a4584f20ec6b6135a9e5632230520a7bc370d9291675212ad7eb5673a1c4d7d03c415df3aab729ca15c3322d4b94626a6e508f5f2adf8f408b6799166f31c4e87ccdc3189b590ffba8b409111c7f6d36aae697d578d8024684647314eb25ee33f8392b42e5ecef3b52e19ebf6f1028cb8dcc54a11dd11b8adbb532b99d457453fbe3277a0c98672a9566c339311a4c007a143106f15054e01cafdcf6f9c6a17fb9ca3362a3a01cfedc8dbfe8bffa12dd17ba0be258156d1b4ef6f136711e49103776540bb986882aba0b7cff4e0102b105f9bea091a1b037373fcdc9f1fadfa9d21ff8f42156f74694d55058084ad477ce6c8bf47641c64d1cfe008025d87e5a02d3eba8d253e30062bdc7fe046bd590131d17ccc73a5ea27c8fb4bf752965f16301176416f440d11db988ad92726c693c5aa5b3ca28bc31ced72d0f4d12cb03fb261fe08e79e78f7aad21dc40cd694ec6e2bcb97be1c67fe59a6564924aaaa280aa94e04b9cb05bb8a0325a5d65f16cd0f8f09286a07382dce", 0x2fde00)
r11 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x6000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x200000000000df8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r12 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x11, r12, 0x0)
ioctl$PERF_EVENT_IOC_SET_OUTPUT(r11, 0x2405, r12)
write$P9_RREADLINK(r1, &(0x7f0000000580)=ANY=[@ANYRES32=r7], 0x4)
sendfile(r1, r1, &(0x7f0000000000), 0x8080fffffffe)
r13 = socket$inet6(0xa, 0x3, 0x2c)
connect$inet6(r13, &(0x7f0000000180)={0xa, 0x0, 0x0, @local, 0x3}, 0x1c)
r14 = open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0)
r15 = gettid()
tkill(r15, 0x1000000000016)
r16 = clone3(&(0x7f0000000800)={0x22000000, &(0x7f0000000100), &(0x7f0000000340), &(0x7f0000000380), 0x1f, 0x0, &(0x7f00000006c0)=""/124, 0x7c, &(0x7f0000000740)=""/107, &(0x7f00000007c0)=[0xffffffffffffffff, r6, 0x0, r15], 0x4}, 0x50)
ptrace$getregset(0x4204, r16, 0x3, &(0x7f00000009c0)={&(0x7f0000000880)=""/208, 0xd0})
sendfile(r13, r14, 0x0, 0x8482)
getsockopt$inet_pktinfo(r14, 0x0, 0x8, &(0x7f0000000040)={0x0, @loopback, @initdev}, &(0x7f0000000080)=0xc)

09:55:08 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = dup3(r2, r1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_ENABLE_CAP_CPU(r5, 0x4068aea3, &(0x7f0000000380)={0x7b})
accept4(0xffffffffffffffff, &(0x7f0000000480)=@rxrpc=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x0, 0x0, @dev}}, &(0x7f0000000000)=0x80, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0)
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r5, 0xae80, 0xee0f0000000000)

09:55:08 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
r3 = socket$inet6(0xa, 0x3, 0x2c)
connect$inet6(r3, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback, 0x3}, 0xfffffe5c)
r4 = open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0)
sendfile(r3, r4, 0x0, 0x8482)
r5 = memfd_create(&(0x7f00006a7000)='/dev/vga_arbiter\x00', 0x0)
r6 = syz_open_procfs(0x0, &(0x7f00008feff8)='net/udp\x00')
sendfile(r5, r6, 0x0, 0x1)
ioctl$SG_EMULATED_HOST(r6, 0x2203, &(0x7f0000000000))
ioctl$VIDIOC_G_STD(0xffffffffffffffff, 0x80085617, &(0x7f0000000000)=<r7=>0x0)
ioctl$VIDIOC_S_STD(r6, 0x40085618, &(0x7f00000001c0)=r7)
ioctl$VIDIOC_S_STD(r4, 0x40085618, &(0x7f0000000080)=r7)
ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000000380)={0x7b})
ioctl$DRM_IOCTL_MODESET_CTL(r6, 0x40086408, &(0x7f0000000100)={0x1, 0x1ff})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

09:55:08 executing program 5:
setsockopt$IP_VS_SO_SET_STARTDAEMON(0xffffffffffffffff, 0x0, 0x48b, &(0x7f00000000c0)={0x0, 'veth0_to_bond\x00'}, 0x18)
socket(0x0, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r0)
syz_open_dev$vcsn(0x0, 0x0, 0x8003)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
connect$can_bcm(0xffffffffffffffff, 0x0, 0x0)
r2 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r2, &(0x7f0000000200)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6d73a5eb7532a"], 0x6b)
sendfile(r2, r2, &(0x7f00000001c0), 0x8080fffffffe)
r3 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r3, &(0x7f00000006c0)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6f73a5eb7532a7950878e24d651199437ae46d4d1ff26f0b5946a6396c2d8e4b77cc3ad4b78c8e2980c0a056eb39a52737f8b87f1309b50668495e595f9be98a59817f360d811644caf42f3084a082c39eebccfb665503ba3ffc3afaee683dabbbe94f420f9a301d6"], 0x6b)
sendfile(r3, r3, &(0x7f00000001c0), 0x8080fffffffe)
r4 = socket$inet(0x2, 0x100000000805, 0x0)
r5 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r5, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r6=>0x0]}, &(0x7f000095dffc)=0x1bb)
setsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(r4, 0x84, 0x72, &(0x7f0000000100)={r6}, 0xc)
getsockopt$inet_sctp_SCTP_RESET_STREAMS(r3, 0x84, 0x77, &(0x7f0000000100)={<r7=>r6, 0x0, 0x4, [0x7f, 0x3, 0x2, 0xff]}, &(0x7f0000000340)=0x10)
setsockopt$inet_sctp_SCTP_AUTH_DELETE_KEY(r2, 0x84, 0x19, &(0x7f0000000380)={r7, 0x8}, 0x8)
r8 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r9 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
fcntl$setstatus(r9, 0x4, 0x2000)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000002c0)={0xffffffffffffffff, 0xc0, &(0x7f00000003c0)={0x0, <r10=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x5, 0x7, 0x8, 0x2}, &(0x7f0000000200)=0xfff, 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000300)={r10}, 0xc)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000980)={0x0, 0xffffffffffffffff, 0x0, 0x5, &(0x7f0000000440)='f2fs\x00', r10}, 0x30)
r11 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r11, &(0x7f0000000200)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6f73a5eb7532a"], 0x6b)
sendfile(r11, r11, &(0x7f00000001c0), 0x8080fffffffe)
ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_PORT(r11, 0xc0a85352, &(0x7f0000000480)={{0x7, 0x64}, 'port0\x00', 0x1, 0x10840, 0x8, 0x7f, 0x0, 0x3, 0x0, 0x0, 0x1, 0x9})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000440)={0x0, 0xffffffffffffffff, 0x0, 0xc, &(0x7f0000000280)='eth0nodevlo\x00', r10}, 0x30)
fcntl$setown(r8, 0x8, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$P9_RREADLINK(r1, &(0x7f0000000580)=ANY=[@ANYBLOB="3a258211f663a7724bdef6a53bfce1e775d740627227b11e2daf85534aa6f5083067b0248878f07a91df1acc99e664c11cbf51b4f6bff473492cfc5ead68cb6a050655a837ad411cb73394239fdd9e33efb5b63c5ff85708d8994e34841e04ec5f4962c4636b7fb34f186b86bb0467bdd13133ef429bda82f9b8e15eae491432dd2a52707c9ff05a83380901aeeba6a468acc0159117074b79e3eae14d824500eef64107f2ce8e640653058270aa2695952d83c594a125149b91f5ef4021dfcdb74078938059110bd142f3c312c6ecfa636c2567683920c19b877c0100b56a570369b4a3f1d5c222e90a05b5fbfad863ae8a14c85cf21dc7ae5e1ed8ee86c42b4c4b52f5f951d46e18aaa93e909ccf37a43455b24102c998836b67ed7064869a18b2d66a5a45630aad8094ca93f6085a68197469c0ab01a37f699b9cc9"], 0x13d)
sendfile(r1, r1, &(0x7f0000000000), 0x8080fffffffe)
r12 = socket$inet6(0xa, 0x3, 0x2c)
connect$inet6(r12, &(0x7f0000000180)={0xa, 0x0, 0x0, @local, 0x3}, 0x1c)
r13 = open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0)
sendfile(r12, r13, 0x0, 0x8482)
getsockopt$inet_pktinfo(r13, 0x0, 0x8, &(0x7f0000000040)={0x0, @loopback, @initdev}, &(0x7f0000000080)=0xc)

[  926.817439][   T26] kauditd_printk_skb: 6 callbacks suppressed
[  926.817479][   T26] audit: type=1804 audit(1575885308.806:991): pid=28934 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir100869913/syzkaller.GI7b3r/579/file0/bus" dev="sda1" ino=17615 res=1
09:55:08 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = dup3(r2, r1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_ENABLE_CAP_CPU(r5, 0x4068aea3, &(0x7f0000000380)={0x7b})
accept4(0xffffffffffffffff, &(0x7f0000000480)=@rxrpc=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x0, 0x0, @dev}}, &(0x7f0000000000)=0x80, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0)
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r5, 0xae80, 0x100000000000000)

09:55:08 executing program 2:
setsockopt$IP_VS_SO_SET_STARTDAEMON(0xffffffffffffffff, 0x0, 0x48b, &(0x7f00000000c0)={0x0, 'veth0_to_bond\x00'}, 0x18)
socket(0x0, 0x0, 0x0)
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x4000000105042, 0x0)
write(r0, &(0x7f0000000200)="fdf01ae741043030219708b2e9a22414e8d9058cf44eecab83b2d28ce64965047f8122da91f2e47e046e9fc35c2d106b78bb06f5b13160ed8a0a91995e8bbea8ac66f5be7c659e654eb9a9efdeefbc8d4a0fcd31a782ec5ae3041b5f8e3a500e264144e3a5619c3a4a9f4cb16916f8910013ffc1345747a696f594e72965e81a225914af246f9a4584f20ec6b6135a9e5632230520a7bc370d9291675212ad7eb5673a1c4d7d03c415df3aab729ca15c3322d4b94626a6e508f5f2adf8f408b6799166f31c4e87ccdc3189b590ffba8b409111c7f6d36aae697d578d8024684647314eb25ee33f8392b42e5ecef3b52e19ebf6f1028cb8dcc54a11dd11b8adbb532b99d457453fbe3277a0c98672a9566c339311a4c007a143106f15054e01cafdcf6f9c6a17fb9ca3362a3a01cfedc8dbfe8bffa12dd17ba0be258156d1b4ef6f136711e49103776540bb986882aba0b7cff4e0102b105f9bea091a1b037373fcdc9f1fadfa9d21ff8f42156f74694d55058084ad477ce6c8bf47641c64d1cfe008025d87e5a02d3eba8d253e30062bdc7fe046bd590131d17ccc73a5ea27c8fb4bf752965f16301176416f440d11db988ad92726c693c5aa5b3ca28bc31ced72d0f4d12cb03fb261fe08e79e78f7aad21dc40cd694ec6e2bcb97be1c67fe59a6564924aaaa280aa94e04b9cb05bb8a0325a5d65f16cd0f8f09286a07382dce", 0x2fde00)
fdatasync(r0)
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0)
r1 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r1)
syz_open_dev$vcsn(0x0, 0x0, 0x8003)
r2 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
connect$can_bcm(0xffffffffffffffff, 0x0, 0x0)
r3 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r4 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r4, 0x4, 0x2000)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000002c0)={0xffffffffffffffff, 0xc0, &(0x7f00000003c0)={0x0, <r5=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x5, 0x7, 0x8, 0x2}, &(0x7f0000000200)=0xfff, 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000300)={r5}, 0xc)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000980)={0x0, 0xffffffffffffffff, 0x0, 0x5, &(0x7f0000000440)='f2fs\x00', r5}, 0x30)
r6 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r6, &(0x7f0000000200)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6f73a5eb7532a"], 0x6b)
sendfile(r6, r6, &(0x7f00000001c0), 0x8080fffffffe)
ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_PORT(r6, 0xc0a85352, &(0x7f0000000480)={{0x7, 0x64}, 'port0\x00', 0x1, 0x10840, 0x8, 0x7f, 0x0, 0x3, 0x0, 0x0, 0x1, 0x9})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000440)={0x0, 0xffffffffffffffff, 0x0, 0xc, &(0x7f0000000280)='eth0nodevlo\x00', r5}, 0x30)
fcntl$setown(r3, 0x8, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$P9_RREADLINK(r2, &(0x7f0000000580)=ANY=[@ANYBLOB="3a258211f663a7724bdef6a53bfce1e775d740627227b11e2daf85534aa6f5083067b0248878f07a91df1acc99e664c11cbf51b4f6bff473492cfc5ead68cb6a050655a837ad411cb73394239fdd9e33efb5b63c5ff85708d8994e34841e04ec5f4962c4636b7fb34f186b86bb0467bdd13133ef429bda82f9b8e15eae491432dd2a52707c9ff05a83380901aeeba6a468acc0159117074b79e3eae14d824500eef64107f2ce8e640653058270aa2695952d83c594a125149b91f5ef4021dfcdb74078938059110bd142f3c312c6ecfa636c2567683920c19b877c0100b56a570369b4a3f1d5c222e90a05b5fbfad863ae8a14c85cf21dc7ae5e1ed8ee86c42b4c4b52f5f951d46e18aaa93e909ccf37a43455b24102c998836b67ed7064869a18b2d66a5a45630aad8094ca93f6085a68197469c0ab01a37f699b9cc9"], 0x13d)
sendfile(r2, r2, &(0x7f0000000000), 0x8080fffffffe)
r7 = socket$inet6(0xa, 0x3, 0x2c)
connect$inet6(r7, &(0x7f0000000180)={0xa, 0x0, 0x0, @local, 0x3}, 0x1c)
r8 = open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0)
sendfile(r7, r8, 0x0, 0x8482)
getsockopt$inet_pktinfo(r8, 0x0, 0x8, &(0x7f0000000040)={0x0, @loopback, @initdev}, &(0x7f0000000080)=0xc)

09:55:09 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000000380)={0x7b})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
r3 = creat(&(0x7f0000000080)='./file0\x00', 0xc)
ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x2)

09:55:09 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = dup3(r2, r1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_ENABLE_CAP_CPU(r5, 0x4068aea3, &(0x7f0000000380)={0x7b})
accept4(0xffffffffffffffff, &(0x7f0000000480)=@rxrpc=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x0, 0x0, @dev}}, &(0x7f0000000000)=0x80, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0)
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r5, 0xae80, 0x200000000000000)

09:55:09 executing program 2:
setsockopt$IP_VS_SO_SET_STARTDAEMON(0xffffffffffffffff, 0x0, 0x48b, &(0x7f00000000c0)={0x0, 'veth0_to_bond\x00'}, 0x18)
socket(0x0, 0x0, 0x0)
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x4000000105042, 0x0)
write(r0, &(0x7f0000000200)="fdf01ae741043030219708b2e9a22414e8d9058cf44eecab83b2d28ce64965047f8122da91f2e47e046e9fc35c2d106b78bb06f5b13160ed8a0a91995e8bbea8ac66f5be7c659e654eb9a9efdeefbc8d4a0fcd31a782ec5ae3041b5f8e3a500e264144e3a5619c3a4a9f4cb16916f8910013ffc1345747a696f594e72965e81a225914af246f9a4584f20ec6b6135a9e5632230520a7bc370d9291675212ad7eb5673a1c4d7d03c415df3aab729ca15c3322d4b94626a6e508f5f2adf8f408b6799166f31c4e87ccdc3189b590ffba8b409111c7f6d36aae697d578d8024684647314eb25ee33f8392b42e5ecef3b52e19ebf6f1028cb8dcc54a11dd11b8adbb532b99d457453fbe3277a0c98672a9566c339311a4c007a143106f15054e01cafdcf6f9c6a17fb9ca3362a3a01cfedc8dbfe8bffa12dd17ba0be258156d1b4ef6f136711e49103776540bb986882aba0b7cff4e0102b105f9bea091a1b037373fcdc9f1fadfa9d21ff8f42156f74694d55058084ad477ce6c8bf47641c64d1cfe008025d87e5a02d3eba8d253e30062bdc7fe046bd590131d17ccc73a5ea27c8fb4bf752965f16301176416f440d11db988ad92726c693c5aa5b3ca28bc31ced72d0f4d12cb03fb261fe08e79e78f7aad21dc40cd694ec6e2bcb97be1c67fe59a6564924aaaa280aa94e04b9cb05bb8a0325a5d65f16cd0f8f09286a07382dce", 0x2fde00)
fdatasync(r0)
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0)
r1 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r1)
syz_open_dev$vcsn(0x0, 0x0, 0x8003)
r2 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
connect$can_bcm(0xffffffffffffffff, 0x0, 0x0)
r3 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r4 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r4, 0x4, 0x2000)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000002c0)={0xffffffffffffffff, 0xc0, &(0x7f00000003c0)={0x0, <r5=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x5, 0x7, 0x8, 0x2}, &(0x7f0000000200)=0xfff, 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000300)={r5}, 0xc)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000980)={0x0, 0xffffffffffffffff, 0x0, 0x5, &(0x7f0000000440)='f2fs\x00', r5}, 0x30)
r6 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r6, &(0x7f0000000200)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6f73a5eb7532a"], 0x6b)
sendfile(r6, r6, &(0x7f00000001c0), 0x8080fffffffe)
ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_PORT(r6, 0xc0a85352, &(0x7f0000000480)={{0x7, 0x64}, 'port0\x00', 0x1, 0x10840, 0x8, 0x7f, 0x0, 0x3, 0x0, 0x0, 0x1, 0x9})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000440)={0x0, 0xffffffffffffffff, 0x0, 0xc, &(0x7f0000000280)='eth0nodevlo\x00', r5}, 0x30)
fcntl$setown(r3, 0x8, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$P9_RREADLINK(r2, &(0x7f0000000580)=ANY=[@ANYBLOB="3a258211f663a7724bdef6a53bfce1e775d740627227b11e2daf85534aa6f5083067b0248878f07a91df1acc99e664c11cbf51b4f6bff473492cfc5ead68cb6a050655a837ad411cb73394239fdd9e33efb5b63c5ff85708d8994e34841e04ec5f4962c4636b7fb34f186b86bb0467bdd13133ef429bda82f9b8e15eae491432dd2a52707c9ff05a83380901aeeba6a468acc0159117074b79e3eae14d824500eef64107f2ce8e640653058270aa2695952d83c594a125149b91f5ef4021dfcdb74078938059110bd142f3c312c6ecfa636c2567683920c19b877c0100b56a570369b4a3f1d5c222e90a05b5fbfad863ae8a14c85cf21dc7ae5e1ed8ee86c42b4c4b52f5f951d46e18aaa93e909ccf37a43455b24102c998836b67ed7064869a18b2d66a5a45630aad8094ca93f6085a68197469c0ab01a37f699b9cc9"], 0x13d)
sendfile(r2, r2, &(0x7f0000000000), 0x8080fffffffe)
r7 = socket$inet6(0xa, 0x3, 0x2c)
connect$inet6(r7, &(0x7f0000000180)={0xa, 0x0, 0x0, @local, 0x3}, 0x1c)
r8 = open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0)
sendfile(r7, r8, 0x0, 0x8482)
getsockopt$inet_pktinfo(r8, 0x0, 0x8, &(0x7f0000000040)={0x0, @loopback, @initdev}, &(0x7f0000000080)=0xc)

09:55:09 executing program 3:
r0 = syz_open_dev$mouse(&(0x7f00000015c0)='/dev/input/mouse#\x00', 0x101, 0x80202)
pipe(&(0x7f00000006c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x6000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x200000000000df8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x11, r4, 0x0)
ioctl$PERF_EVENT_IOC_SET_OUTPUT(r3, 0x2405, r4)
poll(&(0x7f0000000180)=[{r0, 0x823}, {r0, 0x8388}, {r4, 0x1000}, {r1, 0x10414}, {r2, 0x4400}], 0x5, 0x7)
close(0xffffffffffffffff)
sendmsg$nl_xfrm(r2, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000001340)=ANY=[@ANYBLOB="f04000001a0075430000000000000000fe8000000000000000000000000000bbff0200000000000000000001800000000000730982e772f382b8000000001e7a316d8c8c1d789ddbc99e8cfaeb4240cd7c077f73790755339eac7e4f491fad5fa42261a312e06e62bd16552b44d475934ff7000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="ac1e00010000000000000000000000000000000000000000ff02000000000000000000000000000100000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000120000000000000000000000000000000000000000b20015878a77c9d5cbb5a7959fc35c342e82b9006f35b07cd3cd9b2a6f5cca7dc37c2ccb177a7e2da1d498131cd24586d2384a4d75324833904108262d2224e686c817"], 0xf0}}, 0x0)
fcntl$dupfd(r0, 0x0, 0xffffffffffffffff)
prlimit64(0x0, 0x0, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
epoll_create1(0x0)
r5 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r5, 0x4, 0x42000)
mmap(&(0x7f000005b000/0x4000)=nil, 0x4000, 0x0, 0x10000000000031, 0xffffffffffffffff, 0x0)
mbind(&(0x7f0000012000/0xc00000)=nil, 0xc00000, 0x0, 0x0, 0x0, 0x2000000000002)
close(0xffffffffffffffff)
r6 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r6, &(0x7f0000000200)=ANY=[@ANYBLOB="d6751d6d4465cacb2ca1abb3fe55e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6f73a5eb7532a"], 0x6b)
sendfile(r6, r6, &(0x7f00000001c0), 0x8080fffffffe)
r7 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r7, &(0x7f0000000200)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6f73a5eb7532a"], 0x6b)
sendfile(r7, r7, &(0x7f00000001c0), 0x8080fffffffe)
r8 = openat$cgroup(r7, &(0x7f00000002c0)='syz0\x00', 0x200002, 0x0)
fsetxattr$trusted_overlay_opaque(r8, &(0x7f0000000300)='trusted.overlay.opaque\x00', &(0x7f0000000340)='y\x00', 0x2, 0xbcb016d36498c6f)
r9 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x6000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x200000000000df8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r10 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x11, r10, 0x0)
ioctl$PERF_EVENT_IOC_SET_OUTPUT(r9, 0x2405, r10)
sendfile(r10, r1, &(0x7f0000000140)=0x100000000, 0x8000)
fsconfig$FSCONFIG_SET_PATH_EMPTY(r6, 0x4, &(0x7f0000000000)='/dev/input/mouse#\x00', &(0x7f0000000100)='./file0/file0\x00', 0xffffffffffffffff)
mkdir(&(0x7f00000000c0)='./file0\x00', 0x0)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)

[  927.503778][T29467] kvm_hv_get_msr: 41 callbacks suppressed
[  927.503850][T29467] kvm [29466]: vcpu0, guest rIP: 0x4a Hyper-V unhandled rdmsr: 0x4000008c
[  927.584326][T29467] kvm [29466]: vcpu0, guest rIP: 0x4a Hyper-V unhandled rdmsr: 0x40000087
09:55:09 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = dup3(r2, r1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_ENABLE_CAP_CPU(r5, 0x4068aea3, &(0x7f0000000380)={0x7b})
accept4(0xffffffffffffffff, &(0x7f0000000480)=@rxrpc=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x0, 0x0, @dev}}, &(0x7f0000000000)=0x80, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0)
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r5, 0xae80, 0x300000000000000)

[  927.776258][   T26] audit: type=1804 audit(1575885309.766:992): pid=29630 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir334181620/syzkaller.4JfTNJ/863/file0/bus" dev="sda1" ino=17622 res=1
09:55:09 executing program 4:
iopl(0x81)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000)={<r2=>0xffffffffffffffff})
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r4 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x4000000105042, 0x0)
write(r4, &(0x7f0000000200)="fdf01ae741043030219708b2e9a22414e8d9058cf44eecab83b2d28ce64965047f8122da91f2e47e046e9fc35c2d106b78bb06f5b13160ed8a0a91995e8bbea8ac66f5be7c659e654eb9a9efdeefbc8d4a0fcd31a782ec5ae3041b5f8e3a500e264144e3a5619c3a4a9f4cb16916f8910013ffc1345747a696f594e72965e81a225914af246f9a4584f20ec6b6135a9e5632230520a7bc370d9291675212ad7eb5673a1c4d7d03c415df3aab729ca15c3322d4b94626a6e508f5f2adf8f408b6799166f31c4e87ccdc3189b590ffba8b409111c7f6d36aae697d578d8024684647314eb25ee33f8392b42e5ecef3b52e19ebf6f1028cb8dcc54a11dd11b8adbb532b99d457453fbe3277a0c98672a9566c339311a4c007a143106f15054e01cafdcf6f9c6a17fb9ca3362a3a01cfedc8dbfe8bffa12dd17ba0be258156d1b4ef6f136711e49103776540bb986882aba0b7cff4e0102b105f9bea091a1b037373fcdc9f1fadfa9d21ff8f42156f74694d55058084ad477ce6c8bf47641c64d1cfe008025d87e5a02d3eba8d253e30062bdc7fe046bd590131d17ccc73a5ea27c8fb4bf752965f16301176416f440d11db988ad92726c693c5aa5b3ca28bc31ced72d0f4d12cb03fb261fe08e79e78f7aad21dc40cd694ec6e2bcb97be1c67fe59a6564924aaaa280aa94e04b9cb05bb8a0325a5d65f16cd0f8f09286a07382dce", 0x2fde00)
r5 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x4000000105042, 0x0)
write(r5, &(0x7f0000000200)="fdf01ae741043030219708b2e9a22414e8d9058cf44eecab83b2d28ce64965047f8122da91f2e47e046e9fc35c2d106b78bb06f5b13160ed8a0a91995e8bbea8ac66f5be7c659e654eb9a9efdeefbc8d4a0fcd31a782ec5ae3041b5f8e3a500e264144e3a5619c3a4a9f4cb16916f8910013ffc1345747a696f594e72965e81a225914af246f9a4584f20ec6b6135a9e5632230520a7bc370d9291675212ad7eb5673a1c4d7d03c415df3aab729ca15c3322d4b94626a6e508f5f2adf8f408b6799166f31c4e87ccdc3189b590ffba8b409111c7f6d36aae697d578d8024684647314eb25ee33f8392b42e5ecef3b52e19ebf6f1028cb8dcc54a11dd11b8adbb532b99d457453fbe3277a0c98672a9566c339311a4c007a143106f15054e01cafdcf6f9c6a17fb9ca3362a3a01cfedc8dbfe8bffa12dd17ba0be258156d1b4ef6f136711e49103776540bb986882aba0b7cff4e0102b105f9bea091a1b037373fcdc9f1fadfa9d21ff8f42156f74694d55058084ad477ce6c8bf47641c64d1cfe008025d87e5a02d3eba8d253e30062bdc7fe046bd590131d17ccc73a5ea27c8fb4bf752965f16301176416f440d11db988ad92726c693c5aa5b3ca28bc31ced72d0f4d12cb03fb261fe08e79e78f7aad21dc40cd694ec6e2bcb97be1c67fe59a6564924aaaa280aa94e04b9cb05bb8a0325a5d65f16cd0f8f09286a07382dce", 0x2fde00)
r6 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x4000000105042, 0x0)
write(r6, &(0x7f0000000200)="fdf01ae741043030219708b2e9a22414e8d9058cf44eecab83b2d28ce64965047f8122da91f2e47e046e9fc35c2d106b78bb06f5b13160ed8a0a91995e8bbea8ac66f5be7c659e654eb9a9efdeefbc8d4a0fcd31a782ec5ae3041b5f8e3a500e264144e3a5619c3a4a9f4cb16916f8910013ffc1345747a696f594e72965e81a225914af246f9a4584f20ec6b6135a9e5632230520a7bc370d9291675212ad7eb5673a1c4d7d03c415df3aab729ca15c3322d4b94626a6e508f5f2adf8f408b6799166f31c4e87ccdc3189b590ffba8b409111c7f6d36aae697d578d8024684647314eb25ee33f8392b42e5ecef3b52e19ebf6f1028cb8dcc54a11dd11b8adbb532b99d457453fbe3277a0c98672a9566c339311a4c007a143106f15054e01cafdcf6f9c6a17fb9ca3362a3a01cfedc8dbfe8bffa12dd17ba0be258156d1b4ef6f136711e49103776540bb986882aba0b7cff4e0102b105f9bea091a1b037373fcdc9f1fadfa9d21ff8f42156f74694d55058084ad477ce6c8bf47641c64d1cfe008025d87e5a02d3eba8d253e30062bdc7fe046bd590131d17ccc73a5ea27c8fb4bf752965f16301176416f440d11db988ad92726c693c5aa5b3ca28bc31ced72d0f4d12cb03fb261fe08e79e78f7aad21dc40cd694ec6e2bcb97be1c67fe59a6564924aaaa280aa94e04b9cb05bb8a0325a5d65f16cd0f8f09286a07382dce", 0x2fde00)
r7 = syz_open_pts(0xffffffffffffffff, 0xc0080)
r8 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x4000000105042, 0x0)
write(r8, &(0x7f0000000200)="fdf01ae741043030219708b2e9a22414e8d9058cf44eecab83b2d28ce64965047f8122da91f2e47e046e9fc35c2d106b78bb06f5b13160ed8a0a91995e8bbea8ac66f5be7c659e654eb9a9efdeefbc8d4a0fcd31a782ec5ae3041b5f8e3a500e264144e3a5619c3a4a9f4cb16916f8910013ffc1345747a696f594e72965e81a225914af246f9a4584f20ec6b6135a9e5632230520a7bc370d9291675212ad7eb5673a1c4d7d03c415df3aab729ca15c3322d4b94626a6e508f5f2adf8f408b6799166f31c4e87ccdc3189b590ffba8b409111c7f6d36aae697d578d8024684647314eb25ee33f8392b42e5ecef3b52e19ebf6f1028cb8dcc54a11dd11b8adbb532b99d457453fbe3277a0c98672a9566c339311a4c007a143106f15054e01cafdcf6f9c6a17fb9ca3362a3a01cfedc8dbfe8bffa12dd17ba0be258156d1b4ef6f136711e49103776540bb986882aba0b7cff4e0102b105f9bea091a1b037373fcdc9f1fadfa9d21ff8f42156f74694d55058084ad477ce6c8bf47641c64d1cfe008025d87e5a02d3eba8d253e30062bdc7fe046bd590131d17ccc73a5ea27c8fb4bf752965f16301176416f440d11db988ad92726c693c5aa5b3ca28bc31ced72d0f4d12cb03fb261fe08e79e78f7aad21dc40cd694ec6e2bcb97be1c67fe59a6564924aaaa280aa94e04b9cb05bb8a0325a5d65f16cd0f8f09286a07382dce", 0x2fde00)
r9 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x4000000105042, 0x0)
write(r9, &(0x7f0000000200)="fdf01ae741043030219708b2e9a22414e8d9058cf44eecab83b2d28ce64965047f8122da91f2e47e046e9fc35c2d106b78bb06f5b13160ed8a0a91995e8bbea8ac66f5be7c659e654eb9a9efdeefbc8d4a0fcd31a782ec5ae3041b5f8e3a500e264144e3a5619c3a4a9f4cb16916f8910013ffc1345747a696f594e72965e81a225914af246f9a4584f20ec6b6135a9e5632230520a7bc370d9291675212ad7eb5673a1c4d7d03c415df3aab729ca15c3322d4b94626a6e508f5f2adf8f408b6799166f31c4e87ccdc3189b590ffba8b409111c7f6d36aae697d578d8024684647314eb25ee33f8392b42e5ecef3b52e19ebf6f1028cb8dcc54a11dd11b8adbb532b99d457453fbe3277a0c98672a9566c339311a4c007a143106f15054e01cafdcf6f9c6a17fb9ca3362a3a01cfedc8dbfe8bffa12dd17ba0be258156d1b4ef6f136711e49103776540bb986882aba0b7cff4e0102b105f9bea091a1b037373fcdc9f1fadfa9d21ff8f42156f74694d55058084ad477ce6c8bf47641c64d1cfe008025d87e5a02d3eba8d253e30062bdc7fe046bd590131d17ccc73a5ea27c8fb4bf752965f16301176416f440d11db988ad92726c693c5aa5b3ca28bc31ced72d0f4d12cb03fb261fe08e79e78f7aad21dc40cd694ec6e2bcb97be1c67fe59a6564924aaaa280aa94e04b9cb05bb8a0325a5d65f16cd0f8f09286a07382dce", 0x2fde00)
ppoll(&(0x7f0000000080)=[{r4, 0x20}, {r5, 0x402}, {r6, 0x8000}, {r1, 0x8}, {r7, 0x18}, {r8, 0x200}, {r9, 0xa0a4}, {r2, 0x5422}], 0x8, &(0x7f0000000180)={0x0, 0x1c9c380}, &(0x7f0000000200)={0x80}, 0x8)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$RNDADDENTROPY(0xffffffffffffffff, 0x40085203, &(0x7f0000000100)={0x5, 0x6c, "92a0c6258aeadf87613e942142700675d58e954e89add2124c90bd0f7f9aea547342228cb3a4295272f9ccb88b9e636affc30f15bb6734e4105917e21fcf4ce7395f354aff805cbf2f75921efab8a5e9d0ff199c4352113b07f9c52a677b1b86a7267a86d190c95134714f04"})
ioctl$KVM_ENABLE_CAP_CPU(r3, 0x4068aea3, &(0x7f0000000380)={0x7b})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30)
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

09:55:11 executing program 1:
setsockopt$IP_VS_SO_SET_STARTDAEMON(0xffffffffffffffff, 0x0, 0x48b, &(0x7f00000000c0)={0x0, 'veth0_to_bond\x00'}, 0x18)
socket(0x0, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r0)
syz_open_dev$vcsn(0x0, 0x0, 0x8003)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
connect$can_bcm(0xffffffffffffffff, 0x0, 0x0)
r2 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r3 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r3, 0x4, 0x2000)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000002c0)={0xffffffffffffffff, 0xc0, &(0x7f00000003c0)={0x0, <r4=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x5, 0x7, 0x8, 0x2}, &(0x7f0000000200)=0xfff, 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000300)={r4}, 0xc)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000980)={0x0, 0xffffffffffffffff, 0x0, 0x5, &(0x7f0000000440)='f2fs\x00', r4}, 0x30)
r5 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r5, &(0x7f0000000200)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6f73a5eb7532a"], 0x6b)
sendfile(r5, r5, &(0x7f00000001c0), 0x8080fffffffe)
ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_PORT(r5, 0xc0a85352, &(0x7f0000000480)={{0x7, 0x64}, 'port0\x00', 0x1, 0x10840, 0x8, 0x7f, 0x0, 0x3, 0x0, 0x0, 0x1, 0x9})
write$P9_RCREATE(r0, &(0x7f0000000100)={0x18, 0x73, 0x2, {{0x41, 0x0, 0x7}, 0xfff}}, 0x18)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000440)={0x0, 0xffffffffffffffff, 0x0, 0xc, &(0x7f0000000280)='eth0nodevlo\x00', r4}, 0x30)
fcntl$setown(r2, 0x8, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$P9_RREADLINK(r1, &(0x7f0000000580)=ANY=[@ANYBLOB="3a258211f663a7724bdef6a53bfce1e775d740627227b11e2daf85534aa6f5083067b0248878f07a91df1acc99e664c11cbf51b4f6bff473492cfc5ead68cb6a050655a837ad411cb73394239fdd9e33efb5b63c5ff85708d8994e34841e04ec5f4962c4636b7fb34f186b86bb0467bdd13133ef429bda82f9b8e15eae491432dd2a52707c9ff05a83380901aeeba6a468acc0159117074b79e3eae14d824500eef64107f2ce8e640653058270aa2695952d83c594a125149b91f5ef4021dfcdb74078938059110bd142f3c312c6ecfa636c2567683920c19b877c0100b56a570369b4a3f1d5c222e90a05b5fbfad863ae8a14c85cf21dc7ae5e1ed8ee86c42b4c4b52f5f951d46e18aaa93e909ccf37a43455b24102c998836b67ed7064869a18b2d66a5a45630aad8094ca93f6085a68197469c0ab01a37f699b9cc9"], 0x13d)
sendfile(r1, r1, &(0x7f0000000000), 0x8080fffffffe)
r6 = socket$inet6(0xa, 0x3, 0x2c)
connect$inet6(r6, &(0x7f0000000180)={0xa, 0x0, 0x0, @local, 0x3}, 0x1c)
r7 = open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0)
sendfile(r6, r7, 0x0, 0x8482)
getsockopt$inet_pktinfo(r7, 0x0, 0x8, &(0x7f0000000040)={0x0, @loopback, @initdev}, &(0x7f0000000080)=0xc)

09:55:11 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = dup3(r2, r1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_ENABLE_CAP_CPU(r5, 0x4068aea3, &(0x7f0000000380)={0x7b})
accept4(0xffffffffffffffff, &(0x7f0000000480)=@rxrpc=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x0, 0x0, @dev}}, &(0x7f0000000000)=0x80, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0)
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r5, 0xae80, 0x400000000000000)

09:55:11 executing program 2:
setsockopt$IP_VS_SO_SET_STARTDAEMON(0xffffffffffffffff, 0x0, 0x48b, &(0x7f00000000c0)={0x0, 'veth0_to_bond\x00'}, 0x18)
socket(0x0, 0x0, 0x0)
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x4000000105042, 0x0)
write(r0, &(0x7f0000000200)="fdf01ae741043030219708b2e9a22414e8d9058cf44eecab83b2d28ce64965047f8122da91f2e47e046e9fc35c2d106b78bb06f5b13160ed8a0a91995e8bbea8ac66f5be7c659e654eb9a9efdeefbc8d4a0fcd31a782ec5ae3041b5f8e3a500e264144e3a5619c3a4a9f4cb16916f8910013ffc1345747a696f594e72965e81a225914af246f9a4584f20ec6b6135a9e5632230520a7bc370d9291675212ad7eb5673a1c4d7d03c415df3aab729ca15c3322d4b94626a6e508f5f2adf8f408b6799166f31c4e87ccdc3189b590ffba8b409111c7f6d36aae697d578d8024684647314eb25ee33f8392b42e5ecef3b52e19ebf6f1028cb8dcc54a11dd11b8adbb532b99d457453fbe3277a0c98672a9566c339311a4c007a143106f15054e01cafdcf6f9c6a17fb9ca3362a3a01cfedc8dbfe8bffa12dd17ba0be258156d1b4ef6f136711e49103776540bb986882aba0b7cff4e0102b105f9bea091a1b037373fcdc9f1fadfa9d21ff8f42156f74694d55058084ad477ce6c8bf47641c64d1cfe008025d87e5a02d3eba8d253e30062bdc7fe046bd590131d17ccc73a5ea27c8fb4bf752965f16301176416f440d11db988ad92726c693c5aa5b3ca28bc31ced72d0f4d12cb03fb261fe08e79e78f7aad21dc40cd694ec6e2bcb97be1c67fe59a6564924aaaa280aa94e04b9cb05bb8a0325a5d65f16cd0f8f09286a07382dce", 0x2fde00)
fdatasync(r0)
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0)
r1 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r1)
syz_open_dev$vcsn(0x0, 0x0, 0x8003)
r2 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
connect$can_bcm(0xffffffffffffffff, 0x0, 0x0)
r3 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r4 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r4, 0x4, 0x2000)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000002c0)={0xffffffffffffffff, 0xc0, &(0x7f00000003c0)={0x0, <r5=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x5, 0x7, 0x8, 0x2}, &(0x7f0000000200)=0xfff, 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000300)={r5}, 0xc)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000980)={0x0, 0xffffffffffffffff, 0x0, 0x5, &(0x7f0000000440)='f2fs\x00', r5}, 0x30)
r6 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r6, &(0x7f0000000200)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6f73a5eb7532a"], 0x6b)
sendfile(r6, r6, &(0x7f00000001c0), 0x8080fffffffe)
ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_PORT(r6, 0xc0a85352, &(0x7f0000000480)={{0x7, 0x64}, 'port0\x00', 0x1, 0x10840, 0x8, 0x7f, 0x0, 0x3, 0x0, 0x0, 0x1, 0x9})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000440)={0x0, 0xffffffffffffffff, 0x0, 0xc, &(0x7f0000000280)='eth0nodevlo\x00', r5}, 0x30)
fcntl$setown(r3, 0x8, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$P9_RREADLINK(r2, &(0x7f0000000580)=ANY=[@ANYBLOB="3a258211f663a7724bdef6a53bfce1e775d740627227b11e2daf85534aa6f5083067b0248878f07a91df1acc99e664c11cbf51b4f6bff473492cfc5ead68cb6a050655a837ad411cb73394239fdd9e33efb5b63c5ff85708d8994e34841e04ec5f4962c4636b7fb34f186b86bb0467bdd13133ef429bda82f9b8e15eae491432dd2a52707c9ff05a83380901aeeba6a468acc0159117074b79e3eae14d824500eef64107f2ce8e640653058270aa2695952d83c594a125149b91f5ef4021dfcdb74078938059110bd142f3c312c6ecfa636c2567683920c19b877c0100b56a570369b4a3f1d5c222e90a05b5fbfad863ae8a14c85cf21dc7ae5e1ed8ee86c42b4c4b52f5f951d46e18aaa93e909ccf37a43455b24102c998836b67ed7064869a18b2d66a5a45630aad8094ca93f6085a68197469c0ab01a37f699b9cc9"], 0x13d)
sendfile(r2, r2, &(0x7f0000000000), 0x8080fffffffe)
r7 = socket$inet6(0xa, 0x3, 0x2c)
connect$inet6(r7, &(0x7f0000000180)={0xa, 0x0, 0x0, @local, 0x3}, 0x1c)
r8 = open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0)
sendfile(r7, r8, 0x0, 0x8482)
getsockopt$inet_pktinfo(r8, 0x0, 0x8, &(0x7f0000000040)={0x0, @loopback, @initdev}, &(0x7f0000000080)=0xc)

09:55:11 executing program 4:
r0 = socket$inet6(0xa, 0x3, 0x2c)
connect$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @local, 0x3}, 0x1c)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x20, &(0x7f0000000280)={@initdev={0xfe, 0x88, [], 0x1, 0x0}, 0x9, 0x2, 0x2, 0x8, 0x2}, &(0x7f0000000400)=0x20)
r2 = open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0)
sendfile(r0, r2, 0x0, 0x8482)
ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000080)={0x64e, <r3=>0x0, 0x10000, 0x3f})
ioctl$DRM_IOCTL_AGP_UNBIND(r2, 0x40106437, &(0x7f0000000200)={r3, 0x40})
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r5, 0xae60)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_ENABLE_CAP_CPU(r6, 0x4068aea3, &(0x7f0000000380)={0x7b})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30)
ioctl$KVM_SET_REGS(r6, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r6, 0xae80, 0x0)
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f0000000100)={[0x1, 0xa2a, 0x4, 0x4, 0x101, 0x298, 0x1, 0x100000000000007, 0x7f, 0x3, 0x200, 0xc, 0x2, 0xffffffff, 0x40000007, 0xe33a], 0x1})
ioctl$KVM_SET_CPUID2(r6, 0x4008ae90, &(0x7f0000000600)=ANY=[@ANYBLOB="06000000000000000f0000806339000007000000650000000200000000000000000000000000000000000000000d0000000200000000000000af010000080000005033522b800000000000ffff00000000000000000b0000000300000005000000010000000000008009000000020000000000000000000000000002000700010400000600000007000000000000000104000009000000000000000000000000000000060000000900000001000000070000000200000025ffffff04000000000000000000f1000000000000000000ff0700000a0000000400000001040000020000000000000000000000000000000000000000000028ffd93f8d03b4dc155275607b5a05d13ca388f02b197361f4662ed988d7d01de7e24d1b43578aeb259c65c03f95ba8e62a58dafbc8c467590ef07af966f0283f239f3edef3261f80ad5c333ed06f3eabc6f55902d5666352df6c7d2c8e0a11725a13b7db25205e2fc5d83e8c86765da094e567658d7fdb7539f9a815e2eba1438c27804c0aab963f41fce286f06388fd6d782f2264d99ed198e0094beff16dbf592c3c9383e9dd33c0ddb849ce15ed6906e9d7e362cca191e3c2aaa98f16ccb73362c89a25281b2a514b01100a8ae6cf48ae5244b4a4b17ee572cebc0"])

09:55:11 executing program 3:
r0 = syz_open_dev$mouse(&(0x7f00000015c0)='/dev/input/mouse#\x00', 0x101, 0x80202)
pipe(&(0x7f00000006c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
close(0xffffffffffffffff)
sendmsg$nl_xfrm(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000001340)=ANY=[@ANYBLOB="f04000001a0075430000000000000000fe8000000000000000000000000000bbff0200000000000000000001800000000000730982e772f382b8000000001e7a316d8c8c1d789ddbc99e8cfaeb4240cd7c077f73790755339eac7e4f491fad5fa42261a312e06e62bd16552b44d475934ff7000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="ac1e00010000000000000000000000000000000000000000ff02000000000000000000000000000100000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000120000000000000000000000000000000000000000b20015878a77c9d5cbb5a7959fc35c342e82b9006f35b07cd3cd9b2a6f5cca7dc37c2ccb177a7e2da1d498131cd24586d2384a4d75324833904108262d2224e686c817"], 0xf0}}, 0x0)
r2 = fcntl$dupfd(r0, 0x0, 0xffffffffffffffff)
prlimit64(0x0, 0x0, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
epoll_create1(0x0)
r3 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r3, 0x4, 0x42000)
mmap(&(0x7f000005b000/0x4000)=nil, 0x4000, 0x0, 0x8010, 0xffffffffffffffff, 0x12f0e000)
mbind(&(0x7f0000012000/0xc00000)=nil, 0xc00000, 0x0, 0x0, 0x0, 0x2000000000002)
close(0xffffffffffffffff)
ioctl$KVM_X86_GET_MCE_CAP_SUPPORTED(r2, 0x8008ae9d, &(0x7f0000000100)=""/30)
r4 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000588ff8)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
fcntl$lock(r6, 0x26, &(0x7f0000000080))
fcntl$lock(r6, 0x26, &(0x7f0000000180)={0x40001, 0x0, 0x0, 0x3ac})
dup3(r5, r6, 0x0)
getsockopt$SO_TIMESTAMPING(r6, 0x1, 0x41, &(0x7f0000000140), &(0x7f0000000180)=0x4)
write$binfmt_aout(r4, &(0x7f0000000200)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6f73a5eb7532a"], 0x6b)
sendfile(r4, r4, &(0x7f00000001c0), 0x8080fffffffe)
connect$bt_rfcomm(r4, &(0x7f0000000000)={0x1f, {0x4, 0x0, 0x3, 0xdf, 0x8, 0x7}, 0x20}, 0xa)
mkdir(&(0x7f00000000c0)='./file0\x00', 0x0)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl$EVIOCGBITSW(0xffffffffffffffff, 0x80404525, &(0x7f0000000000))

09:55:11 executing program 5:
setsockopt$IP_VS_SO_SET_STARTDAEMON(0xffffffffffffffff, 0x0, 0x48b, &(0x7f00000000c0)={0x0, 'veth0_to_bond\x00'}, 0x18)
socket(0x0, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r0)
syz_open_dev$vcsn(0x0, 0x0, 0x8003)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
connect$can_bcm(0xffffffffffffffff, 0x0, 0x0)
r2 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r2, &(0x7f0000000200)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6d73a5eb7532a"], 0x6b)
sendfile(r2, r2, &(0x7f00000001c0), 0x8080fffffffe)
r3 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r3, &(0x7f00000006c0)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6f73a5eb7532a7950878e24d651199437ae46d4d1ff26f0b5946a6396c2d8e4b77cc3ad4b78c8e2980c0a056eb39a52737f8b87f1309b50668495e595f9be98a59817f360d811644caf42f3084a082c39eebccfb665503ba3ffc3afaee683dabbbe94f420f9a301d6"], 0x6b)
sendfile(r3, r3, &(0x7f00000001c0), 0x8080fffffffe)
r4 = socket$inet(0x2, 0x100000000805, 0x0)
r5 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r5, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r6=>0x0]}, &(0x7f000095dffc)=0x1bb)
setsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(r4, 0x84, 0x72, &(0x7f0000000100)={r6}, 0xc)
getsockopt$inet_sctp_SCTP_RESET_STREAMS(r3, 0x84, 0x77, &(0x7f0000000100)={<r7=>r6, 0x0, 0x4, [0x7f, 0x3, 0x2, 0xff]}, &(0x7f0000000340)=0x10)
setsockopt$inet_sctp_SCTP_AUTH_DELETE_KEY(r2, 0x84, 0x19, &(0x7f0000000380)={r7, 0x8}, 0x8)
r8 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r9 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
fcntl$setstatus(r9, 0x4, 0x2000)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000002c0)={0xffffffffffffffff, 0xc0, &(0x7f00000003c0)={0x0, <r10=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x5, 0x7, 0x8, 0x2}, &(0x7f0000000200)=0xfff, 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000300)={r10}, 0xc)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000980)={0x0, 0xffffffffffffffff, 0x0, 0x5, &(0x7f0000000440)='f2fs\x00', r10}, 0x30)
r11 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r11, &(0x7f0000000200)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6f73a5eb7532a"], 0x6b)
sendfile(r11, r11, &(0x7f00000001c0), 0x8080fffffffe)
ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_PORT(r11, 0xc0a85352, &(0x7f0000000480)={{0x7, 0x64}, 'port0\x00', 0x1, 0x10840, 0x8, 0x7f, 0x0, 0x3, 0x0, 0x0, 0x1, 0x9})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000440)={0x0, 0xffffffffffffffff, 0x0, 0xc, &(0x7f0000000280)='eth0nodevlo\x00', r10}, 0x30)
fcntl$setown(r8, 0x8, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$P9_RREADLINK(r1, &(0x7f0000000580)=ANY=[@ANYBLOB="3a258211f663a7724bdef6a53bfce1e775d740627227b11e2daf85534aa6f5083067b0248878f07a91df1acc99e664c11cbf51b4f6bff473492cfc5ead68cb6a050655a837ad411cb73394239fdd9e33efb5b63c5ff85708d8994e34841e04ec5f4962c4636b7fb34f186b86bb0467bdd13133ef429bda82f9b8e15eae491432dd2a52707c9ff05a83380901aeeba6a468acc0159117074b79e3eae14d824500eef64107f2ce8e640653058270aa2695952d83c594a125149b91f5ef4021dfcdb74078938059110bd142f3c312c6ecfa636c2567683920c19b877c0100b56a570369b4a3f1d5c222e90a05b5fbfad863ae8a14c85cf21dc7ae5e1ed8ee86c42b4c4b52f5f951d46e18aaa93e909ccf37a43455b24102c998836b67ed7064869a18b2d66a5a45630aad8094ca93f6085a68197469c0ab01a37f699b9cc9"], 0x13d)
sendfile(r1, r1, &(0x7f0000000000), 0x8080fffffffe)
r12 = socket$inet6(0xa, 0x3, 0x2c)
connect$inet6(r12, &(0x7f0000000180)={0xa, 0x0, 0x0, @local, 0x3}, 0x1c)
r13 = open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0)
sendfile(r12, r13, 0x0, 0x8482)
getsockopt$inet_pktinfo(r13, 0x0, 0x8, &(0x7f0000000040)={0x0, @loopback, @initdev}, &(0x7f0000000080)=0xc)

09:55:11 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = dup3(r2, r1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_ENABLE_CAP_CPU(r5, 0x4068aea3, &(0x7f0000000380)={0x7b})
accept4(0xffffffffffffffff, &(0x7f0000000480)=@rxrpc=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x0, 0x0, @dev}}, &(0x7f0000000000)=0x80, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0)
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r5, 0xae80, 0x500000000000000)

09:55:11 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = creat(&(0x7f0000000080)='./file0\x00', 0x100)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r3, 0x84, 0x64, &(0x7f0000000100)=[@in6={0xa, 0x4e22, 0x8, @mcast2, 0xa16}, @in6={0xa, 0x4e20, 0x1000, @mcast1, 0x3ff}, @in={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x27}}, @in6={0xa, 0x4e22, 0x7, @local, 0x2}], 0x64)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000000380)={0x7b})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30)
r4 = socket$inet6(0xa, 0x3, 0x2c)
connect$inet6(r4, &(0x7f0000000180)={0xa, 0x0, 0x0, @local, 0x3}, 0x1c)
r5 = open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x8482)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r5, 0x6, 0x14, &(0x7f0000000180), 0x4)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

09:55:11 executing program 2:
setsockopt$IP_VS_SO_SET_STARTDAEMON(0xffffffffffffffff, 0x0, 0x48b, &(0x7f00000000c0)={0x0, 'veth0_to_bond\x00'}, 0x18)
socket(0x0, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r0)
syz_open_dev$vcsn(0x0, 0x0, 0x8003)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
connect$can_bcm(0xffffffffffffffff, 0x0, 0x0)
r2 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r3 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r3, 0x4, 0x2000)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000002c0)={0xffffffffffffffff, 0xc0, &(0x7f00000003c0)={0x0, <r4=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x5, 0x7, 0x8, 0x2}, &(0x7f0000000200)=0xfff, 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000300)={r4}, 0xc)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000980)={0x0, 0xffffffffffffffff, 0x0, 0x5, &(0x7f0000000440)='f2fs\x00', r4}, 0x30)
r5 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r5, &(0x7f0000000a00)=ANY=[@ANYBLOB="d6751d6d44e680678896ab7290a973f5cb2ca1abb39655e1da420fcf76d189ee76e5ddb334d22db69a611e1ed465a8b1dd29fe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6f73a5eb7532a644f7736c9c83292891ef1d220ef530312dc97e1286dfb59fc2181a914f08bab251edaf0c333d93f939754b6831e3796670d7a"], 0x6b)
sendfile(0xffffffffffffffff, r5, &(0x7f00000001c0)=0x200000000000004, 0x8080ffffff7e)
ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_PORT(r5, 0xc0a85352, &(0x7f0000000480)={{0x7, 0x64}, 'port0\x00', 0x1, 0x10840, 0x8, 0x7f, 0x0, 0x3, 0x0, 0x0, 0x1, 0x9})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000440)={<r6=>0x0, 0xffffffffffffffff, 0x0, 0xc, &(0x7f0000000280)='eth0nodevlo\x00', r4}, 0x30)
fcntl$setown(r2, 0x8, 0x0)
r7 = perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r8 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x6000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x200000000000df8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r9 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x11, r9, 0x0)
ioctl$PERF_EVENT_IOC_SET_OUTPUT(r8, 0x2405, r9)
r10 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x4000000105042, 0x0)
write(r10, &(0x7f0000000200)="fdf01ae741043030219708b2e9a22414e8d9058cf44eecab83b2d28ce64965047f8122da91f2e47e046e9fc35c2d106b78bb06f5b13160ed8a0a91995e8bbea8ac66f5be7c659e654eb9a9efdeefbc8d4a0fcd31a782ec5ae3041b5f8e3a500e264144e3a5619c3a4a9f4cb16916f8910013ffc1345747a696f594e72965e81a225914af246f9a4584f20ec6b6135a9e5632230520a7bc370d9291675212ad7eb5673a1c4d7d03c415df3aab729ca15c3322d4b94626a6e508f5f2adf8f408b6799166f31c4e87ccdc3189b590ffba8b409111c7f6d36aae697d578d8024684647314eb25ee33f8392b42e5ecef3b52e19ebf6f1028cb8dcc54a11dd11b8adbb532b99d457453fbe3277a0c98672a9566c339311a4c007a143106f15054e01cafdcf6f9c6a17fb9ca3362a3a01cfedc8dbfe8bffa12dd17ba0be258156d1b4ef6f136711e49103776540bb986882aba0b7cff4e0102b105f9bea091a1b037373fcdc9f1fadfa9d21ff8f42156f74694d55058084ad477ce6c8bf47641c64d1cfe008025d87e5a02d3eba8d253e30062bdc7fe046bd590131d17ccc73a5ea27c8fb4bf752965f16301176416f440d11db988ad92726c693c5aa5b3ca28bc31ced72d0f4d12cb03fb261fe08e79e78f7aad21dc40cd694ec6e2bcb97be1c67fe59a6564924aaaa280aa94e04b9cb05bb8a0325a5d65f16cd0f8f09286a07382dce", 0x2fde00)
r11 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x6000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x200000000000df8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r12 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x11, r12, 0x0)
ioctl$PERF_EVENT_IOC_SET_OUTPUT(r11, 0x2405, r12)
write$P9_RREADLINK(r1, &(0x7f0000000580)=ANY=[@ANYRES32=r7], 0x4)
sendfile(r1, r1, &(0x7f0000000000), 0x8080fffffffe)
r13 = socket$inet6(0xa, 0x3, 0x2c)
connect$inet6(r13, &(0x7f0000000180)={0xa, 0x0, 0x0, @local, 0x3}, 0x1c)
r14 = open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0)
r15 = gettid()
tkill(r15, 0x1000000000016)
r16 = clone3(&(0x7f0000000800)={0x22000000, &(0x7f0000000100), &(0x7f0000000340), &(0x7f0000000380), 0x1f, 0x0, &(0x7f00000006c0)=""/124, 0x7c, &(0x7f0000000740)=""/107, &(0x7f00000007c0)=[0xffffffffffffffff, r6, 0x0, r15], 0x4}, 0x50)
ptrace$getregset(0x4204, r16, 0x3, &(0x7f00000009c0)={&(0x7f0000000880)=""/208, 0xd0})
sendfile(r13, r14, 0x0, 0x8482)
getsockopt$inet_pktinfo(r14, 0x0, 0x8, &(0x7f0000000040)={0x0, @loopback, @initdev}, &(0x7f0000000080)=0xc)

[  930.335373][   T26] audit: type=1804 audit(1575885312.326:993): pid=30231 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir100869913/syzkaller.GI7b3r/580/file0/bus" dev="sda1" ino=17624 res=1
[  930.456590][   T26] audit: type=1804 audit(1575885312.386:994): pid=30302 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir334181620/syzkaller.4JfTNJ/864/file0/bus" dev="sda1" ino=17615 res=1
09:55:12 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000140)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0x1, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r3, &(0x7f0000000200)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb3e2e232b600000bdb4a37e3dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43610051aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6f73a5eb7532a00"/107], 0x6b)
sendfile(r3, r3, &(0x7f00000001c0), 0x8080fffffffe)
socket(0xa, 0x2, 0xfd)
setsockopt$nfc_llcp_NFC_LLCP_RW(r3, 0x118, 0x0, &(0x7f0000000080)=0x3, 0x4)
r4 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ubi_ctrl\x00', 0x210101, 0x0)
ioctl$EVIOCGKEYCODE_V2(r4, 0x80284504, &(0x7f0000000400)=""/135)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000000380)={0x7b})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

09:55:12 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = dup3(r2, r1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_ENABLE_CAP_CPU(r5, 0x4068aea3, &(0x7f0000000380)={0x7b})
accept4(0xffffffffffffffff, &(0x7f0000000480)=@rxrpc=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x0, 0x0, @dev}}, &(0x7f0000000000)=0x80, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0)
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r5, 0xae80, 0x600000000000000)

[  930.735666][   T26] audit: type=1804 audit(1575885312.706:995): pid=30239 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.5" name="/root/syzkaller-testdir334181620/syzkaller.4JfTNJ/864/file0/bus" dev="sda1" ino=17615 res=1
09:55:12 executing program 2:
setsockopt$IP_VS_SO_SET_STARTDAEMON(0xffffffffffffffff, 0x0, 0x48b, &(0x7f00000000c0)={0x0, 'veth0_to_bond\x00'}, 0x18)
socket(0x0, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r0)
syz_open_dev$vcsn(0x0, 0x0, 0x8003)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
connect$can_bcm(0xffffffffffffffff, 0x0, 0x0)
r2 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r3 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r3, 0x4, 0x2000)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000002c0)={0xffffffffffffffff, 0xc0, &(0x7f00000003c0)={0x0, <r4=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x5, 0x7, 0x8, 0x2}, &(0x7f0000000200)=0xfff, 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000300)={r4}, 0xc)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000980)={0x0, 0xffffffffffffffff, 0x0, 0x5, &(0x7f0000000440)='f2fs\x00', r4}, 0x30)
r5 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r5, &(0x7f0000000a00)=ANY=[@ANYBLOB="d6751d6d44e680678896ab7290a973f5cb2ca1abb39655e1da420fcf76d189ee76e5ddb334d22db69a611e1ed465a8b1dd29fe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6f73a5eb7532a644f7736c9c83292891ef1d220ef530312dc97e1286dfb59fc2181a914f08bab251edaf0c333d93f939754b6831e3796670d7a"], 0x6b)
sendfile(0xffffffffffffffff, r5, &(0x7f00000001c0)=0x200000000000004, 0x8080ffffff7e)
ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_PORT(r5, 0xc0a85352, &(0x7f0000000480)={{0x7, 0x64}, 'port0\x00', 0x1, 0x10840, 0x8, 0x7f, 0x0, 0x3, 0x0, 0x0, 0x1, 0x9})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000440)={<r6=>0x0, 0xffffffffffffffff, 0x0, 0xc, &(0x7f0000000280)='eth0nodevlo\x00', r4}, 0x30)
fcntl$setown(r2, 0x8, 0x0)
r7 = perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r8 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x6000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x200000000000df8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r9 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x11, r9, 0x0)
ioctl$PERF_EVENT_IOC_SET_OUTPUT(r8, 0x2405, r9)
r10 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x4000000105042, 0x0)
write(r10, &(0x7f0000000200)="fdf01ae741043030219708b2e9a22414e8d9058cf44eecab83b2d28ce64965047f8122da91f2e47e046e9fc35c2d106b78bb06f5b13160ed8a0a91995e8bbea8ac66f5be7c659e654eb9a9efdeefbc8d4a0fcd31a782ec5ae3041b5f8e3a500e264144e3a5619c3a4a9f4cb16916f8910013ffc1345747a696f594e72965e81a225914af246f9a4584f20ec6b6135a9e5632230520a7bc370d9291675212ad7eb5673a1c4d7d03c415df3aab729ca15c3322d4b94626a6e508f5f2adf8f408b6799166f31c4e87ccdc3189b590ffba8b409111c7f6d36aae697d578d8024684647314eb25ee33f8392b42e5ecef3b52e19ebf6f1028cb8dcc54a11dd11b8adbb532b99d457453fbe3277a0c98672a9566c339311a4c007a143106f15054e01cafdcf6f9c6a17fb9ca3362a3a01cfedc8dbfe8bffa12dd17ba0be258156d1b4ef6f136711e49103776540bb986882aba0b7cff4e0102b105f9bea091a1b037373fcdc9f1fadfa9d21ff8f42156f74694d55058084ad477ce6c8bf47641c64d1cfe008025d87e5a02d3eba8d253e30062bdc7fe046bd590131d17ccc73a5ea27c8fb4bf752965f16301176416f440d11db988ad92726c693c5aa5b3ca28bc31ced72d0f4d12cb03fb261fe08e79e78f7aad21dc40cd694ec6e2bcb97be1c67fe59a6564924aaaa280aa94e04b9cb05bb8a0325a5d65f16cd0f8f09286a07382dce", 0x2fde00)
r11 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x6000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x200000000000df8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r12 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x11, r12, 0x0)
ioctl$PERF_EVENT_IOC_SET_OUTPUT(r11, 0x2405, r12)
write$P9_RREADLINK(r1, &(0x7f0000000580)=ANY=[@ANYRES32=r7], 0x4)
sendfile(r1, r1, &(0x7f0000000000), 0x8080fffffffe)
r13 = socket$inet6(0xa, 0x3, 0x2c)
connect$inet6(r13, &(0x7f0000000180)={0xa, 0x0, 0x0, @local, 0x3}, 0x1c)
r14 = open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0)
r15 = gettid()
tkill(r15, 0x1000000000016)
r16 = clone3(&(0x7f0000000800)={0x22000000, &(0x7f0000000100), &(0x7f0000000340), &(0x7f0000000380), 0x1f, 0x0, &(0x7f00000006c0)=""/124, 0x7c, &(0x7f0000000740)=""/107, &(0x7f00000007c0)=[0xffffffffffffffff, r6, 0x0, r15], 0x4}, 0x50)
ptrace$getregset(0x4204, r16, 0x3, &(0x7f00000009c0)={&(0x7f0000000880)=""/208, 0xd0})
sendfile(r13, r14, 0x0, 0x8482)
getsockopt$inet_pktinfo(r14, 0x0, 0x8, &(0x7f0000000040)={0x0, @loopback, @initdev}, &(0x7f0000000080)=0xc)

09:55:13 executing program 1:
setsockopt$IP_VS_SO_SET_STARTDAEMON(0xffffffffffffffff, 0x0, 0x48b, &(0x7f00000000c0)={0x0, 'veth0_to_bond\x00'}, 0x18)
socket(0x0, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r0)
syz_open_dev$vcsn(0x0, 0x0, 0x8003)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
connect$can_bcm(0xffffffffffffffff, 0x0, 0x0)
r2 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r3 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r3, 0x4, 0x2000)
r4 = socket$inet6(0xa, 0x3, 0x2c)
connect$inet6(r4, &(0x7f0000000180)={0xa, 0x0, 0x0, @local, 0x3}, 0x1c)
r5 = open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x8482)
setsockopt$inet_sctp_SCTP_DISABLE_FRAGMENTS(r5, 0x84, 0x8, &(0x7f0000000340)=0x4, 0x4)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000100)={0xffffffffffffffff, 0xc0, &(0x7f00000003c0)={0x0, <r6=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x5, 0x7, 0x8, 0x1}, &(0x7f0000000200)=0xfff, 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000300)={r6}, 0xc)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000980)={0x0, 0xffffffffffffffff, 0x0, 0x5, &(0x7f0000000440)='f2fs\x00', r6}, 0x30)
r7 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r7, &(0x7f0000000200)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6f73a5eb7532a"], 0x6b)
sendfile(r7, r7, &(0x7f00000001c0), 0x8080fffffffe)
ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_PORT(r7, 0xc0a85352, &(0x7f0000000480)={{0x7, 0x64}, 'port0\x00', 0x1, 0x10840, 0x8, 0x7f, 0x0, 0x3, 0x0, 0x0, 0x1, 0x9})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000440)={0x0, 0xffffffffffffffff, 0x0, 0xc, &(0x7f0000000280)='eth0nodevlo\x00', r6}, 0x30)
fcntl$setown(r2, 0x8, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$P9_RREADLINK(r1, &(0x7f0000000580)=ANY=[@ANYPTR=&(0x7f00000006c0)=ANY=[@ANYRESOCT]], 0x8)
sendfile(r1, r1, &(0x7f0000000000), 0x8080fffffffe)
r8 = socket$inet6(0xa, 0x3, 0x2c)
connect$inet6(r8, &(0x7f0000000180)={0xa, 0x0, 0x0, @local, 0x3}, 0x1c)
r9 = open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0)
sendfile(r8, r9, 0x0, 0x8482)
getsockopt$inet_pktinfo(r9, 0x0, 0x8, &(0x7f0000000040)={0x0, @loopback, @initdev}, &(0x7f0000000080)=0xc)

09:55:13 executing program 3:
r0 = syz_open_dev$mouse(&(0x7f00000015c0)='/dev/input/mouse#\x00', 0x101, 0x80202)
pipe(&(0x7f00000006c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$SIOCAX25ADDFWD(r0, 0x89ea, &(0x7f0000000000)={@null, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}})
close(0xffffffffffffffff)
r2 = gettid()
tkill(r2, 0x1000000000016)
r3 = perf_event_open(&(0x7f0000000480)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x6000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x80000000, 0x1}, 0x10040, 0x0, 0xdfb}, r2, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x11, r4, 0x0)
ioctl$PERF_EVENT_IOC_SET_OUTPUT(r3, 0x2405, r4)
r5 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x6000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x200000000000df8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x11, r6, 0x0)
ioctl$PERF_EVENT_IOC_SET_OUTPUT(r5, 0x2405, r6)
r7 = syz_genetlink_get_family_id$tipc(&(0x7f0000000180)='TIPC\x00')
sendmsg$TIPC_CMD_GET_BEARER_NAMES(r1, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x8080}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x1c, r7, 0x400, 0x70bd2d, 0x25dfdbff, {}, ["", "", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0xc0}, 0x1)
sendmsg$nl_xfrm(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000140)=ANY=[@ANYPTR64, @ANYRESHEX=0x0, @ANYRESDEC=0x0], 0x3}}, 0x20000000)
fcntl$dupfd(r0, 0x0, 0xffffffffffffffff)
prlimit64(0x0, 0x0, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
epoll_create1(0x0)
r8 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r8, 0x4, 0x42000)
mmap(&(0x7f000005b000/0x4000)=nil, 0x4000, 0x0, 0x10000000000031, 0xffffffffffffffff, 0x0)
r9 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x6000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x200000000000df8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r10 = perf_event_open(&(0x7f000001d000)={0x1, 0x1bd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x11, r10, 0x0)
ioctl$PERF_EVENT_IOC_SET_OUTPUT(r9, 0x2405, r10)
ioctl$FS_IOC_ENABLE_VERITY(r9, 0x40806685, &(0x7f0000000340)={0x1, 0x3, 0x1000, 0x36, &(0x7f00000002c0)="7848785f4ec990bf0e51ece2afc572d67ed9551be42f9823f89e74e969861f533830c02100942aa269792b5b005bba615619cd9f48bf", 0x36, 0x0, &(0x7f0000000300)="653a351e5a73a7ff6d2c6dfcb753d1a752c6ddf9cc5db50bad239c665693c2643d5e4f27f452b1f1ee33f1364658a8ad3f29d7bad4a4"})
mbind(&(0x7f0000012000/0xc00000)=nil, 0xc00000, 0x0, 0x0, 0x0, 0x2000000000002)
close(0xffffffffffffffff)
mkdir(&(0x7f00000000c0)='./file0\x00', 0x0)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)

09:55:13 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = dup3(r2, r1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_ENABLE_CAP_CPU(r5, 0x4068aea3, &(0x7f0000000380)={0x7b})
accept4(0xffffffffffffffff, &(0x7f0000000480)=@rxrpc=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x0, 0x0, @dev}}, &(0x7f0000000000)=0x80, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0)
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r5, 0xae80, 0x700000000000000)

09:55:13 executing program 2:
setsockopt$IP_VS_SO_SET_STARTDAEMON(0xffffffffffffffff, 0x0, 0x48b, &(0x7f00000000c0)={0x0, 'veth0_to_bond\x00'}, 0x18)
socket(0x0, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r0)
syz_open_dev$vcsn(0x0, 0x0, 0x8003)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
connect$can_bcm(0xffffffffffffffff, 0x0, 0x0)
r2 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r3 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r3, 0x4, 0x2000)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000002c0)={0xffffffffffffffff, 0xc0, &(0x7f00000003c0)={0x0, <r4=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x5, 0x7, 0x8, 0x2}, &(0x7f0000000200)=0xfff, 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000300)={r4}, 0xc)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000980)={0x0, 0xffffffffffffffff, 0x0, 0x5, &(0x7f0000000440)='f2fs\x00', r4}, 0x30)
r5 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r5, &(0x7f0000000a00)=ANY=[@ANYBLOB="d6751d6d44e680678896ab7290a973f5cb2ca1abb39655e1da420fcf76d189ee76e5ddb334d22db69a611e1ed465a8b1dd29fe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6f73a5eb7532a644f7736c9c83292891ef1d220ef530312dc97e1286dfb59fc2181a914f08bab251edaf0c333d93f939754b6831e3796670d7a"], 0x6b)
sendfile(0xffffffffffffffff, r5, &(0x7f00000001c0)=0x200000000000004, 0x8080ffffff7e)
ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_PORT(r5, 0xc0a85352, &(0x7f0000000480)={{0x7, 0x64}, 'port0\x00', 0x1, 0x10840, 0x8, 0x7f, 0x0, 0x3, 0x0, 0x0, 0x1, 0x9})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000440)={<r6=>0x0, 0xffffffffffffffff, 0x0, 0xc, &(0x7f0000000280)='eth0nodevlo\x00', r4}, 0x30)
fcntl$setown(r2, 0x8, 0x0)
r7 = perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r8 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x6000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x200000000000df8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r9 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x11, r9, 0x0)
ioctl$PERF_EVENT_IOC_SET_OUTPUT(r8, 0x2405, r9)
r10 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x4000000105042, 0x0)
write(r10, &(0x7f0000000200)="fdf01ae741043030219708b2e9a22414e8d9058cf44eecab83b2d28ce64965047f8122da91f2e47e046e9fc35c2d106b78bb06f5b13160ed8a0a91995e8bbea8ac66f5be7c659e654eb9a9efdeefbc8d4a0fcd31a782ec5ae3041b5f8e3a500e264144e3a5619c3a4a9f4cb16916f8910013ffc1345747a696f594e72965e81a225914af246f9a4584f20ec6b6135a9e5632230520a7bc370d9291675212ad7eb5673a1c4d7d03c415df3aab729ca15c3322d4b94626a6e508f5f2adf8f408b6799166f31c4e87ccdc3189b590ffba8b409111c7f6d36aae697d578d8024684647314eb25ee33f8392b42e5ecef3b52e19ebf6f1028cb8dcc54a11dd11b8adbb532b99d457453fbe3277a0c98672a9566c339311a4c007a143106f15054e01cafdcf6f9c6a17fb9ca3362a3a01cfedc8dbfe8bffa12dd17ba0be258156d1b4ef6f136711e49103776540bb986882aba0b7cff4e0102b105f9bea091a1b037373fcdc9f1fadfa9d21ff8f42156f74694d55058084ad477ce6c8bf47641c64d1cfe008025d87e5a02d3eba8d253e30062bdc7fe046bd590131d17ccc73a5ea27c8fb4bf752965f16301176416f440d11db988ad92726c693c5aa5b3ca28bc31ced72d0f4d12cb03fb261fe08e79e78f7aad21dc40cd694ec6e2bcb97be1c67fe59a6564924aaaa280aa94e04b9cb05bb8a0325a5d65f16cd0f8f09286a07382dce", 0x2fde00)
r11 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x6000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x200000000000df8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r12 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x11, r12, 0x0)
ioctl$PERF_EVENT_IOC_SET_OUTPUT(r11, 0x2405, r12)
write$P9_RREADLINK(r1, &(0x7f0000000580)=ANY=[@ANYRES32=r7], 0x4)
sendfile(r1, r1, &(0x7f0000000000), 0x8080fffffffe)
r13 = socket$inet6(0xa, 0x3, 0x2c)
connect$inet6(r13, &(0x7f0000000180)={0xa, 0x0, 0x0, @local, 0x3}, 0x1c)
r14 = open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0)
r15 = gettid()
tkill(r15, 0x1000000000016)
r16 = clone3(&(0x7f0000000800)={0x22000000, &(0x7f0000000100), &(0x7f0000000340), &(0x7f0000000380), 0x1f, 0x0, &(0x7f00000006c0)=""/124, 0x7c, &(0x7f0000000740)=""/107, &(0x7f00000007c0)=[0xffffffffffffffff, r6, 0x0, r15], 0x4}, 0x50)
ptrace$getregset(0x4204, r16, 0x3, &(0x7f00000009c0)={&(0x7f0000000880)=""/208, 0xd0})
sendfile(r13, r14, 0x0, 0x8482)
getsockopt$inet_pktinfo(r14, 0x0, 0x8, &(0x7f0000000040)={0x0, @loopback, @initdev}, &(0x7f0000000080)=0xc)

[  931.395464][   T26] audit: type=1804 audit(1575885313.386:996): pid=30643 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir100869913/syzkaller.GI7b3r/581/file0/bus" dev="loop1" ino=432 res=1
09:55:13 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = dup3(r2, r1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_ENABLE_CAP_CPU(r5, 0x4068aea3, &(0x7f0000000380)={0x7b})
accept4(0xffffffffffffffff, &(0x7f0000000480)=@rxrpc=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x0, 0x0, @dev}}, &(0x7f0000000000)=0x80, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0)
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r5, 0xae80, 0x800000000000000)

[  931.441421][   T26] audit: type=1804 audit(1575885313.406:997): pid=30795 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.1" name="/root/syzkaller-testdir100869913/syzkaller.GI7b3r/581/file0/bus" dev="loop1" ino=432 res=1
09:55:13 executing program 5:
setsockopt$IP_VS_SO_SET_STARTDAEMON(0xffffffffffffffff, 0x0, 0x48b, &(0x7f00000000c0)={0x0, 'veth0_to_bond\x00'}, 0x18)
socket(0x0, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r0)
syz_open_dev$vcsn(0x0, 0x0, 0x8003)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
connect$can_bcm(0xffffffffffffffff, 0x0, 0x0)
r2 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r2, &(0x7f0000000200)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6d73a5eb7532a"], 0x6b)
sendfile(r2, r2, &(0x7f00000001c0), 0x8080fffffffe)
r3 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r3, &(0x7f00000006c0)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6f73a5eb7532a7950878e24d651199437ae46d4d1ff26f0b5946a6396c2d8e4b77cc3ad4b78c8e2980c0a056eb39a52737f8b87f1309b50668495e595f9be98a59817f360d811644caf42f3084a082c39eebccfb665503ba3ffc3afaee683dabbbe94f420f9a301d6"], 0x6b)
sendfile(r3, r3, &(0x7f00000001c0), 0x8080fffffffe)
r4 = socket$inet(0x2, 0x100000000805, 0x0)
r5 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r5, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r6=>0x0]}, &(0x7f000095dffc)=0x1bb)
setsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(r4, 0x84, 0x72, &(0x7f0000000100)={r6}, 0xc)
getsockopt$inet_sctp_SCTP_RESET_STREAMS(r3, 0x84, 0x77, &(0x7f0000000100)={<r7=>r6, 0x0, 0x4, [0x7f, 0x3, 0x2, 0xff]}, &(0x7f0000000340)=0x10)
setsockopt$inet_sctp_SCTP_AUTH_DELETE_KEY(r2, 0x84, 0x19, &(0x7f0000000380)={r7, 0x8}, 0x8)
r8 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r9 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
fcntl$setstatus(r9, 0x4, 0x2000)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000002c0)={0xffffffffffffffff, 0xc0, &(0x7f00000003c0)={0x0, <r10=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x5, 0x7, 0x8, 0x2}, &(0x7f0000000200)=0xfff, 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000300)={r10}, 0xc)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000980)={0x0, 0xffffffffffffffff, 0x0, 0x5, &(0x7f0000000440)='f2fs\x00', r10}, 0x30)
r11 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r11, &(0x7f0000000200)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6f73a5eb7532a"], 0x6b)
sendfile(r11, r11, &(0x7f00000001c0), 0x8080fffffffe)
ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_PORT(r11, 0xc0a85352, &(0x7f0000000480)={{0x7, 0x64}, 'port0\x00', 0x1, 0x10840, 0x8, 0x7f, 0x0, 0x3, 0x0, 0x0, 0x1, 0x9})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000440)={0x0, 0xffffffffffffffff, 0x0, 0xc, &(0x7f0000000280)='eth0nodevlo\x00', r10}, 0x30)
fcntl$setown(r8, 0x8, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$P9_RREADLINK(r1, &(0x7f0000000580)=ANY=[@ANYBLOB="3a258211f663a7724bdef6a53bfce1e775d740627227b11e2daf85534aa6f5083067b0248878f07a91df1acc99e664c11cbf51b4f6bff473492cfc5ead68cb6a050655a837ad411cb73394239fdd9e33efb5b63c5ff85708d8994e34841e04ec5f4962c4636b7fb34f186b86bb0467bdd13133ef429bda82f9b8e15eae491432dd2a52707c9ff05a83380901aeeba6a468acc0159117074b79e3eae14d824500eef64107f2ce8e640653058270aa2695952d83c594a125149b91f5ef4021dfcdb74078938059110bd142f3c312c6ecfa636c2567683920c19b877c0100b56a570369b4a3f1d5c222e90a05b5fbfad863ae8a14c85cf21dc7ae5e1ed8ee86c42b4c4b52f5f951d46e18aaa93e909ccf37a43455b24102c998836b67ed7064869a18b2d66a5a45630aad8094ca93f6085a68197469c0ab01a37f699b9cc9"], 0x13d)
sendfile(r1, r1, &(0x7f0000000000), 0x8080fffffffe)
r12 = socket$inet6(0xa, 0x3, 0x2c)
connect$inet6(r12, &(0x7f0000000180)={0xa, 0x0, 0x0, @local, 0x3}, 0x1c)
r13 = open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0)
sendfile(r12, r13, 0x0, 0x8482)

[  931.569208][T30643] FAT-fs (loop1): error, fat_get_cluster: invalid cluster chain (i_pos 17)
[  931.602900][T30643] FAT-fs (loop1): Filesystem has been set read-only
[  931.611471][T30643] FAT-fs (loop1): error, fat_free: invalid cluster chain (i_pos 17)
[  931.732898][   T26] audit: type=1804 audit(1575885313.726:998): pid=30799 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir100869913/syzkaller.GI7b3r/581/file0/bus" dev="loop1" ino=432 res=1
[  931.771150][T30795] FAT-fs (loop1): error, fat_get_cluster: invalid cluster chain (i_pos 17)
[  931.781175][T30795] FAT-fs (loop1): error, fat_free: invalid cluster chain (i_pos 17)
09:55:13 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text64={0x40, &(0x7f0000000400)="67642e460f2302f30fc7b2f61f00003e0f1f3b0fc79fe9000000c4c27d5a7da466baf80cb8b4919782ef66bafc0c66edc4e1f9f29b0200000066410fc77502d9e4410f785d00", 0x46}], 0x3ce, 0x1e, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_ENABLE_CAP_CPU(0xffffffffffffffff, 0x4068aea3, &(0x7f0000000380)={0x7b})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30)
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)

09:55:14 executing program 1:
setsockopt$IP_VS_SO_SET_STARTDAEMON(0xffffffffffffffff, 0x0, 0x48b, &(0x7f00000000c0)={0x0, 'veth0_to_bond\x00'}, 0x18)
socket(0x0, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r0)
syz_open_dev$vcsn(0x0, 0x0, 0x8003)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
connect$can_bcm(0xffffffffffffffff, 0x0, 0x0)
r2 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r3 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r3, 0x4, 0x2000)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000002c0)={0xffffffffffffffff, 0xc0, &(0x7f00000003c0)={0x0, <r4=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x5, 0x7, 0x8, 0x2}, &(0x7f0000000200)=0xfff, 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000300)={r4}, 0xc)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000980)={0x0, 0xffffffffffffffff, 0x0, 0x5, &(0x7f0000000440)='f2fs\x00', r4}, 0x30)
r5 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r5, &(0x7f0000000200)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dd0100010000000000dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6f73a5eb7532a"], 0x6b)
sendfile(r5, r5, &(0x7f00000001c0), 0x8080fffffffe)
ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_PORT(r5, 0xc0a85352, &(0x7f0000000480)={{0x7, 0x64}, 'port0\x00', 0x1, 0x10840, 0x8, 0x7f, 0x0, 0x3, 0x0, 0x0, 0x1, 0x9})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000440)={0x0, 0xffffffffffffffff, 0x0, 0xc, &(0x7f0000000280)='eth0nodevlo\x00', r4}, 0x30)
fcntl$setown(r2, 0x8, 0x0)
syz_read_part_table(0x2, 0x6, &(0x7f0000000880)=[{&(0x7f0000000340)="b52541a199fd2e29f88748f4bef6ebb13f6ca807ca0fd88ac3ba280fb93341ffac83e07895499c94a9a64d5f4d61eb80e39e0409e87040bda9283c56c000832ffaf0ae04cffeefc574fd7a24fa", 0x4d, 0x1}, {&(0x7f0000000100), 0x0, 0x5}, {&(0x7f00000006c0)="9fc8604b3da4dd7990a4c32b0bbe71cb4e99afc26e8626b270f4f5a180f7fc0852d584edb0ea830f97eacdc9eafaa7a14da66f2e2aef3ebdbfdf4eb5d11240e5dccd88d7559d65fac858ddd5f69cae", 0x4f, 0x5}, {&(0x7f0000000740)="dd5d84e8882c7fb8e2cd1975e197f6954234ebdaef4d4eec6bca08b22f343ea2f07049856a4a134f9809b89661add4a025411e63ca941d970778dc7aedd8e2f1756019bb98d25649a5142a956f841f60fbece576a0305ff64c05951741a0ea40ebe4041704942b", 0x67, 0x5b17}, {&(0x7f00000007c0)="0e7b1c9364e062cabee1e61e9758", 0xe, 0x400}, {&(0x7f0000000800)="2f63d9993020829f63be94d75ddd457c57419f390929c6723d5b0bc1c2ab8c6efda704fce9a7d20244d8179d21c0575e6e9e17f7bac85c6b8816ed58d21da2f15870ea44", 0x44, 0x6}])
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$P9_RREADLINK(r1, &(0x7f0000000580)=ANY=[@ANYBLOB="3a258211f663a7724bdef6a53bfce1e775d740627227b11e2daf85534aa6f5083067b0248878f07a91df1acc99e664c11cbf51b4f6bff473492cfc5ead68cb6a050655a837ad411cb73394239fdd9e33efb5b63c5ff85708d8994e34841e04ec5f4962c4636b7fb34f186b86bb0467bdd13133ef429bda82f9b8e15eae491432dd2a52707c9ff05a83380901aeeba6a468acc0159117074b79e3eae14d824500eef64107f2ce8e640653058270aa2695952d83c594a125149b91f5ef4021dfcdb74078938059110bd142f3c312c6ecfa636c2567683920c19b877c0100b56a570369b4a3f1d5c222e90a05b5fbfad863ae8a14c85cf21dc7ae5e1ed8ee86c42b4c4b52f5f951d46e18aaa93e909ccf37a43455b24102c998836b67ed7064869a18b2d66a5a45630aad8094ca93f6085a68197469c0ab01a37f699b9cc9"], 0x13d)
sendfile(r1, r1, &(0x7f0000000000), 0x8080fffffffe)
r6 = socket$inet6(0xa, 0x3, 0x2c)
connect$inet6(r6, &(0x7f0000000180)={0xa, 0x0, 0x0, @local, 0x3}, 0x1c)
r7 = open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0)
sendfile(r6, r7, 0x0, 0x8482)
getsockopt$inet_pktinfo(r7, 0x0, 0x8, &(0x7f0000000040)={0x0, @loopback, @initdev}, &(0x7f0000000080)=0xc)

09:55:14 executing program 2:
r0 = syz_open_dev$mouse(&(0x7f00000015c0)='/dev/input/mouse#\x00', 0x101, 0x80202)
pipe(&(0x7f00000006c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
close(0xffffffffffffffff)
sendmsg$nl_xfrm(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000001340)=ANY=[@ANYBLOB="f04000001a0075430000000000000000fe8000000000000000000000000000bbff0200000000000000000001800000000000730982e772f382b8000000001e7a316d8c8c1d789ddbc99e8cfaeb4240cd7c077f73790755339eac7e4f491fad5fa42261a312e06e62bd16552b44d475934ff7000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="ac1e00010000000000000000000000000000000000000000ff02000000000000000000000000000100000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000120000000000000000000000000000000000000000b20015878a77c9d5cbb5a7959fc35c342e82b9006f35b07cd3cd9b2a6f5cca7dc37c2ccb177a7e2da1d498131cd24586d2384a4d75324833904108262d2224e686c817"], 0xf0}}, 0x0)
r2 = fcntl$dupfd(r0, 0x0, 0xffffffffffffffff)
prlimit64(0x0, 0x0, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
epoll_create1(0x0)
r3 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r3, 0x4, 0x42000)
mmap(&(0x7f000005b000/0x4000)=nil, 0x4000, 0x0, 0x8010, 0xffffffffffffffff, 0x12f0e000)
mbind(&(0x7f0000012000/0xc00000)=nil, 0xc00000, 0x0, 0x0, 0x0, 0x2000000000002)
close(0xffffffffffffffff)
ioctl$KVM_X86_GET_MCE_CAP_SUPPORTED(r2, 0x8008ae9d, &(0x7f0000000100)=""/30)
r4 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000588ff8)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
fcntl$lock(r6, 0x26, &(0x7f0000000080))
fcntl$lock(r6, 0x26, &(0x7f0000000180)={0x40001, 0x0, 0x0, 0x3ac})
dup3(r5, r6, 0x0)
getsockopt$SO_TIMESTAMPING(r6, 0x1, 0x41, &(0x7f0000000140), &(0x7f0000000180)=0x4)
write$binfmt_aout(r4, &(0x7f0000000200)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6f73a5eb7532a"], 0x6b)
sendfile(r4, r4, &(0x7f00000001c0), 0x8080fffffffe)
connect$bt_rfcomm(r4, &(0x7f0000000000)={0x1f, {0x4, 0x0, 0x3, 0xdf, 0x8, 0x7}, 0x20}, 0xa)
mkdir(&(0x7f00000000c0)='./file0\x00', 0x0)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl$EVIOCGBITSW(0xffffffffffffffff, 0x80404525, &(0x7f0000000000))

09:55:14 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = dup3(r2, r1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_ENABLE_CAP_CPU(r5, 0x4068aea3, &(0x7f0000000380)={0x7b})
accept4(0xffffffffffffffff, &(0x7f0000000480)=@rxrpc=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x0, 0x0, @dev}}, &(0x7f0000000000)=0x80, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0)
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r5, 0xae80, 0x900000000000000)

09:55:14 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$inet6(0xa, 0x3, 0x2c)
connect$inet6(r2, &(0x7f0000000180)={0xa, 0x0, 0x0, @local, 0x3}, 0x1c)
r3 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r3, &(0x7f0000000200)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6f73a5eb7532a"], 0x6b)
sendfile(r3, r3, &(0x7f00000001c0), 0x8080fffffffe)
bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000140)={&(0x7f0000000100)='./bus\x00', r3}, 0x10)
r4 = open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0)
sendfile(r2, r4, 0x0, 0x8482)
ioctl$KVM_GET_IRQCHIP(r4, 0xc208ae62, &(0x7f0000000500))
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
getsockopt$kcm_KCM_RECV_DISABLE(r4, 0x119, 0x1, &(0x7f0000000080), 0x4)
ioctl$KVM_ENABLE_CAP_CPU(r5, 0x4068aea3, &(0x7f0000000380)={0x7b})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30)
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r5, 0xae80, 0x0)

09:55:14 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = dup3(r2, r1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_ENABLE_CAP_CPU(r5, 0x4068aea3, &(0x7f0000000380)={0x7b})
accept4(0xffffffffffffffff, &(0x7f0000000480)=@rxrpc=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x0, 0x0, @dev}}, &(0x7f0000000000)=0x80, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0)
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r5, 0xae80, 0xa00000000000000)

[  932.444484][   T26] audit: type=1804 audit(1575885314.436:999): pid=31035 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir100869913/syzkaller.GI7b3r/582/bus" dev="sda1" ino=16514 res=1
[  932.513293][   T26] audit: type=1804 audit(1575885314.466:1000): pid=31024 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir334181620/syzkaller.4JfTNJ/865/file0/bus" dev="sda1" ino=17633 res=1
[  932.546715][   T26] audit: type=1804 audit(1575885314.486:1001): pid=31048 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.1" name="/root/syzkaller-testdir100869913/syzkaller.GI7b3r/582/bus" dev="sda1" ino=16514 res=1
09:55:14 executing program 2:
r0 = syz_open_dev$mouse(&(0x7f00000015c0)='/dev/input/mouse#\x00', 0x101, 0x80202)
pipe(&(0x7f00000006c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
close(0xffffffffffffffff)
sendmsg$nl_xfrm(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000001340)=ANY=[@ANYBLOB="f04000001a0075430000000000000000fe8000000000000000000000000000bbff0200000000000000000001800000000000730982e772f382b8000000001e7a316d8c8c1d789ddbc99e8cfaeb4240cd7c077f73790755339eac7e4f491fad5fa42261a312e06e62bd16552b44d475934ff7000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="ac1e00010000000000000000000000000000000000000000ff02000000000000000000000000000100000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000120000000000000000000000000000000000000000b20015878a77c9d5cbb5a7959fc35c342e82b9006f35b07cd3cd9b2a6f5cca7dc37c2ccb177a7e2da1d498131cd24586d2384a4d75324833904108262d2224e686c817"], 0xf0}}, 0x0)
r2 = fcntl$dupfd(r0, 0x0, 0xffffffffffffffff)
prlimit64(0x0, 0x0, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
epoll_create1(0x0)
r3 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r3, 0x4, 0x42000)
mmap(&(0x7f000005b000/0x4000)=nil, 0x4000, 0x0, 0x8010, 0xffffffffffffffff, 0x12f0e000)
mbind(&(0x7f0000012000/0xc00000)=nil, 0xc00000, 0x0, 0x0, 0x0, 0x2000000000002)
close(0xffffffffffffffff)
ioctl$KVM_X86_GET_MCE_CAP_SUPPORTED(r2, 0x8008ae9d, &(0x7f0000000100)=""/30)
r4 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000588ff8)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
fcntl$lock(r6, 0x26, &(0x7f0000000080))
fcntl$lock(r6, 0x26, &(0x7f0000000180)={0x40001, 0x0, 0x0, 0x3ac})
dup3(r5, r6, 0x0)
getsockopt$SO_TIMESTAMPING(r6, 0x1, 0x41, &(0x7f0000000140), &(0x7f0000000180)=0x4)
write$binfmt_aout(r4, &(0x7f0000000200)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6f73a5eb7532a"], 0x6b)
sendfile(r4, r4, &(0x7f00000001c0), 0x8080fffffffe)
connect$bt_rfcomm(r4, &(0x7f0000000000)={0x1f, {0x4, 0x0, 0x3, 0xdf, 0x8, 0x7}, 0x20}, 0xa)
mkdir(&(0x7f00000000c0)='./file0\x00', 0x0)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl$EVIOCGBITSW(0xffffffffffffffff, 0x80404525, &(0x7f0000000000))

[  932.665793][   T26] audit: type=1804 audit(1575885314.646:1002): pid=31035 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir100869913/syzkaller.GI7b3r/582/bus" dev="sda1" ino=16514 res=1
[  932.698688][   T26] audit: type=1804 audit(1575885314.666:1003): pid=31218 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.4" name="/root/syzkaller-testdir277592306/syzkaller.2XkVD1/772/bus" dev="sda1" ino=17637 res=1
[  933.287683][   T26] audit: type=1804 audit(1575885315.276:1004): pid=31218 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.4" name="/root/syzkaller-testdir277592306/syzkaller.2XkVD1/772/bus" dev="sda1" ino=17637 res=1
09:55:16 executing program 1:
setsockopt$IP_VS_SO_SET_STARTDAEMON(0xffffffffffffffff, 0x0, 0x48b, &(0x7f00000000c0)={0x0, 'veth0_to_bond\x00'}, 0x18)
socket(0x0, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r0)
syz_open_dev$vcsn(0x0, 0x0, 0x8003)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
connect$can_bcm(0xffffffffffffffff, 0x0, 0x0)
r2 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r3 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r3, 0x4, 0x2000)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000002c0)={0xffffffffffffffff, 0xc0, &(0x7f00000003c0)={0x0, <r4=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r5=>0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x5, 0x7, 0x8, 0x2}, &(0x7f0000000200)=0xfff, 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000300)={r4}, 0xc)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000980)={0x0, 0xffffffffffffffff, 0x0, 0x5, &(0x7f0000000440)='f2fs\x00', r4}, 0x30)
r6 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
r7 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x4000000105042, 0x0)
write(r7, &(0x7f0000000200)="fdf01ae741043030219708b2e9a22414e8d9058cf44eecab83b2d28ce64965047f8122da91f2e47e046e9fc35c2d106b78bb06f5b13160ed8a0a91995e8bbea8ac66f5be7c659e654eb9a9efdeefbc8d4a0fcd31a782ec5ae3041b5f8e3a500e264144e3a5619c3a4a9f4cb16916f8910013ffc1345747a696f594e72965e81a225914af246f9a4584f20ec6b6135a9e5632230520a7bc370d9291675212ad7eb5673a1c4d7d03c415df3aab729ca15c3322d4b94626a6e508f5f2adf8f408b6799166f31c4e87ccdc3189b590ffba8b409111c7f6d36aae697d578d8024684647314eb25ee33f8392b42e5ecef3b52e19ebf6f1028cb8dcc54a11dd11b8adbb532b99d457453fbe3277a0c98672a9566c339311a4c007a143106f15054e01cafdcf6f9c6a17fb9ca3362a3a01cfedc8dbfe8bffa12dd17ba0be258156d1b4ef6f136711e49103776540bb986882aba0b7cff4e0102b105f9bea091a1b037373fcdc9f1fadfa9d21ff8f42156f74694d55058084ad477ce6c8bf47641c64d1cfe008025d87e5a02d3eba8d253e30062bdc7fe046bd590131d17ccc73a5ea27c8fb4bf752965f16301176416f440d11db988ad92726c693c5aa5b3ca28bc31ced72d0f4d12cb03fb261fe08e79e78f7aad21dc40cd694ec6e2bcb97be1c67fe59a6564924aaaa280aa94e04b9cb05bb8a0325a5d65f16cd0f8f09286a07382dce", 0x2fde00)
r8 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x6000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x200000000000df8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r9 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x11, r9, 0x0)
ioctl$PERF_EVENT_IOC_SET_OUTPUT(r8, 0x2405, r9)
r10 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x6000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x200000000000df8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r11 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x11, r11, 0x0)
ioctl$PERF_EVENT_IOC_SET_OUTPUT(r10, 0x2405, r11)
r12 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x4000000105042, 0x0)
write(r12, &(0x7f0000000200)="fdf01ae741043030219708b2e9a22414e8d9058cf44eecab83b2d28ce64965047f8122da91f2e47e046e9fc35c2d106b78bb06f5b13160ed8a0a91995e8bbea8ac66f5be7c659e654eb9a9efdeefbc8d4a0fcd31a782ec5ae3041b5f8e3a500e264144e3a5619c3a4a9f4cb16916f8910013ffc1345747a696f594e72965e81a225914af246f9a4584f20ec6b6135a9e5632230520a7bc370d9291675212ad7eb5673a1c4d7d03c415df3aab729ca15c3322d4b94626a6e508f5f2adf8f408b6799166f31c4e87ccdc3189b590ffba8b409111c7f6d36aae697d578d8024684647314eb25ee33f8392b42e5ecef3b52e19ebf6f1028cb8dcc54a11dd11b8adbb532b99d457453fbe3277a0c98672a9566c339311a4c007a143106f15054e01cafdcf6f9c6a17fb9ca3362a3a01cfedc8dbfe8bffa12dd17ba0be258156d1b4ef6f136711e49103776540bb986882aba0b7cff4e0102b105f9bea091a1b037373fcdc9f1fadfa9d21ff8f42156f74694d55058084ad477ce6c8bf47641c64d1cfe008025d87e5a02d3eba8d253e30062bdc7fe046bd590131d17ccc73a5ea27c8fb4bf752965f16301176416f440d11db988ad92726c693c5aa5b3ca28bc31ced72d0f4d12cb03fb261fe08e79e78f7aad21dc40cd694ec6e2bcb97be1c67fe59a6564924aaaa280aa94e04b9cb05bb8a0325a5d65f16cd0f8f09286a07382dce", 0x2fde00)
write$binfmt_aout(r6, &(0x7f00000009c0)=ANY=[@ANYRES32=r5, @ANYBLOB="e899fe12eaf30b98f6939d65785f46b50ffec159f87a7bedf24bcb95bf3797ecfaa7117290c17127ebfa5ebb61014f95358cbbf6dcd74087b3610be9bcedba6416614c2fee046db7568b7772709f35821f0ad40f24356f989d13ba3442d253c7831c8205bcbde4baf239c1cb447cc64eb0", @ANYBLOB="b7c3b64499ff4f600e72e48bcdf8c3d7cda1e909942532ef48ebe80cd0ccdfc942d5bb9bb77413ffb446f7fe5063da8d3449ef9fc48df6cffb4ac457a8003dbbdec2618420f97ffdc423e375902c4d6a01b59e98d3ad4d641ab6a61db707e4fe4dc55863eee0a8eb566b18549960f40bf8e7de134df1222c1d1213271eede9393c796989bfa79857a96301b1150aa32ebc3b6f4dd5b79e8272a7383498cd1333f215a9565c0de9c5e9312ad93686d6bf0825f99bab0acece1c7bfaecdacba8b5e101f542d47f53a662fbc5a911ce937eafda935aae6bbeede53a78ede1881ea16c16be69d371bb7f765f12dfd98b896a91504d88", @ANYPTR, @ANYRES16, @ANYPTR, @ANYPTR=&(0x7f0000000700)=ANY=[], @ANYBLOB="5f8ab635894e470f6d86dea501df069a5f12358dc0caede9f1939b6361400fbbb700ba8526778f62c6c94d0c3cc7b73a5c977d3efc0a2fe3b382187088a9a5a633777d7eeb98aca802a0b30320bf327f1bc6708efb446f5741acb4fca6bdc170dad7f9bafd67598ff3771c3462e2c9a7233d03053a16e866d6f11c0b2b304391109b87360ee0819a131d65ae44b1df3a67ebf02353d6f46861299cf4844a019873f43b5d464bd0c14c6add3314bbe66c5290f169411eaece7a64bc"], 0x36b)
sendfile(r6, r6, &(0x7f00000001c0), 0x8080fffffffe)
ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_PORT(r6, 0xc0a85352, &(0x7f0000000480)={{0x7, 0x64}, 'port0\x00', 0x1, 0x10840, 0x8, 0x7f, 0x0, 0x3, 0x0, 0x0, 0x1, 0x9})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000440)={0x0, 0xffffffffffffffff, 0x0, 0xc, &(0x7f0000000280)='eth0nodevlo\x00', r4}, 0x30)
fcntl$setown(r2, 0x8, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$P9_RREADLINK(r1, &(0x7f0000000580)=ANY=[@ANYBLOB="3a258211f663a7724bdef6a53bfce1e775d740627227b11e2daf85534aa6f5083067b0248878f07a91df1acc99e664c11cbf51b4f6bff473492cfc5ead68cb6a050655a837ad411cb73394239fdd9e33efb5b63c5ff85708d8994e34841e04ec5f4962c4636b7fb34f186b86bb0267bd491432dd2a52707c9ff05a83380901aeeba6a468acc0159117074b79e3eae14d824500eef64107f2ce8e640653058270aa2695952d83c594a125149b7df5ef4021dfcdb74078938059110bd142f3c312c6ecfa636c2567683920c19b877c0100b56a570369b4a3f1d5c222e90a05b5fbfad8e3ae8a14c85cf21dc7ae5e1ed8ee86c42b4c4b52f5f951d46e18aaa93e909ccf37a43455b24102c998836b67ed7064869a18b2d66a5a45630aad8094ca93f6085a68197469c0ab01a37f699b9cc9"], 0x13d)
sendfile(r1, r1, &(0x7f0000000000), 0x8080fffffffe)
r13 = socket$inet6(0xa, 0x3, 0x2c)
connect$inet6(r13, &(0x7f0000000180)={0xa, 0x0, 0x0, @local, 0x3}, 0x1c)
r14 = open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0)
sendfile(r13, r14, 0x0, 0x8482)
ioctl$VIDIOC_G_AUDIO(r1, 0x80345621, &(0x7f0000000100))
getsockopt$inet_pktinfo(r14, 0x0, 0x8, &(0x7f0000000040)={0x0, @loopback, @initdev}, &(0x7f0000000080)=0xc)

09:55:16 executing program 5:
setsockopt$IP_VS_SO_SET_STARTDAEMON(0xffffffffffffffff, 0x0, 0x48b, &(0x7f00000000c0)={0x0, 'veth0_to_bond\x00'}, 0x18)
socket(0x0, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r0)
syz_open_dev$vcsn(0x0, 0x0, 0x8003)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
connect$can_bcm(0xffffffffffffffff, 0x0, 0x0)
r2 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r2, &(0x7f0000000200)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6d73a5eb7532a"], 0x6b)
sendfile(r2, r2, &(0x7f00000001c0), 0x8080fffffffe)
r3 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r3, &(0x7f00000006c0)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6f73a5eb7532a7950878e24d651199437ae46d4d1ff26f0b5946a6396c2d8e4b77cc3ad4b78c8e2980c0a056eb39a52737f8b87f1309b50668495e595f9be98a59817f360d811644caf42f3084a082c39eebccfb665503ba3ffc3afaee683dabbbe94f420f9a301d6"], 0x6b)
sendfile(r3, r3, &(0x7f00000001c0), 0x8080fffffffe)
r4 = socket$inet(0x2, 0x100000000805, 0x0)
r5 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r5, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r6=>0x0]}, &(0x7f000095dffc)=0x1bb)
setsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(r4, 0x84, 0x72, &(0x7f0000000100)={r6}, 0xc)
getsockopt$inet_sctp_SCTP_RESET_STREAMS(r3, 0x84, 0x77, &(0x7f0000000100)={<r7=>r6, 0x0, 0x4, [0x7f, 0x3, 0x2, 0xff]}, &(0x7f0000000340)=0x10)
setsockopt$inet_sctp_SCTP_AUTH_DELETE_KEY(r2, 0x84, 0x19, &(0x7f0000000380)={r7, 0x8}, 0x8)
r8 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r9 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
fcntl$setstatus(r9, 0x4, 0x2000)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000002c0)={0xffffffffffffffff, 0xc0, &(0x7f00000003c0)={0x0, <r10=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x5, 0x7, 0x8, 0x2}, &(0x7f0000000200)=0xfff, 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000300)={r10}, 0xc)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000980)={0x0, 0xffffffffffffffff, 0x0, 0x5, &(0x7f0000000440)='f2fs\x00', r10}, 0x30)
r11 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r11, &(0x7f0000000200)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6f73a5eb7532a"], 0x6b)
sendfile(r11, r11, &(0x7f00000001c0), 0x8080fffffffe)
ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_PORT(r11, 0xc0a85352, &(0x7f0000000480)={{0x7, 0x64}, 'port0\x00', 0x1, 0x10840, 0x8, 0x7f, 0x0, 0x3, 0x0, 0x0, 0x1, 0x9})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000440)={0x0, 0xffffffffffffffff, 0x0, 0xc, &(0x7f0000000280)='eth0nodevlo\x00', r10}, 0x30)
fcntl$setown(r8, 0x8, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$P9_RREADLINK(r1, &(0x7f0000000580)=ANY=[@ANYBLOB="3a258211f663a7724bdef6a53bfce1e775d740627227b11e2daf85534aa6f5083067b0248878f07a91df1acc99e664c11cbf51b4f6bff473492cfc5ead68cb6a050655a837ad411cb73394239fdd9e33efb5b63c5ff85708d8994e34841e04ec5f4962c4636b7fb34f186b86bb0467bdd13133ef429bda82f9b8e15eae491432dd2a52707c9ff05a83380901aeeba6a468acc0159117074b79e3eae14d824500eef64107f2ce8e640653058270aa2695952d83c594a125149b91f5ef4021dfcdb74078938059110bd142f3c312c6ecfa636c2567683920c19b877c0100b56a570369b4a3f1d5c222e90a05b5fbfad863ae8a14c85cf21dc7ae5e1ed8ee86c42b4c4b52f5f951d46e18aaa93e909ccf37a43455b24102c998836b67ed7064869a18b2d66a5a45630aad8094ca93f6085a68197469c0ab01a37f699b9cc9"], 0x13d)
sendfile(r1, r1, &(0x7f0000000000), 0x8080fffffffe)
r12 = socket$inet6(0xa, 0x3, 0x2c)
connect$inet6(r12, &(0x7f0000000180)={0xa, 0x0, 0x0, @local, 0x3}, 0x1c)
r13 = open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0)
sendfile(r12, r13, 0x0, 0x8482)

09:55:16 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = dup3(r2, r1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_ENABLE_CAP_CPU(r5, 0x4068aea3, &(0x7f0000000380)={0x7b})
accept4(0xffffffffffffffff, &(0x7f0000000480)=@rxrpc=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x0, 0x0, @dev}}, &(0x7f0000000000)=0x80, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0)
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r5, 0xae80, 0xb00000000000000)

09:55:16 executing program 2:
r0 = syz_open_dev$mouse(&(0x7f00000015c0)='/dev/input/mouse#\x00', 0x101, 0x80202)
pipe(&(0x7f00000006c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
close(0xffffffffffffffff)
sendmsg$nl_xfrm(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000001340)=ANY=[@ANYBLOB="f04000001a0075430000000000000000fe8000000000000000000000000000bbff0200000000000000000001800000000000730982e772f382b8000000001e7a316d8c8c1d789ddbc99e8cfaeb4240cd7c077f73790755339eac7e4f491fad5fa42261a312e06e62bd16552b44d475934ff7000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="ac1e00010000000000000000000000000000000000000000ff02000000000000000000000000000100000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000120000000000000000000000000000000000000000b20015878a77c9d5cbb5a7959fc35c342e82b9006f35b07cd3cd9b2a6f5cca7dc37c2ccb177a7e2da1d498131cd24586d2384a4d75324833904108262d2224e686c817"], 0xf0}}, 0x0)
r2 = fcntl$dupfd(r0, 0x0, 0xffffffffffffffff)
prlimit64(0x0, 0x0, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
epoll_create1(0x0)
r3 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r3, 0x4, 0x42000)
mmap(&(0x7f000005b000/0x4000)=nil, 0x4000, 0x0, 0x8010, 0xffffffffffffffff, 0x12f0e000)
mbind(&(0x7f0000012000/0xc00000)=nil, 0xc00000, 0x0, 0x0, 0x0, 0x2000000000002)
close(0xffffffffffffffff)
ioctl$KVM_X86_GET_MCE_CAP_SUPPORTED(r2, 0x8008ae9d, &(0x7f0000000100)=""/30)
r4 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000588ff8)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
fcntl$lock(r6, 0x26, &(0x7f0000000080))
fcntl$lock(r6, 0x26, &(0x7f0000000180)={0x40001, 0x0, 0x0, 0x3ac})
dup3(r5, r6, 0x0)
getsockopt$SO_TIMESTAMPING(r6, 0x1, 0x41, &(0x7f0000000140), &(0x7f0000000180)=0x4)
write$binfmt_aout(r4, &(0x7f0000000200)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6f73a5eb7532a"], 0x6b)
sendfile(r4, r4, &(0x7f00000001c0), 0x8080fffffffe)
connect$bt_rfcomm(r4, &(0x7f0000000000)={0x1f, {0x4, 0x0, 0x3, 0xdf, 0x8, 0x7}, 0x20}, 0xa)
mkdir(&(0x7f00000000c0)='./file0\x00', 0x0)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl$EVIOCGBITSW(0xffffffffffffffff, 0x80404525, &(0x7f0000000000))

09:55:16 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000000380)={0x7b})
r3 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
r4 = socket$inet6(0xa, 0x3, 0x2c)
connect$inet6(r4, &(0x7f0000000180)={0xa, 0x0, 0x0, @local, 0x3}, 0x1c)
r5 = open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x8482)
r6 = accept4$ax25(r5, &(0x7f0000000100)={{0x3, @netrom}, [@rose, @remote, @bcast, @netrom, @null, @remote, @default, @default]}, &(0x7f0000000180)=0x48, 0x100000)
ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(r6, 0x40106614, &(0x7f0000000280))
write$binfmt_aout(r3, &(0x7f0000000200)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6f73a5eb7532a"], 0x6b)
sendfile(r3, r3, &(0x7f00000001c0), 0x8080fffffffe)
accept4$vsock_stream(r3, &(0x7f0000000080)={0x28, 0x0, 0xffffffff}, 0x10, 0x80000)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

09:55:16 executing program 3:
r0 = syz_open_dev$mouse(&(0x7f00000015c0)='/dev/input/mouse#\x00', 0x101, 0x80202)
pipe(&(0x7f00000006c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
close(0xffffffffffffffff)
r3 = semget$private(0x0, 0x2, 0x48)
getresuid(0x0, &(0x7f0000000340)=<r4=>0x0, &(0x7f0000000380))
r5 = getgid()
r6 = geteuid()
stat(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, 0x0, <r7=>0x0})
semctl$IPC_SET(r3, 0x0, 0x1, &(0x7f0000000480)={{0x6134e6ad, r4, r5, r6, r7, 0x0, 0x80000001}, 0xff, 0x80000000, 0x2})
lstat(&(0x7f0000000280)='./file0\x00', &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x0, <r8=>0x0})
setregid(0x0, r8)
r9 = openat$proc_capi20(0xffffffffffffff9c, &(0x7f0000000800)='/proc/capi/capi20\x00', 0x90102, 0x0)
setsockopt$ALG_SET_AEAD_AUTHSIZE(r9, 0x117, 0x5, 0x0, 0x4)
r10 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r10, &(0x7f0000000200)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6f73a5eb7532a"], 0x6b)
sendfile(r10, r10, &(0x7f00000001c0), 0x8080fffffffe)
ioctl$PPPIOCSACTIVE(r10, 0x40107446, &(0x7f00000001c0)={0x9, &(0x7f0000000140)=[{0x6, 0x75, 0x7, 0x67}, {0x7ff, 0x8, 0xf, 0x80000000}, {0x29, 0x0, 0x5, 0x2}, {0xffff, 0x8, 0xff, 0x7}, {0x1, 0x0, 0x80, 0x3}, {0x5, 0x80, 0x5, 0x3}, {0x4, 0x81, 0x7, 0x3}, {0x2, 0x7, 0x6}, {0x0, 0x6b, 0x5, 0xd1}]})
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000100)='fuse\x00', 0x40008, &(0x7f0000000480)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x1000}, 0x2c, {'user_id', 0x3d, r4}, 0x2c, {'group_id', 0x3d, r8}, 0x2c, {[{@max_read={'max_read'}}, {@allow_other='allow_other'}, {@default_permissions='default_permissions'}, {@allow_other='allow_other'}, {@default_permissions='default_permissions'}, {@default_permissions='default_permissions'}, {@max_read={'max_read', 0x3d, 0x4}}], [{@subj_role={'subj_role', 0x3d, 'eth0'}}, {@smackfsdef={'smackfsdef', 0x3d, '/dev/input/mouse#\x00'}}, {@obj_type={'obj_type', 0x3d, ']'}}, {@fsmagic={'fsmagic', 0x3d, 0x6}}, {@rootcontext={'rootcontext', 0x3d, 'root'}}, {@defcontext={'defcontext', 0x3d, 'sysadm_u'}}, {@subj_type={'subj_type', 0x3d, '/dev/input/mouse#\x00'}}]}})
sendmsg$nl_xfrm(r2, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000001340)=ANY=[@ANYBLOB="f04000001a0075430000000000000000fe8000000000000000000000000000bbff0200000000000000000001800000000000730982e772f382b8000000001e7a316d8c8c1d789ddbc99e8cfaeb4240cd7c077f73790755339eac7e4f491fad5fa42261a312e06e62bd16552b44d475934ff7000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="ac1e00010000000000000000000000000000000000000000ff02000000000000000000000000000100000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000120000000000000000000000000000000000000000b20015878a77c9d5cbb5a7959fc35c342e82b9006f35b07cd3cd9b2a6f5cca7dc37c2ccb177a7e2da1d498131cd24586d2384a4d75324833904108262d2224e686c817"], 0xf0}}, 0x0)
fcntl$dupfd(r0, 0x0, 0xffffffffffffffff)
prlimit64(0x0, 0x0, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
epoll_create1(0x0)
r11 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r11, 0x4, 0x42000)
r12 = semget$private(0x0, 0x2, 0x48)
getresuid(0x0, &(0x7f0000000340)=<r13=>0x0, &(0x7f0000000380))
r14 = getgid()
r15 = geteuid()
stat(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, 0x0, <r16=>0x0})
semctl$IPC_SET(r12, 0x0, 0x1, &(0x7f0000000480)={{0x6134e6ad, r13, r14, r15, r16, 0x0, 0x80000001}, 0xff, 0x80000000, 0x2})
r17 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0)
r18 = ioctl$KVM_CREATE_VM(r17, 0xae01, 0x0)
r19 = ioctl$KVM_CREATE_VCPU(r18, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r19, &(0x7f00001da000/0x18000)=nil, 0x0, 0xfffffe72, 0x0, 0x0, 0xa00000000000000)
fstat(r19, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, <r20=>0x0})
fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000880)={0x0, <r21=>0x0})
r22 = socket(0xa, 0x80001, 0x0)
getsockopt$sock_cred(r22, 0x1, 0x11, 0x0, &(0x7f0000b34ffc))
getsockopt$inet6_IPV6_IPSEC_POLICY(r22, 0x29, 0x22, &(0x7f00000008c0)={{{@in6, @in6=@empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r23=>0x0}}, {{@in6=@ipv4={[], [], @dev}}, 0x0, @in6=@dev}}, &(0x7f00000009c0)=0xe8)
r24 = getegid()
r25 = socket(0xa, 0x80001, 0x0)
getsockopt$sock_cred(r25, 0x1, 0x11, &(0x7f0000b34ff8)={0x0, <r26=>0x0}, &(0x7f0000b34ffc)=0xc)
setuid(r26)
lstat(0x0, &(0x7f0000000b00)={0x0, 0x0, 0x0, 0x0, 0x0, <r27=>0x0})
lstat(&(0x7f0000000b80)='./file0\x00', &(0x7f0000000bc0)={0x0, 0x0, 0x0, 0x0, <r28=>0x0})
r29 = open(&(0x7f0000000040)='./bus\x00', 0x141042, 0x0)
lstat(0x0, &(0x7f00000017c0)={0x0, 0x0, 0x0, 0x0, 0x0, <r30=>0x0})
fchown(r29, 0x0, r30)
sendmsg$unix(0xffffffffffffffff, &(0x7f0000000d40)={&(0x7f0000000180)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f00000007c0)=[{&(0x7f0000000300)}, {&(0x7f00000003c0)="461b173c1daf6fd3514b07e58b123ee40c55eb9586082bf98076ed45f0a0344a8b3366c25b10c962569d34684addf1078c3af1132a862f36a4917c2b837f86361a1bfcf81b8859a44fa1a3aaecc79b2c8c0537df9ff0d2322077077298d6ad2bb54b82009d4dbc3242", 0x69}, {&(0x7f0000000440)="d880cb946c9e809576e8c3e4c470b33132bada8ff913c13023a7bf871e185d0d7dbbf0a1d077fabf9996e5ba019914e63b0a377d0cc880e4c8cbb2d46694449aad91f9e8caaa0e88b80bff83f75929a1320899357da557bff57ffa23a33e7fb719282db60628b3935f459f56f9b5971dfa", 0x71}, {&(0x7f00000005c0)="2919da6b1a29b57e129b7a4a60afbbbcebdd", 0x12}, {0x0}, {&(0x7f0000000700)="8e01364aa70818cbf626a37fcfa2270baff3d5e2cb6b0bada6c69f072980e5", 0x1f}], 0x6, &(0x7f0000000c40)=[@cred={{0x1c, 0x1, 0x2, {r21, r23, r24}}}, @rights={{0x10}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {0x0, r26, r27}}}, @cred={{0x1c, 0x1, 0x2, {0x0, r28, r30}}}], 0xa0, 0x4}, 0x6010)
r31 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r31, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r32=>0x0}, &(0x7f0000cab000)=0xc)
setresuid(0x0, r32, 0x0)
semctl$IPC_SET(r12, 0x0, 0x1, &(0x7f00000000c0)={{0x0, r20, r30, r32, 0xee00, 0x40}, 0x0, 0x205, 0x5})
r33 = semget$private(0x0, 0x2, 0x48)
getresuid(0x0, &(0x7f0000000340)=<r34=>0x0, &(0x7f0000000380))
r35 = getgid()
r36 = geteuid()
stat(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, 0x0, <r37=>0x0})
semctl$IPC_SET(r33, 0x0, 0x1, &(0x7f0000000480)={{0x6134e6ad, r34, r35, r36, r37, 0x0, 0x80000001}, 0xff, 0x80000000, 0x2})
r38 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0)
r39 = ioctl$KVM_CREATE_VM(r38, 0xae01, 0x0)
r40 = ioctl$KVM_CREATE_VCPU(r39, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r40, &(0x7f00001da000/0x18000)=nil, 0x0, 0xfffffe72, 0x0, 0x0, 0xa00000000000000)
fstat(r40, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, <r41=>0x0})
fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000880)={0x0, <r42=>0x0})
r43 = socket(0xa, 0x80001, 0x0)
getsockopt$sock_cred(r43, 0x1, 0x11, 0x0, &(0x7f0000b34ffc))
getsockopt$inet6_IPV6_IPSEC_POLICY(r43, 0x29, 0x22, &(0x7f00000008c0)={{{@in6, @in6=@empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r44=>0x0}}, {{@in6=@ipv4={[], [], @dev}}, 0x0, @in6=@dev}}, &(0x7f00000009c0)=0xe8)
r45 = getegid()
r46 = socket(0xa, 0x80001, 0x0)
getsockopt$sock_cred(r46, 0x1, 0x11, &(0x7f0000b34ff8)={0x0, <r47=>0x0}, &(0x7f0000b34ffc)=0xc)
setuid(r47)
lstat(0x0, &(0x7f0000000b00)={0x0, 0x0, 0x0, 0x0, 0x0, <r48=>0x0})
lstat(&(0x7f0000000b80)='./file0\x00', &(0x7f0000000bc0)={0x0, 0x0, 0x0, 0x0, <r49=>0x0})
r50 = open(&(0x7f0000000040)='./bus\x00', 0x141042, 0x0)
lstat(0x0, &(0x7f00000017c0)={0x0, 0x0, 0x0, 0x0, 0x0, <r51=>0x0})
fchown(r50, 0x0, r51)
sendmsg$unix(0xffffffffffffffff, &(0x7f0000000d40)={&(0x7f0000000180)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f00000007c0)=[{&(0x7f0000000300)}, {&(0x7f00000003c0)="461b173c1daf6fd3514b07e58b123ee40c55eb9586082bf98076ed45f0a0344a8b3366c25b10c962569d34684addf1078c3af1132a862f36a4917c2b837f86361a1bfcf81b8859a44fa1a3aaecc79b2c8c0537df9ff0d2322077077298d6ad2bb54b82009d4dbc3242", 0x69}, {&(0x7f0000000440)="d880cb946c9e809576e8c3e4c470b33132bada8ff913c13023a7bf871e185d0d7dbbf0a1d077fabf9996e5ba019914e63b0a377d0cc880e4c8cbb2d46694449aad91f9e8caaa0e88b80bff83f75929a1320899357da557bff57ffa23a33e7fb719282db60628b3935f459f56f9b5971dfa", 0x71}, {&(0x7f00000005c0)="2919da6b1a29b57e129b7a4a60afbbbcebdd", 0x12}, {0x0}, {&(0x7f0000000700)="8e01364aa70818cbf626a37fcfa2270baff3d5e2cb6b0bada6c69f072980e5", 0x1f}], 0x6, &(0x7f0000000d80)=ANY=[@ANYBLOB="1c000000000000000100000002000000", @ANYRES32=r42, @ANYRES32=r44, @ANYRES32=r45, @ANYBLOB="000000001000000000000000010000000100000014000000000000000100000001000000", @ANYRES32, @ANYBLOB="0000000014000000000000000100000001000000", @ANYRES32, @ANYBLOB="000000001c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=r47, @ANYRES32=r48, @ANYBLOB="000000001c000000000000000100000002000000b8f10f818cf43c539def5407579f33da9119d60b353022e0e271b6f09d6ae79ca258246cd4cbf55b1c7c88a6b26ded73bc0dd9897a58b46330f68200"/94, @ANYRES32=0x0, @ANYRES32=r49, @ANYRES32=r51, @ANYBLOB='\x00\x00\x00\x00'], 0xa0, 0x4}, 0x6010)
r52 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r52, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r53=>0x0}, &(0x7f0000cab000)=0xc)
setresuid(0x0, r53, 0x0)
semctl$IPC_SET(r33, 0x0, 0x1, &(0x7f00000000c0)={{0x0, r41, r51, r53, 0xee00, 0x40}, 0x0, 0x205, 0x5})
r54 = getuid()
r55 = semget$private(0x0, 0x2, 0x48)
getresuid(0x0, &(0x7f0000000340)=<r56=>0x0, &(0x7f0000000380))
r57 = getgid()
r58 = geteuid()
stat(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, 0x0, <r59=>0x0})
semctl$IPC_SET(r55, 0x0, 0x1, &(0x7f0000000480)={{0x6134e6ad, r56, r57, r58, r59, 0x0, 0x80000001}, 0xff, 0x80000000, 0x2})
syz_mount_image$f2fs(&(0x7f0000000640)='f2fs\x00', &(0x7f0000000680)='./bus\x00', 0x9, 0x5, &(0x7f0000000780)=[{&(0x7f0000000700)="ef741ee7837a923ecc25753f86399263a41ed5a765875df978a716a0d5b34d83d0582ca48e91d8cd809b", 0x2a}, {&(0x7f0000001600)="156389b8155744f2d739f7a0ea01ac661dab408ce7869ecee0d3129e506c7993d216ad150dfbb6bd2d43cf08da209a1d11f5cb1470acc16563ae2fdad1c8a87040998bd6795448dbb9994628314431ad96607b1b197c0ed6b5ca0eb88972367885273646c8b18c3023af47c2dfcd491b93ca3c9cf0bdd6768f82684b47524759486a5e2befc2578fdaa23873da6df69736f36a6dd789b233f400ff6c094f86eb118abd3fe7797b5b6525af8c529ed5a3311f7f3a5ef4a382d02315cdb3430ba123c4245e02ec362115d3c80d74befeaa41b2e96dbcccabb04c79afaa0297e6ac142bc3d07318dbd3f7aa455d1641c2b3dc9ed35379ae71dfb0e4b32c820a8fd960fdc7ba3fc46cf1ee6005875f8941b17732ff2ff9a01d7036d05484469a211ac6eec164d54d442923efb0053c839cabdfb91f4abd8e334d5592696fa0fcd37bddf4e2ed5fe88ce84590c8ea1e37e8ccc0a231c6f271ad5d24a4c6e2136493ce2d658b62ab571153d433dea91c4271884cfbebd88413b95032cd38c5a485114ec1ee153f2345ff720cbf6fc9863c829e26fb2ab116186397d5d2c6f8d694b3978ed9da1cea99d097da82bc704d74a3e95bdf5b70d3d85bfd710f2d593a92b07dcbb82532ba713734d2b7fbd8a5a3bfd8f4a11fa57b768f40a1605a3afe8d1a0039efa11a98f2ca11dea23de88c73604726b4e204651491a249a9d6f733e2f50cf901ec0cca981b9aa226f209f839e547b16900e52d39ec3854653d35ef94318159d602d0c2c217bc1d3fa3e6e670899539ad713bf7141a6a9f6276e998a027ba80861ea7a8b607da64f5671dbd23cd2ca8828373c62d69277641e32fb474ddfe30495b461d366484961c45b1e3bfcbb17a6ef172e94925f226e7d22f1596d6439ef910f9d33bd1e79401d612e53fa223438d0285ece5aa62203c9a40912eadc237b1d1a4055ef41c311cfbf83c084149f70af4f398f86f8662e83b45e284ec2910912523225f087eadb8d20d2683ad4447085416f091e8c6b73a03422aecfd074253cc0f67d20569e2d9d435a7f42551f4a45d78a34b26bf11dd0e4738125f71d2e3f3c97de070f7c8f83529950985272b793c4b006e1aecbeb7f4a54d03da090cd6c803d1635a010c1c73b2f3ee3e73344344bf9c6d726336cde9a67dcc1d9ec0fd7ee554d2e71214e4c08c2a5a54045854da97561996b7bf1822ea274dfd2d2a703cc237321e57877cc842b8f52554312f7854e73ba79a55eba08c4c05da929f3bd3c7c02e7349e2d6ed0eb2b141b6fcbe44ce8706892679fe71760fb9ba8017267a626e78cdf0f2e826b8777afb6d656878c316b3bb18c1f8fe0f5dd0d66fae836d9f4aaa4b44ba41915888530c3824fc69aa37dcb03b4ce57e779238d26e325d48785bef03f4862604897fac8a23026d04e228ca6ada3ca9d1aac95a8bb32acec0471274e30042ce4d5cbbdbfcba512d54c7a2d9dde106f55270bb468651df51acf6bc37a2eca3b98f99490cdbcfaa2c7b437960a4fb616756713f0eee7862d55dddb1677e500573b57619de134352a201e3fae67430bbeadbf46f20664d064560a42f72b438deb2211a230d95ae972b5569fc246b72bdc5b1b8d6ea777f2b33ff3b16fef7c4d9f9d286fdd59a133f1177cadbda9813ac58bf85afda6cc13c1a65ec858fe1ee1ce01b2e99dce562039a9a408fd89f4431d517da2c55782bb6c0af96fa7a38523506a9e1ce288150dea0f656e9709d722b8c70a7ee5f97ab3234f53de508c3453c22f863b6355c16fb35e3345d06522330206796b82c6fc1d5d4110a411ce79bf637a20eb20ba483be1ec1594082fb45e87e1430e0a8050d4b77507627ab588b9ad80279f4688ace5a34679c87a5fe5a27a7fbb98546141e23763ce2167fca87d5369cfe656560e21cbf4e0128d726902e14bbed897950e627466c7fc36ade3c29f11371fdf44891c7429061134a5f72efd2576e1efe16a1845f2e27cd5725778e3077a5a6155eabc270f29ba888622d91c39f50531a745b10bdf6cc9cc2ecacf76ce5eadf03dec51517b2bc061b47a0063fcb437c960a10d2405dd273ad2f27c0fa18d0d052a9a95b2f1597d1a2148d3ed693f5e7a9ba218cb168b6845cba8048189b23583015936976037d436f2f3c43ad98081c70b6733c769751ac2af7440b56d9de10b399d52a4d9827bdfd34a893f546ffde897b53062bbe0c048bc6b5877ad69d84ede12909b5218752d7e6a470184f95b2c6d7bd2ca2acc38b8a9984802b307a661069178b275964ad80590731a7e16659f1188ab0dd0760760bd8695e7c7076c98533a2137b0d0f58a14be4327c61ceb8844627e373384d99b536022b7e6ba07bf9cec0cdffa3a887715387dfe5a2b7b4958dc180204da30326d967a14739b92e675ec6fe12a1f1b210f3a897d360550b4651e50a76bce22eba5325522759ee501145a23b28aa5af6de1fedec71b2eebb47d2d4dd5a6a2b96c966ee86105c90cb81bdfa32037b43911d6f66d8089e4afdc4f152aecf63880c255d4b1d5edc32e502d2b90ed6b6272a4c6e281a2331063489df4f95dae393a1f54f6aaf3dd6152860d959f4fc82a77ca1fef242f721c5fc1b99135efef2078f151d22c6697b06cb0edcd3f30fd60ac9ddaecaa5e7c1e9a7d5d23eeb9c319b80951b503fd3b59371fd74d7a9723647e27151c0e773ac511fce927f1963f134bab12ce6bd34f555374353a05c4a0fc0f2970f5eaa2638f1e78f18f13709e2b92752f929bd7ce3081c1477aa80cf22757b29b7077b5c34c2327f4d850d6b92645b904d1d99aa455e4a53d818279bd7cf2d8d2c42f7aa9678ed67b2ca026a4f77b21b56ae1d6417590419f39544d0f612b4f8f6f8b12560b0ab3fddceb829cf17067ec967d3bef37e4edc8a0769618b69a353c6638be8a258c8f013a5fa6ca82ad45a732f2332f40159dd333a7fab71b535b6838e404233bdbfe382650a5cb306033721460bdd1a7af512af038a617c3676bf5260d05e729876818219498b618334c022b9217ec6d29d40aafc8b84c3ef98b43eaf4586d3941ded517b02677e3ad3a926d83bbe10303f00f89b353beb440ca0559dfe0dcaa71c0e007f43090d9b4b8c1b9089daa19e0250a6a318916d903a815a2ad09ee23cf9359f28878830988153921584ecd3fe48662160011a7aeb06a7757f99fb79fde3907bbb8c60e97185649057c1634b1272bb2880c9a513d7e906a23593c01bcbee91da73b59273f9398e5f983febde8e180906dce1591a8228fa26603b3413fec49fc1957e2643b923f679198be4d7f2690e924fcea4c79f08f44760a1d521af492bb21195e9d7077e9ba4099e9cd3fe3f7cddb56986a04423739efa4fa928183fe7645ed2ede9895cd30b6fbfac90579b493b90f000b28bcfa3e93ddd5285fa5c7c9040d76f1765e5e81eedec1c9cfbf5f6474578840efbdbd19b68d05c830d4cd814569a27427a592ac31c077a1395b5f9e2f38f1913d779f956c0774bc44874d48e92404a2ced2556d299fd853254396e0c499bbdcf1209d3147a89303df2ccdbe53bc4f34f349c338d33b48f51b0413731d8059c20dc0894c23a7df95532a18aac6089ac5f3b2ae22f60b176c837e0663c5b43d708ef23f096dbf573ad110e668f134873be76127518c00b80935d529cb8e93056f570474f3971c3225dc45a1bd895ba1d1b79ba5ea265c4b82f25c83cc1f7e18cfc8cff7593562ffe4d7e3e1d4b95de389da7c3eddb71b9422776f5c9efcebf5e568ddd2236965861045947aeef35fd992a87e543d30c6fd154dfd890b70fec48244c1c69765e301fda5bde775c52a22b8b1232fd18a646ead7791ffcdc9eb8175eb93aab8a937a79138a1637122c7ef09d48979cb3773f3e1e61881fd11a160439c5a263051720d11a4f418be90fb019f8a2bc30ac4f3899617df3c4761b76af375cd5f2d18c417f376dbf41b774e113386b6824254b151f985782472dc4f1f73c9abc840cfffe94b2c16c808fc3e3736f8a42b6061ac8c871f6772fc6912ec25ec51d88f5b2bb847e77eecd5845491ac77ad5d7a7fad50f34cf7f829ba23bcdf404805d943625df841db7a2b0768a5586351a5f0dd2410e8d658844fa2ceff9bbc5a2e94e16a6cd41ec16b75e6df403177984563bc27b2f546d68d9fdbdd9c438337b2da374e291809d0a8ba14cf9c350a2e8c07214fb041e1ad8bc2cc5d84370af86d0f867506e031661845aae8ba2a0ba8d451b4a400bd0aed352c8032c317c6dec81d990cac5397ade1960a88a2d691fadc151f134bccc0f4689d06193bf14d37457987cacbca6ae56071b1142b92a9086980ed8075414ed66a135468ef5eab264bfe59d97d9670d2b11d96d0f1ee562f08e1e0a8531e8ec3079c92a81b386795d57308f4b06bb3ed15d6a8b847df7fbf8aabbaa410c34c0ae1fa55ee16af6d00f971125f42a42d5592be3254e9a081fe6afbd46aced176483f4fdf34e9244a925b03b0246ef1f9bcb1857429fad6fcd3bbaa95997392a9389cea08fc4e9745fc9bdc8ffe4d8f4af89406fb7daf53ef3911e92672c11b748dacb8283d8f54f50187c16a21349825c3823510bfe75ea339c6142b1aa78e5f8df51521a0ce12f7eddc4db73ac4465185dc287c69d57b861b1bf8e49621ea4110b95284cf1ae7a8588232082110e18ab86a2db738d1fd247d18cfedf678336c6aa32a5d329a173643c112c89511adf2b2579cdb4362b3e824e173625dbb53bf02dfd2cf07148e387c6f5a63edb9f802a771a887a43795642a90aa66929ac83ae034878e03abbdacdedc937fd29797af4026593877119d65ff434e227448d82c51d87f0d51c8b34c5a3f2afbbdb5faf84e512b7e167bd1c87602cca03cbb8e597cb92a98504fe728d56306c65de16b01961e113eaaa8b64493671b89d0f18a7733225e2aa85cff9be502654b847b12f6feb8b420cd85e2b69af254f58b1a0af0ba0324f4005b93b8d1deb78e87eeb64fbb03ebf471e245bb3d5188656a301b2cdf25a7f618bd58a338f543370dbe2bcaf9cace1221041516346fb381c862f29f167b368b3b7fdce5817c9f44f4d6b9a974a05e13075ca5c00a9585c6c9522c9b27dee7cfae6b2992a0428a801ea142f19098da5b61ddb68904917e7dafba8aec7b3487c1c3a584dca9a42865325d05bd9b51f5abb9a654c6066fca23e523d66e09537ab217c5ccc3b1ed9d17a00ab9aaed6f7f5fff302ed2453c1fd34ecc34cdffdae3c3894ed377ade91bb150986f6b6f4351e2d03fcfa6a3812daae7213d65f38063ff555a05b73e14896acc851ed019f154b30448eeee06e0d6d01a55e16b263e87e909f1c08501aeb289647d13c7b23f874efee75877647c7440f22a97eeeca50ce8330938425719d186a2e97b03c0e61125a56cac91c5221bc6082922b977b1f2fba175f9169e05d9e4b65098b6114b9bf6728a2316bba5a7a9ec732637ae89c1fee12a54839c485cb08b1fa3a267504b41a529e144aea92720a1f8f263aae32da96659861f0b46a9af8e91453356a8ebc093c0c9f1e579921eed75b96050b5bf2835c0dc989729285f35831688c5a63ece24dbadf1a5355ffad2f3b9cc7ab03e76748d789b31afa00d8d46deec4fa862880b2ea30e08485fae5c28d35faff6c1659e8ddc9e7346f0f0428ec07d8c4cc8eb10f2b004fa8c46fdb394a160b8990ea68bc795392d31dc9486155e2fbc51ac9e64ebba4687de5eff34e2c68070dcc7e79ee6002dea6b42c2326d3c2dfcfde3b78", 0x1000, 0x7}, {&(0x7f0000000740)="2783d60be261f00b982a4f881943a7d90411b1011722bd2c081942c9418f2fb54feb15142c9464fac421632f4e563243f8892c2e14b8a8e43e13", 0x3a, 0xbb}, {&(0x7f0000000840)="2c81f5653ff0ddd2a49f1d034deddc3ec3e79054ead8b6fca8ecec8621271305bbe9d24273070a65b7e84be86f5971f3e00aed8c684db80d73e1ceff1a1621e3e57ad75ed295e7e5e343fc56e9c25f55a55550ba0542b068d3cb01d4fc808235a20d76a263d8ffb4ca230ad820b51d66ea195927b0be343e2fe3d6ad61418fcc9c1070ee0b0edb671f297a3e7086d4f8ed027e8fde6aa99ea754d051b60cad35e0a902535ed3853582fa38faf97a45e35c3c2cf98176e8cb3af081639f36fc32fbe60fd490196a08", 0xc8, 0xb3}, {&(0x7f0000000940)="f7ad214f26192ff626b0a87f6228646400a14ecb242193e32db8c5fc20289038240954e839a9da76169b4265a2071af964862b15d19793caba6ab50a06b9a0d68d9350bb09b9f924c55c7e86e01973bae2174a6c4a6920dc058a38ec2bb3741a74a83a6b153876201162eab0a2bdebdc7d2adb9f0e96f1d2f8add7b015514859ea2ef1b071aa32cf76b5077679e99903d730e71f9da4a11c3d65fabe11d4b89f30c97fde6f781d0c6344f9", 0xab, 0x1}], 0x0, &(0x7f0000000a00)={[{@resuid={'resuid', 0x3d, r20}}, {@adaptive_mode='mode=adaptive'}, {@resuid={'resuid', 0x3d, r41}}, {@inline_dentry='inline_dentry'}, {@noflush_merge='noflush_merge'}], [{@fsuuid={'fsuuid', 0x3d, {[0x68, 0x37, 0x0, 0x37, 0xa, 0xba, 0x33, 0x62], 0x2d, [0x64, 0x35, 0x39, 0x61], 0x2d, [0x6a, 0x62, 0x64, 0x32], 0x2d, [0x30, 0x65, 0x37, 0x36], 0x2d, [0x64, 0x34, 0x64, 0x35, 0x33, 0x31, 0x32, 0x64]}}}, {@obj_type={'obj_type', 0x3d, 'posix_acl_access'}}, {@uid_eq={'uid', 0x3d, r54}}, {@hash='hash'}, {@uid_gt={'uid>', r56}}, {@appraise_type='appraise_type=imasig'}, {@smackfsfloor={'smackfsfloor', 0x3d, '/dev/input/mouse#\x00'}}]})
mmap(&(0x7f000005b000/0x4000)=nil, 0x4000, 0x0, 0x10000000000031, 0xffffffffffffffff, 0x0)
mbind(&(0x7f0000012000/0xc00000)=nil, 0xc00000, 0x0, 0x0, 0x0, 0x2000000000002)
close(0xffffffffffffffff)
mkdir(&(0x7f00000000c0)='./file0\x00', 0x0)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)

[  934.262168][   T26] audit: type=1804 audit(1575885316.246:1005): pid=31476 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.4" name="/root/syzkaller-testdir277592306/syzkaller.2XkVD1/773/bus" dev="sda1" ino=17658 res=1
09:55:16 executing program 2:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snapshot\x00', 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
ioctl$TCSETA(0xffffffffffffffff, 0x5406, &(0x7f0000000100)={0x6, 0x2, 0x5, 0x40, 0x8, 0x8, 0x6, 0x9, 0x0, 0x1f})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000000380)={0x7b})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

09:55:16 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = dup3(r2, r1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_ENABLE_CAP_CPU(r5, 0x4068aea3, &(0x7f0000000380)={0x7b})
accept4(0xffffffffffffffff, &(0x7f0000000480)=@rxrpc=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x0, 0x0, @dev}}, &(0x7f0000000000)=0x80, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0)
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r5, 0xae80, 0xc00000000000000)

[  934.668905][   T26] audit: type=1804 audit(1575885316.656:1006): pid=31693 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir100869913/syzkaller.GI7b3r/583/bus" dev="sda1" ino=17659 res=1
[  934.731853][T31708] kvm [31696]: vcpu0, guest rIP: 0x4a Hyper-V unhandled rdmsr: 0x4000004a
[  934.770366][T31708] kvm [31696]: vcpu0, guest rIP: 0x4a Hyper-V unhandled rdmsr: 0x40000028
09:55:16 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = dup3(r2, r1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_ENABLE_CAP_CPU(r5, 0x4068aea3, &(0x7f0000000380)={0x7b})
accept4(0xffffffffffffffff, &(0x7f0000000480)=@rxrpc=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x0, 0x0, @dev}}, &(0x7f0000000000)=0x80, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0)
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r5, 0xae80, 0xd00000000000000)

09:55:16 executing program 3:
r0 = syz_open_dev$mouse(&(0x7f00000015c0)='/dev/input/mouse#\x00', 0x101, 0x80202)
pipe(&(0x7f00000006c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
close(0xffffffffffffffff)
sendmsg$nl_xfrm(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000001340)=ANY=[@ANYBLOB="f04000001a0075430000000000000000fe8000000000000000000000000000bbff0200000000000000000001800000000000730982e772f382b8000000001e7a316d8c8c1d789ddbc99e8cfaeb4240cd7c077f73790755339eac7e4f491fad5fa42261a312e06e62bd16552b44d475934ff7000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="ac1e00010000000000000000000000000000000000000000ff02000000000000000000000000000100000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000120000000000000000000000000000000000000000b20015878a77c9d5cbb5a7959fc35c342e82b9006f35b07cd3cd9b2a6f5cca7dc37c2ccb177a7e2da1d498131cd24586d2384a4d75324833904108262d2224e686c817"], 0xf0}}, 0x0)
fcntl$dupfd(r0, 0x0, 0xffffffffffffffff)
prlimit64(0x0, 0x0, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
epoll_create1(0x0)
r2 = socket$inet6(0xa, 0x3, 0x2c)
connect$inet6(r2, &(0x7f0000000180)={0xa, 0x0, 0x0, @local, 0x3}, 0x1c)
r3 = open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0)
sendfile(r2, r3, 0x0, 0x8482)
ioctl$KVM_CHECK_EXTENSION_VM(r3, 0xae03, 0x9)
r4 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r4, 0x4, 0x42000)
mmap(&(0x7f000005b000/0x4000)=nil, 0x4000, 0x0, 0x10000000000031, 0xffffffffffffffff, 0x0)
mbind(&(0x7f0000012000/0xc00000)=nil, 0xc00000, 0x0, 0x0, 0x0, 0x2000000000002)
close(0xffffffffffffffff)
r5 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x6000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x200000000000df8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x11, r6, 0x0)
recvmsg$can_raw(0xffffffffffffffff, &(0x7f0000000340)={&(0x7f0000000100)=@hci, 0x80, &(0x7f0000000240)=[{&(0x7f00000001c0)=""/39, 0x27}, {&(0x7f0000000200)=""/54, 0x36}, {&(0x7f00000002c0)=""/123, 0x7b}], 0x3}, 0x40)
ioctl$PERF_EVENT_IOC_SET_OUTPUT(r5, 0x2405, r6)
r7 = dup3(0xffffffffffffffff, r6, 0x0)
ioctl$sock_bt_bnep_BNEPCONNDEL(r7, 0x400442c9, &(0x7f0000000000)={0x2, @local})
mkdir(&(0x7f00000000c0)='./file0\x00', 0x0)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)

[  934.792556][   T26] audit: type=1804 audit(1575885316.756:1007): pid=31733 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir334181620/syzkaller.4JfTNJ/866/file0/bus" dev="loop5" ino=434 res=1
[  934.813612][T31708] kvm [31696]: vcpu0, guest rIP: 0x4a Hyper-V unhandled rdmsr: 0x4000007c
[  934.902457][T31708] kvm [31696]: vcpu0, guest rIP: 0x4a Hyper-V unhandled rdmsr: 0x40000086
[  934.956972][T31708] kvm [31696]: vcpu0, guest rIP: 0x4a Hyper-V unhandled rdmsr: 0x4000004e
09:55:17 executing program 5:
setsockopt$IP_VS_SO_SET_STARTDAEMON(0xffffffffffffffff, 0x0, 0x48b, &(0x7f00000000c0)={0x0, 'veth0_to_bond\x00'}, 0x18)
socket(0x0, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r0)
syz_open_dev$vcsn(0x0, 0x0, 0x8003)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
connect$can_bcm(0xffffffffffffffff, 0x0, 0x0)
r2 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r2, &(0x7f0000000200)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6d73a5eb7532a"], 0x6b)
sendfile(r2, r2, &(0x7f00000001c0), 0x8080fffffffe)
r3 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r3, &(0x7f00000006c0)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6f73a5eb7532a7950878e24d651199437ae46d4d1ff26f0b5946a6396c2d8e4b77cc3ad4b78c8e2980c0a056eb39a52737f8b87f1309b50668495e595f9be98a59817f360d811644caf42f3084a082c39eebccfb665503ba3ffc3afaee683dabbbe94f420f9a301d6"], 0x6b)
sendfile(r3, r3, &(0x7f00000001c0), 0x8080fffffffe)
r4 = socket$inet(0x2, 0x100000000805, 0x0)
r5 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r5, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r6=>0x0]}, &(0x7f000095dffc)=0x1bb)
setsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(r4, 0x84, 0x72, &(0x7f0000000100)={r6}, 0xc)
getsockopt$inet_sctp_SCTP_RESET_STREAMS(r3, 0x84, 0x77, &(0x7f0000000100)={<r7=>r6, 0x0, 0x4, [0x7f, 0x3, 0x2, 0xff]}, &(0x7f0000000340)=0x10)
setsockopt$inet_sctp_SCTP_AUTH_DELETE_KEY(r2, 0x84, 0x19, &(0x7f0000000380)={r7, 0x8}, 0x8)
r8 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r9 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
fcntl$setstatus(r9, 0x4, 0x2000)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000002c0)={0xffffffffffffffff, 0xc0, &(0x7f00000003c0)={0x0, <r10=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x5, 0x7, 0x8, 0x2}, &(0x7f0000000200)=0xfff, 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000300)={r10}, 0xc)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000980)={0x0, 0xffffffffffffffff, 0x0, 0x5, &(0x7f0000000440)='f2fs\x00', r10}, 0x30)
r11 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r11, &(0x7f0000000200)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6f73a5eb7532a"], 0x6b)
sendfile(r11, r11, &(0x7f00000001c0), 0x8080fffffffe)
ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_PORT(r11, 0xc0a85352, &(0x7f0000000480)={{0x7, 0x64}, 'port0\x00', 0x1, 0x10840, 0x8, 0x7f, 0x0, 0x3, 0x0, 0x0, 0x1, 0x9})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000440)={0x0, 0xffffffffffffffff, 0x0, 0xc, &(0x7f0000000280)='eth0nodevlo\x00', r10}, 0x30)
fcntl$setown(r8, 0x8, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$P9_RREADLINK(r1, &(0x7f0000000580)=ANY=[@ANYBLOB="3a258211f663a7724bdef6a53bfce1e775d740627227b11e2daf85534aa6f5083067b0248878f07a91df1acc99e664c11cbf51b4f6bff473492cfc5ead68cb6a050655a837ad411cb73394239fdd9e33efb5b63c5ff85708d8994e34841e04ec5f4962c4636b7fb34f186b86bb0467bdd13133ef429bda82f9b8e15eae491432dd2a52707c9ff05a83380901aeeba6a468acc0159117074b79e3eae14d824500eef64107f2ce8e640653058270aa2695952d83c594a125149b91f5ef4021dfcdb74078938059110bd142f3c312c6ecfa636c2567683920c19b877c0100b56a570369b4a3f1d5c222e90a05b5fbfad863ae8a14c85cf21dc7ae5e1ed8ee86c42b4c4b52f5f951d46e18aaa93e909ccf37a43455b24102c998836b67ed7064869a18b2d66a5a45630aad8094ca93f6085a68197469c0ab01a37f699b9cc9"], 0x13d)
sendfile(r1, r1, &(0x7f0000000000), 0x8080fffffffe)
r12 = socket$inet6(0xa, 0x3, 0x2c)
connect$inet6(r12, &(0x7f0000000180)={0xa, 0x0, 0x0, @local, 0x3}, 0x1c)
r13 = open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0)
sendfile(r12, r13, 0x0, 0x8482)

[  935.242071][   T26] audit: type=1804 audit(1575885317.226:1008): pid=31482 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.4" name="/root/syzkaller-testdir277592306/syzkaller.2XkVD1/773/bus" dev="sda1" ino=17658 res=1
09:55:17 executing program 2:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snapshot\x00', 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
ioctl$TCSETA(0xffffffffffffffff, 0x5406, &(0x7f0000000100)={0x6, 0x2, 0x5, 0x40, 0x8, 0x8, 0x6, 0x9, 0x0, 0x1f})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000000380)={0x7b})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  935.634004][T32131] kvm [32057]: vcpu0, guest rIP: 0x4a Hyper-V unhandled rdmsr: 0x4000004a
[  935.717203][T32131] kvm [32057]: vcpu0, guest rIP: 0x4a Hyper-V unhandled rdmsr: 0x40000028
[  935.753598][T32131] kvm [32057]: vcpu0, guest rIP: 0x4a Hyper-V unhandled rdmsr: 0x4000007c
[  935.773092][T32131] kvm [32057]: vcpu0, guest rIP: 0x4a Hyper-V unhandled rdmsr: 0x40000086
[  935.791111][T32131] kvm [32057]: vcpu0, guest rIP: 0x4a Hyper-V unhandled rdmsr: 0x4000004e
09:55:18 executing program 1:
setsockopt$IP_VS_SO_SET_STARTDAEMON(0xffffffffffffffff, 0x0, 0x48b, &(0x7f00000000c0)={0x0, 'veth0_to_bond\x00'}, 0x18)
socket(0x0, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r0)
syz_open_dev$vcsn(0x0, 0x0, 0x8003)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
connect$can_bcm(0xffffffffffffffff, 0x0, 0x0)
r2 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r3 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r3, 0x4, 0x2000)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000002c0)={0xffffffffffffffff, 0xc0, &(0x7f00000003c0)={0x0, <r4=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x5, 0x7, 0x8, 0x2}, &(0x7f0000000200)=0xffd, 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000300)={r4}, 0xc)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000980)={0x0, 0xffffffffffffffff, 0x0, 0x5, &(0x7f0000000440)='f2fs\x00', r4}, 0x30)
r5 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
r6 = socket$inet6(0xa, 0x3, 0x2c)
connect$inet6(r6, &(0x7f0000000180)={0xa, 0x0, 0x0, @local, 0x3}, 0x1c)
r7 = open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0)
sendfile(r6, r7, 0x0, 0x8482)
ioctl$VHOST_RESET_OWNER(r7, 0xaf02, 0x0)
write$binfmt_aout(r5, &(0x7f00000006c0)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4763c1b8438a2d86a4af0500e13e17e0fbc02d12a05bf3db000000000000e06ac57b920bc9968107ffffffc8d106000000000000b75375dee2a723378f0405cd635eb5b51e03dca75cdb11d56dbf0577120aba6913d34908d35ac8b7700844eb5e4f95e824fa08d526ef2d17545a6523acfb341bc5356d3c69026a3cd79c3ded05af6eb6ff3aad07f46bb97a39b9325f4272cf7ce03b034bc534036436127e958ea3050dc8eae4feaa16e831bc562744091458da4585c6d086c50b573d62f4e2e4f7070051b207431af2639098d26254958edebd043e8647f89a2e12372156861b701b8a1150d9513309e35a99baa997d548c0cb368c97311f32a239d0dbe281f757fdef7d751daba89f437f4b58ea2f5eb1b6e27ff5d2a4687d017d0f357b8805d02f6b1c45bed054ffafcf15"], 0x6b)
sendfile(r5, r5, &(0x7f00000001c0), 0x8080fffffffe)
ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_PORT(r5, 0xc0a85352, &(0x7f0000000480)={{0x7, 0x64}, 'port0\x00', 0x1, 0x10840, 0x8, 0x7f, 0x0, 0x3, 0x0, 0x0, 0x1, 0x9})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000440)={0x0, 0xffffffffffffffff, 0x0, 0xc, &(0x7f0000000280)='eth0nodevlo\x00', r4}, 0x30)
fcntl$setown(r2, 0x8, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$P9_RREADLINK(r1, &(0x7f0000000580)=ANY=[@ANYBLOB="3a258211f663a7724bdef6a53bfce1e775d740627227b11e2daf85534aa6f5083067b0248878f07a91df1acc99e664c11cbf51b4f6bff473492cfc5ead68cb6a050655a837ad411cb73394239fdd9e33efb5b63c5ff85708d8994e34841e04ec5f4962c4636b7fb34f186b86bb0467bdd13133ef429bda82f9b8e15eae491432dd2a52707c9ff05a83380901aeeba6a468acc0159117074b79e3eae14d824500eef64107f2ce8e640653058270aa2695952d83c594a125149b91f5ef4021dfcdb74078938059110bd142f3c312c6ecfa636c2567683920c19b877c0100b56a570369b4a3f1d5c222e90a05b5fbfad863ae8a14c85cf21dc7ae5e1ed8ee86c42b4c4b52f5f951d46e18aaa93e909ccf37a43455b2416b67ed7064869a18b2d66a5a47630aad8094ca93f6085a68197469c0ab01a37f699b9cc9"], 0x13d)
sendfile(r1, r1, &(0x7f0000000000), 0x8080fffffffe)
r8 = socket$inet6(0xa, 0x3, 0x2c)
connect$inet6(r8, &(0x7f0000000180)={0xa, 0x0, 0x0, @local, 0x3}, 0x1c)
r9 = open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0)
sendfile(r8, r9, 0x0, 0x8482)
getsockopt$inet_pktinfo(r9, 0x0, 0x8, &(0x7f0000000040)={0x0, @loopback, @initdev}, &(0x7f0000000080)=0xc)

09:55:18 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000588ff8)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
fcntl$lock(r4, 0x26, &(0x7f0000000080))
fcntl$lock(r4, 0x26, &(0x7f0000000180)={0x40001, 0x0, 0x0, 0x3ac})
dup3(r3, r4, 0x0)
ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r4, 0x8983, &(0x7f0000000100)={0x0, 'veth1_to_hsr\x00', {0x1}, 0x100})
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000000380)={0x7b})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
r5 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r5, &(0x7f0000000200)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6f73a5eb7532a"], 0x6b)
sendfile(r5, r5, &(0x7f00000001c0), 0x8080fffffffe)
ioctl$SIOCRSSCAUSE(r5, 0x89e1, &(0x7f0000000200)=0xe574)

09:55:18 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = dup3(r2, r1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_ENABLE_CAP_CPU(r5, 0x4068aea3, &(0x7f0000000380)={0x7b})
accept4(0xffffffffffffffff, &(0x7f0000000480)=@rxrpc=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x0, 0x0, @dev}}, &(0x7f0000000000)=0x80, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0)
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r5, 0xae80, 0xe00000000000000)

09:55:18 executing program 3:
r0 = syz_open_dev$mouse(&(0x7f00000015c0)='/dev/input/mouse#\x00', 0x101, 0x80202)
pipe(&(0x7f00000006c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
close(0xffffffffffffffff)
sendmsg$nl_xfrm(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000001340)=ANY=[@ANYBLOB="f04000001a0075430000000000000000fe8000000000000000000000000000bbff0200000000000000000001800000000000730982e772f382b8000000001e7a316d8c8c1d789ddbc99e8cfaeb4240cd7c077f73790755339eac7e4f491fad5fa42261a312e06e62bd16552b44d475934ff7000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="ac1e00010000000000000000000000000000000000000000ff02000000000000000000000000000100000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000120000000000000000000000000000000000000000b20015878a77c9d5cbb5a7959fc35c342e82b9006f35b07cd3cd9b2a6f5cca7dc37c2ccb177a7e2da1d498131cd24586d2384a4d75324833904108262d2224e686c817"], 0xf0}}, 0x0)
fcntl$dupfd(r0, 0x0, 0xffffffffffffffff)
prlimit64(0x0, 0x0, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
epoll_create1(0x0)
r2 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r2, 0x4, 0x42000)
mmap(&(0x7f000005b000/0x4000)=nil, 0x4000, 0x0, 0x10000000000031, 0xffffffffffffffff, 0x0)
mbind(&(0x7f0000012000/0xc00000)=nil, 0xc00000, 0x0, 0x0, 0x0, 0x2000000000002)
close(0xffffffffffffffff)
r3 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r3, &(0x7f0000000200)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6f73a5eb7532a"], 0x6b)
sendfile(r3, r3, &(0x7f00000001c0), 0x8080fffffffe)
write$USERIO_CMD_REGISTER(r3, &(0x7f0000000000)={0x0, 0x6}, 0x2)
mkdir(&(0x7f00000000c0)='./file0\x00', 0x0)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)

09:55:18 executing program 2:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snapshot\x00', 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
ioctl$TCSETA(0xffffffffffffffff, 0x5406, &(0x7f0000000100)={0x6, 0x2, 0x5, 0x40, 0x8, 0x8, 0x6, 0x9, 0x0, 0x1f})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000000380)={0x7b})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

09:55:18 executing program 2:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snapshot\x00', 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
ioctl$TCSETA(0xffffffffffffffff, 0x5406, &(0x7f0000000100)={0x6, 0x2, 0x5, 0x40, 0x8, 0x8, 0x6, 0x9, 0x0, 0x1f})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000000380)={0x7b})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

09:55:18 executing program 5:
setsockopt$IP_VS_SO_SET_STARTDAEMON(0xffffffffffffffff, 0x0, 0x48b, &(0x7f00000000c0)={0x0, 'veth0_to_bond\x00'}, 0x18)
socket(0x0, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r0)
syz_open_dev$vcsn(0x0, 0x0, 0x8003)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
connect$can_bcm(0xffffffffffffffff, 0x0, 0x0)
r2 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r2, &(0x7f0000000200)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6d73a5eb7532a"], 0x6b)
sendfile(r2, r2, &(0x7f00000001c0), 0x8080fffffffe)
r3 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r3, &(0x7f00000006c0)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6f73a5eb7532a7950878e24d651199437ae46d4d1ff26f0b5946a6396c2d8e4b77cc3ad4b78c8e2980c0a056eb39a52737f8b87f1309b50668495e595f9be98a59817f360d811644caf42f3084a082c39eebccfb665503ba3ffc3afaee683dabbbe94f420f9a301d6"], 0x6b)
sendfile(r3, r3, &(0x7f00000001c0), 0x8080fffffffe)
r4 = socket$inet(0x2, 0x100000000805, 0x0)
r5 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r5, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r6=>0x0]}, &(0x7f000095dffc)=0x1bb)
setsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(r4, 0x84, 0x72, &(0x7f0000000100)={r6}, 0xc)
getsockopt$inet_sctp_SCTP_RESET_STREAMS(r3, 0x84, 0x77, &(0x7f0000000100)={<r7=>r6, 0x0, 0x4, [0x7f, 0x3, 0x2, 0xff]}, &(0x7f0000000340)=0x10)
setsockopt$inet_sctp_SCTP_AUTH_DELETE_KEY(r2, 0x84, 0x19, &(0x7f0000000380)={r7, 0x8}, 0x8)
r8 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r9 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
fcntl$setstatus(r9, 0x4, 0x2000)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000002c0)={0xffffffffffffffff, 0xc0, &(0x7f00000003c0)={0x0, <r10=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x5, 0x7, 0x8, 0x2}, &(0x7f0000000200)=0xfff, 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000300)={r10}, 0xc)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000980)={0x0, 0xffffffffffffffff, 0x0, 0x5, &(0x7f0000000440)='f2fs\x00', r10}, 0x30)
r11 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r11, &(0x7f0000000200)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6f73a5eb7532a"], 0x6b)
sendfile(r11, r11, &(0x7f00000001c0), 0x8080fffffffe)
ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_PORT(r11, 0xc0a85352, &(0x7f0000000480)={{0x7, 0x64}, 'port0\x00', 0x1, 0x10840, 0x8, 0x7f, 0x0, 0x3, 0x0, 0x0, 0x1, 0x9})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000440)={0x0, 0xffffffffffffffff, 0x0, 0xc, &(0x7f0000000280)='eth0nodevlo\x00', r10}, 0x30)
fcntl$setown(r8, 0x8, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$P9_RREADLINK(r1, &(0x7f0000000580)=ANY=[@ANYBLOB="3a258211f663a7724bdef6a53bfce1e775d740627227b11e2daf85534aa6f5083067b0248878f07a91df1acc99e664c11cbf51b4f6bff473492cfc5ead68cb6a050655a837ad411cb73394239fdd9e33efb5b63c5ff85708d8994e34841e04ec5f4962c4636b7fb34f186b86bb0467bdd13133ef429bda82f9b8e15eae491432dd2a52707c9ff05a83380901aeeba6a468acc0159117074b79e3eae14d824500eef64107f2ce8e640653058270aa2695952d83c594a125149b91f5ef4021dfcdb74078938059110bd142f3c312c6ecfa636c2567683920c19b877c0100b56a570369b4a3f1d5c222e90a05b5fbfad863ae8a14c85cf21dc7ae5e1ed8ee86c42b4c4b52f5f951d46e18aaa93e909ccf37a43455b24102c998836b67ed7064869a18b2d66a5a45630aad8094ca93f6085a68197469c0ab01a37f699b9cc9"], 0x13d)
sendfile(r1, r1, &(0x7f0000000000), 0x8080fffffffe)
r12 = socket$inet6(0xa, 0x3, 0x2c)
connect$inet6(r12, &(0x7f0000000180)={0xa, 0x0, 0x0, @local, 0x3}, 0x1c)
sendfile(r12, 0xffffffffffffffff, 0x0, 0x8482)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000000040)={0x0, @loopback, @initdev}, &(0x7f0000000080)=0xc)

09:55:18 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = dup3(r2, r1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_ENABLE_CAP_CPU(r5, 0x4068aea3, &(0x7f0000000380)={0x7b})
accept4(0xffffffffffffffff, &(0x7f0000000480)=@rxrpc=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x0, 0x0, @dev}}, &(0x7f0000000000)=0x80, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0)
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r5, 0xae80, 0xf00000000000000)

09:55:18 executing program 3:
r0 = syz_open_dev$mouse(&(0x7f00000015c0)='/dev/input/mouse#\x00', 0x101, 0x80202)
pipe(&(0x7f00000006c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
close(0xffffffffffffffff)
sendmsg$nl_xfrm(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000001340)=ANY=[@ANYBLOB="f04000001a0075430000000000000000fe8000000000000000000000000000bbff0200000000000000000001800000000000730982e772f382b8000000001e7a316d8c8c1d789ddbc99e8cfaeb4240cd7c077f73790755339eac7e4f491fad5fa42261a312e06e62bd16552b44d475934ff7000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="ac1e00010000000000000000000000000000000000000000ff02000000000000000000000000000100000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000120000000000000000000000000000000000000000b20015878a77c9d5cbb5a7959fc35c342e82b9006f35b07cd3cd9b2a6f5cca7dc37c2ccb177a7e2da1d498131cd24586d2384a4d75324833904108262d2224e686c817"], 0xf0}}, 0x0)
fcntl$dupfd(r0, 0x0, 0xffffffffffffffff)
prlimit64(0x0, 0x0, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
epoll_create1(0x0)
r2 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r2, 0x4, 0x42000)
mmap(&(0x7f000005b000/0x4000)=nil, 0x4000, 0x0, 0x10000000000031, 0xffffffffffffffff, 0x0)
mbind(&(0x7f0000012000/0xc00000)=nil, 0xc00000, 0x0, 0x0, 0x0, 0x2000000000002)
r3 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/lblcr_expiration\x00', 0x2, 0x0)
setsockopt$RDS_CANCEL_SENT_TO(r3, 0x114, 0x1, &(0x7f0000000100)={0x2, 0x4e20, @local}, 0x10)
close(0xffffffffffffffff)
mkdir(&(0x7f00000000c0)='./file0\x00', 0x0)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)

[  936.717380][T32468] FAT-fs (loop1): error, fat_get_cluster: invalid cluster chain (i_pos 17)
[  936.820792][T32468] FAT-fs (loop1): Filesystem has been set read-only
[  936.828179][T32468] FAT-fs (loop1): error, fat_free: invalid cluster chain (i_pos 17)
09:55:18 executing program 2:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snapshot\x00', 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
ioctl$TCSETA(0xffffffffffffffff, 0x5406, &(0x7f0000000100)={0x6, 0x2, 0x5, 0x40, 0x8, 0x8, 0x6, 0x9, 0x0, 0x1f})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000000380)={0x7b})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

09:55:19 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = dup3(r2, r1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_ENABLE_CAP_CPU(r5, 0x4068aea3, &(0x7f0000000380)={0x7b})
accept4(0xffffffffffffffff, &(0x7f0000000480)=@rxrpc=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x0, 0x0, @dev}}, &(0x7f0000000000)=0x80, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0)
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r5, 0xae80, 0x1000000000000000)

09:55:19 executing program 1:
setsockopt$IP_VS_SO_SET_STARTDAEMON(0xffffffffffffffff, 0x0, 0x48b, &(0x7f00000000c0)={0x0, 'veth0_to_bond\x00'}, 0x18)
socket(0x0, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r0)
syz_open_dev$vcsn(0x0, 0x0, 0x8003)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
connect$can_bcm(0xffffffffffffffff, 0x0, 0x0)
r2 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r3 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r3, 0x4, 0x2000)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000002c0)={0xffffffffffffffff, 0xc0, &(0x7f00000003c0)={0x0, <r4=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x5, 0x7, 0x8, 0x2}, &(0x7f0000000200)=0xfff, 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000300)={r4}, 0xc)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000980)={0x0, 0xffffffffffffffff, 0x0, 0x5, &(0x7f0000000440)='f2fs\x00', r4}, 0x30)
r5 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r5, &(0x7f0000000200)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6f73a5eb7532a"], 0x6b)
sendfile(r5, r5, &(0x7f00000001c0), 0x8080fffffffe)
ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_PORT(r5, 0xc0a85352, &(0x7f0000000480)={{0x7, 0x64}, 'port0\x00', 0x1, 0x10840, 0x8, 0x7f, 0x0, 0x3, 0x0, 0x0, 0x1, 0x9})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000440)={0x0, 0xffffffffffffffff, 0x0, 0xc, &(0x7f0000000280)='eth0nodevlo\x00', r4}, 0x30)
fcntl$setown(r2, 0x8, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendfile(r1, r1, &(0x7f0000000000), 0x8080fffffffe)
r6 = socket$inet6(0xa, 0x3, 0x2c)
connect$inet6(r6, &(0x7f0000000180)={0xa, 0x0, 0x0, @local, 0x3}, 0x1c)
r7 = open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0)
sendfile(r6, r7, 0x0, 0x8482)
getsockopt$inet_pktinfo(r7, 0x0, 0x8, &(0x7f0000000040)={0x0, @loopback, @initdev}, &(0x7f0000000080)=0xc)

09:55:19 executing program 2:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snapshot\x00', 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
ioctl$TCSETA(0xffffffffffffffff, 0x5406, &(0x7f0000000100)={0x6, 0x2, 0x5, 0x40, 0x8, 0x8, 0x6, 0x9, 0x0, 0x1f})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000000380)={0x7b})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  937.489876][   T26] kauditd_printk_skb: 4 callbacks suppressed
[  937.489897][   T26] audit: type=1804 audit(1575885319.476:1013): pid=537 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir100869913/syzkaller.GI7b3r/585/file0/bus" dev="loop1" ino=437 res=1
[  937.608467][   T26] audit: type=1804 audit(1575885319.546:1014): pid=433 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.1" name="/root/syzkaller-testdir100869913/syzkaller.GI7b3r/585/file0/bus" dev="loop1" ino=437 res=1
09:55:19 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_GET_PIT(0xffffffffffffffff, 0xc048ae65, &(0x7f0000000100))
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000000380)={0x7b})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

09:55:19 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = dup3(r2, r1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_ENABLE_CAP_CPU(r5, 0x4068aea3, &(0x7f0000000380)={0x7b})
accept4(0xffffffffffffffff, &(0x7f0000000480)=@rxrpc=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x0, 0x0, @dev}}, &(0x7f0000000000)=0x80, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0)
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r5, 0xae80, 0x1100000000000000)

09:55:19 executing program 5:
setsockopt$IP_VS_SO_SET_STARTDAEMON(0xffffffffffffffff, 0x0, 0x48b, &(0x7f00000000c0)={0x0, 'veth0_to_bond\x00'}, 0x18)
socket(0x0, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r0)
syz_open_dev$vcsn(0x0, 0x0, 0x8003)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
connect$can_bcm(0xffffffffffffffff, 0x0, 0x0)
r2 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r2, &(0x7f0000000200)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6d73a5eb7532a"], 0x6b)
sendfile(r2, r2, &(0x7f00000001c0), 0x8080fffffffe)
r3 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r3, &(0x7f00000006c0)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6f73a5eb7532a7950878e24d651199437ae46d4d1ff26f0b5946a6396c2d8e4b77cc3ad4b78c8e2980c0a056eb39a52737f8b87f1309b50668495e595f9be98a59817f360d811644caf42f3084a082c39eebccfb665503ba3ffc3afaee683dabbbe94f420f9a301d6"], 0x6b)
sendfile(r3, r3, &(0x7f00000001c0), 0x8080fffffffe)
r4 = socket$inet(0x2, 0x100000000805, 0x0)
r5 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r5, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r6=>0x0]}, &(0x7f000095dffc)=0x1bb)
setsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(r4, 0x84, 0x72, &(0x7f0000000100)={r6}, 0xc)
getsockopt$inet_sctp_SCTP_RESET_STREAMS(r3, 0x84, 0x77, &(0x7f0000000100)={<r7=>r6, 0x0, 0x4, [0x7f, 0x3, 0x2, 0xff]}, &(0x7f0000000340)=0x10)
setsockopt$inet_sctp_SCTP_AUTH_DELETE_KEY(r2, 0x84, 0x19, &(0x7f0000000380)={r7, 0x8}, 0x8)
r8 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r9 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
fcntl$setstatus(r9, 0x4, 0x2000)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000002c0)={0xffffffffffffffff, 0xc0, &(0x7f00000003c0)={0x0, <r10=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x5, 0x7, 0x8, 0x2}, &(0x7f0000000200)=0xfff, 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000300)={r10}, 0xc)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000980)={0x0, 0xffffffffffffffff, 0x0, 0x5, &(0x7f0000000440)='f2fs\x00', r10}, 0x30)
r11 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r11, &(0x7f0000000200)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6f73a5eb7532a"], 0x6b)
sendfile(r11, r11, &(0x7f00000001c0), 0x8080fffffffe)
ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_PORT(r11, 0xc0a85352, &(0x7f0000000480)={{0x7, 0x64}, 'port0\x00', 0x1, 0x10840, 0x8, 0x7f, 0x0, 0x3, 0x0, 0x0, 0x1, 0x9})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000440)={0x0, 0xffffffffffffffff, 0x0, 0xc, &(0x7f0000000280)='eth0nodevlo\x00', r10}, 0x30)
fcntl$setown(r8, 0x8, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$P9_RREADLINK(r1, &(0x7f0000000580)=ANY=[@ANYBLOB="3a258211f663a7724bdef6a53bfce1e775d740627227b11e2daf85534aa6f5083067b0248878f07a91df1acc99e664c11cbf51b4f6bff473492cfc5ead68cb6a050655a837ad411cb73394239fdd9e33efb5b63c5ff85708d8994e34841e04ec5f4962c4636b7fb34f186b86bb0467bdd13133ef429bda82f9b8e15eae491432dd2a52707c9ff05a83380901aeeba6a468acc0159117074b79e3eae14d824500eef64107f2ce8e640653058270aa2695952d83c594a125149b91f5ef4021dfcdb74078938059110bd142f3c312c6ecfa636c2567683920c19b877c0100b56a570369b4a3f1d5c222e90a05b5fbfad863ae8a14c85cf21dc7ae5e1ed8ee86c42b4c4b52f5f951d46e18aaa93e909ccf37a43455b24102c998836b67ed7064869a18b2d66a5a45630aad8094ca93f6085a68197469c0ab01a37f699b9cc9"], 0x13d)
sendfile(r1, r1, &(0x7f0000000000), 0x8080fffffffe)
r12 = socket$inet6(0xa, 0x3, 0x2c)
connect$inet6(r12, &(0x7f0000000180)={0xa, 0x0, 0x0, @local, 0x3}, 0x1c)
sendfile(r12, 0xffffffffffffffff, 0x0, 0x8482)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000000040)={0x0, @loopback, @initdev}, &(0x7f0000000080)=0xc)

09:55:19 executing program 1:
setsockopt$IP_VS_SO_SET_STARTDAEMON(0xffffffffffffffff, 0x0, 0x48b, &(0x7f00000000c0)={0x0, 'veth0_to_bond\x00'}, 0x18)
setsockopt$inet_sctp_SCTP_FRAGMENT_INTERLEAVE(0xffffffffffffffff, 0x84, 0x12, &(0x7f0000000100)=0x790000, 0x4)
socket(0x0, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r0)
syz_open_dev$vcsn(0x0, 0x0, 0x8003)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
connect$can_bcm(0xffffffffffffffff, 0x0, 0x0)
r2 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r3 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r3, 0x4, 0x2000)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000002c0)={0xffffffffffffffff, 0xc0, &(0x7f00000006c0)={0x0, <r4=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x5, 0xd, 0x8, 0x2}, &(0x7f0000000200)=0xfff, 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x7)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000300)={r4}, 0xc)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000980)={0x0, 0xffffffffffffffff, 0x0, 0x5, &(0x7f0000000440)='f2fs\x00', r4}, 0x30)
write$binfmt_aout(0xffffffffffffffff, &(0x7f0000000780)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6f73a5eb7532acf896bee5eecf4cde719a32cfcfcbee112526205a10e00f3c40b7e1af069f66a0fd23265426fb62c9c4bff599cf0a4565823646660ad552fa6836e343713ca695b7453403d3719e084715e58e0424ad238fee96af6c906d41a492fdbaa5f9b29e74e95323b91be6fadc034e0e562a2f4b03f5a17afe120a3c5014a47393c1e4c4669ed9ed2b419f192ae55cf20f9a57a4585306367225de82a79f70e86ef40194f41438d3e76b76000c148dc9d3cd1c3fa40e20b6bce0e5f967aebb1fcac3f7732fc6e717acdc88f8e2d62cf8a420d286771c2e9190941540631275f217c3f92f4"], 0x6b)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f00000001c0), 0x8080fffffffe)
ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_PORT(0xffffffffffffffff, 0xc0a85352, &(0x7f0000000480)={{0x7, 0x64}, 'port0\x00', 0x1, 0x10840, 0x8, 0x7f, 0x0, 0x3, 0x0, 0x0, 0x1, 0x9})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000440)={0x0, 0xffffffffffffffff, 0x0, 0xc, &(0x7f0000000280)='eth0nodevlo\x00', r4}, 0x30)
fcntl$setown(r2, 0x8, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$P9_RREADLINK(r1, &(0x7f0000000580)=ANY=[@ANYBLOB="3a258211f663a7724bdef6a53bfce1e775d740627227b11e2daf85534aa6f5083067b0248878f07a91df1acc99e664c11cbf51b4f6bff473492cfc5ead68cb6a050655a837ad411cb73394239fdd9e33efb5b63c5ff85708d8994e34841e04ec5f4962c4636b7fb34f186b86bb0467bdd13133ef429bda82f9b8e15eae491432dd2a52707c9ff05a83380901aeeba6a468acc0159117074b79e3eae14d824500eef64107f2ce8e640653058270aa2695952d83c594a125149b91f5ef4021dfcdb74078938059110bd142f3c312c6ecfa636c2567683920c19b877c0100b56a570369b4a3f1d5c222e90a05b5fbfad863ae8a14c85cf21dc7ae5e1ed8ee86c42b4c4b52f5f951d46e18aaa93e909ccf37a43455b24102c998836b67ed7064869a18b2d66a5a45630aad8094ca93f6085a68197469c0ab01a37f699b9cc9"], 0x13d)
sendfile(r1, r1, &(0x7f0000000000), 0x8080fffffffe)
r5 = socket$inet6(0xa, 0x3, 0x2c)
connect$inet6(r5, &(0x7f0000000180)={0xa, 0x0, 0x0, @local, 0x3}, 0x1c)
r6 = open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0)
sendfile(r5, r6, 0x0, 0x8482)
readv(0xffffffffffffffff, &(0x7f00000003c0)=[{&(0x7f00000009c0)=""/4096, 0x1000}, {&(0x7f00000019c0)=""/4096, 0x1000}, {&(0x7f0000000340)=""/89, 0x59}], 0x3)
getsockopt$inet_pktinfo(r6, 0x0, 0x8, &(0x7f0000000040)={0x0, @loopback, @initdev}, &(0x7f0000000080)=0xc)

09:55:19 executing program 2:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snapshot\x00', 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
ioctl$TCSETA(0xffffffffffffffff, 0x5406, &(0x7f0000000100)={0x6, 0x2, 0x5, 0x40, 0x8, 0x8, 0x6, 0x9, 0x0, 0x1f})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000000380)={0x7b})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

09:55:19 executing program 3:
r0 = syz_open_dev$mouse(&(0x7f00000015c0)='/dev/input/mouse#\x00', 0x101, 0x80202)
pipe(&(0x7f00000006c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
close(0xffffffffffffffff)
sendmsg$nl_xfrm(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000001340)=ANY=[@ANYBLOB="f04000001a0075430000000000000000fe8000000000000000000000000000bbff0200000000000000000001800000000000730982e772f382b8000000001e7a316d8c8c1d789ddbc99e8cfaeb4240cd7c077f73790755339eac7e4f491fad5fa42261a312e06e62bd16552b44d475934ff7000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="ac1e00010000000000000000000000000000000000000000ff02000000000000000000000000000100000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000120000000000000000000000000000000000000000b20015878a77c9d5cbb5a7959fc35c342e82b9006f35b07cd3cd9b2a6f5cca7dc37c2ccb177a7e2da1d498131cd24586d2384a4d75324833904108262d2224e686c817"], 0xf0}}, 0x0)
fcntl$dupfd(r0, 0x0, 0xffffffffffffffff)
prlimit64(0x0, 0x0, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
epoll_create1(0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x6000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x200000000000df8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x11, r3, 0x0)
r4 = openat$vimc0(0xffffffffffffff9c, &(0x7f0000000140)='/dev/video0\x00', 0x2, 0x0)
fgetxattr(r4, &(0x7f0000000180)=@known='trusted.overlay.opaque\x00', &(0x7f00000001c0)=""/144, 0x90)
ioctl$PERF_EVENT_IOC_SET_OUTPUT(r2, 0x2405, r3)
r5 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x6000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x200000000000df8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x11, r6, 0x0)
ioctl$PERF_EVENT_IOC_SET_OUTPUT(r5, 0x2405, r6)
fcntl$setstatus(r5, 0x4, 0x45800)
mmap(&(0x7f000005b000/0x4000)=nil, 0x4000, 0x0, 0x10000000000031, 0xffffffffffffffff, 0x0)
mbind(&(0x7f0000012000/0xc00000)=nil, 0xc00000, 0x0, 0x0, 0x0, 0x2000000000002)
close(0xffffffffffffffff)
mkdir(&(0x7f00000000c0)='./file0\x00', 0x0)
ioctl$DRM_IOCTL_ADD_CTX(r1, 0xc0086420, &(0x7f0000000000)={<r7=>0x0})
ioctl$DRM_IOCTL_SWITCH_CTX(r1, 0x40086424, &(0x7f0000000100)={r7, 0x1})
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)

[  938.232066][   T26] audit: type=1804 audit(1575885320.216:1015): pid=672 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir100869913/syzkaller.GI7b3r/586/file0/bus" dev="loop1" ino=438 res=1
09:55:20 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = dup3(r2, r1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_ENABLE_CAP_CPU(r5, 0x4068aea3, &(0x7f0000000380)={0x7b})
accept4(0xffffffffffffffff, &(0x7f0000000480)=@rxrpc=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x0, 0x0, @dev}}, &(0x7f0000000000)=0x80, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0)
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r5, 0xae80, 0x1200000000000000)

09:55:20 executing program 3:
socket$caif_stream(0x25, 0x1, 0x1)
r0 = syz_open_dev$mouse(&(0x7f00000015c0)='/dev/input/mouse#\x00', 0x101, 0x80202)
pipe(&(0x7f00000006c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
close(0xffffffffffffffff)
sendmsg$nl_xfrm(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000001340)=ANY=[@ANYBLOB="f04000001a0075430000000000000000fe8000000000000000000000bbff0200000000000000000001800000000000730982e772f382b8000000001e7a316d8c8c1d789ddbc99e8cfaeb4240cd7c077f73cf8e171e9eac7e4f491fad5fa42261a312e06e62bd16552b44d475934ff700e300000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="ac1e000100000000f6ffffffffffffff0000000000000000ff02000000000000000000000000000100000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000120000000000000000000000000000000000000000b20015878a77c9d5cbb5a7959fc35c342e82b9006f35b07cd3cd9b2a6f5cca7dc37c2ccb177a7e2da1d498131cd24586d2384a4d75324833904108262d2224e686c817"], 0xf0}}, 0x0)
fcntl$dupfd(r0, 0x0, 0xffffffffffffffff)
prlimit64(0x0, 0x0, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
epoll_create1(0x0)
r2 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r2, 0x4, 0x42000)
mmap(&(0x7f000005b000/0x4000)=nil, 0x4000, 0x0, 0x10000000000031, 0xffffffffffffffff, 0x0)
mbind(&(0x7f0000012000/0xc00000)=nil, 0xc00000, 0x0, 0x0, 0x0, 0x2000000000002)
close(0xffffffffffffffff)
mkdir(&(0x7f00000000c0)='./file0\x00', 0x0)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)

09:55:20 executing program 2:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snapshot\x00', 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
ioctl$TCSETA(0xffffffffffffffff, 0x5406, &(0x7f0000000100)={0x6, 0x2, 0x5, 0x40, 0x8, 0x8, 0x6, 0x9, 0x0, 0x1f})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000000380)={0x7b})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  938.506828][  T566] FAT-fs (loop1): error, fat_get_cluster: invalid cluster chain (i_pos 17)
[  938.532623][  T566] FAT-fs (loop1): Filesystem has been set read-only
[  938.561402][  T566] FAT-fs (loop1): error, fat_free: invalid cluster chain (i_pos 17)
09:55:20 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = dup3(r2, r1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_ENABLE_CAP_CPU(r5, 0x4068aea3, &(0x7f0000000380)={0x7b})
accept4(0xffffffffffffffff, &(0x7f0000000480)=@rxrpc=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x0, 0x0, @dev}}, &(0x7f0000000000)=0x80, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0)
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r5, 0xae80, 0x1300000000000000)

09:55:20 executing program 1:
setsockopt$IP_VS_SO_SET_STARTDAEMON(0xffffffffffffffff, 0x0, 0x48b, &(0x7f00000000c0)={0x0, 'veth0_to_bond\x00'}, 0x18)
socket(0x0, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r0)
syz_open_dev$vcsn(0x0, 0x0, 0x8003)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
connect$can_bcm(0xffffffffffffffff, 0x0, 0x0)
r2 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r3 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r3, 0x4, 0x2000)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000002c0)={0xffffffffffffffff, 0xc0, &(0x7f00000003c0)={0x0, <r4=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x5, 0x7, 0x8, 0x2}, &(0x7f0000000200)=0xfff, 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000300)={r4}, 0xc)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000980)={0x0, 0xffffffffffffffff, 0x0, 0x5, &(0x7f0000000440)='f2fs\x00', r4}, 0x30)
r5 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r5, &(0x7f0000000200)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6f73a5eb7532a"], 0x6b)
sendfile(r5, r5, &(0x7f00000001c0), 0x8080fffffffe)
ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_PORT(r5, 0xc0a85352, &(0x7f0000000480)={{0x7, 0x64}, 'port0\x00', 0x1, 0x10840, 0x8, 0x7f, 0x0, 0x3, 0x0, 0x0, 0x1, 0x9})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000440)={0x0, 0xffffffffffffffff, 0x0, 0xc, &(0x7f0000000280)='eth0nodevlo\x00', r4}, 0x30)
fcntl$setown(r2, 0x8, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r6 = creat(&(0x7f0000000100)='./file0\x00', 0x10)
r7 = semget$private(0x0, 0x2, 0x48)
getresuid(0x0, &(0x7f0000000340)=<r8=>0x0, &(0x7f0000000380))
r9 = getgid()
r10 = geteuid()
stat(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, 0x0, <r11=>0x0})
semctl$IPC_SET(r7, 0x0, 0x1, &(0x7f0000000480)={{0x6134e6ad, r8, r9, r10, r11, 0x0, 0x80000001}, 0xff, 0x80000000, 0x2})
r12 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0)
r13 = ioctl$KVM_CREATE_VM(r12, 0xae01, 0x0)
r14 = ioctl$KVM_CREATE_VCPU(r13, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r14, &(0x7f00001da000/0x18000)=nil, 0x0, 0xfffffe72, 0x0, 0x0, 0xa00000000000000)
fstat(r14, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, <r15=>0x0})
fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000880)={0x0, <r16=>0x0})
r17 = socket(0xa, 0x80001, 0x0)
getsockopt$sock_cred(r17, 0x1, 0x11, 0x0, &(0x7f0000b34ffc))
getsockopt$inet6_IPV6_IPSEC_POLICY(r17, 0x29, 0x22, &(0x7f00000008c0)={{{@in6, @in6=@empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r18=>0x0}}, {{@in6=@ipv4={[], [], @dev}}, 0x0, @in6=@dev}}, &(0x7f00000009c0)=0xe8)
r19 = getegid()
r20 = socket(0xa, 0x80001, 0x0)
getsockopt$sock_cred(r20, 0x1, 0x11, &(0x7f0000b34ff8)={0x0, <r21=>0x0}, &(0x7f0000b34ffc)=0xc)
setuid(r21)
lstat(0x0, &(0x7f0000000b00)={0x0, 0x0, 0x0, 0x0, 0x0, <r22=>0x0})
lstat(&(0x7f0000000b80)='./file0\x00', &(0x7f0000000bc0)={0x0, 0x0, 0x0, 0x0, <r23=>0x0})
r24 = open(&(0x7f0000000040)='./bus\x00', 0x141042, 0x0)
lstat(0x0, &(0x7f00000017c0)={0x0, 0x0, 0x0, 0x0, 0x0, <r25=>0x0})
fchown(r24, 0x0, r25)
sendmsg$unix(0xffffffffffffffff, &(0x7f0000000d40)={&(0x7f0000000180)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f00000007c0)=[{&(0x7f0000000300)}, {&(0x7f00000003c0)="461b173c1daf6fd3514b07e58b123ee40c55eb9586082bf98076ed45f0a0344a8b3366c25b10c962569d34684addf1078c3af1132a862f36a4917c2b837f86361a1bfcf81b8859a44fa1a3aaecc79b2c8c0537df9ff0d2322077077298d6ad2bb54b82009d4dbc3242", 0x69}, {&(0x7f0000000440)="d880cb946c9e809576e8c3e4c470b33132bada8ff913c13023a7bf871e185d0d7dbbf0a1d077fabf9996e5ba019914e63b0a377d0cc880e4c8cbb2d46694449aad91f9e8caaa0e88b80bff83f75929a1320899357da557bff57ffa23a33e7fb719282db60628b3935f459f56f9b5971dfa", 0x71}, {&(0x7f00000005c0)="2919da6b1a29b57e129b7a4a60afbbbcebdd", 0x12}, {0x0}, {&(0x7f0000000700)="8e01364aa70818cbf626a37fcfa2270baff3d5e2cb6b0bada6c69f072980e5", 0x1f}], 0x6, &(0x7f0000000c40)=[@cred={{0x1c, 0x1, 0x2, {r16, r18, r19}}}, @rights={{0x10}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {0x0, r21, r22}}}, @cred={{0x1c, 0x1, 0x2, {0x0, r23, r25}}}], 0xa0, 0x4}, 0x6010)
r26 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r26, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r27=>0x0}, &(0x7f0000cab000)=0xc)
setresuid(0x0, r27, 0x0)
semctl$IPC_SET(r7, 0x0, 0x1, &(0x7f00000000c0)={{0x0, r15, r25, r27, 0xee00, 0x40}, 0x0, 0x205, 0x5})
setsockopt$inet6_IPV6_XFRM_POLICY(r6, 0x29, 0x23, &(0x7f00000006c0)={{{@in6=@loopback, @in6=@dev={0xfe, 0x80, [], 0x21}, 0x4e22, 0x1f, 0x4e22, 0x1, 0x574d3646ec6d9126, 0x20, 0xa0, 0x8, 0x0, r15}, {0x14, 0x1, 0x4b6, 0x9, 0x3ff, 0x5242, 0x4, 0x1f}, {0x8001, 0x3, 0x9820, 0x6ad}, 0x8, 0x6e6bb0, 0x1, 0x1, 0x1}, {{@in6=@local, 0x4d5, 0x3c}, 0x11, @in6=@remote, 0x3503, 0x1, 0x1, 0x9, 0xd8, 0x80000001, 0x7fff}}, 0xe8)
write$P9_RREADLINK(r1, &(0x7f0000000580)=ANY=[@ANYBLOB="3a258211f663a7724bdef6a53bfce1e775d740627227b11e2daf85534aa6f5083067b0248878f07a91df1acc99e664c11cbf51b4f6bff473492cfc5ead68cb6a050655a837ad411cb73394239fdd9e33efb5b63c5ff85708d8994e34841e04ec5f4962c4636b7fb34f186b86bb0467bdd13133ef429bda82f9b8e15eae491432dd2a52707c9ff05a83380901aeeba6a468acc0159117074b79e3eae14d824500eef64107f2ce8e640653058270aa2695952d83c594a125149b91f5ef4021dfcdb74078938059110bd142f3c312c6ecfa636c2567683920c19b877c0100b56a570369b4a3f1d5c222e90a05b5fbfad863ae8a14c85cf21dc7ae5e1ed8ee86c42b4c4b52f5f951d46e18aaa93e909ccf37a43455b24102c998836b67ed7064869a18b2d66a5a45630aad8094ca93f6085a68197469c0ab01a37f699b9cc9"], 0x13d)
sendfile(r1, r1, &(0x7f0000000000), 0x8080fffffffe)
r28 = socket$inet6(0xa, 0x3, 0x2c)
connect$inet6(r28, &(0x7f0000000180)={0xa, 0x0, 0x0, @local, 0x3}, 0x1c)
r29 = open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0)
sendfile(r28, r29, 0x0, 0x8482)
getsockopt$inet_pktinfo(r29, 0x0, 0x8, &(0x7f0000000040)={0x0, @loopback, @initdev}, &(0x7f0000000080)=0xc)

09:55:20 executing program 2:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snapshot\x00', 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
ioctl$TCSETA(0xffffffffffffffff, 0x5406, &(0x7f0000000100)={0x6, 0x2, 0x5, 0x40, 0x8, 0x8, 0x6, 0x9, 0x0, 0x1f})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000000380)={0x7b})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

09:55:21 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r2, &(0x7f0000000200)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6f73a5eb7532a"], 0x6b)
sendfile(r2, r2, &(0x7f00000001c0), 0x8080fffffffe)
setsockopt$l2tp_PPPOL2TP_SO_REORDERTO(r2, 0x111, 0x5, 0xffffffc0, 0x4)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r4 = semget(0x1, 0x0, 0x140)
semctl$GETNCNT(r4, 0x4, 0xe, &(0x7f0000000100)=""/70)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_ENABLE_CAP_CPU(r3, 0x4068aea3, &(0x7f0000000380)={0x7b})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30)
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

09:55:21 executing program 5:
setsockopt$IP_VS_SO_SET_STARTDAEMON(0xffffffffffffffff, 0x0, 0x48b, &(0x7f00000000c0)={0x0, 'veth0_to_bond\x00'}, 0x18)
socket(0x0, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r0)
syz_open_dev$vcsn(0x0, 0x0, 0x8003)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
connect$can_bcm(0xffffffffffffffff, 0x0, 0x0)
r2 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r2, &(0x7f0000000200)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6d73a5eb7532a"], 0x6b)
sendfile(r2, r2, &(0x7f00000001c0), 0x8080fffffffe)
r3 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r3, &(0x7f00000006c0)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6f73a5eb7532a7950878e24d651199437ae46d4d1ff26f0b5946a6396c2d8e4b77cc3ad4b78c8e2980c0a056eb39a52737f8b87f1309b50668495e595f9be98a59817f360d811644caf42f3084a082c39eebccfb665503ba3ffc3afaee683dabbbe94f420f9a301d6"], 0x6b)
sendfile(r3, r3, &(0x7f00000001c0), 0x8080fffffffe)
r4 = socket$inet(0x2, 0x100000000805, 0x0)
r5 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r5, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r6=>0x0]}, &(0x7f000095dffc)=0x1bb)
setsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(r4, 0x84, 0x72, &(0x7f0000000100)={r6}, 0xc)
getsockopt$inet_sctp_SCTP_RESET_STREAMS(r3, 0x84, 0x77, &(0x7f0000000100)={<r7=>r6, 0x0, 0x4, [0x7f, 0x3, 0x2, 0xff]}, &(0x7f0000000340)=0x10)
setsockopt$inet_sctp_SCTP_AUTH_DELETE_KEY(r2, 0x84, 0x19, &(0x7f0000000380)={r7, 0x8}, 0x8)
r8 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r9 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
fcntl$setstatus(r9, 0x4, 0x2000)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000002c0)={0xffffffffffffffff, 0xc0, &(0x7f00000003c0)={0x0, <r10=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x5, 0x7, 0x8, 0x2}, &(0x7f0000000200)=0xfff, 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000300)={r10}, 0xc)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000980)={0x0, 0xffffffffffffffff, 0x0, 0x5, &(0x7f0000000440)='f2fs\x00', r10}, 0x30)
r11 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r11, &(0x7f0000000200)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6f73a5eb7532a"], 0x6b)
sendfile(r11, r11, &(0x7f00000001c0), 0x8080fffffffe)
ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_PORT(r11, 0xc0a85352, &(0x7f0000000480)={{0x7, 0x64}, 'port0\x00', 0x1, 0x10840, 0x8, 0x7f, 0x0, 0x3, 0x0, 0x0, 0x1, 0x9})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000440)={0x0, 0xffffffffffffffff, 0x0, 0xc, &(0x7f0000000280)='eth0nodevlo\x00', r10}, 0x30)
fcntl$setown(r8, 0x8, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$P9_RREADLINK(r1, &(0x7f0000000580)=ANY=[@ANYBLOB="3a258211f663a7724bdef6a53bfce1e775d740627227b11e2daf85534aa6f5083067b0248878f07a91df1acc99e664c11cbf51b4f6bff473492cfc5ead68cb6a050655a837ad411cb73394239fdd9e33efb5b63c5ff85708d8994e34841e04ec5f4962c4636b7fb34f186b86bb0467bdd13133ef429bda82f9b8e15eae491432dd2a52707c9ff05a83380901aeeba6a468acc0159117074b79e3eae14d824500eef64107f2ce8e640653058270aa2695952d83c594a125149b91f5ef4021dfcdb74078938059110bd142f3c312c6ecfa636c2567683920c19b877c0100b56a570369b4a3f1d5c222e90a05b5fbfad863ae8a14c85cf21dc7ae5e1ed8ee86c42b4c4b52f5f951d46e18aaa93e909ccf37a43455b24102c998836b67ed7064869a18b2d66a5a45630aad8094ca93f6085a68197469c0ab01a37f699b9cc9"], 0x13d)
sendfile(r1, r1, &(0x7f0000000000), 0x8080fffffffe)
r12 = socket$inet6(0xa, 0x3, 0x2c)
connect$inet6(r12, &(0x7f0000000180)={0xa, 0x0, 0x0, @local, 0x3}, 0x1c)
sendfile(r12, 0xffffffffffffffff, 0x0, 0x8482)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000000040)={0x0, @loopback, @initdev}, &(0x7f0000000080)=0xc)

09:55:21 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = dup3(r2, r1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_ENABLE_CAP_CPU(r5, 0x4068aea3, &(0x7f0000000380)={0x7b})
accept4(0xffffffffffffffff, &(0x7f0000000480)=@rxrpc=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x0, 0x0, @dev}}, &(0x7f0000000000)=0x80, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0)
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r5, 0xae80, 0x1400000000000000)

09:55:21 executing program 2:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snapshot\x00', 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
ioctl$TCSETA(0xffffffffffffffff, 0x5406, &(0x7f0000000100)={0x6, 0x2, 0x5, 0x40, 0x8, 0x8, 0x6, 0x9, 0x0, 0x1f})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  939.649843][   T26] audit: type=1804 audit(1575885321.626:1016): pid=1224 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir100869913/syzkaller.GI7b3r/587/file0/bus" dev="sda1" ino=16562 res=1
09:55:21 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = dup3(r2, r1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_ENABLE_CAP_CPU(r5, 0x4068aea3, &(0x7f0000000380)={0x7b})
accept4(0xffffffffffffffff, &(0x7f0000000480)=@rxrpc=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x0, 0x0, @dev}}, &(0x7f0000000000)=0x80, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0)
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r5, 0xae80, 0x1500000000000000)

09:55:21 executing program 2:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snapshot\x00', 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
ioctl$TCSETA(0xffffffffffffffff, 0x5406, &(0x7f0000000100)={0x6, 0x2, 0x5, 0x40, 0x8, 0x8, 0x6, 0x9, 0x0, 0x1f})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  940.071386][   T26] audit: type=1804 audit(1575885322.056:1017): pid=1463 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.1" name="/root/syzkaller-testdir100869913/syzkaller.GI7b3r/587/file0/file0" dev="sda1" ino=16597 res=1
09:55:22 executing program 3:
r0 = syz_open_dev$mouse(&(0x7f00000015c0)='/dev/input/mouse#\x00', 0x101, 0x80202)
pipe(&(0x7f00000006c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
close(0xffffffffffffffff)
sendmsg$nl_xfrm(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000001340)=ANY=[@ANYBLOB="f04000001a0075430000000000000000fe8000000000000000000000000000bbff0200000000000000000001800000000000730982e772f382b8000000001e7a316d8c8c1d789ddbc99e8cfaeb4240cd7c077f73790755339eac7e4f491fad5fa42261a312e06e62bd16552b44d475934ff7000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="ac1e00010000000000000000000000000000000000000000ff02000000000000000000000000000100000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000120000000000000000000000000000000000000000b20015878a77c9d5cbb5a7959fc35c342e82b9006f35b07cd3cd9b2a6f5cca7dc37c2ccb177a7e2da1d498131cd24586d2384a4d75324833904108262d2224e686c817"], 0xf0}}, 0x0)
fcntl$dupfd(r0, 0x0, 0xffffffffffffffff)
prlimit64(0x0, 0x0, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
epoll_create1(0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
mmap(&(0x7f000005b000/0x4000)=nil, 0x4000, 0x0, 0x10000000000031, 0xffffffffffffffff, 0x0)
mbind(&(0x7f0000012000/0xc00000)=nil, 0xc00000, 0x0, 0x0, 0x0, 0x2000000000002)
close(0xffffffffffffffff)
mkdir(&(0x7f00000000c0)='./file0\x00', 0x0)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)

09:55:22 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = dup3(r2, r1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_ENABLE_CAP_CPU(r5, 0x4068aea3, &(0x7f0000000380)={0x7b})
accept4(0xffffffffffffffff, &(0x7f0000000480)=@rxrpc=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x0, 0x0, @dev}}, &(0x7f0000000000)=0x80, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0)
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r5, 0xae80, 0x1600000000000000)

09:55:22 executing program 1:
setsockopt$IP_VS_SO_SET_STARTDAEMON(0xffffffffffffffff, 0x0, 0x48b, &(0x7f00000000c0)={0x0, 'veth0_to_bond\x00'}, 0x18)
socket(0x0, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r0)
syz_open_dev$vcsn(0x0, 0x0, 0x8003)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
connect$can_bcm(0xffffffffffffffff, 0x0, 0x0)
r2 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r3 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r3, 0x4, 0x2000)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000002c0)={0xffffffffffffffff, 0xc0, &(0x7f00000003c0)={0x0, <r4=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x5, 0x7, 0x8, 0x2}, &(0x7f0000000200)=0xfff, 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000300)={r4}, 0xc)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000980)={0x0, 0xffffffffffffffff, 0x0, 0x5, &(0x7f0000000440)='f2fs\x00', r4}, 0x30)
r5 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r5, &(0x7f0000000200)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6f73a5eb7532a"], 0x6b)
sendfile(r5, r5, &(0x7f00000001c0), 0x8080fffffffe)
ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_PORT(r5, 0xc0a85352, &(0x7f0000000480)={{0x7, 0x64}, 'port0\x00', 0x1, 0x10840, 0x8, 0x7f, 0x0, 0x3, 0x0, 0x0, 0x1, 0x9})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000440)={0x0, 0xffffffffffffffff, 0x0, 0xc, &(0x7f0000000280)='eth0nodevlo\x00', r4}, 0x30)
fcntl$setown(r2, 0x8, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x9)
write$P9_RREADLINK(r1, &(0x7f0000000580)=ANY=[@ANYBLOB="3a258211f663a7724bdef6a53bfce1e775d740627227b11e2daf85534aa6f5083067b0248878f07a91df1acc99e664c11cbf51b4f6bff473492cfc5ead68cb6a050655a837ad411cb73394239fdd9e33efb5b63c5ff85708d8994e34841e04ec5f4962c4636b7fb34f186b86bb0467bdd13133ef429bda82f9b8e15eae491432dd2a52707c9ff05a83380901aeeba6a468acc0159117074b79e3eae14d824500eef64107f2ce8e640653058270aa2695952d83c594a125149b91f5ef4021dfcdb74078938059110bd142f3c312c6ecfa636c2567683920c19b877c0100b56a570369b4a3f1d5c222e90a05b5fbfad863ae8a14c85cf21dc7ae5e1ed8ee86c42b4c4b52f5f951d46e18aaa93e909ccf37a43455b24102c998836b67ed7064869a18b2d66a5a45630aad8094ca93f6085a68197469c0ab01a37f699b9cc9"], 0x120)
sendfile(r1, r1, &(0x7f0000000000), 0x8080fffffffe)
r6 = socket$inet6(0xa, 0x3, 0x2c)
connect$inet6(r6, &(0x7f0000000180)={0xa, 0x0, 0x0, @local, 0x3}, 0x1c)
r7 = open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0)
sendfile(r6, r7, 0x0, 0x8482)
getsockopt$inet_pktinfo(r7, 0x0, 0x8, &(0x7f0000000040)={0x0, @loopback, @initdev}, &(0x7f0000000080)=0xc)

09:55:22 executing program 5:
setsockopt$IP_VS_SO_SET_STARTDAEMON(0xffffffffffffffff, 0x0, 0x48b, &(0x7f00000000c0)={0x0, 'veth0_to_bond\x00'}, 0x18)
socket(0x0, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r0)
syz_open_dev$vcsn(0x0, 0x0, 0x8003)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
connect$can_bcm(0xffffffffffffffff, 0x0, 0x0)
r2 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r2, &(0x7f0000000200)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6d73a5eb7532a"], 0x6b)
sendfile(r2, r2, &(0x7f00000001c0), 0x8080fffffffe)
r3 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r3, &(0x7f00000006c0)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6f73a5eb7532a7950878e24d651199437ae46d4d1ff26f0b5946a6396c2d8e4b77cc3ad4b78c8e2980c0a056eb39a52737f8b87f1309b50668495e595f9be98a59817f360d811644caf42f3084a082c39eebccfb665503ba3ffc3afaee683dabbbe94f420f9a301d6"], 0x6b)
sendfile(r3, r3, &(0x7f00000001c0), 0x8080fffffffe)
r4 = socket$inet(0x2, 0x100000000805, 0x0)
r5 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r5, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r6=>0x0]}, &(0x7f000095dffc)=0x1bb)
setsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(r4, 0x84, 0x72, &(0x7f0000000100)={r6}, 0xc)
getsockopt$inet_sctp_SCTP_RESET_STREAMS(r3, 0x84, 0x77, &(0x7f0000000100)={<r7=>r6, 0x0, 0x4, [0x7f, 0x3, 0x2, 0xff]}, &(0x7f0000000340)=0x10)
setsockopt$inet_sctp_SCTP_AUTH_DELETE_KEY(r2, 0x84, 0x19, &(0x7f0000000380)={r7, 0x8}, 0x8)
r8 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r9 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
fcntl$setstatus(r9, 0x4, 0x2000)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000002c0)={0xffffffffffffffff, 0xc0, &(0x7f00000003c0)={0x0, <r10=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x5, 0x7, 0x8, 0x2}, &(0x7f0000000200)=0xfff, 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000300)={r10}, 0xc)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000980)={0x0, 0xffffffffffffffff, 0x0, 0x5, &(0x7f0000000440)='f2fs\x00', r10}, 0x30)
r11 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r11, &(0x7f0000000200)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6f73a5eb7532a"], 0x6b)
sendfile(r11, r11, &(0x7f00000001c0), 0x8080fffffffe)
ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_PORT(r11, 0xc0a85352, &(0x7f0000000480)={{0x7, 0x64}, 'port0\x00', 0x1, 0x10840, 0x8, 0x7f, 0x0, 0x3, 0x0, 0x0, 0x1, 0x9})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000440)={0x0, 0xffffffffffffffff, 0x0, 0xc, &(0x7f0000000280)='eth0nodevlo\x00', r10}, 0x30)
fcntl$setown(r8, 0x8, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$P9_RREADLINK(r1, &(0x7f0000000580)=ANY=[@ANYBLOB="3a258211f663a7724bdef6a53bfce1e775d740627227b11e2daf85534aa6f5083067b0248878f07a91df1acc99e664c11cbf51b4f6bff473492cfc5ead68cb6a050655a837ad411cb73394239fdd9e33efb5b63c5ff85708d8994e34841e04ec5f4962c4636b7fb34f186b86bb0467bdd13133ef429bda82f9b8e15eae491432dd2a52707c9ff05a83380901aeeba6a468acc0159117074b79e3eae14d824500eef64107f2ce8e640653058270aa2695952d83c594a125149b91f5ef4021dfcdb74078938059110bd142f3c312c6ecfa636c2567683920c19b877c0100b56a570369b4a3f1d5c222e90a05b5fbfad863ae8a14c85cf21dc7ae5e1ed8ee86c42b4c4b52f5f951d46e18aaa93e909ccf37a43455b24102c998836b67ed7064869a18b2d66a5a45630aad8094ca93f6085a68197469c0ab01a37f699b9cc9"], 0x13d)
sendfile(r1, r1, &(0x7f0000000000), 0x8080fffffffe)
r12 = socket$inet6(0xa, 0x3, 0x2c)
r13 = open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0)
sendfile(r12, r13, 0x0, 0x8482)
getsockopt$inet_pktinfo(r13, 0x0, 0x8, &(0x7f0000000040)={0x0, @loopback, @initdev}, &(0x7f0000000080)=0xc)

09:55:22 executing program 2:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snapshot\x00', 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
ioctl$TCSETA(0xffffffffffffffff, 0x5406, &(0x7f0000000100)={0x6, 0x2, 0x5, 0x40, 0x8, 0x8, 0x6, 0x9, 0x0, 0x1f})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

09:55:22 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x2, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_GET_REG_LIST(r2, 0xc008aeb0, &(0x7f0000000080)={0x4, [0x6, 0x8fbf, 0x7, 0x5e3]})
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000000380)={0x7b})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

09:55:22 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = dup3(r2, r1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_ENABLE_CAP_CPU(r5, 0x4068aea3, &(0x7f0000000380)={0x7b})
accept4(0xffffffffffffffff, &(0x7f0000000480)=@rxrpc=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x0, 0x0, @dev}}, &(0x7f0000000000)=0x80, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0)
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r5, 0xae80, 0x1700000000000000)

[  940.708759][ T1594] FAT-fs (loop1): error, fat_get_cluster: invalid cluster chain (i_pos 17)
09:55:22 executing program 3:
r0 = syz_open_dev$mouse(&(0x7f00000015c0)='/dev/input/mouse#\x00', 0x101, 0x80202)
pipe(&(0x7f00000006c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
close(0xffffffffffffffff)
sendmsg$nl_xfrm(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000001340)=ANY=[@ANYBLOB="f04000001a0075430000000000000000fe8000000000000000000000000000bbff0200000000000000000001800000000000730982e772f382b8000000001e7a316d8c8c1d789ddbc99e8cfaeb4240cd7c077f73790755339eac7e4f491fad5fa42261a312e06e62bd16552b44d475934ff7000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="ac1e00010000000000000000000000000000000000000000ff02000000000000000000000000000100000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000120000000000000000000000000000000000000000b20015878a77c9d5cbb5a7959fc35c342e82b9006f35b07cd3cd9b2a6f5cca7dc37c2ccb177a7e2da1d498131cd24586d2384a4d75324833904108262d2224e686c817"], 0xf0}}, 0x0)
fcntl$dupfd(r0, 0x0, 0xffffffffffffffff)
prlimit64(0x0, 0x0, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
epoll_create1(0x0)
r2 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r2, 0x4, 0x42000)
mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x0, 0x10000000000031, r2, 0x6851c000)
mbind(&(0x7f0000012000/0xc00000)=nil, 0xc00000, 0x0, 0x0, 0x0, 0x2000000000002)
close(0xffffffffffffffff)
mkdir(&(0x7f00000000c0)='./file0\x00', 0x0)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)

[  940.754259][ T1594] FAT-fs (loop1): Filesystem has been set read-only
[  940.794233][ T1594] FAT-fs (loop1): error, fat_free: invalid cluster chain (i_pos 17)
[  940.837809][   T26] audit: type=1804 audit(1575885322.826:1018): pid=1704 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir100869913/syzkaller.GI7b3r/588/file0/bus" dev="loop1" ino=440 res=1
09:55:22 executing program 2:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snapshot\x00', 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
ioctl$TCSETA(0xffffffffffffffff, 0x5406, &(0x7f0000000100)={0x6, 0x2, 0x5, 0x40, 0x8, 0x8, 0x6, 0x9, 0x0, 0x1f})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  940.982655][   T26] audit: type=1804 audit(1575885322.826:1019): pid=1551 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.1" name="/root/syzkaller-testdir100869913/syzkaller.GI7b3r/588/file0/bus" dev="loop1" ino=440 res=1
09:55:23 executing program 1:
setsockopt$IP_VS_SO_SET_STARTDAEMON(0xffffffffffffffff, 0x0, 0x48b, &(0x7f00000000c0)={0x0, 'veth0_to_bond\x00'}, 0x18)
socket(0x0, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e008, 0xaaaaaaaaaaaab01, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16, 0x3}], 0x84080, 0x0)
r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r0)
syz_open_dev$vcsn(0x0, 0x0, 0x8003)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
connect$can_bcm(0xffffffffffffffff, 0x0, 0x0)
r2 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r3 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r3, 0x4, 0x2000)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000002c0)={0xffffffffffffffff, 0xc0, &(0x7f00000003c0)={0x0, <r4=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x5, 0x7, 0x8, 0x2}, &(0x7f0000000200)=0xfff, 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000300)={r4}, 0xc)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000980)={0x0, 0xffffffffffffffff, 0x0, 0x5, &(0x7f0000000440)='f2fs\x00', r4}, 0x30)
r5 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r5, &(0x7f0000000200)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6f73a5eb7532a"], 0x6b)
sendfile(r5, r5, &(0x7f00000001c0), 0x8080fffffffe)
ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_PORT(r5, 0xc0a85352, &(0x7f0000000480)={{0x7, 0x64}, 'port0\x00', 0x1, 0x10840, 0x8, 0x7f, 0x0, 0x3, 0x0, 0x0, 0x1, 0x9})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000440)={0x0, 0xffffffffffffffff, 0x0, 0xc, &(0x7f0000000280)='eth0nodevlo\x00', r4}, 0x30)
fcntl$setown(r2, 0x8, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$P9_RREADLINK(r1, &(0x7f0000000580)=ANY=[@ANYBLOB="3a258211f663a7724bdef6a53bfce1e775d740627227b11e2daf85534aa6f5083067b0248878f07a91df1acc99e664c11cbf51b4f6bff473492cfc5ead68cb6a050655a837ad411cb73394239fdd9e33efb5b63c5ff85708d8994e34841e04ec5f4962c4636b7fb34f186b86bb0467bdd13133ef429bda82f9b8e15eae491432dd2a52707c9ff05a83380901aeeba6a468acc0159117074b79e3eae14d824500eef64107f2ce8e640653058270aa2695952d83c594a125149b91f5ef4021dfcdb74078938059110bd142f3c312c6ecfa636c2567683920c19b877c0100b56a570369b4a3f1d5c222e90a05b5fbfad863ae8a14c85cf21dc7ae5e1ed8ee86c42b4c4b52f5f951d46e18aaa93e909ccf37a43455b24102c998836b67ed7064869a18b2d66a5a45630aad8094ca93f6085a68197469c0ab01a37f699b9cc9"], 0x13d)
sendfile(r1, r1, &(0x7f0000000000), 0x8080fffffffe)
r6 = socket$inet6(0xa, 0x3, 0x2c)
connect$inet6(r6, &(0x7f0000000180)={0xa, 0x0, 0x0, @local, 0x3}, 0x1c)
r7 = open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0)
sendfile(r6, r7, 0x0, 0x8482)
getsockopt$inet_pktinfo(r7, 0x0, 0x8, &(0x7f0000000040)={0x0, @loopback, @initdev}, &(0x7f0000000080)=0xc)

[  941.197600][ T1733] kvm_hv_get_msr: 54 callbacks suppressed
[  941.197612][ T1733] kvm [1718]: vcpu0, guest rIP: 0x4a Hyper-V unhandled rdmsr: 0x40000057
[  941.216751][   T26] audit: type=1804 audit(1575885323.206:1020): pid=1855 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir334181620/syzkaller.4JfTNJ/871/file0/bus" dev="loop5" ino=441 res=1
09:55:23 executing program 3:
r0 = syz_open_dev$mouse(&(0x7f00000015c0)='/dev/input/mouse#\x00', 0x101, 0x80202)
pipe(&(0x7f00000006c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
close(0xffffffffffffffff)
sendmsg$nl_xfrm(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000001340)=ANY=[@ANYBLOB="f04000001a0075430000000000000000fe8000000000000000000000000000bbff0200000000000000000001800000000000730982e772f382b8000000001e7a316d8c8c1d789ddbc99e8cfaeb4240cd7c077f73790755339eac7e4f491fad5fa42261a312e06e62bd16552b44d475934ff7000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="ac1e00010000000000000000000000000000000000000000ff02000000000000000000000000000100000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000120000000000000000000000000000000000000000b20015878a77c9d5cbb5a7959fc35c342e82b9006f35b07cd3cd9b2a6f5cca7dc37c2ccb177a7e2da1d498131cd24586d2384a4d75324833904108262d2224e686c817"], 0x4}}, 0x10)
fcntl$dupfd(r0, 0x0, 0xffffffffffffffff)
prlimit64(0x0, 0x0, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
epoll_create1(0x0)
r2 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r2, 0x4, 0x42000)
mmap(&(0x7f000005b000/0x4000)=nil, 0x4000, 0x0, 0x10000000000031, 0xffffffffffffffff, 0x0)
mbind(&(0x7f0000012000/0xc00000)=nil, 0xc00000, 0x0, 0x0, 0x0, 0x2000000000002)
close(0xffffffffffffffff)
mkdir(&(0x7f00000000c0)='./file0\x00', 0x0)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)

09:55:23 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = dup3(r2, r1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_ENABLE_CAP_CPU(r5, 0x4068aea3, &(0x7f0000000380)={0x7b})
accept4(0xffffffffffffffff, &(0x7f0000000480)=@rxrpc=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x0, 0x0, @dev}}, &(0x7f0000000000)=0x80, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0)
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r5, 0xae80, 0x1800000000000000)

09:55:23 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaaad16, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = dup(0xffffffffffffffff)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x200000000000000)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x10004, 0x0, 0xf000, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_ENABLE_CAP_CPU(r3, 0x4068aea3, &(0x7f0000000380)={0x7b})
ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000080)=<r4=>0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={r4, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x2b3)
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

09:55:23 executing program 2:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snapshot\x00', 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
ioctl$TCSETA(0xffffffffffffffff, 0x5406, &(0x7f0000000100)={0x6, 0x2, 0x5, 0x40, 0x8, 0x8, 0x6, 0x9, 0x0, 0x1f})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30)
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)

[  941.685727][   T26] audit: type=1804 audit(1575885323.676:1021): pid=2052 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir100869913/syzkaller.GI7b3r/589/bus" dev="sda1" ino=16550 res=1
09:55:23 executing program 5:
setsockopt$IP_VS_SO_SET_STARTDAEMON(0xffffffffffffffff, 0x0, 0x48b, &(0x7f00000000c0)={0x0, 'veth0_to_bond\x00'}, 0x18)
socket(0x0, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r0)
syz_open_dev$vcsn(0x0, 0x0, 0x8003)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
connect$can_bcm(0xffffffffffffffff, 0x0, 0x0)
r2 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r2, &(0x7f0000000200)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6d73a5eb7532a"], 0x6b)
sendfile(r2, r2, &(0x7f00000001c0), 0x8080fffffffe)
r3 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r3, &(0x7f00000006c0)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6f73a5eb7532a7950878e24d651199437ae46d4d1ff26f0b5946a6396c2d8e4b77cc3ad4b78c8e2980c0a056eb39a52737f8b87f1309b50668495e595f9be98a59817f360d811644caf42f3084a082c39eebccfb665503ba3ffc3afaee683dabbbe94f420f9a301d6"], 0x6b)
sendfile(r3, r3, &(0x7f00000001c0), 0x8080fffffffe)
r4 = socket$inet(0x2, 0x100000000805, 0x0)
r5 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r5, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r6=>0x0]}, &(0x7f000095dffc)=0x1bb)
setsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(r4, 0x84, 0x72, &(0x7f0000000100)={r6}, 0xc)
getsockopt$inet_sctp_SCTP_RESET_STREAMS(r3, 0x84, 0x77, &(0x7f0000000100)={<r7=>r6, 0x0, 0x4, [0x7f, 0x3, 0x2, 0xff]}, &(0x7f0000000340)=0x10)
setsockopt$inet_sctp_SCTP_AUTH_DELETE_KEY(r2, 0x84, 0x19, &(0x7f0000000380)={r7, 0x8}, 0x8)
r8 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r9 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
fcntl$setstatus(r9, 0x4, 0x2000)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000002c0)={0xffffffffffffffff, 0xc0, &(0x7f00000003c0)={0x0, <r10=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x5, 0x7, 0x8, 0x2}, &(0x7f0000000200)=0xfff, 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000300)={r10}, 0xc)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000980)={0x0, 0xffffffffffffffff, 0x0, 0x5, &(0x7f0000000440)='f2fs\x00', r10}, 0x30)
r11 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r11, &(0x7f0000000200)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6f73a5eb7532a"], 0x6b)
sendfile(r11, r11, &(0x7f00000001c0), 0x8080fffffffe)
ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_PORT(r11, 0xc0a85352, &(0x7f0000000480)={{0x7, 0x64}, 'port0\x00', 0x1, 0x10840, 0x8, 0x7f, 0x0, 0x3, 0x0, 0x0, 0x1, 0x9})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000440)={0x0, 0xffffffffffffffff, 0x0, 0xc, &(0x7f0000000280)='eth0nodevlo\x00', r10}, 0x30)
fcntl$setown(r8, 0x8, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$P9_RREADLINK(r1, &(0x7f0000000580)=ANY=[@ANYBLOB="3a258211f663a7724bdef6a53bfce1e775d740627227b11e2daf85534aa6f5083067b0248878f07a91df1acc99e664c11cbf51b4f6bff473492cfc5ead68cb6a050655a837ad411cb73394239fdd9e33efb5b63c5ff85708d8994e34841e04ec5f4962c4636b7fb34f186b86bb0467bdd13133ef429bda82f9b8e15eae491432dd2a52707c9ff05a83380901aeeba6a468acc0159117074b79e3eae14d824500eef64107f2ce8e640653058270aa2695952d83c594a125149b91f5ef4021dfcdb74078938059110bd142f3c312c6ecfa636c2567683920c19b877c0100b56a570369b4a3f1d5c222e90a05b5fbfad863ae8a14c85cf21dc7ae5e1ed8ee86c42b4c4b52f5f951d46e18aaa93e909ccf37a43455b24102c998836b67ed7064869a18b2d66a5a45630aad8094ca93f6085a68197469c0ab01a37f699b9cc9"], 0x13d)
sendfile(r1, r1, &(0x7f0000000000), 0x8080fffffffe)
r12 = socket$inet6(0xa, 0x3, 0x2c)
r13 = open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0)
sendfile(r12, r13, 0x0, 0x8482)
getsockopt$inet_pktinfo(r13, 0x0, 0x8, &(0x7f0000000040)={0x0, @loopback, @initdev}, &(0x7f0000000080)=0xc)

09:55:23 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000000380)={0x7b})
r3 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r3, &(0x7f0000000200)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6f73a5eb7532a"], 0x6b)
sendfile(r3, r3, &(0x7f00000001c0), 0x8080fffffffe)
ioctl$KVM_NMI(r3, 0xae9a)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

09:55:23 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = dup3(r2, r1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_ENABLE_CAP_CPU(r5, 0x4068aea3, &(0x7f0000000380)={0x7b})
accept4(0xffffffffffffffff, &(0x7f0000000480)=@rxrpc=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x0, 0x0, @dev}}, &(0x7f0000000000)=0x80, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0)
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r5, 0xae80, 0x1900000000000000)

09:55:24 executing program 2:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snapshot\x00', 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
ioctl$TCSETA(0xffffffffffffffff, 0x5406, &(0x7f0000000100)={0x6, 0x2, 0x5, 0x40, 0x8, 0x8, 0x6, 0x9, 0x0, 0x1f})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30)
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)

09:55:24 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = dup3(r2, r1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_ENABLE_CAP_CPU(r5, 0x4068aea3, &(0x7f0000000380)={0x7b})
accept4(0xffffffffffffffff, &(0x7f0000000480)=@rxrpc=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x0, 0x0, @dev}}, &(0x7f0000000000)=0x80, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0)
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r5, 0xae80, 0x1a00000000000000)

[  942.407299][   T26] audit: type=1804 audit(1575885324.396:1022): pid=2502 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir100869913/syzkaller.GI7b3r/589/bus" dev="sda1" ino=16550 res=1
09:55:24 executing program 2:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snapshot\x00', 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
ioctl$TCSETA(0xffffffffffffffff, 0x5406, &(0x7f0000000100)={0x6, 0x2, 0x5, 0x40, 0x8, 0x8, 0x6, 0x9, 0x0, 0x1f})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30)
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)

09:55:24 executing program 3:
setsockopt$IP_VS_SO_SET_STARTDAEMON(0xffffffffffffffff, 0x0, 0x48b, &(0x7f00000000c0)={0x0, 'veth0_to_bond\x00'}, 0x18)
socket(0x0, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r0)
syz_open_dev$vcsn(0x0, 0x0, 0x8003)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
connect$can_bcm(0xffffffffffffffff, 0x0, 0x0)
r2 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r2, &(0x7f0000000200)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6d73a5eb7532a"], 0x6b)
sendfile(r2, r2, &(0x7f00000001c0), 0x8080fffffffe)
r3 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r3, &(0x7f00000006c0)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6f73a5eb7532a7950878e24d651199437ae46d4d1ff26f0b5946a6396c2d8e4b77cc3ad4b78c8e2980c0a056eb39a52737f8b87f1309b50668495e595f9be98a59817f360d811644caf42f3084a082c39eebccfb665503ba3ffc3afaee683dabbbe94f420f9a301d6"], 0x6b)
sendfile(r3, r3, &(0x7f00000001c0), 0x8080fffffffe)
r4 = socket$inet(0x2, 0x100000000805, 0x0)
r5 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r5, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r6=>0x0]}, &(0x7f000095dffc)=0x1bb)
setsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(r4, 0x84, 0x72, &(0x7f0000000100)={r6}, 0xc)
getsockopt$inet_sctp_SCTP_RESET_STREAMS(r3, 0x84, 0x77, &(0x7f0000000100)={<r7=>r6, 0x0, 0x4, [0x7f, 0x3, 0x2, 0xff]}, &(0x7f0000000340)=0x10)
setsockopt$inet_sctp_SCTP_AUTH_DELETE_KEY(r2, 0x84, 0x19, &(0x7f0000000380)={r7, 0x8}, 0x8)
r8 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r9 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
fcntl$setstatus(r9, 0x4, 0x2000)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000002c0)={0xffffffffffffffff, 0xc0, &(0x7f00000003c0)={0x0, <r10=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x5, 0x7, 0x8, 0x2}, &(0x7f0000000200)=0xfff, 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000300)={r10}, 0xc)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000980)={0x0, 0xffffffffffffffff, 0x0, 0x5, &(0x7f0000000440)='f2fs\x00', r10}, 0x30)
r11 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r11, &(0x7f0000000200)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6f73a5eb7532a"], 0x6b)
sendfile(r11, r11, &(0x7f00000001c0), 0x8080fffffffe)
ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_PORT(r11, 0xc0a85352, &(0x7f0000000480)={{0x7, 0x64}, 'port0\x00', 0x1, 0x10840, 0x8, 0x7f, 0x0, 0x3, 0x0, 0x0, 0x1, 0x9})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000440)={0x0, 0xffffffffffffffff, 0x0, 0xc, &(0x7f0000000280)='eth0nodevlo\x00', r10}, 0x30)
fcntl$setown(r8, 0x8, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$P9_RREADLINK(r1, &(0x7f0000000580)=ANY=[@ANYBLOB="3a258211f663a7724bdef6a53bfce1e775d740627227b11e2daf85534aa6f5083067b0248878f07a91df1acc99e664c11cbf51b4f6bff473492cfc5ead68cb6a050655a837ad411cb73394239fdd9e33efb5b63c5ff85708d8994e34841e04ec5f4962c4636b7fb34f186b86bb0467bdd13133ef429bda82f9b8e15eae491432dd2a52707c9ff05a83380901aeeba6a468acc0159117074b79e3eae14d824500eef64107f2ce8e640653058270aa2695952d83c594a125149b91f5ef4021dfcdb74078938059110bd142f3c312c6ecfa636c2567683920c19b877c0100b56a570369b4a3f1d5c222e90a05b5fbfad863ae8a14c85cf21dc7ae5e1ed8ee86c42b4c4b52f5f951d46e18aaa93e909ccf37a43455b24102c998836b67ed7064869a18b2d66a5a45630aad8094ca93f6085a68197469c0ab01a37f699b9cc9"], 0x13d)
sendfile(r1, r1, &(0x7f0000000000), 0x8080fffffffe)
r12 = socket$inet6(0xa, 0x3, 0x2c)
connect$inet6(r12, &(0x7f0000000180)={0xa, 0x0, 0x0, @local, 0x3}, 0x1c)
sendfile(r12, 0xffffffffffffffff, 0x0, 0x8482)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000000040)={0x0, @loopback, @initdev}, &(0x7f0000000080)=0xc)

09:55:24 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = dup3(r2, r1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_ENABLE_CAP_CPU(r5, 0x4068aea3, &(0x7f0000000380)={0x7b})
accept4(0xffffffffffffffff, &(0x7f0000000480)=@rxrpc=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x0, 0x0, @dev}}, &(0x7f0000000000)=0x80, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0)
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r5, 0xae80, 0x1b00000000000000)

[  942.883590][   T26] audit: type=1800 audit(1575885324.876:1023): pid=2391 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed comm="syz-executor.5" name="bus" dev="sda1" ino=17009 res=0
09:55:25 executing program 2:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snapshot\x00', 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
ioctl$TCSETA(0xffffffffffffffff, 0x5406, &(0x7f0000000100)={0x6, 0x2, 0x5, 0x40, 0x8, 0x8, 0x6, 0x9, 0x0, 0x1f})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

09:55:25 executing program 5:
setsockopt$IP_VS_SO_SET_STARTDAEMON(0xffffffffffffffff, 0x0, 0x48b, &(0x7f00000000c0)={0x0, 'veth0_to_bond\x00'}, 0x18)
socket(0x0, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r0)
syz_open_dev$vcsn(0x0, 0x0, 0x8003)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
connect$can_bcm(0xffffffffffffffff, 0x0, 0x0)
r2 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r2, &(0x7f0000000200)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6d73a5eb7532a"], 0x6b)
sendfile(r2, r2, &(0x7f00000001c0), 0x8080fffffffe)
r3 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r3, &(0x7f00000006c0)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6f73a5eb7532a7950878e24d651199437ae46d4d1ff26f0b5946a6396c2d8e4b77cc3ad4b78c8e2980c0a056eb39a52737f8b87f1309b50668495e595f9be98a59817f360d811644caf42f3084a082c39eebccfb665503ba3ffc3afaee683dabbbe94f420f9a301d6"], 0x6b)
sendfile(r3, r3, &(0x7f00000001c0), 0x8080fffffffe)
r4 = socket$inet(0x2, 0x100000000805, 0x0)
r5 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r5, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r6=>0x0]}, &(0x7f000095dffc)=0x1bb)
setsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(r4, 0x84, 0x72, &(0x7f0000000100)={r6}, 0xc)
getsockopt$inet_sctp_SCTP_RESET_STREAMS(r3, 0x84, 0x77, &(0x7f0000000100)={<r7=>r6, 0x0, 0x4, [0x7f, 0x3, 0x2, 0xff]}, &(0x7f0000000340)=0x10)
setsockopt$inet_sctp_SCTP_AUTH_DELETE_KEY(r2, 0x84, 0x19, &(0x7f0000000380)={r7, 0x8}, 0x8)
r8 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r9 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
fcntl$setstatus(r9, 0x4, 0x2000)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000002c0)={0xffffffffffffffff, 0xc0, &(0x7f00000003c0)={0x0, <r10=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x5, 0x7, 0x8, 0x2}, &(0x7f0000000200)=0xfff, 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000300)={r10}, 0xc)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000980)={0x0, 0xffffffffffffffff, 0x0, 0x5, &(0x7f0000000440)='f2fs\x00', r10}, 0x30)
r11 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r11, &(0x7f0000000200)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6f73a5eb7532a"], 0x6b)
sendfile(r11, r11, &(0x7f00000001c0), 0x8080fffffffe)
ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_PORT(r11, 0xc0a85352, &(0x7f0000000480)={{0x7, 0x64}, 'port0\x00', 0x1, 0x10840, 0x8, 0x7f, 0x0, 0x3, 0x0, 0x0, 0x1, 0x9})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000440)={0x0, 0xffffffffffffffff, 0x0, 0xc, &(0x7f0000000280)='eth0nodevlo\x00', r10}, 0x30)
fcntl$setown(r8, 0x8, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$P9_RREADLINK(r1, &(0x7f0000000580)=ANY=[@ANYBLOB="3a258211f663a7724bdef6a53bfce1e775d740627227b11e2daf85534aa6f5083067b0248878f07a91df1acc99e664c11cbf51b4f6bff473492cfc5ead68cb6a050655a837ad411cb73394239fdd9e33efb5b63c5ff85708d8994e34841e04ec5f4962c4636b7fb34f186b86bb0467bdd13133ef429bda82f9b8e15eae491432dd2a52707c9ff05a83380901aeeba6a468acc0159117074b79e3eae14d824500eef64107f2ce8e640653058270aa2695952d83c594a125149b91f5ef4021dfcdb74078938059110bd142f3c312c6ecfa636c2567683920c19b877c0100b56a570369b4a3f1d5c222e90a05b5fbfad863ae8a14c85cf21dc7ae5e1ed8ee86c42b4c4b52f5f951d46e18aaa93e909ccf37a43455b24102c998836b67ed7064869a18b2d66a5a45630aad8094ca93f6085a68197469c0ab01a37f699b9cc9"], 0x13d)
sendfile(r1, r1, &(0x7f0000000000), 0x8080fffffffe)
r12 = socket$inet6(0xa, 0x3, 0x2c)
r13 = open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0)
sendfile(r12, r13, 0x0, 0x8482)
getsockopt$inet_pktinfo(r13, 0x0, 0x8, &(0x7f0000000040)={0x0, @loopback, @initdev}, &(0x7f0000000080)=0xc)

09:55:25 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = dup3(r2, r1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_ENABLE_CAP_CPU(r5, 0x4068aea3, &(0x7f0000000380)={0x7b})
accept4(0xffffffffffffffff, &(0x7f0000000480)=@rxrpc=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x0, 0x0, @dev}}, &(0x7f0000000000)=0x80, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0)
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r5, 0xae80, 0x1c00000000000000)

09:55:25 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$inet6(0xa, 0x3, 0x2c)
connect$inet6(r2, &(0x7f0000000180)={0xa, 0x0, 0x0, @local, 0x3}, 0x1c)
r3 = open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0)
sendfile(r2, r3, 0x0, 0x8482)
r4 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r4, &(0x7f0000000200)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6f73a5eb7532a"], 0x6b)
sendfile(r4, r4, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$FOU_CMD_ADD(r4, &(0x7f00000005c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x10200000}, 0xc, &(0x7f0000000580)={&(0x7f0000000400)={0x30, 0x0, 0x800, 0x70bd27, 0x25dfdbfc, {}, [@FOU_ATTR_PEER_V6={0x14, 0x9, @mcast1}, @FOU_ATTR_IFINDEX={0x8}]}, 0x30}, 0x1, 0x0, 0x0, 0x1}, 0x26048040)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
r7 = fcntl$dupfd(r6, 0x0, r5)
ioctl$PERF_EVENT_IOC_ENABLE(r7, 0x8912, 0x400200)
r8 = socket$nl_route(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r9 = socket$netlink(0x10, 0x3, 0x0)
r10 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r10, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r10, &(0x7f0000000100)={0x11, 0x0, <r11=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r9, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=@newlink={0x48, 0x10, 0x705, 0x0, 0x0, {0x0, 0x0, 0x0, r11}, [@IFLA_LINKINFO={0x28, 0x12, @veth={{0xc, 0x1, 'veth\x00'}, {0x18, 0x2, @VETH_INFO_PEER={0x14}}}}]}, 0x48}}, 0x0)
sendmsg$nl_route_sched(r8, &(0x7f0000000240)={0x0, 0xffffffffffffff31, &(0x7f0000000080)={&(0x7f0000000440)=ANY=[@ANYBLOB="480000002400070510000b000000000000000000", @ANYRES32=r11, @ANYBLOB="00000000ffffffff00000000240008001c7358af260000f7ffffffffffffff00000000000019161c2500000004000200cd4798777ab2c25c18251dda836b904349838336f4c613e24e553d3bc04415da1201b258855d54721b7bb1d148ed59b5846b16c1c659c64a839bc59e8ae029fe585139f6e05bc7652a87a03fe89b7ce5a7a501b1d6aee2ceb43a6d0b7a18ccab6260214cb20ad234f052c428d60105baf0dc77e88c2163615090ef91dba1bd2a7733c1e5d455b24557dfebba373da9a677f312b917056dbb93177fda1db60eeeeda0a2f22cdf80f02d320fe512a94a27d4903131578656ecec51ab2048c2677a240bba0c50b05e9bf06d1b1358d94e451dcb7eab1ac8"], 0x48}}, 0x0)
r12 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r12, &(0x7f0000000200)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6f73a5eb7532a"], 0x6b)
sendfile(r12, r12, &(0x7f00000001c0), 0x8080fffffffe)
ioctl$VIDIOC_G_SLICED_VBI_CAP(r12, 0xc0745645, &(0x7f0000000600)={0x4, [0x5, 0x1, 0x4, 0x4, 0x1, 0x2, 0x5d5, 0x100, 0x2, 0x400, 0x1, 0x20, 0x8, 0xffff, 0x8000, 0x5, 0x5, 0x9, 0x1, 0x0, 0x7, 0x6, 0xff, 0x6, 0xd05, 0xfff7, 0xb, 0x691, 0x2, 0x1, 0x20, 0xfffd, 0x80, 0x800, 0xb0, 0x8000, 0x2, 0x81, 0x1, 0x2, 0x5, 0x8, 0x1, 0x8, 0x40a6, 0x80, 0x66, 0x81], 0x9})
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r13 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_ENABLE_CAP_CPU(r13, 0x4068aea3, &(0x7f0000000380)={0x7b})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30)
ioctl$KVM_SET_REGS(r13, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r13, 0xae80, 0x0)

09:55:25 executing program 2:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snapshot\x00', 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
ioctl$TCSETA(0xffffffffffffffff, 0x5406, &(0x7f0000000100)={0x6, 0x2, 0x5, 0x40, 0x8, 0x8, 0x6, 0x9, 0x0, 0x1f})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

09:55:25 executing program 3:
setsockopt$IP_VS_SO_SET_STARTDAEMON(0xffffffffffffffff, 0x0, 0x48b, &(0x7f00000000c0)={0x0, 'veth0_to_bond\x00'}, 0x18)
socket(0x0, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r0)
syz_open_dev$vcsn(0x0, 0x0, 0x8003)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
connect$can_bcm(0xffffffffffffffff, 0x0, 0x0)
r2 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r2, &(0x7f0000000200)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6d73a5eb7532a"], 0x6b)
sendfile(r2, r2, &(0x7f00000001c0), 0x8080fffffffe)
r3 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r3, &(0x7f00000006c0)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6f73a5eb7532a7950878e24d651199437ae46d4d1ff26f0b5946a6396c2d8e4b77cc3ad4b78c8e2980c0a056eb39a52737f8b87f1309b50668495e595f9be98a59817f360d811644caf42f3084a082c39eebccfb665503ba3ffc3afaee683dabbbe94f420f9a301d6"], 0x6b)
sendfile(r3, r3, &(0x7f00000001c0), 0x8080fffffffe)
r4 = socket$inet(0x2, 0x100000000805, 0x0)
r5 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r5, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r6=>0x0]}, &(0x7f000095dffc)=0x1bb)
setsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(r4, 0x84, 0x72, &(0x7f0000000100)={r6}, 0xc)
getsockopt$inet_sctp_SCTP_RESET_STREAMS(r3, 0x84, 0x77, &(0x7f0000000100)={<r7=>r6, 0x0, 0x4, [0x7f, 0x3, 0x2, 0xff]}, &(0x7f0000000340)=0x10)
setsockopt$inet_sctp_SCTP_AUTH_DELETE_KEY(r2, 0x84, 0x19, &(0x7f0000000380)={r7, 0x8}, 0x8)
r8 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r9 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
fcntl$setstatus(r9, 0x4, 0x2000)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000002c0)={0xffffffffffffffff, 0xc0, &(0x7f00000003c0)={0x0, <r10=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x5, 0x7, 0x8, 0x2}, &(0x7f0000000200)=0xfff, 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000300)={r10}, 0xc)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000980)={0x0, 0xffffffffffffffff, 0x0, 0x5, &(0x7f0000000440)='f2fs\x00', r10}, 0x30)
r11 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r11, &(0x7f0000000200)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6f73a5eb7532a"], 0x6b)
sendfile(r11, r11, &(0x7f00000001c0), 0x8080fffffffe)
ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_PORT(r11, 0xc0a85352, &(0x7f0000000480)={{0x7, 0x64}, 'port0\x00', 0x1, 0x10840, 0x8, 0x7f, 0x0, 0x3, 0x0, 0x0, 0x1, 0x9})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000440)={0x0, 0xffffffffffffffff, 0x0, 0xc, &(0x7f0000000280)='eth0nodevlo\x00', r10}, 0x30)
fcntl$setown(r8, 0x8, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$P9_RREADLINK(r1, &(0x7f0000000580)=ANY=[@ANYBLOB="3a258211f663a7724bdef6a53bfce1e775d740627227b11e2daf85534aa6f5083067b0248878f07a91df1acc99e664c11cbf51b4f6bff473492cfc5ead68cb6a050655a837ad411cb73394239fdd9e33efb5b63c5ff85708d8994e34841e04ec5f4962c4636b7fb34f186b86bb0467bdd13133ef429bda82f9b8e15eae491432dd2a52707c9ff05a83380901aeeba6a468acc0159117074b79e3eae14d824500eef64107f2ce8e640653058270aa2695952d83c594a125149b91f5ef4021dfcdb74078938059110bd142f3c312c6ecfa636c2567683920c19b877c0100b56a570369b4a3f1d5c222e90a05b5fbfad863ae8a14c85cf21dc7ae5e1ed8ee86c42b4c4b52f5f951d46e18aaa93e909ccf37a43455b24102c998836b67ed7064869a18b2d66a5a45630aad8094ca93f6085a68197469c0ab01a37f699b9cc9"], 0x13d)
sendfile(r1, r1, &(0x7f0000000000), 0x8080fffffffe)
r12 = socket$inet6(0xa, 0x3, 0x2c)
connect$inet6(r12, &(0x7f0000000180)={0xa, 0x0, 0x0, @local, 0x3}, 0x1c)
sendfile(r12, 0xffffffffffffffff, 0x0, 0x8482)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000000040)={0x0, @loopback, @initdev}, &(0x7f0000000080)=0xc)

[  943.586204][   T26] audit: type=1804 audit(1575885325.576:1024): pid=2966 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir334181620/syzkaller.4JfTNJ/873/file0/bus" dev="loop5" ino=443 res=1
09:55:25 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = dup3(r2, r1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_ENABLE_CAP_CPU(r5, 0x4068aea3, &(0x7f0000000380)={0x7b})
accept4(0xffffffffffffffff, &(0x7f0000000480)=@rxrpc=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x0, 0x0, @dev}}, &(0x7f0000000000)=0x80, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0)
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r5, 0xae80, 0x1d00000000000000)

[  943.745798][   T26] audit: type=1804 audit(1575885325.646:1025): pid=2960 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.5" name="/root/syzkaller-testdir334181620/syzkaller.4JfTNJ/873/file0/bus" dev="loop5" ino=443 res=1
[  943.773121][ T3072] kvm [3071]: vcpu0, guest rIP: 0x4a Hyper-V unhandled rdmsr: 0x4000004a
[  943.805749][ T3072] kvm [3071]: vcpu0, guest rIP: 0x4a Hyper-V unhandled rdmsr: 0x40000028
[  943.849576][ T3072] kvm [3071]: vcpu0, guest rIP: 0x4a Hyper-V unhandled rdmsr: 0x40000006
[  943.913388][ T3072] kvm [3071]: vcpu0, guest rIP: 0x4a Hyper-V unhandled rdmsr: 0x40000050
[  943.975280][ T3072] kvm [3071]: vcpu0, guest rIP: 0x4a Hyper-V unhandled rdmsr: 0x4000002e
[  944.020337][ T3072] kvm [3071]: vcpu0, guest rIP: 0x4a Hyper-V unhandled rdmsr: 0x40000078
[  944.060199][ T3072] kvm [3071]: vcpu0, guest rIP: 0x4a Hyper-V unhandled rdmsr: 0x4000000c
[  944.092297][ T3072] kvm [3071]: vcpu0, guest rIP: 0x4a Hyper-V unhandled rdmsr: 0x40000056
[  944.131439][ T3072] kvm [3071]: vcpu0, guest rIP: 0x4a Hyper-V unhandled rdmsr: 0x40000034
09:55:26 executing program 5:
setsockopt$IP_VS_SO_SET_STARTDAEMON(0xffffffffffffffff, 0x0, 0x48b, &(0x7f00000000c0)={0x0, 'veth0_to_bond\x00'}, 0x18)
socket(0x0, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r0)
syz_open_dev$vcsn(0x0, 0x0, 0x8003)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
connect$can_bcm(0xffffffffffffffff, 0x0, 0x0)
r2 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r2, &(0x7f0000000200)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6d73a5eb7532a"], 0x6b)
sendfile(r2, r2, &(0x7f00000001c0), 0x8080fffffffe)
r3 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r3, &(0x7f00000006c0)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6f73a5eb7532a7950878e24d651199437ae46d4d1ff26f0b5946a6396c2d8e4b77cc3ad4b78c8e2980c0a056eb39a52737f8b87f1309b50668495e595f9be98a59817f360d811644caf42f3084a082c39eebccfb665503ba3ffc3afaee683dabbbe94f420f9a301d6"], 0x6b)
sendfile(r3, r3, &(0x7f00000001c0), 0x8080fffffffe)
r4 = socket$inet(0x2, 0x100000000805, 0x0)
r5 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r5, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r6=>0x0]}, &(0x7f000095dffc)=0x1bb)
setsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(r4, 0x84, 0x72, &(0x7f0000000100)={r6}, 0xc)
getsockopt$inet_sctp_SCTP_RESET_STREAMS(r3, 0x84, 0x77, &(0x7f0000000100)={<r7=>r6, 0x0, 0x4, [0x7f, 0x3, 0x2, 0xff]}, &(0x7f0000000340)=0x10)
setsockopt$inet_sctp_SCTP_AUTH_DELETE_KEY(r2, 0x84, 0x19, &(0x7f0000000380)={r7, 0x8}, 0x8)
r8 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r9 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
fcntl$setstatus(r9, 0x4, 0x2000)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000002c0)={0xffffffffffffffff, 0xc0, &(0x7f00000003c0)={0x0, <r10=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x5, 0x7, 0x8, 0x2}, &(0x7f0000000200)=0xfff, 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000300)={r10}, 0xc)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000980)={0x0, 0xffffffffffffffff, 0x0, 0x5, &(0x7f0000000440)='f2fs\x00', r10}, 0x30)
r11 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r11, &(0x7f0000000200)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6f73a5eb7532a"], 0x6b)
sendfile(r11, r11, &(0x7f00000001c0), 0x8080fffffffe)
ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_PORT(r11, 0xc0a85352, &(0x7f0000000480)={{0x7, 0x64}, 'port0\x00', 0x1, 0x10840, 0x8, 0x7f, 0x0, 0x3, 0x0, 0x0, 0x1, 0x9})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000440)={0x0, 0xffffffffffffffff, 0x0, 0xc, &(0x7f0000000280)='eth0nodevlo\x00', r10}, 0x30)
fcntl$setown(r8, 0x8, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$P9_RREADLINK(r1, &(0x7f0000000580)=ANY=[@ANYBLOB="3a258211f663a7724bdef6a53bfce1e775d740627227b11e2daf85534aa6f5083067b0248878f07a91df1acc99e664c11cbf51b4f6bff473492cfc5ead68cb6a050655a837ad411cb73394239fdd9e33efb5b63c5ff85708d8994e34841e04ec5f4962c4636b7fb34f186b86bb0467bdd13133ef429bda82f9b8e15eae491432dd2a52707c9ff05a83380901aeeba6a468acc0159117074b79e3eae14d824500eef64107f2ce8e640653058270aa2695952d83c594a125149b91f5ef4021dfcdb74078938059110bd142f3c312c6ecfa636c2567683920c19b877c0100b56a570369b4a3f1d5c222e90a05b5fbfad863ae8a14c85cf21dc7ae5e1ed8ee86c42b4c4b52f5f951d46e18aaa93e909ccf37a43455b24102c998836b67ed7064869a18b2d66a5a45630aad8094ca93f6085a68197469c0ab01a37f699b9cc9"], 0x13d)
sendfile(r1, r1, &(0x7f0000000000), 0x8080fffffffe)
connect$inet6(0xffffffffffffffff, &(0x7f0000000180)={0xa, 0x0, 0x0, @local, 0x3}, 0x1c)
r12 = open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0)
sendfile(0xffffffffffffffff, r12, 0x0, 0x8482)
getsockopt$inet_pktinfo(r12, 0x0, 0x8, &(0x7f0000000040)={0x0, @loopback, @initdev}, &(0x7f0000000080)=0xc)

09:55:26 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = dup3(r2, r1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_ENABLE_CAP_CPU(r5, 0x4068aea3, &(0x7f0000000380)={0x7b})
accept4(0xffffffffffffffff, &(0x7f0000000480)=@rxrpc=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x0, 0x0, @dev}}, &(0x7f0000000000)=0x80, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0)
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r5, 0xae80, 0x1e00000000000000)

09:55:26 executing program 3:
setsockopt$IP_VS_SO_SET_STARTDAEMON(0xffffffffffffffff, 0x0, 0x48b, &(0x7f00000000c0)={0x0, 'veth0_to_bond\x00'}, 0x18)
socket(0x0, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r0)
syz_open_dev$vcsn(0x0, 0x0, 0x8003)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
connect$can_bcm(0xffffffffffffffff, 0x0, 0x0)
r2 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r2, &(0x7f0000000200)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6d73a5eb7532a"], 0x6b)
sendfile(r2, r2, &(0x7f00000001c0), 0x8080fffffffe)
r3 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r3, &(0x7f00000006c0)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6f73a5eb7532a7950878e24d651199437ae46d4d1ff26f0b5946a6396c2d8e4b77cc3ad4b78c8e2980c0a056eb39a52737f8b87f1309b50668495e595f9be98a59817f360d811644caf42f3084a082c39eebccfb665503ba3ffc3afaee683dabbbe94f420f9a301d6"], 0x6b)
sendfile(r3, r3, &(0x7f00000001c0), 0x8080fffffffe)
r4 = socket$inet(0x2, 0x100000000805, 0x0)
r5 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r5, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r6=>0x0]}, &(0x7f000095dffc)=0x1bb)
setsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(r4, 0x84, 0x72, &(0x7f0000000100)={r6}, 0xc)
getsockopt$inet_sctp_SCTP_RESET_STREAMS(r3, 0x84, 0x77, &(0x7f0000000100)={<r7=>r6, 0x0, 0x4, [0x7f, 0x3, 0x2, 0xff]}, &(0x7f0000000340)=0x10)
setsockopt$inet_sctp_SCTP_AUTH_DELETE_KEY(r2, 0x84, 0x19, &(0x7f0000000380)={r7, 0x8}, 0x8)
r8 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r9 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
fcntl$setstatus(r9, 0x4, 0x2000)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000002c0)={0xffffffffffffffff, 0xc0, &(0x7f00000003c0)={0x0, <r10=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x5, 0x7, 0x8, 0x2}, &(0x7f0000000200)=0xfff, 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000300)={r10}, 0xc)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000980)={0x0, 0xffffffffffffffff, 0x0, 0x5, &(0x7f0000000440)='f2fs\x00', r10}, 0x30)
r11 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r11, &(0x7f0000000200)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6f73a5eb7532a"], 0x6b)
sendfile(r11, r11, &(0x7f00000001c0), 0x8080fffffffe)
ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_PORT(r11, 0xc0a85352, &(0x7f0000000480)={{0x7, 0x64}, 'port0\x00', 0x1, 0x10840, 0x8, 0x7f, 0x0, 0x3, 0x0, 0x0, 0x1, 0x9})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000440)={0x0, 0xffffffffffffffff, 0x0, 0xc, &(0x7f0000000280)='eth0nodevlo\x00', r10}, 0x30)
fcntl$setown(r8, 0x8, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$P9_RREADLINK(r1, &(0x7f0000000580)=ANY=[@ANYBLOB="3a258211f663a7724bdef6a53bfce1e775d740627227b11e2daf85534aa6f5083067b0248878f07a91df1acc99e664c11cbf51b4f6bff473492cfc5ead68cb6a050655a837ad411cb73394239fdd9e33efb5b63c5ff85708d8994e34841e04ec5f4962c4636b7fb34f186b86bb0467bdd13133ef429bda82f9b8e15eae491432dd2a52707c9ff05a83380901aeeba6a468acc0159117074b79e3eae14d824500eef64107f2ce8e640653058270aa2695952d83c594a125149b91f5ef4021dfcdb74078938059110bd142f3c312c6ecfa636c2567683920c19b877c0100b56a570369b4a3f1d5c222e90a05b5fbfad863ae8a14c85cf21dc7ae5e1ed8ee86c42b4c4b52f5f951d46e18aaa93e909ccf37a43455b24102c998836b67ed7064869a18b2d66a5a45630aad8094ca93f6085a68197469c0ab01a37f699b9cc9"], 0x13d)
sendfile(r1, r1, &(0x7f0000000000), 0x8080fffffffe)
r12 = socket$inet6(0xa, 0x3, 0x2c)
connect$inet6(r12, &(0x7f0000000180)={0xa, 0x0, 0x0, @local, 0x3}, 0x1c)
sendfile(r12, 0xffffffffffffffff, 0x0, 0x8482)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000000040)={0x0, @loopback, @initdev}, &(0x7f0000000080)=0xc)

09:55:26 executing program 2:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snapshot\x00', 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
ioctl$TCSETA(0xffffffffffffffff, 0x5406, &(0x7f0000000100)={0x6, 0x2, 0x5, 0x40, 0x8, 0x8, 0x6, 0x9, 0x0, 0x1f})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  944.583143][   T26] audit: type=1804 audit(1575885326.576:1026): pid=3087 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.4" name="/root/syzkaller-testdir277592306/syzkaller.2XkVD1/780/bus" dev="sda1" ino=16562 res=1
09:55:26 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = dup3(r2, r1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_ENABLE_CAP_CPU(r5, 0x4068aea3, &(0x7f0000000380)={0x7b})
accept4(0xffffffffffffffff, &(0x7f0000000480)=@rxrpc=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x0, 0x0, @dev}}, &(0x7f0000000000)=0x80, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0)
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r5, 0xae80, 0x2900000000000000)

09:55:26 executing program 2:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snapshot\x00', 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
ioctl$TCSETA(0xffffffffffffffff, 0x5406, &(0x7f0000000100)={0x6, 0x2, 0x5, 0x40, 0x8, 0x8, 0x6, 0x9, 0x0, 0x1f})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  944.751112][   T26] audit: type=1804 audit(1575885326.596:1027): pid=3091 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.4" name="/root/syzkaller-testdir277592306/syzkaller.2XkVD1/780/bus" dev="sda1" ino=16562 res=1
[  944.924695][   T26] audit: type=1804 audit(1575885326.606:1028): pid=3092 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.4" name="/root/syzkaller-testdir277592306/syzkaller.2XkVD1/780/bus" dev="sda1" ino=16562 res=1
09:55:26 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0x1, 0x40, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ubi_ctrl\x00', 0x80, 0x0)
ioctl$MON_IOCX_GETX(r3, 0x4018920a, &(0x7f0000000500)={&(0x7f0000000440), &(0x7f0000000480)=""/81, 0x51})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000588ff8)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
fcntl$lock(r5, 0x26, &(0x7f0000000080))
r6 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x4000000105042, 0x0)
write(r6, &(0x7f0000000200)="fdf01ae741043030219708b2e9a22414e8d9058cf44eecab83b2d28ce64965047f8122da91f2e47e046e9fc35c2d106b78bb06f5b13160ed8a0a91995e8bbea8ac66f5be7c659e654eb9a9efdeefbc8d4a0fcd31a782ec5ae3041b5f8e3a500e264144e3a5619c3a4a9f4cb16916f8910013ffc1345747a696f594e72965e81a225914af246f9a4584f20ec6b6135a9e5632230520a7bc370d9291675212ad7eb5673a1c4d7d03c415df3aab729ca15c3322d4b94626a6e508f5f2adf8f408b6799166f31c4e87ccdc3189b590ffba8b409111c7f6d36aae697d578d8024684647314eb25ee33f8392b42e5ecef3b52e19ebf6f1028cb8dcc54a11dd11b8adbb532b99d457453fbe3277a0c98672a9566c339311a4c007a143106f15054e01cafdcf6f9c6a17fb9ca3362a3a01cfedc8dbfe8bffa12dd17ba0be258156d1b4ef6f136711e49103776540bb986882aba0b7cff4e0102b105f9bea091a1b037373fcdc9f1fadfa9d21ff8f42156f74694d55058084ad477ce6c8bf47641c64d1cfe008025d87e5a02d3eba8d253e30062bdc7fe046bd590131d17ccc73a5ea27c8fb4bf752965f16301176416f440d11db988ad92726c693c5aa5b3ca28bc31ced72d0f4d12cb03fb261fe08e79e78f7aad21dc40cd694ec6e2bcb97be1c67fe59a6564924aaaa280aa94e04b9cb05bb8a0325a5d65f16cd0f8f09286a07382dce", 0x2fde00)
fcntl$lock(r6, 0x26, &(0x7f0000000180)={0x40001, 0x0, 0xd69, 0x3ac})
r7 = dup3(r4, r5, 0x0)
getpeername(r5, &(0x7f0000000100)=@can, &(0x7f0000000080)=0x80)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x10200, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000000380)={0x7b, 0x0, [0x0, 0x0, 0x10002, 0x4]})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30)
fcntl$F_SET_RW_HINT(r7, 0x40c, &(0x7f0000000200)=0x2)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

09:55:27 executing program 3:
setsockopt$IP_VS_SO_SET_STARTDAEMON(0xffffffffffffffff, 0x0, 0x48b, &(0x7f00000000c0)={0x0, 'veth0_to_bond\x00'}, 0x18)
socket(0x0, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r0)
syz_open_dev$vcsn(0x0, 0x0, 0x8003)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
connect$can_bcm(0xffffffffffffffff, 0x0, 0x0)
r2 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r3 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r3, 0x4, 0x2000)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000002c0)={0xffffffffffffffff, 0xc0, &(0x7f00000003c0)={0x0, <r4=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r5=>0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x5, 0x7, 0x8, 0x2}, &(0x7f0000000200)=0xfff, 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000300)={r4}, 0xc)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000980)={0x0, 0xffffffffffffffff, 0x0, 0x5, &(0x7f0000000440)='f2fs\x00', r4}, 0x30)
r6 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
r7 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x4000000105042, 0x0)
write(r7, &(0x7f0000000200)="fdf01ae741043030219708b2e9a22414e8d9058cf44eecab83b2d28ce64965047f8122da91f2e47e046e9fc35c2d106b78bb06f5b13160ed8a0a91995e8bbea8ac66f5be7c659e654eb9a9efdeefbc8d4a0fcd31a782ec5ae3041b5f8e3a500e264144e3a5619c3a4a9f4cb16916f8910013ffc1345747a696f594e72965e81a225914af246f9a4584f20ec6b6135a9e5632230520a7bc370d9291675212ad7eb5673a1c4d7d03c415df3aab729ca15c3322d4b94626a6e508f5f2adf8f408b6799166f31c4e87ccdc3189b590ffba8b409111c7f6d36aae697d578d8024684647314eb25ee33f8392b42e5ecef3b52e19ebf6f1028cb8dcc54a11dd11b8adbb532b99d457453fbe3277a0c98672a9566c339311a4c007a143106f15054e01cafdcf6f9c6a17fb9ca3362a3a01cfedc8dbfe8bffa12dd17ba0be258156d1b4ef6f136711e49103776540bb986882aba0b7cff4e0102b105f9bea091a1b037373fcdc9f1fadfa9d21ff8f42156f74694d55058084ad477ce6c8bf47641c64d1cfe008025d87e5a02d3eba8d253e30062bdc7fe046bd590131d17ccc73a5ea27c8fb4bf752965f16301176416f440d11db988ad92726c693c5aa5b3ca28bc31ced72d0f4d12cb03fb261fe08e79e78f7aad21dc40cd694ec6e2bcb97be1c67fe59a6564924aaaa280aa94e04b9cb05bb8a0325a5d65f16cd0f8f09286a07382dce", 0x2fde00)
r8 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x6000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x200000000000df8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r9 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x11, r9, 0x0)
ioctl$PERF_EVENT_IOC_SET_OUTPUT(r8, 0x2405, r9)
r10 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x6000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x200000000000df8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r11 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x11, r11, 0x0)
ioctl$PERF_EVENT_IOC_SET_OUTPUT(r10, 0x2405, r11)
r12 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x4000000105042, 0x0)
write(r12, &(0x7f0000000200)="fdf01ae741043030219708b2e9a22414e8d9058cf44eecab83b2d28ce64965047f8122da91f2e47e046e9fc35c2d106b78bb06f5b13160ed8a0a91995e8bbea8ac66f5be7c659e654eb9a9efdeefbc8d4a0fcd31a782ec5ae3041b5f8e3a500e264144e3a5619c3a4a9f4cb16916f8910013ffc1345747a696f594e72965e81a225914af246f9a4584f20ec6b6135a9e5632230520a7bc370d9291675212ad7eb5673a1c4d7d03c415df3aab729ca15c3322d4b94626a6e508f5f2adf8f408b6799166f31c4e87ccdc3189b590ffba8b409111c7f6d36aae697d578d8024684647314eb25ee33f8392b42e5ecef3b52e19ebf6f1028cb8dcc54a11dd11b8adbb532b99d457453fbe3277a0c98672a9566c339311a4c007a143106f15054e01cafdcf6f9c6a17fb9ca3362a3a01cfedc8dbfe8bffa12dd17ba0be258156d1b4ef6f136711e49103776540bb986882aba0b7cff4e0102b105f9bea091a1b037373fcdc9f1fadfa9d21ff8f42156f74694d55058084ad477ce6c8bf47641c64d1cfe008025d87e5a02d3eba8d253e30062bdc7fe046bd590131d17ccc73a5ea27c8fb4bf752965f16301176416f440d11db988ad92726c693c5aa5b3ca28bc31ced72d0f4d12cb03fb261fe08e79e78f7aad21dc40cd694ec6e2bcb97be1c67fe59a6564924aaaa280aa94e04b9cb05bb8a0325a5d65f16cd0f8f09286a07382dce", 0x2fde00)
write$binfmt_aout(r6, &(0x7f00000009c0)=ANY=[@ANYRES32=r5, @ANYBLOB="e899fe12eaf30b98f6939d65785f46b50ffec159f87a7bedf24bcb95bf3797ecfaa7117290c17127ebfa5ebb61014f95358cbbf6dcd74087b3610be9bcedba6416614c2fee046db7568b7772709f35821f0ad40f24356f989d13ba3442d253c7831c8205bcbde4baf239c1cb447cc64eb0", @ANYBLOB="b7c3b64499ff4f600e72e48bcdf8c3d7cda1e909942532ef48ebe80cd0ccdfc942d5bb9bb77413ffb446f7fe5063da8d3449ef9fc48df6cffb4ac457a8003dbbdec2618420f97ffdc423e375902c4d6a01b59e98d3ad4d641ab6a61db707e4fe4dc55863eee0a8eb566b18549960f40bf8e7de134df1222c1d1213271eede9393c796989bfa79857a96301b1150aa32ebc3b6f4dd5b79e8272a7383498cd1333f215a9565c0de9c5e9312ad93686d6bf0825f99bab0acece1c7bfaecdacba8b5e101f542d47f53a662fbc5a911ce937eafda935aae6bbeede53a78ede1881ea16c16be69d371bb7f765f12dfd98b896a91504d88", @ANYPTR, @ANYRES16, @ANYPTR, @ANYPTR=&(0x7f0000000700)=ANY=[], @ANYBLOB="5f8ab635894e470f6d86dea501df069a5f12358dc0caede9f1939b6361400fbbb700ba8526778f62c6c94d0c3cc7b73a5c977d3efc0a2fe3b382187088a9a5a633777d7eeb98aca802a0b30320bf327f1bc6708efb446f5741acb4fca6bdc170dad7f9bafd67598ff3771c3462e2c9a7233d03053a16e866d6f11c0b2b304391109b87360ee0819a131d65ae44b1df3a67ebf02353d6f46861299cf4844a019873f43b5d464bd0c14c6add3314bbe66c5290f169411eaece7a64bc"], 0x36b)
sendfile(r6, r6, &(0x7f00000001c0), 0x8080fffffffe)
ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_PORT(r6, 0xc0a85352, &(0x7f0000000480)={{0x7, 0x64}, 'port0\x00', 0x1, 0x10840, 0x8, 0x7f, 0x0, 0x3, 0x0, 0x0, 0x1, 0x9})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000440)={0x0, 0xffffffffffffffff, 0x0, 0xc, &(0x7f0000000280)='eth0nodevlo\x00', r4}, 0x30)
fcntl$setown(r2, 0x8, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$P9_RREADLINK(r1, &(0x7f0000000580)=ANY=[@ANYBLOB="3a258211f663a7724bdef6a53bfce1e775d740627227b11e2daf85534aa6f5083067b0248878f07a91df1acc99e664c11cbf51b4f6bff473492cfc5ead68cb6a050655a837ad411cb73394239fdd9e33efb5b63c5ff85708d8994e34841e04ec5f4962c4636b7fb34f186b86bb0267bd491432dd2a52707c9ff05a83380901aeeba6a468acc0159117074b79e3eae14d824500eef64107f2ce8e640653058270aa2695952d83c594a125149b7df5ef4021dfcdb74078938059110bd142f3c312c6ecfa636c2567683920c19b877c0100b56a570369b4a3f1d5c222e90a05b5fbfad8e3ae8a14c85cf21dc7ae5e1ed8ee86c42b4c4b52f5f951d46e18aaa93e909ccf37a43455b24102c998836b67ed7064869a18b2d66a5a45630aad8094ca93f6085a68197469c0ab01a37f699b9cc9"], 0x13d)
sendfile(r1, r1, &(0x7f0000000000), 0x8080fffffffe)
r13 = socket$inet6(0xa, 0x3, 0x2c)
connect$inet6(r13, &(0x7f0000000180)={0xa, 0x0, 0x0, @local, 0x3}, 0x1c)
r14 = open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0)
sendfile(r13, r14, 0x0, 0x8482)
ioctl$VIDIOC_G_AUDIO(r1, 0x80345621, &(0x7f0000000100))
getsockopt$inet_pktinfo(r14, 0x0, 0x8, &(0x7f0000000040)={0x0, @loopback, @initdev}, &(0x7f0000000080)=0xc)

09:55:27 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = dup3(r2, r1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_ENABLE_CAP_CPU(r5, 0x4068aea3, &(0x7f0000000380)={0x7b})
accept4(0xffffffffffffffff, &(0x7f0000000480)=@rxrpc=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x0, 0x0, @dev}}, &(0x7f0000000000)=0x80, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0)
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r5, 0xae80, 0x3e00000000000000)

09:55:27 executing program 2:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snapshot\x00', 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
ioctl$TCSETA(0xffffffffffffffff, 0x5406, &(0x7f0000000100)={0x6, 0x2, 0x5, 0x40, 0x8, 0x8, 0x6, 0x9, 0x0, 0x1f})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  945.078293][   T26] audit: type=1804 audit(1575885326.776:1029): pid=3585 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir334181620/syzkaller.4JfTNJ/874/file0/bus" dev="loop5" ino=445 res=1
[  945.267055][   T26] audit: type=1804 audit(1575885326.876:1030): pid=3558 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.5" name="/root/syzkaller-testdir334181620/syzkaller.4JfTNJ/874/file0/bus" dev="loop5" ino=445 res=1
09:55:27 executing program 5:
setsockopt$IP_VS_SO_SET_STARTDAEMON(0xffffffffffffffff, 0x0, 0x48b, &(0x7f00000000c0)={0x0, 'veth0_to_bond\x00'}, 0x18)
socket(0x0, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r0)
syz_open_dev$vcsn(0x0, 0x0, 0x8003)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
connect$can_bcm(0xffffffffffffffff, 0x0, 0x0)
r2 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r2, &(0x7f0000000200)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6d73a5eb7532a"], 0x6b)
sendfile(r2, r2, &(0x7f00000001c0), 0x8080fffffffe)
r3 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r3, &(0x7f00000006c0)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6f73a5eb7532a7950878e24d651199437ae46d4d1ff26f0b5946a6396c2d8e4b77cc3ad4b78c8e2980c0a056eb39a52737f8b87f1309b50668495e595f9be98a59817f360d811644caf42f3084a082c39eebccfb665503ba3ffc3afaee683dabbbe94f420f9a301d6"], 0x6b)
sendfile(r3, r3, &(0x7f00000001c0), 0x8080fffffffe)
r4 = socket$inet(0x2, 0x100000000805, 0x0)
r5 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r5, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r6=>0x0]}, &(0x7f000095dffc)=0x1bb)
setsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(r4, 0x84, 0x72, &(0x7f0000000100)={r6}, 0xc)
getsockopt$inet_sctp_SCTP_RESET_STREAMS(r3, 0x84, 0x77, &(0x7f0000000100)={<r7=>r6, 0x0, 0x4, [0x7f, 0x3, 0x2, 0xff]}, &(0x7f0000000340)=0x10)
setsockopt$inet_sctp_SCTP_AUTH_DELETE_KEY(r2, 0x84, 0x19, &(0x7f0000000380)={r7, 0x8}, 0x8)
r8 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r9 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
fcntl$setstatus(r9, 0x4, 0x2000)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000002c0)={0xffffffffffffffff, 0xc0, &(0x7f00000003c0)={0x0, <r10=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x5, 0x7, 0x8, 0x2}, &(0x7f0000000200)=0xfff, 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000300)={r10}, 0xc)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000980)={0x0, 0xffffffffffffffff, 0x0, 0x5, &(0x7f0000000440)='f2fs\x00', r10}, 0x30)
r11 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r11, &(0x7f0000000200)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6f73a5eb7532a"], 0x6b)
sendfile(r11, r11, &(0x7f00000001c0), 0x8080fffffffe)
ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_PORT(r11, 0xc0a85352, &(0x7f0000000480)={{0x7, 0x64}, 'port0\x00', 0x1, 0x10840, 0x8, 0x7f, 0x0, 0x3, 0x0, 0x0, 0x1, 0x9})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000440)={0x0, 0xffffffffffffffff, 0x0, 0xc, &(0x7f0000000280)='eth0nodevlo\x00', r10}, 0x30)
fcntl$setown(r8, 0x8, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$P9_RREADLINK(r1, &(0x7f0000000580)=ANY=[@ANYBLOB="3a258211f663a7724bdef6a53bfce1e775d740627227b11e2daf85534aa6f5083067b0248878f07a91df1acc99e664c11cbf51b4f6bff473492cfc5ead68cb6a050655a837ad411cb73394239fdd9e33efb5b63c5ff85708d8994e34841e04ec5f4962c4636b7fb34f186b86bb0467bdd13133ef429bda82f9b8e15eae491432dd2a52707c9ff05a83380901aeeba6a468acc0159117074b79e3eae14d824500eef64107f2ce8e640653058270aa2695952d83c594a125149b91f5ef4021dfcdb74078938059110bd142f3c312c6ecfa636c2567683920c19b877c0100b56a570369b4a3f1d5c222e90a05b5fbfad863ae8a14c85cf21dc7ae5e1ed8ee86c42b4c4b52f5f951d46e18aaa93e909ccf37a43455b24102c998836b67ed7064869a18b2d66a5a45630aad8094ca93f6085a68197469c0ab01a37f699b9cc9"], 0x13d)
sendfile(r1, r1, &(0x7f0000000000), 0x8080fffffffe)
connect$inet6(0xffffffffffffffff, &(0x7f0000000180)={0xa, 0x0, 0x0, @local, 0x3}, 0x1c)
r12 = open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0)
sendfile(0xffffffffffffffff, r12, 0x0, 0x8482)
getsockopt$inet_pktinfo(r12, 0x0, 0x8, &(0x7f0000000040)={0x0, @loopback, @initdev}, &(0x7f0000000080)=0xc)

09:55:27 executing program 3:
setsockopt$IP_VS_SO_SET_STARTDAEMON(0xffffffffffffffff, 0x0, 0x48b, &(0x7f00000000c0)={0x0, 'veth0_to_bond\x00'}, 0x18)
socket(0x0, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r0)
syz_open_dev$vcsn(0x0, 0x0, 0x8003)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
connect$can_bcm(0xffffffffffffffff, 0x0, 0x0)
r2 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r3 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r3, 0x4, 0x2000)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000002c0)={0xffffffffffffffff, 0xc0, &(0x7f00000003c0)={0x0, <r4=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r5=>0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x5, 0x7, 0x8, 0x2}, &(0x7f0000000200)=0xfff, 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000300)={r4}, 0xc)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000980)={0x0, 0xffffffffffffffff, 0x0, 0x5, &(0x7f0000000440)='f2fs\x00', r4}, 0x30)
r6 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
r7 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x4000000105042, 0x0)
write(r7, &(0x7f0000000200)="fdf01ae741043030219708b2e9a22414e8d9058cf44eecab83b2d28ce64965047f8122da91f2e47e046e9fc35c2d106b78bb06f5b13160ed8a0a91995e8bbea8ac66f5be7c659e654eb9a9efdeefbc8d4a0fcd31a782ec5ae3041b5f8e3a500e264144e3a5619c3a4a9f4cb16916f8910013ffc1345747a696f594e72965e81a225914af246f9a4584f20ec6b6135a9e5632230520a7bc370d9291675212ad7eb5673a1c4d7d03c415df3aab729ca15c3322d4b94626a6e508f5f2adf8f408b6799166f31c4e87ccdc3189b590ffba8b409111c7f6d36aae697d578d8024684647314eb25ee33f8392b42e5ecef3b52e19ebf6f1028cb8dcc54a11dd11b8adbb532b99d457453fbe3277a0c98672a9566c339311a4c007a143106f15054e01cafdcf6f9c6a17fb9ca3362a3a01cfedc8dbfe8bffa12dd17ba0be258156d1b4ef6f136711e49103776540bb986882aba0b7cff4e0102b105f9bea091a1b037373fcdc9f1fadfa9d21ff8f42156f74694d55058084ad477ce6c8bf47641c64d1cfe008025d87e5a02d3eba8d253e30062bdc7fe046bd590131d17ccc73a5ea27c8fb4bf752965f16301176416f440d11db988ad92726c693c5aa5b3ca28bc31ced72d0f4d12cb03fb261fe08e79e78f7aad21dc40cd694ec6e2bcb97be1c67fe59a6564924aaaa280aa94e04b9cb05bb8a0325a5d65f16cd0f8f09286a07382dce", 0x2fde00)
r8 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x6000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x200000000000df8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r9 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x11, r9, 0x0)
ioctl$PERF_EVENT_IOC_SET_OUTPUT(r8, 0x2405, r9)
r10 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x6000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x200000000000df8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r11 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x11, r11, 0x0)
ioctl$PERF_EVENT_IOC_SET_OUTPUT(r10, 0x2405, r11)
r12 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x4000000105042, 0x0)
write(r12, &(0x7f0000000200)="fdf01ae741043030219708b2e9a22414e8d9058cf44eecab83b2d28ce64965047f8122da91f2e47e046e9fc35c2d106b78bb06f5b13160ed8a0a91995e8bbea8ac66f5be7c659e654eb9a9efdeefbc8d4a0fcd31a782ec5ae3041b5f8e3a500e264144e3a5619c3a4a9f4cb16916f8910013ffc1345747a696f594e72965e81a225914af246f9a4584f20ec6b6135a9e5632230520a7bc370d9291675212ad7eb5673a1c4d7d03c415df3aab729ca15c3322d4b94626a6e508f5f2adf8f408b6799166f31c4e87ccdc3189b590ffba8b409111c7f6d36aae697d578d8024684647314eb25ee33f8392b42e5ecef3b52e19ebf6f1028cb8dcc54a11dd11b8adbb532b99d457453fbe3277a0c98672a9566c339311a4c007a143106f15054e01cafdcf6f9c6a17fb9ca3362a3a01cfedc8dbfe8bffa12dd17ba0be258156d1b4ef6f136711e49103776540bb986882aba0b7cff4e0102b105f9bea091a1b037373fcdc9f1fadfa9d21ff8f42156f74694d55058084ad477ce6c8bf47641c64d1cfe008025d87e5a02d3eba8d253e30062bdc7fe046bd590131d17ccc73a5ea27c8fb4bf752965f16301176416f440d11db988ad92726c693c5aa5b3ca28bc31ced72d0f4d12cb03fb261fe08e79e78f7aad21dc40cd694ec6e2bcb97be1c67fe59a6564924aaaa280aa94e04b9cb05bb8a0325a5d65f16cd0f8f09286a07382dce", 0x2fde00)
write$binfmt_aout(r6, &(0x7f00000009c0)=ANY=[@ANYRES32=r5, @ANYBLOB="e899fe12eaf30b98f6939d65785f46b50ffec159f87a7bedf24bcb95bf3797ecfaa7117290c17127ebfa5ebb61014f95358cbbf6dcd74087b3610be9bcedba6416614c2fee046db7568b7772709f35821f0ad40f24356f989d13ba3442d253c7831c8205bcbde4baf239c1cb447cc64eb0", @ANYBLOB="b7c3b64499ff4f600e72e48bcdf8c3d7cda1e909942532ef48ebe80cd0ccdfc942d5bb9bb77413ffb446f7fe5063da8d3449ef9fc48df6cffb4ac457a8003dbbdec2618420f97ffdc423e375902c4d6a01b59e98d3ad4d641ab6a61db707e4fe4dc55863eee0a8eb566b18549960f40bf8e7de134df1222c1d1213271eede9393c796989bfa79857a96301b1150aa32ebc3b6f4dd5b79e8272a7383498cd1333f215a9565c0de9c5e9312ad93686d6bf0825f99bab0acece1c7bfaecdacba8b5e101f542d47f53a662fbc5a911ce937eafda935aae6bbeede53a78ede1881ea16c16be69d371bb7f765f12dfd98b896a91504d88", @ANYPTR, @ANYRES16, @ANYPTR, @ANYPTR=&(0x7f0000000700)=ANY=[], @ANYBLOB="5f8ab635894e470f6d86dea501df069a5f12358dc0caede9f1939b6361400fbbb700ba8526778f62c6c94d0c3cc7b73a5c977d3efc0a2fe3b382187088a9a5a633777d7eeb98aca802a0b30320bf327f1bc6708efb446f5741acb4fca6bdc170dad7f9bafd67598ff3771c3462e2c9a7233d03053a16e866d6f11c0b2b304391109b87360ee0819a131d65ae44b1df3a67ebf02353d6f46861299cf4844a019873f43b5d464bd0c14c6add3314bbe66c5290f169411eaece7a64bc"], 0x36b)
sendfile(r6, r6, &(0x7f00000001c0), 0x8080fffffffe)
ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_PORT(r6, 0xc0a85352, &(0x7f0000000480)={{0x7, 0x64}, 'port0\x00', 0x1, 0x10840, 0x8, 0x7f, 0x0, 0x3, 0x0, 0x0, 0x1, 0x9})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000440)={0x0, 0xffffffffffffffff, 0x0, 0xc, &(0x7f0000000280)='eth0nodevlo\x00', r4}, 0x30)
fcntl$setown(r2, 0x8, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$P9_RREADLINK(r1, &(0x7f0000000580)=ANY=[@ANYBLOB="3a258211f663a7724bdef6a53bfce1e775d740627227b11e2daf85534aa6f5083067b0248878f07a91df1acc99e664c11cbf51b4f6bff473492cfc5ead68cb6a050655a837ad411cb73394239fdd9e33efb5b63c5ff85708d8994e34841e04ec5f4962c4636b7fb34f186b86bb0267bd491432dd2a52707c9ff05a83380901aeeba6a468acc0159117074b79e3eae14d824500eef64107f2ce8e640653058270aa2695952d83c594a125149b7df5ef4021dfcdb74078938059110bd142f3c312c6ecfa636c2567683920c19b877c0100b56a570369b4a3f1d5c222e90a05b5fbfad8e3ae8a14c85cf21dc7ae5e1ed8ee86c42b4c4b52f5f951d46e18aaa93e909ccf37a43455b24102c998836b67ed7064869a18b2d66a5a45630aad8094ca93f6085a68197469c0ab01a37f699b9cc9"], 0x13d)
sendfile(r1, r1, &(0x7f0000000000), 0x8080fffffffe)
r13 = socket$inet6(0xa, 0x3, 0x2c)
connect$inet6(r13, &(0x7f0000000180)={0xa, 0x0, 0x0, @local, 0x3}, 0x1c)
r14 = open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0)
sendfile(r13, r14, 0x0, 0x8482)
ioctl$VIDIOC_G_AUDIO(r1, 0x80345621, &(0x7f0000000100))
getsockopt$inet_pktinfo(r14, 0x0, 0x8, &(0x7f0000000040)={0x0, @loopback, @initdev}, &(0x7f0000000080)=0xc)

09:55:27 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = dup3(r2, r1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_ENABLE_CAP_CPU(r5, 0x4068aea3, &(0x7f0000000380)={0x7b})
accept4(0xffffffffffffffff, &(0x7f0000000480)=@rxrpc=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x0, 0x0, @dev}}, &(0x7f0000000000)=0x80, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0)
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r5, 0xae80, 0x4000000000000000)

09:55:27 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r3 = socket$inet_udplite(0x2, 0x2, 0x88)
setsockopt$inet_buf(r3, 0x0, 0x30, &(0x7f0000000400)="7924f9a62630524fa00f44b91fcc5043704a8419a74571f22e4c4fce9b1600157525af98687c399145f3d4db7db97daea8be7b1327d16040f99d985ef1888469b2db0035c9f23fd873b66e42ed079901280a2b6a4d234b8ae048129d84bb9f004961ae4479abf3622e34d5979f3abb2a9a927a8efa673afe4fad175fdf8c3ae61665105802d411bfcdf75b5cb6f08972805b4591fffaf86c38256cdccbf59b83cec97a96784b1427e193685fbf2be401ca10d3bd47f779e56f5369652087bd200878c05bbba18713204b3e66d9fab9ed15eeed", 0xd3)
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_ENABLE_CAP_CPU(r4, 0x4068aea3, &(0x7f0000000380)={0x7b})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30)
ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
prctl$PR_GET_FP_MODE(0x2e)
setsockopt(r2, 0x5, 0xea, &(0x7f0000000100)="76a41b2d98c6127faf377de9d9914bb186d8c9acb2ff83839564cbd1a2113428d7c196052f60719ba2bb1ec9a04cfa576236ba7cb6109b1557c12a2bb3b3d1ea236752f9a83f94bf447f75d2f655cc856ab3c9e9ff6d24c48b3b1e6a69672352faf65a92c5ec5cf6213f7f759f0481b8615bdec6fd6a548d749ca130dc3c5b58aeb828dbb35fb2078150a851a75e21c4722026427721a025c6c5c6ed", 0x9c)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

09:55:27 executing program 2:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snapshot\x00', 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
ioctl$TCSETA(0xffffffffffffffff, 0x5406, &(0x7f0000000100)={0x6, 0x2, 0x5, 0x40, 0x8, 0x8, 0x6, 0x9, 0x0, 0x1f})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

09:55:27 executing program 3:
setsockopt$IP_VS_SO_SET_STARTDAEMON(0xffffffffffffffff, 0x0, 0x48b, &(0x7f00000000c0)={0x0, 'veth0_to_bond\x00'}, 0x18)
socket(0x0, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r0)
syz_open_dev$vcsn(0x0, 0x0, 0x8003)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
connect$can_bcm(0xffffffffffffffff, 0x0, 0x0)
r2 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r3 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r3, 0x4, 0x2000)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000002c0)={0xffffffffffffffff, 0xc0, &(0x7f00000003c0)={0x0, <r4=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r5=>0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x5, 0x7, 0x8, 0x2}, &(0x7f0000000200)=0xfff, 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000300)={r4}, 0xc)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000980)={0x0, 0xffffffffffffffff, 0x0, 0x5, &(0x7f0000000440)='f2fs\x00', r4}, 0x30)
r6 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
r7 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x4000000105042, 0x0)
write(r7, &(0x7f0000000200)="fdf01ae741043030219708b2e9a22414e8d9058cf44eecab83b2d28ce64965047f8122da91f2e47e046e9fc35c2d106b78bb06f5b13160ed8a0a91995e8bbea8ac66f5be7c659e654eb9a9efdeefbc8d4a0fcd31a782ec5ae3041b5f8e3a500e264144e3a5619c3a4a9f4cb16916f8910013ffc1345747a696f594e72965e81a225914af246f9a4584f20ec6b6135a9e5632230520a7bc370d9291675212ad7eb5673a1c4d7d03c415df3aab729ca15c3322d4b94626a6e508f5f2adf8f408b6799166f31c4e87ccdc3189b590ffba8b409111c7f6d36aae697d578d8024684647314eb25ee33f8392b42e5ecef3b52e19ebf6f1028cb8dcc54a11dd11b8adbb532b99d457453fbe3277a0c98672a9566c339311a4c007a143106f15054e01cafdcf6f9c6a17fb9ca3362a3a01cfedc8dbfe8bffa12dd17ba0be258156d1b4ef6f136711e49103776540bb986882aba0b7cff4e0102b105f9bea091a1b037373fcdc9f1fadfa9d21ff8f42156f74694d55058084ad477ce6c8bf47641c64d1cfe008025d87e5a02d3eba8d253e30062bdc7fe046bd590131d17ccc73a5ea27c8fb4bf752965f16301176416f440d11db988ad92726c693c5aa5b3ca28bc31ced72d0f4d12cb03fb261fe08e79e78f7aad21dc40cd694ec6e2bcb97be1c67fe59a6564924aaaa280aa94e04b9cb05bb8a0325a5d65f16cd0f8f09286a07382dce", 0x2fde00)
r8 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x6000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x200000000000df8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r9 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x11, r9, 0x0)
ioctl$PERF_EVENT_IOC_SET_OUTPUT(r8, 0x2405, r9)
r10 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x6000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x200000000000df8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r11 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x11, r11, 0x0)
ioctl$PERF_EVENT_IOC_SET_OUTPUT(r10, 0x2405, r11)
r12 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x4000000105042, 0x0)
write(r12, &(0x7f0000000200)="fdf01ae741043030219708b2e9a22414e8d9058cf44eecab83b2d28ce64965047f8122da91f2e47e046e9fc35c2d106b78bb06f5b13160ed8a0a91995e8bbea8ac66f5be7c659e654eb9a9efdeefbc8d4a0fcd31a782ec5ae3041b5f8e3a500e264144e3a5619c3a4a9f4cb16916f8910013ffc1345747a696f594e72965e81a225914af246f9a4584f20ec6b6135a9e5632230520a7bc370d9291675212ad7eb5673a1c4d7d03c415df3aab729ca15c3322d4b94626a6e508f5f2adf8f408b6799166f31c4e87ccdc3189b590ffba8b409111c7f6d36aae697d578d8024684647314eb25ee33f8392b42e5ecef3b52e19ebf6f1028cb8dcc54a11dd11b8adbb532b99d457453fbe3277a0c98672a9566c339311a4c007a143106f15054e01cafdcf6f9c6a17fb9ca3362a3a01cfedc8dbfe8bffa12dd17ba0be258156d1b4ef6f136711e49103776540bb986882aba0b7cff4e0102b105f9bea091a1b037373fcdc9f1fadfa9d21ff8f42156f74694d55058084ad477ce6c8bf47641c64d1cfe008025d87e5a02d3eba8d253e30062bdc7fe046bd590131d17ccc73a5ea27c8fb4bf752965f16301176416f440d11db988ad92726c693c5aa5b3ca28bc31ced72d0f4d12cb03fb261fe08e79e78f7aad21dc40cd694ec6e2bcb97be1c67fe59a6564924aaaa280aa94e04b9cb05bb8a0325a5d65f16cd0f8f09286a07382dce", 0x2fde00)
write$binfmt_aout(r6, &(0x7f00000009c0)=ANY=[@ANYRES32=r5, @ANYBLOB="e899fe12eaf30b98f6939d65785f46b50ffec159f87a7bedf24bcb95bf3797ecfaa7117290c17127ebfa5ebb61014f95358cbbf6dcd74087b3610be9bcedba6416614c2fee046db7568b7772709f35821f0ad40f24356f989d13ba3442d253c7831c8205bcbde4baf239c1cb447cc64eb0", @ANYBLOB="b7c3b64499ff4f600e72e48bcdf8c3d7cda1e909942532ef48ebe80cd0ccdfc942d5bb9bb77413ffb446f7fe5063da8d3449ef9fc48df6cffb4ac457a8003dbbdec2618420f97ffdc423e375902c4d6a01b59e98d3ad4d641ab6a61db707e4fe4dc55863eee0a8eb566b18549960f40bf8e7de134df1222c1d1213271eede9393c796989bfa79857a96301b1150aa32ebc3b6f4dd5b79e8272a7383498cd1333f215a9565c0de9c5e9312ad93686d6bf0825f99bab0acece1c7bfaecdacba8b5e101f542d47f53a662fbc5a911ce937eafda935aae6bbeede53a78ede1881ea16c16be69d371bb7f765f12dfd98b896a91504d88", @ANYPTR, @ANYRES16, @ANYPTR, @ANYPTR=&(0x7f0000000700)=ANY=[], @ANYBLOB="5f8ab635894e470f6d86dea501df069a5f12358dc0caede9f1939b6361400fbbb700ba8526778f62c6c94d0c3cc7b73a5c977d3efc0a2fe3b382187088a9a5a633777d7eeb98aca802a0b30320bf327f1bc6708efb446f5741acb4fca6bdc170dad7f9bafd67598ff3771c3462e2c9a7233d03053a16e866d6f11c0b2b304391109b87360ee0819a131d65ae44b1df3a67ebf02353d6f46861299cf4844a019873f43b5d464bd0c14c6add3314bbe66c5290f169411eaece7a64bc"], 0x36b)
sendfile(r6, r6, &(0x7f00000001c0), 0x8080fffffffe)
ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_PORT(r6, 0xc0a85352, &(0x7f0000000480)={{0x7, 0x64}, 'port0\x00', 0x1, 0x10840, 0x8, 0x7f, 0x0, 0x3, 0x0, 0x0, 0x1, 0x9})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000440)={0x0, 0xffffffffffffffff, 0x0, 0xc, &(0x7f0000000280)='eth0nodevlo\x00', r4}, 0x30)
fcntl$setown(r2, 0x8, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$P9_RREADLINK(r1, &(0x7f0000000580)=ANY=[@ANYBLOB="3a258211f663a7724bdef6a53bfce1e775d740627227b11e2daf85534aa6f5083067b0248878f07a91df1acc99e664c11cbf51b4f6bff473492cfc5ead68cb6a050655a837ad411cb73394239fdd9e33efb5b63c5ff85708d8994e34841e04ec5f4962c4636b7fb34f186b86bb0267bd491432dd2a52707c9ff05a83380901aeeba6a468acc0159117074b79e3eae14d824500eef64107f2ce8e640653058270aa2695952d83c594a125149b7df5ef4021dfcdb74078938059110bd142f3c312c6ecfa636c2567683920c19b877c0100b56a570369b4a3f1d5c222e90a05b5fbfad8e3ae8a14c85cf21dc7ae5e1ed8ee86c42b4c4b52f5f951d46e18aaa93e909ccf37a43455b24102c998836b67ed7064869a18b2d66a5a45630aad8094ca93f6085a68197469c0ab01a37f699b9cc9"], 0x13d)
sendfile(r1, r1, &(0x7f0000000000), 0x8080fffffffe)
r13 = socket$inet6(0xa, 0x3, 0x2c)
connect$inet6(r13, &(0x7f0000000180)={0xa, 0x0, 0x0, @local, 0x3}, 0x1c)
r14 = open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0)
sendfile(r13, r14, 0x0, 0x8482)
ioctl$VIDIOC_G_AUDIO(r1, 0x80345621, &(0x7f0000000100))
getsockopt$inet_pktinfo(r14, 0x0, 0x8, &(0x7f0000000040)={0x0, @loopback, @initdev}, &(0x7f0000000080)=0xc)

09:55:27 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = dup3(r2, r1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_ENABLE_CAP_CPU(r5, 0x4068aea3, &(0x7f0000000380)={0x7b})
accept4(0xffffffffffffffff, &(0x7f0000000480)=@rxrpc=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x0, 0x0, @dev}}, &(0x7f0000000000)=0x80, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0)
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r5, 0xae80, 0x6018230000000000)

[  946.165604][   T26] audit: type=1804 audit(1575885328.156:1031): pid=4349 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir334181620/syzkaller.4JfTNJ/875/file0/bus" dev="sda1" ino=16602 res=1
09:55:28 executing program 2:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snapshot\x00', 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
ioctl$TCSETA(0xffffffffffffffff, 0x5406, &(0x7f0000000100)={0x6, 0x2, 0x5, 0x40, 0x8, 0x8, 0x6, 0x9, 0x0, 0x1f})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60)
r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30)
ioctl$KVM_SET_REGS(r0, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r0, 0xae80, 0x0)

[  946.320192][   T26] audit: type=1804 audit(1575885328.296:1032): pid=4348 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.5" name="/root/syzkaller-testdir334181620/syzkaller.4JfTNJ/875/file0/bus" dev="sda1" ino=16602 res=1
09:55:28 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000588ff8)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
fcntl$lock(r2, 0x26, &(0x7f0000000080))
fcntl$lock(r2, 0x26, &(0x7f0000000180)={0x40001, 0x0, 0x0, 0x3ac})
dup3(r1, r2, 0x0)
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000000280)={0x0, <r3=>0x0}, &(0x7f0000000400)=0xc)
syz_mount_image$erofs(&(0x7f0000000080)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x80000001, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="3b0344ea9e1675b02e95c2e0c5f923e5077853ec56af43a41185539b3c66ed7414c3794d3ad81ade3637c3d965de83b0c7717b138aa56190dcaa19f282aae2e74b0e68a0651b94c550aa226a0de9f8eb020a97495be3b3329c3d0a08f80457784e0f6e2799a604613bc5ab77089aa1", 0x6f, 0xfffffffffffffff8}], 0x400, &(0x7f0000000440)={[{@fault_injection={'fault_injection', 0x3d, 0x7}}, {@nouser_xattr='nouser_xattr'}, {@nouser_xattr='nouser_xattr'}, {@acl='acl'}, {@noacl='noacl'}], [{@fowner_lt={'fowner<', 0xee01}}, {@smackfsroot={'smackfsroot', 0x3d, 'proc'}}, {@dont_measure='dont_measure'}, {@uid_lt={'uid<', r3}}, {@smackfstransmute={'smackfstransmute', 0x3d, '+'}}, {@smackfsfloor={'smackfsfloor', 0x3d, ','}}, {@smackfstransmute={'smackfstransmute', 0x3d, 'wlan1securitymd5sum'}}]})
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_ENABLE_CAP_CPU(r5, 0x4068aea3, &(0x7f0000000380)={0x7b})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30)
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r5, 0xae80, 0x0)

09:55:28 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = dup3(r2, r1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_ENABLE_CAP_CPU(r5, 0x4068aea3, &(0x7f0000000380)={0x7b})
accept4(0xffffffffffffffff, &(0x7f0000000480)=@rxrpc=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x0, 0x0, @dev}}, &(0x7f0000000000)=0x80, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0)
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r5, 0xae80, 0x8000000000000000)

09:55:28 executing program 2:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snapshot\x00', 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
ioctl$TCSETA(0xffffffffffffffff, 0x5406, &(0x7f0000000100)={0x6, 0x2, 0x5, 0x40, 0x8, 0x8, 0x6, 0x9, 0x0, 0x1f})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60)
r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30)
ioctl$KVM_SET_REGS(r0, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r0, 0xae80, 0x0)

09:55:28 executing program 5:
setsockopt$IP_VS_SO_SET_STARTDAEMON(0xffffffffffffffff, 0x0, 0x48b, &(0x7f00000000c0)={0x0, 'veth0_to_bond\x00'}, 0x18)
socket(0x0, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r0)
syz_open_dev$vcsn(0x0, 0x0, 0x8003)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
connect$can_bcm(0xffffffffffffffff, 0x0, 0x0)
r2 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r2, &(0x7f0000000200)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6d73a5eb7532a"], 0x6b)
sendfile(r2, r2, &(0x7f00000001c0), 0x8080fffffffe)
r3 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r3, &(0x7f00000006c0)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6f73a5eb7532a7950878e24d651199437ae46d4d1ff26f0b5946a6396c2d8e4b77cc3ad4b78c8e2980c0a056eb39a52737f8b87f1309b50668495e595f9be98a59817f360d811644caf42f3084a082c39eebccfb665503ba3ffc3afaee683dabbbe94f420f9a301d6"], 0x6b)
sendfile(r3, r3, &(0x7f00000001c0), 0x8080fffffffe)
r4 = socket$inet(0x2, 0x100000000805, 0x0)
r5 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r5, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r6=>0x0]}, &(0x7f000095dffc)=0x1bb)
setsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(r4, 0x84, 0x72, &(0x7f0000000100)={r6}, 0xc)
getsockopt$inet_sctp_SCTP_RESET_STREAMS(r3, 0x84, 0x77, &(0x7f0000000100)={<r7=>r6, 0x0, 0x4, [0x7f, 0x3, 0x2, 0xff]}, &(0x7f0000000340)=0x10)
setsockopt$inet_sctp_SCTP_AUTH_DELETE_KEY(r2, 0x84, 0x19, &(0x7f0000000380)={r7, 0x8}, 0x8)
r8 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r9 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
fcntl$setstatus(r9, 0x4, 0x2000)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000002c0)={0xffffffffffffffff, 0xc0, &(0x7f00000003c0)={0x0, <r10=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x5, 0x7, 0x8, 0x2}, &(0x7f0000000200)=0xfff, 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000300)={r10}, 0xc)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000980)={0x0, 0xffffffffffffffff, 0x0, 0x5, &(0x7f0000000440)='f2fs\x00', r10}, 0x30)
r11 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r11, &(0x7f0000000200)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6f73a5eb7532a"], 0x6b)
sendfile(r11, r11, &(0x7f00000001c0), 0x8080fffffffe)
ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_PORT(r11, 0xc0a85352, &(0x7f0000000480)={{0x7, 0x64}, 'port0\x00', 0x1, 0x10840, 0x8, 0x7f, 0x0, 0x3, 0x0, 0x0, 0x1, 0x9})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000440)={0x0, 0xffffffffffffffff, 0x0, 0xc, &(0x7f0000000280)='eth0nodevlo\x00', r10}, 0x30)
fcntl$setown(r8, 0x8, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$P9_RREADLINK(r1, &(0x7f0000000580)=ANY=[@ANYBLOB="3a258211f663a7724bdef6a53bfce1e775d740627227b11e2daf85534aa6f5083067b0248878f07a91df1acc99e664c11cbf51b4f6bff473492cfc5ead68cb6a050655a837ad411cb73394239fdd9e33efb5b63c5ff85708d8994e34841e04ec5f4962c4636b7fb34f186b86bb0467bdd13133ef429bda82f9b8e15eae491432dd2a52707c9ff05a83380901aeeba6a468acc0159117074b79e3eae14d824500eef64107f2ce8e640653058270aa2695952d83c594a125149b91f5ef4021dfcdb74078938059110bd142f3c312c6ecfa636c2567683920c19b877c0100b56a570369b4a3f1d5c222e90a05b5fbfad863ae8a14c85cf21dc7ae5e1ed8ee86c42b4c4b52f5f951d46e18aaa93e909ccf37a43455b24102c998836b67ed7064869a18b2d66a5a45630aad8094ca93f6085a68197469c0ab01a37f699b9cc9"], 0x13d)
sendfile(r1, r1, &(0x7f0000000000), 0x8080fffffffe)
connect$inet6(0xffffffffffffffff, &(0x7f0000000180)={0xa, 0x0, 0x0, @local, 0x3}, 0x1c)
r12 = open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0)
sendfile(0xffffffffffffffff, r12, 0x0, 0x8482)
getsockopt$inet_pktinfo(r12, 0x0, 0x8, &(0x7f0000000040)={0x0, @loopback, @initdev}, &(0x7f0000000080)=0xc)

[  946.600005][ T4565] erofs: (device loop3): erofs_read_superblock: cannot find valid erofs superblock
09:55:28 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = dup3(r2, r1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_ENABLE_CAP_CPU(r5, 0x4068aea3, &(0x7f0000000380)={0x7b})
accept4(0xffffffffffffffff, &(0x7f0000000480)=@rxrpc=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x0, 0x0, @dev}}, &(0x7f0000000000)=0x80, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0)
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r5, 0xae80, 0x8004000000000000)

09:55:28 executing program 2:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snapshot\x00', 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
ioctl$TCSETA(0xffffffffffffffff, 0x5406, &(0x7f0000000100)={0x6, 0x2, 0x5, 0x40, 0x8, 0x8, 0x6, 0x9, 0x0, 0x1f})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60)
r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30)
ioctl$KVM_SET_REGS(r0, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r0, 0xae80, 0x0)

09:55:28 executing program 3:
r0 = accept4$inet6(0xffffffffffffffff, &(0x7f0000000100)={0xa, 0x0, 0x0, @local}, &(0x7f0000000340)=0x1c, 0x800)
setsockopt$inet6_tcp_TCP_REPAIR_WINDOW(r0, 0x6, 0x1d, &(0x7f0000000380)={0x9, 0xfffffff9, 0x71, 0x3, 0x7fffffff}, 0x14)
setsockopt$IP_VS_SO_SET_STARTDAEMON(0xffffffffffffffff, 0x0, 0x48b, &(0x7f00000000c0)={0x0, 'veth0_to_bond\x00'}, 0x18)
socket(0x0, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0)
r1 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r1)
syz_open_dev$vcsn(0x0, 0x0, 0x8003)
r2 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
connect$can_bcm(0xffffffffffffffff, 0x0, 0x0)
r3 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r4 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r4, 0x4, 0x2000)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000002c0)={0xffffffffffffffff, 0xc0, &(0x7f00000003c0)={0x0, <r5=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x5, 0x7, 0x8, 0x2}, &(0x7f0000000200)=0xfff, 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000300)={r5}, 0xc)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000980)={0x0, 0xffffffffffffffff, 0x0, 0x5, &(0x7f0000000440)='f2fs\x00', r5}, 0x30)
r6 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r6, &(0x7f0000000200)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6f73a5eb7532a"], 0x6b)
sendfile(r6, r6, &(0x7f00000001c0), 0x8080fffffffe)
ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_PORT(r6, 0xc0a85352, &(0x7f0000000480)={{0x7, 0x64}, 'port0\x00', 0x1, 0x10840, 0x8, 0x7f, 0x0, 0x3, 0x0, 0x0, 0x1, 0x9})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000440)={0x0, 0xffffffffffffffff, 0x0, 0xc, &(0x7f0000000280)='eth0nodevlo\x00', r5}, 0x30)
fcntl$setown(r3, 0x8, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$P9_RREADLINK(r2, &(0x7f0000000580)=ANY=[@ANYBLOB="3a258211f663a7724bdef6a53bfce1e775d740627227b11e2daf85534aa6f5083067b0248878f07a91df1acc99e664c11cbf51b4f6bff473492cfc5ead68cb6a050655a837ad411cb73394239fdd9e33efb5b63c5ff85708d8994e34841e04ec5f4962c4636b7fb34f186b86bb0467bdd13133ef429bda82f9b8e15eae491432dd2a52707c9ff05a83380901aeeba6a468acc0159117074b79e3eae14d824500eef64107f2ce8e640653058270aa2695952d83c594a125149b91f5ef4021dfcdb74078938059110bd142f3c312c6ecfa636c2567683920c19b877c0100b56a570369b4a3f1d5c222e90a05b5fbfad863ae8a14c85cf21dc7ae5e1ed8ee86c42b4c4b52f5f951d46e18aaa93e909ccf37a43455b24102c998836b67ed7064869a18b2d66a5a45630aad8094ca93f6085a68197469c0ab01a37f699b9cc9"], 0x13d)
sendfile(r2, r2, &(0x7f0000000000), 0x8080fffffffe)
r7 = socket$inet6(0xa, 0x3, 0x2c)
connect$inet6(r7, &(0x7f0000000180)={0xa, 0x0, 0x0, @local, 0x3}, 0x1c)
r8 = open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0)
sendfile(r7, r8, 0x0, 0x8482)
getsockopt$inet_pktinfo(r8, 0x0, 0x8, &(0x7f0000000040)={0x0, @loopback, @initdev}, &(0x7f0000000080)=0xc)

09:55:29 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = dup3(r2, r1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_ENABLE_CAP_CPU(r5, 0x4068aea3, &(0x7f0000000380)={0x7b})
accept4(0xffffffffffffffff, &(0x7f0000000480)=@rxrpc=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x0, 0x0, @dev}}, &(0x7f0000000000)=0x80, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0)
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r5, 0xae80, 0xa83b941400c9ffff)

09:55:29 executing program 2:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snapshot\x00', 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
ioctl$TCSETA(0xffffffffffffffff, 0x5406, &(0x7f0000000100)={0x6, 0x2, 0x5, 0x40, 0x8, 0x8, 0x6, 0x9, 0x0, 0x1f})
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

09:55:29 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000000380)={0x7b})
r3 = gettid()
tkill(r3, 0x1000000000016)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000100)={r3, 0xffffffffffffffff, 0x0, 0x1a, &(0x7f0000000080)='mime_type,mime_typemd5sum\x00', <r4=>0xffffffffffffffff}, 0x30)
r5 = getpid()
r6 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r6, 0x4, 0x42000)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000001000)=ANY=[@ANYBLOB="bf16000000000000b7070000010000004870000000000000bc700000000000009500000000000000"], &(0x7f0000000140)='vS\xfdIG|\x8aL[\xf2\'\x9c\xea\xb1\xc0\xb1\x19\x91\x9d/Q\xd9\xe3T\xce\xdax;\x02%\xc5\x1c\xd5GA\xad[(\xbblZ\x01\x1dF\x92#]%sj\xd0i\xc6C\x1f&\xe2\xc5\xa5z\x7f\xe1 \xfb\xc27\x03\x84\x8e\xef\x82-\xfc$$\xaf\v\xbd\x95\x1e\x0f\xbeVI\xec\r!\f\x86\xf5\xfb[Y\x1e\xd4\xdfc\xb1\xc8\xa2\xc1/5\xffr\x1f\x80@\xb8F\xea\xde\x93\xa1\xcb6\xee\xf2\xce\x95\xf2\xfdxR\x17F\xad\xc1~\xa2\x97=O^o\"\xbb\xa8\x9746'}, 0x48)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000740)={r7, 0xc0, &(0x7f0000000200)={0x0, <r8=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000001c0)={0x0, r6, 0x0, 0x5, &(0x7f0000000040)='.em0\x00', r8}, 0x30)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000180)={0xffffffffffffffff, <r9=>0xffffffffffffffff, 0x0, 0x23, &(0x7f0000000140)='#lo}\'\\vboxnet0/@eth0}Uvmnet1\'wlan1\x00', r8}, 0x30)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000200)={r5, r9, 0x0, 0x246, 0x0, r4}, 0x30)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

09:55:29 executing program 2:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snapshot\x00', 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
ioctl$TCSETA(0xffffffffffffffff, 0x5406, &(0x7f0000000100)={0x6, 0x2, 0x5, 0x40, 0x8, 0x8, 0x6, 0x9, 0x0, 0x1f})
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

09:55:29 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = dup3(r2, r1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_ENABLE_CAP_CPU(r5, 0x4068aea3, &(0x7f0000000380)={0x7b})
accept4(0xffffffffffffffff, &(0x7f0000000480)=@rxrpc=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x0, 0x0, @dev}}, &(0x7f0000000000)=0x80, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0)
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r5, 0xae80, 0xe803000000000000)

09:55:29 executing program 5:
setsockopt$IP_VS_SO_SET_STARTDAEMON(0xffffffffffffffff, 0x0, 0x48b, &(0x7f00000000c0)={0x0, 'veth0_to_bond\x00'}, 0x18)
socket(0x0, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r0)
syz_open_dev$vcsn(0x0, 0x0, 0x8003)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
connect$can_bcm(0xffffffffffffffff, 0x0, 0x0)
r2 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r2, &(0x7f0000000200)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6d73a5eb7532a"], 0x6b)
sendfile(r2, r2, &(0x7f00000001c0), 0x8080fffffffe)
r3 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r3, &(0x7f00000006c0)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6f73a5eb7532a7950878e24d651199437ae46d4d1ff26f0b5946a6396c2d8e4b77cc3ad4b78c8e2980c0a056eb39a52737f8b87f1309b50668495e595f9be98a59817f360d811644caf42f3084a082c39eebccfb665503ba3ffc3afaee683dabbbe94f420f9a301d6"], 0x6b)
sendfile(r3, r3, &(0x7f00000001c0), 0x8080fffffffe)
r4 = socket$inet(0x2, 0x100000000805, 0x0)
r5 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r5, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r6=>0x0]}, &(0x7f000095dffc)=0x1bb)
setsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(r4, 0x84, 0x72, &(0x7f0000000100)={r6}, 0xc)
getsockopt$inet_sctp_SCTP_RESET_STREAMS(r3, 0x84, 0x77, &(0x7f0000000100)={<r7=>r6, 0x0, 0x4, [0x7f, 0x3, 0x2, 0xff]}, &(0x7f0000000340)=0x10)
setsockopt$inet_sctp_SCTP_AUTH_DELETE_KEY(r2, 0x84, 0x19, &(0x7f0000000380)={r7, 0x8}, 0x8)
r8 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r9 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
fcntl$setstatus(r9, 0x4, 0x2000)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000002c0)={0xffffffffffffffff, 0xc0, &(0x7f00000003c0)={0x0, <r10=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x5, 0x7, 0x8, 0x2}, &(0x7f0000000200)=0xfff, 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000300)={r10}, 0xc)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000980)={0x0, 0xffffffffffffffff, 0x0, 0x5, &(0x7f0000000440)='f2fs\x00', r10}, 0x30)
r11 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r11, &(0x7f0000000200)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6f73a5eb7532a"], 0x6b)
sendfile(r11, r11, &(0x7f00000001c0), 0x8080fffffffe)
ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_PORT(r11, 0xc0a85352, &(0x7f0000000480)={{0x7, 0x64}, 'port0\x00', 0x1, 0x10840, 0x8, 0x7f, 0x0, 0x3, 0x0, 0x0, 0x1, 0x9})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000440)={0x0, 0xffffffffffffffff, 0x0, 0xc, &(0x7f0000000280)='eth0nodevlo\x00', r10}, 0x30)
fcntl$setown(r8, 0x8, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$P9_RREADLINK(r1, &(0x7f0000000580)=ANY=[@ANYBLOB="3a258211f663a7724bdef6a53bfce1e775d740627227b11e2daf85534aa6f5083067b0248878f07a91df1acc99e664c11cbf51b4f6bff473492cfc5ead68cb6a050655a837ad411cb73394239fdd9e33efb5b63c5ff85708d8994e34841e04ec5f4962c4636b7fb34f186b86bb0467bdd13133ef429bda82f9b8e15eae491432dd2a52707c9ff05a83380901aeeba6a468acc0159117074b79e3eae14d824500eef64107f2ce8e640653058270aa2695952d83c594a125149b91f5ef4021dfcdb74078938059110bd142f3c312c6ecfa636c2567683920c19b877c0100b56a570369b4a3f1d5c222e90a05b5fbfad863ae8a14c85cf21dc7ae5e1ed8ee86c42b4c4b52f5f951d46e18aaa93e909ccf37a43455b24102c998836b67ed7064869a18b2d66a5a45630aad8094ca93f6085a68197469c0ab01a37f699b9cc9"], 0x13d)
r12 = socket$inet6(0xa, 0x3, 0x2c)
connect$inet6(r12, &(0x7f0000000180)={0xa, 0x0, 0x0, @local, 0x3}, 0x1c)
r13 = open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0)
sendfile(r12, r13, 0x0, 0x8482)
getsockopt$inet_pktinfo(r13, 0x0, 0x8, &(0x7f0000000040)={0x0, @loopback, @initdev}, &(0x7f0000000080)=0xc)

09:55:29 executing program 2:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snapshot\x00', 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
ioctl$TCSETA(0xffffffffffffffff, 0x5406, &(0x7f0000000100)={0x6, 0x2, 0x5, 0x40, 0x8, 0x8, 0x6, 0x9, 0x0, 0x1f})
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

09:55:30 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = dup3(r2, r1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_ENABLE_CAP_CPU(r5, 0x4068aea3, &(0x7f0000000380)={0x7b})
accept4(0xffffffffffffffff, &(0x7f0000000480)=@rxrpc=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x0, 0x0, @dev}}, &(0x7f0000000000)=0x80, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0)
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r5, 0xae80, 0xffffc90014943ba8)

[  948.274051][   T26] kauditd_printk_skb: 1 callbacks suppressed
[  948.274137][   T26] audit: type=1804 audit(1575885330.266:1034): pid=5233 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir334181620/syzkaller.4JfTNJ/877/file0/bus" dev="loop5" ino=448 res=1
09:55:30 executing program 3:
r0 = accept4$inet6(0xffffffffffffffff, &(0x7f0000000100)={0xa, 0x0, 0x0, @local}, &(0x7f0000000340)=0x1c, 0x800)
setsockopt$inet6_tcp_TCP_REPAIR_WINDOW(r0, 0x6, 0x1d, &(0x7f0000000380)={0x9, 0xfffffff9, 0x71, 0x3, 0x7fffffff}, 0x14)
setsockopt$IP_VS_SO_SET_STARTDAEMON(0xffffffffffffffff, 0x0, 0x48b, &(0x7f00000000c0)={0x0, 'veth0_to_bond\x00'}, 0x18)
socket(0x0, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0)
r1 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r1)
syz_open_dev$vcsn(0x0, 0x0, 0x8003)
r2 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
connect$can_bcm(0xffffffffffffffff, 0x0, 0x0)
r3 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r4 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r4, 0x4, 0x2000)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000002c0)={0xffffffffffffffff, 0xc0, &(0x7f00000003c0)={0x0, <r5=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x5, 0x7, 0x8, 0x2}, &(0x7f0000000200)=0xfff, 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000300)={r5}, 0xc)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000980)={0x0, 0xffffffffffffffff, 0x0, 0x5, &(0x7f0000000440)='f2fs\x00', r5}, 0x30)
r6 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r6, &(0x7f0000000200)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6f73a5eb7532a"], 0x6b)
sendfile(r6, r6, &(0x7f00000001c0), 0x8080fffffffe)
ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_PORT(r6, 0xc0a85352, &(0x7f0000000480)={{0x7, 0x64}, 'port0\x00', 0x1, 0x10840, 0x8, 0x7f, 0x0, 0x3, 0x0, 0x0, 0x1, 0x9})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000440)={0x0, 0xffffffffffffffff, 0x0, 0xc, &(0x7f0000000280)='eth0nodevlo\x00', r5}, 0x30)
fcntl$setown(r3, 0x8, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$P9_RREADLINK(r2, &(0x7f0000000580)=ANY=[@ANYBLOB="3a258211f663a7724bdef6a53bfce1e775d740627227b11e2daf85534aa6f5083067b0248878f07a91df1acc99e664c11cbf51b4f6bff473492cfc5ead68cb6a050655a837ad411cb73394239fdd9e33efb5b63c5ff85708d8994e34841e04ec5f4962c4636b7fb34f186b86bb0467bdd13133ef429bda82f9b8e15eae491432dd2a52707c9ff05a83380901aeeba6a468acc0159117074b79e3eae14d824500eef64107f2ce8e640653058270aa2695952d83c594a125149b91f5ef4021dfcdb74078938059110bd142f3c312c6ecfa636c2567683920c19b877c0100b56a570369b4a3f1d5c222e90a05b5fbfad863ae8a14c85cf21dc7ae5e1ed8ee86c42b4c4b52f5f951d46e18aaa93e909ccf37a43455b24102c998836b67ed7064869a18b2d66a5a45630aad8094ca93f6085a68197469c0ab01a37f699b9cc9"], 0x13d)
sendfile(r2, r2, &(0x7f0000000000), 0x8080fffffffe)
r7 = socket$inet6(0xa, 0x3, 0x2c)
connect$inet6(r7, &(0x7f0000000180)={0xa, 0x0, 0x0, @local, 0x3}, 0x1c)
r8 = open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0)
sendfile(r7, r8, 0x0, 0x8482)
getsockopt$inet_pktinfo(r8, 0x0, 0x8, &(0x7f0000000040)={0x0, @loopback, @initdev}, &(0x7f0000000080)=0xc)

09:55:30 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = dup3(r2, r1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_ENABLE_CAP_CPU(r5, 0x4068aea3, &(0x7f0000000380)={0x7b})
accept4(0xffffffffffffffff, &(0x7f0000000480)=@rxrpc=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x0, 0x0, @dev}}, &(0x7f0000000000)=0x80, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0)
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r5, 0xae80, 0xffffffff00000000)

[  948.426227][   T26] audit: type=1804 audit(1575885330.396:1035): pid=5228 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.5" name="/root/syzkaller-testdir334181620/syzkaller.4JfTNJ/877/file0/bus" dev="loop5" ino=448 res=1
09:55:30 executing program 2:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snapshot\x00', 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  948.667874][ T5349] kvm_hv_get_msr: 32 callbacks suppressed
[  948.667887][ T5349] kvm [5345]: vcpu0, guest rIP: 0x4a Hyper-V unhandled rdmsr: 0x4000008c
[  948.712976][ T5349] kvm [5345]: vcpu0, guest rIP: 0x4a Hyper-V unhandled rdmsr: 0x40000086
[  948.762950][ T5349] kvm [5345]: vcpu0, guest rIP: 0x4a Hyper-V unhandled rdmsr: 0x4000007a
[  948.815190][ T5349] kvm [5345]: vcpu0, guest rIP: 0x4a Hyper-V unhandled rdmsr: 0x40000074
09:55:30 executing program 5:
setsockopt$IP_VS_SO_SET_STARTDAEMON(0xffffffffffffffff, 0x0, 0x48b, &(0x7f00000000c0)={0x0, 'veth0_to_bond\x00'}, 0x18)
socket(0x0, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r0)
syz_open_dev$vcsn(0x0, 0x0, 0x8003)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
connect$can_bcm(0xffffffffffffffff, 0x0, 0x0)
r2 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r2, &(0x7f0000000200)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6d73a5eb7532a"], 0x6b)
sendfile(r2, r2, &(0x7f00000001c0), 0x8080fffffffe)
r3 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r3, &(0x7f00000006c0)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6f73a5eb7532a7950878e24d651199437ae46d4d1ff26f0b5946a6396c2d8e4b77cc3ad4b78c8e2980c0a056eb39a52737f8b87f1309b50668495e595f9be98a59817f360d811644caf42f3084a082c39eebccfb665503ba3ffc3afaee683dabbbe94f420f9a301d6"], 0x6b)
sendfile(r3, r3, &(0x7f00000001c0), 0x8080fffffffe)
r4 = socket$inet(0x2, 0x100000000805, 0x0)
r5 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r5, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r6=>0x0]}, &(0x7f000095dffc)=0x1bb)
setsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(r4, 0x84, 0x72, &(0x7f0000000100)={r6}, 0xc)
getsockopt$inet_sctp_SCTP_RESET_STREAMS(r3, 0x84, 0x77, &(0x7f0000000100)={<r7=>r6, 0x0, 0x4, [0x7f, 0x3, 0x2, 0xff]}, &(0x7f0000000340)=0x10)
setsockopt$inet_sctp_SCTP_AUTH_DELETE_KEY(r2, 0x84, 0x19, &(0x7f0000000380)={r7, 0x8}, 0x8)
r8 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r9 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
fcntl$setstatus(r9, 0x4, 0x2000)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000002c0)={0xffffffffffffffff, 0xc0, &(0x7f00000003c0)={0x0, <r10=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x5, 0x7, 0x8, 0x2}, &(0x7f0000000200)=0xfff, 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000300)={r10}, 0xc)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000980)={0x0, 0xffffffffffffffff, 0x0, 0x5, &(0x7f0000000440)='f2fs\x00', r10}, 0x30)
r11 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r11, &(0x7f0000000200)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6f73a5eb7532a"], 0x6b)
sendfile(r11, r11, &(0x7f00000001c0), 0x8080fffffffe)
ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_PORT(r11, 0xc0a85352, &(0x7f0000000480)={{0x7, 0x64}, 'port0\x00', 0x1, 0x10840, 0x8, 0x7f, 0x0, 0x3, 0x0, 0x0, 0x1, 0x9})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000440)={0x0, 0xffffffffffffffff, 0x0, 0xc, &(0x7f0000000280)='eth0nodevlo\x00', r10}, 0x30)
fcntl$setown(r8, 0x8, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$P9_RREADLINK(r1, &(0x7f0000000580)=ANY=[@ANYBLOB="3a258211f663a7724bdef6a53bfce1e775d740627227b11e2daf85534aa6f5083067b0248878f07a91df1acc99e664c11cbf51b4f6bff473492cfc5ead68cb6a050655a837ad411cb73394239fdd9e33efb5b63c5ff85708d8994e34841e04ec5f4962c4636b7fb34f186b86bb0467bdd13133ef429bda82f9b8e15eae491432dd2a52707c9ff05a83380901aeeba6a468acc0159117074b79e3eae14d824500eef64107f2ce8e640653058270aa2695952d83c594a125149b91f5ef4021dfcdb74078938059110bd142f3c312c6ecfa636c2567683920c19b877c0100b56a570369b4a3f1d5c222e90a05b5fbfad863ae8a14c85cf21dc7ae5e1ed8ee86c42b4c4b52f5f951d46e18aaa93e909ccf37a43455b24102c998836b67ed7064869a18b2d66a5a45630aad8094ca93f6085a68197469c0ab01a37f699b9cc9"], 0x13d)
r12 = socket$inet6(0xa, 0x3, 0x2c)
connect$inet6(r12, &(0x7f0000000180)={0xa, 0x0, 0x0, @local, 0x3}, 0x1c)
r13 = open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0)
sendfile(r12, r13, 0x0, 0x8482)
getsockopt$inet_pktinfo(r13, 0x0, 0x8, &(0x7f0000000040)={0x0, @loopback, @initdev}, &(0x7f0000000080)=0xc)

09:55:30 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = dup3(r2, r1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000100)="660f38821ff30f017c1aba400066b80078000066efba4200b824c2ef3e0f01c40f0766b95b0900000f32f20f2a5d00ba430066b8c2de000066ef66b9be03000066b8ba00000066ba000000000f30", 0x4e}], 0x1, 0x0, 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_ENABLE_CAP_CPU(r5, 0x4068aea3, &(0x7f0000000380)={0x7b})
accept4(0xffffffffffffffff, &(0x7f0000000200)=@rxrpc=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x0, 0x0, @dev}}, &(0x7f0000000000)=0x80, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0)
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
r6 = semget$private(0x0, 0x2, 0x48)
getresuid(0x0, &(0x7f0000000340)=<r7=>0x0, &(0x7f0000000380))
r8 = getgid()
r9 = geteuid()
stat(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, 0x0, <r10=>0x0})
semctl$IPC_SET(r6, 0x0, 0x1, &(0x7f0000000480)={{0x6134e6ad, r7, r8, r9, r10, 0x0, 0x80000001}, 0xff, 0x80000000, 0x2})
r11 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0)
r12 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x0)
r13 = ioctl$KVM_CREATE_VCPU(r12, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r13, &(0x7f00001da000/0x18000)=nil, 0x0, 0xfffffe72, 0x0, 0x0, 0xa00000000000000)
fstat(r13, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, <r14=>0x0})
fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000880)={0x0, <r15=>0x0})
r16 = socket(0xa, 0x80001, 0x0)
getsockopt$sock_cred(r16, 0x1, 0x11, 0x0, &(0x7f0000b34ffc))
getsockopt$inet6_IPV6_IPSEC_POLICY(r3, 0x29, 0x22, &(0x7f0000000600)={{{@in6, @in6=@empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r17=>0x0}}, {{@in6=@ipv4={[], [], @dev}}, 0x0, @in6=@dev}}, &(0x7f0000000500)=0xfffffe87)
r18 = getegid()
r19 = socket(0xa, 0x80001, 0x0)
getsockopt$sock_cred(r19, 0x1, 0x11, &(0x7f0000b34ff8)={0x0, <r20=>0x0}, &(0x7f0000b34ffc)=0xc)
setuid(r20)
lstat(0x0, &(0x7f0000000b00)={0x0, 0x0, 0x0, 0x0, 0x0, <r21=>0x0})
lstat(&(0x7f0000000b80)='./file0\x00', &(0x7f0000000bc0)={0x0, 0x0, 0x0, 0x0, <r22=>0x0})
r23 = open(&(0x7f0000000040)='./bus\x00', 0x141042, 0x0)
lstat(0x0, &(0x7f00000017c0)={0x0, 0x0, 0x0, 0x0, 0x0, <r24=>0x0})
fchown(r23, 0x0, r24)
sendmsg$unix(0xffffffffffffffff, &(0x7f0000000d40)={&(0x7f0000000180)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f00000007c0)=[{&(0x7f0000000300)}, {&(0x7f00000003c0)="461b173c1daf6fd3514b07e58b123ee40c55eb9586082bf98076ed45f0a0344a8b3366c25b10c962569d34684addf1078c3af1132a862f36a4917c2b837f86361a1bfcf81b8859a44fa1a3aaecc79b2c8c0537df9ff0d2322077077298d6ad2bb54b82009d4dbc3242", 0x69}, {&(0x7f0000000440)="d880cb946c9e809576e8c3e4c470b33132bada8ff913c13023a7bf871e185d0d7dbbf0a1d077fabf9996e5ba019914e63b0a377d0cc880e4c8cbb2d46694449aad91f9e8caaa0e88b80bff83f75929a1320899357da557bff57ffa23a33e7fb719282db60628b3935f459f56f9b5971dfa", 0x71}, {&(0x7f00000005c0)="2919da6b1a29b57e129b7a4a60afbbbcebdd", 0x12}, {0x0}, {&(0x7f0000000700)="8e01364aa70818cbf626a37fcfa2270baff3d5e2cb6b0bada6c69f072980e5", 0x1f}], 0x6, &(0x7f0000000c40)=ANY=[@ANYBLOB="1c000000000000000100000002000000", @ANYRES32=r15, @ANYRES32=r17, @ANYRES32=r18, @ANYBLOB="000000001000000000000000010000000100000014000000000000000100000001000000", @ANYRES32, @ANYBLOB="0000000014000000000000000100000001000000", @ANYRES32, @ANYBLOB="000000001c000000000000200100000002000000", @ANYRES32=0x0, @ANYRES32=r20, @ANYRES32=r21, @ANYBLOB="000000001c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=r22, @ANYRES32=r24, @ANYBLOB='\x00\x00\x00\x00'], 0xa0, 0x4}, 0x6010)
r25 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r25, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r26=>0x0}, &(0x7f0000cab000)=0xc)
setresuid(0x0, r26, 0x0)
semctl$IPC_SET(r6, 0x0, 0x1, &(0x7f00000000c0)={{0x0, r14, r24, r26, 0xee00, 0x40}, 0x0, 0x205, 0x5})
semctl$GETNCNT(r6, 0x6, 0xe, &(0x7f0000000040)=""/42)
ioctl$KVM_RUN(r5, 0xae80, 0x0)

[  948.895024][ T5349] kvm [5345]: vcpu0, guest rIP: 0x4a Hyper-V unhandled rdmsr: 0x4000006e
[  948.942902][ T5349] kvm [5345]: vcpu0, guest rIP: 0x4a Hyper-V unhandled rdmsr: 0x40000068
[  949.008485][ T5349] kvm [5345]: vcpu0, guest rIP: 0x4a Hyper-V unhandled rdmsr: 0x40000062
[  949.070373][ T5349] kvm [5345]: vcpu0, guest rIP: 0x4a Hyper-V unhandled rdmsr: 0x4000005c
[  949.097188][ T5349] kvm [5345]: vcpu0, guest rIP: 0x4a Hyper-V unhandled rdmsr: 0x40000056
[  949.133011][ T5349] kvm [5345]: vcpu0, guest rIP: 0x4a Hyper-V unhandled rdmsr: 0x40000050
09:55:31 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
dup3(r2, r1, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_ENABLE_CAP_CPU(r4, 0x4068aea3, &(0x7f0000000380)={0x7b})
accept4(0xffffffffffffffff, &(0x7f0000000480)=@rxrpc=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x0, 0x0, @dev}}, &(0x7f0000000000)=0x80, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0)
ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r4, 0xae80, 0x0)

[  949.414525][   T26] audit: type=1804 audit(1575885331.406:1036): pid=5667 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir334181620/syzkaller.4JfTNJ/878/file0/bus" dev="loop5" ino=450 res=1
[  949.558274][   T26] audit: type=1804 audit(1575885331.406:1037): pid=5666 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.5" name="/root/syzkaller-testdir334181620/syzkaller.4JfTNJ/878/file0/bus" dev="loop5" ino=450 res=1
09:55:32 executing program 2:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snapshot\x00', 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

09:55:32 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = dup3(r2, r1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(r1, 0x400c6615, &(0x7f0000000080))
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
sendto$packet(r3, &(0x7f0000000500)="e287b8b8b8d49bc0fd1087acb628a4b3bbaa01fc50167d35d2a93f2b2318931c73543659f80e73ff08393464e3eaf5513d25c2368ff28ebd278d8a7eb551400485ec2422171ea6fe04b1c1c86dc1508273026e1c25a98ddad3dc33ff8cdbc12793e058cd72ff834ef349923775e45eb955f6eb47fe2de746eaeb7162b31c18099d6c9cf33428cb32109cfea50a7042bf04dfb635cf1e651d993c2256b84d2667149dc6fa58ea8fcd8183f12ae31bbaf3c3ef89c818e60c87b83cb99b352389f25c52f38c1a9d3cc598dcdb56cfc7c8617f25432d791278449f7589d048f2a8dc3aa89a342b36bb781163ea0a61ed7be3aa21d47f4d103869eb4322d605c169aa17a404e2f97b0ac177f52df88bdd077bc9949e8bcc70fb5d86f4e9698acb714406753f992d2a2330801481c4d4622a0cf926d86f7abf5b492865502660fb532d2393da337c30a78a0f325837ff8bbce8ae1962c4c9517de5c11c90799ce7031055a65241330cf440bc147b81256d6506f242e2dd86bec129f29d803b37fb3d96f3b23d0668fa47dd4feba810fa42ff64cb909e0a35df6fe62f6c95680e5e2475cfd701eae0de20b2d2eb711c2f098087cc26cef7ef87c974dc34896356f74b7bca23b81990ab6871cb1d4885e99d554ec14f1a00b2f8f6f97e547a920f7767f2d68d0e95912cb507cd91e864d9e94cadf22971d11545ccdfc7f4e887567cde3c70fae27aa2676fa552007b291613b7eb7aa47a8ebe81f86aacb0cc64bdbc9885ba763bb237cbc71750d2473ba92f300446214720961a1b09a0ecc66e5d7f920b6d8a36245a9148dcfafa541c3ca6be49c97b65199a54013314772e6ac92ca69f7067d11a9964127af548c946a2409abeba56a2a357b142c7eafc409e99b88ad95a299cdaebfabec962260263252c4c7bbbb6e9ccf9f7b76e6bda695d623b478550f0b2b629dbdd7397f034022a5ee097783df327946eb9f48e05ebfdf8f131146725f441f772d5bcbe6f6bff48b5b1a171b56bb74778f1525d3c7ffca201a7f3ba5d424e287d2a06967cf9850352366cd28dc2ddb3f74a4f43efe7a0b1ff51614bb823cabca5134e62b81ecca21170a12bfac3fa60aeef28e10b9cb14ca006133e6d31942bfb46914788069c2b851e17abfda4b5c4b010668cd9a2902e510b6bace056725652932c6c8bf7275cd9623d2c4109843492fa34201cd059dea651d6eecd5e5e95a51678294270b948d0a76f330ef39e8b94c2996fdfb253111485a034faf0cfce7be1c2db6cc01400c4c583003398169a4744e62fb34c625f79596f0e96ea65fda081c6a1c31269e91e23f69eb2b47c07a6c09f8f286ad0ea2d6e353dca7f273388af76080986106b5ef723574a037b00b89cc75a3eaaa3fa864ba554afbcd3b18e55413e054d7a3fa16573835868782e976459732ce408e327c70643d377a3bcd4a91c3ab40c17aa31871d871ab01351861aef82ec1c75c3ee8c3ac5e41453a6c820ba462991854fa2eec862586de38d22f5c4e5c21a16139377f4a5b99235e27ab7ddf8743e7b7a7bfffe941eb26cb823325a2155124da33a16d3380ebbaceba4384d349b45e76d9591cb7a685b1cdf8e10c329f6a62d76e05561e66fc02b6952ac126bb61a5c834218cbc27b1a87eae98581aea1da1e9393d0320e3658f2a7e3243ee183d089091ec322eb74af84baffd4963ecf2edb958fbe945d70cd4de01a20b6e7596e0d1185ec298ce06ed7d8764f997348a820c9f537514cf324ef75be81feee5ca2d0cf4601075b3d7cb5cb69fdc01ba863afb58627b663360f91530c0afc4aa72f0e66c4be3f4336fa0b1175c8382126b20408db46ef427c5ba7862743d85feeeb652a7490fef0319b5bcc981b7df7c5263387f795a826a5a79561b7288b41df481e684aff49816896462c2cc9faccdf15ef7bcbdc4bb6b8e86f11cb7195133f21b55e13dc41cdfb091c5bdacd1958d04d928774a9cf38acfd8717251f584b3092d2b294f8005e8a2585db79b838ec0e4649ad8eadc5ac19ee71da7d15f10ca5c836f8f6d1fc7417ba8d85a217455bb1ddae305af4b1f049d2452ad177fdd8af8977ac3dfff1a2510e58e2a2b38f959aad8021962620247daf3c53b9382b05345ca8e58f793785e509bf36baa4b1b13bbf014a29b6109d46a379564d309e842e114cced97cc66918b2163714ab9a24b578193cd5fafb0ac35d2e94c1ebd042a8361d63ffff9d3945f75c5f22ef9d170a92e5eb7519e4adac044dea21d95983444065d5ed6a19018e1dd52dc5119cb826e72b452f50421df80c521ad64904afd9f7c02103e9636566cb3af52bbbf4812fb4e4a3ea4ea225e24fafe57b951343e9569c35753c0c28a68f8aa90cea051b6647a5662a889dbaf1c008ff9356b1ad2a89c0c4ad8c41e35e85a7940cd837471ff36c710ec9090b30c4a631bdef4be1a1994b44c2256f194c65b1d33b94a1f37fdcff57029ee561637c77ab8eb51f46b0f630c23a62e89c3e049a26d83be7cce053ef3cb5c2876eddd8b1a25bf9853482c4c81f0d4ca1844dcb5d782be36f6db309a6db8c6ed9363666933158ca93f392c2899e28ff86db789a36a4e45a5f18eac900139a514b905e346d1ae121ddf9b9da612cec7d75222961d0b6e7e2f501e6f4f6ebfca3ce50101f71e137c15c43e7344ef0046f937918041dc8e20e6b2a61deff9b67f22ce0c10d516238041be36d94df5934e83ed3c13d1b4701f98cd9691ddd93cb1e62b1cf3cf042d2982be46384b0ef66740a065037ed35c98d2290c219058ca0f843faccce977306a1eb7768d451804d509705154c1f81ffd7481c2e3420bfed925e1b17d47dd7f393e0d286528f945003fd7086e858f064c6a12d8df9a4bf6fff0f028bafde173cc9488d95174be60db2369f296a5e54baa054371130f52214be3ceb5693f52ef028bc1ef72ab6e3db7e102b458f4835e5e8602da013e420c44923038bb5edefdd0f60937593ae8f8cd2d6319a1d6b27bf92d318b8bb248be3fd1abbc5a3b81de68667231332c3cf68c30ce6022757858dd2e611bc017124ea007956d74698deb3b35013617f41ff9b042b72d71d6d7351d61b2575528054721895ead80e283d215b7dd119cef2cbfde41ff1cea469b6546e5051cc8fcae03fa8910212a352c37ece3dfc88833a0875045eaac507c3c22ffa231b2c4d783ccef0757954c5329a16121a3273ca6996fcf9ba04aaa17e8ac2f8ae46192bb8ba1ceebdee308fe8eb461574cbb74ebe524bb1e36d873244ebf07311678101885aaf16be6663cf9c1c430581f6d05c74b74884d88951086630c3921c3cfbf682b982c0e074a7bc3ad6ea042e1124d1d51e83ade5620826dbc52bc5db40e665cf64511341b3094cc0c72045c655dc81db32d785816886231be30156f41b2dba0e4f3d41f9434c9558b05020c579d4469f992470dcf2f00deb7c3913cc3add6292dc50e69589a745384e942ecfd5ffd67f6cd1e73bbf4ca8c40f20165c63c50fbaee6ecc3530103f86a078b0b238861a7fce4fd322aa06306b35d1e9f89fda871fa2fba2e41fb81769fcc74ade90b00ba6ac240cc336b6700c3394a3ec834f515e35b45eaa8a409be35023eddd11cbc91a1e2e26f40e261dc4b27969a637e4bcda5e4b8fabb03b1ea54b8ddbea793bd281d6aa461cd3b382519bf38c22b02af11c6249a69fef5dcedf5ac4a364a28f8a8bd2bc7f30675dffad9e9d8b31bb0ac990441e92af7112e73e178f73537057324bdc1788b26a1e67a07a68757cd885d1a3f0f01470d7fb7c510c0cbd74eb46e49de9ce4e6d3fd295cb3d98b04e668cb96764e2487468a8defdc98b99a641cd8cf11eaf27182fa6136df7e1674688912462636aeca3006204c6ab95873a709688df22b17bb3375768c513725ec26f39f73f69cfc829faf19f0f1fe821fd5a1e1c86baa72614bc3d258abad2e26f53e3305f19c5baf79b44dfad2e8e11740552411c5b1ad450792fa95137bf743fa9a195a95ac7c02906b178e14280b6662eba1fc55063a93971b7ffe1d446b0f716c7b40e50c620c07099e51d68ae0dbe957a9487185b03aa4a91db59a25372ea7ece4844a7c07a6e61f645eaf4b31257e80ac91bdbf6020037a357d22e8ba0dad472e08cfbf3d6ef163aba84e37fea6b4d35fa89ec74c99dc1e062ad159e28fa6fe2c89d20aaafc214fb0d6cb641c7c1733761d7ea12c8aa7d8e83a3288e67da8ca69df04332f0db217b66da8e3ca8bc23096d5739e8eb5429237ee7c70189a2672aa5d81d64abbeffcdb019153438d897b5d99163daabbb1a07dc1b4832b45cdabcb1f8d7a03cb0bb0175741fe8a2b86f29639d3101007a434409eecd44eb7539150c308a284f0461b9b54acae872acc6c42064f92dea6a30361dadb22b795540b5d9c2c0f247c9f28820fca81f2440a7216d61335c895777e0a518b20b9a900ee6d8c93c77068deae6742c7d903084b548e96673ceb589957fbaf7635d59493ba5e427666ba1b23c5649a25f0a751a16a7f3b637420faaa2998b557770a29a963f525cd29213b8fb90c0bc71b903cb89fa6d9b5aa0db161f13a9ac0a427383cc3cc7a6f67cc239bc64cc9b339ce2d732bef27a08cce55af9891be04203b98142f5ad5d484e59c34fa6758bf3847675e94bc78ea76bd1ea919599edb1c6829f64501c3d74ab4e1363f905a6a7e2d8f62a66aed0a7ffb96c56ce6f6d55872f2a49948cc6071ea401dc480ab584557f5b0bc2f42fe206db875bc97fc9bd28abe1e5be038a33c256e45bcf453c96d428d3745d3c9369e70704061713dbce8b8e7724d8818726ed54259b568ed3a7c380a0e24f0334e310c780bc9437acecf1cfd9254bf2432e33f8bb3b0e60fc781ac387045b6b358a10a513693b371ee810018be1cbb5437d5702804387b6f404842e38152bc66ab8d63c5e4ad6ea620fe3a3819ad13f155cd50f3c0c65fe9d5f1c995c8d9558a39cf87dfadd1436fb27d476b64a124bed6edebbfb94b30dff602d6f07b63d7e99d111ec1aa3b2538b291c7fe657b1e9e839562ee5e69f01502f7988f5d7c62806503d56cba2e79d2e340ebc659dc756f10297dadae8bda9fda9fe445234b6ebc5aff372ce255b30d1b60ef8e785b09a11938dc4db550ce394fdf5014297be4f6664de7d71ec38eb8e6f4b31038f25551434a697c2067c8c33c47144fda18776b38827679769a5455b189238b9b5ef808d5d3314283a72de02955e9d969d46b0eb70199e29f258bb1328f16f043ddd1d2c28d2d9979c8a38e03d0d51a9ad4f2ce9a006ae7961e8a068ff9e153c1fedf403e1bf642744be0367f23f6859c98338b2e4115ea4bcc65d62fbb965d50172bdbf0f3eabb95027b696059cee8d5d3dc9822f7e885d952009846f03c70646089a502be5cae7ab636ec4442de808e0c54d4388146c4ef98f4b0b92a2fc54329e6d1e83127712306e83d0ca17e6ef238f425fbee8f2d364049eec00627f8747e214331308b6c2749be723562d83e1334d3f417d65785670eef9945b7f956592b3fcc412b3f2e16af1de927048415b693ef5fd13ed12ee9175e9e2baf39b8d912d4d7ed12c2944e0735ac9b198ee447baa1e629338ba70f2b93b9b2a40408354a1d0e3adc7fdfaf9379552e751c4e361797187132fd6dfafaf65066ccc8475822ed653d6f42c4acfefbc482c7f3ef88c2222d813a93f21bb7c6bef58c2198ea5bbc767e6dccd99b21cc3d57cbf4169316ca748cfb45214f588459fa60728d058138146d931fecb", 0x1000, 0x10, 0x0, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_ENABLE_CAP_CPU(r5, 0x4068aea3, &(0x7f0000000380)={0x7b, 0x0, [0x0, 0x0, 0x0, 0x6]})
accept4(0xffffffffffffffff, &(0x7f0000000480)=@rxrpc=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x0, 0x0, @dev}}, &(0x7f0000000000)=0x80, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0)
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r5, 0xae80, 0x0)

09:55:32 executing program 3:
r0 = accept4$inet6(0xffffffffffffffff, &(0x7f0000000100)={0xa, 0x0, 0x0, @local}, &(0x7f0000000340)=0x1c, 0x800)
setsockopt$inet6_tcp_TCP_REPAIR_WINDOW(r0, 0x6, 0x1d, &(0x7f0000000380)={0x9, 0xfffffff9, 0x71, 0x3, 0x7fffffff}, 0x14)
setsockopt$IP_VS_SO_SET_STARTDAEMON(0xffffffffffffffff, 0x0, 0x48b, &(0x7f00000000c0)={0x0, 'veth0_to_bond\x00'}, 0x18)
socket(0x0, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0)
r1 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r1)
syz_open_dev$vcsn(0x0, 0x0, 0x8003)
r2 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
connect$can_bcm(0xffffffffffffffff, 0x0, 0x0)
r3 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r4 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r4, 0x4, 0x2000)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000002c0)={0xffffffffffffffff, 0xc0, &(0x7f00000003c0)={0x0, <r5=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x5, 0x7, 0x8, 0x2}, &(0x7f0000000200)=0xfff, 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000300)={r5}, 0xc)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000980)={0x0, 0xffffffffffffffff, 0x0, 0x5, &(0x7f0000000440)='f2fs\x00', r5}, 0x30)
r6 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r6, &(0x7f0000000200)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6f73a5eb7532a"], 0x6b)
sendfile(r6, r6, &(0x7f00000001c0), 0x8080fffffffe)
ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_PORT(r6, 0xc0a85352, &(0x7f0000000480)={{0x7, 0x64}, 'port0\x00', 0x1, 0x10840, 0x8, 0x7f, 0x0, 0x3, 0x0, 0x0, 0x1, 0x9})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000440)={0x0, 0xffffffffffffffff, 0x0, 0xc, &(0x7f0000000280)='eth0nodevlo\x00', r5}, 0x30)
fcntl$setown(r3, 0x8, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$P9_RREADLINK(r2, &(0x7f0000000580)=ANY=[@ANYBLOB="3a258211f663a7724bdef6a53bfce1e775d740627227b11e2daf85534aa6f5083067b0248878f07a91df1acc99e664c11cbf51b4f6bff473492cfc5ead68cb6a050655a837ad411cb73394239fdd9e33efb5b63c5ff85708d8994e34841e04ec5f4962c4636b7fb34f186b86bb0467bdd13133ef429bda82f9b8e15eae491432dd2a52707c9ff05a83380901aeeba6a468acc0159117074b79e3eae14d824500eef64107f2ce8e640653058270aa2695952d83c594a125149b91f5ef4021dfcdb74078938059110bd142f3c312c6ecfa636c2567683920c19b877c0100b56a570369b4a3f1d5c222e90a05b5fbfad863ae8a14c85cf21dc7ae5e1ed8ee86c42b4c4b52f5f951d46e18aaa93e909ccf37a43455b24102c998836b67ed7064869a18b2d66a5a45630aad8094ca93f6085a68197469c0ab01a37f699b9cc9"], 0x13d)
sendfile(r2, r2, &(0x7f0000000000), 0x8080fffffffe)
r7 = socket$inet6(0xa, 0x3, 0x2c)
connect$inet6(r7, &(0x7f0000000180)={0xa, 0x0, 0x0, @local, 0x3}, 0x1c)
r8 = open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0)
sendfile(r7, r8, 0x0, 0x8482)
getsockopt$inet_pktinfo(r8, 0x0, 0x8, &(0x7f0000000040)={0x0, @loopback, @initdev}, &(0x7f0000000080)=0xc)

09:55:32 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = semget$private(0x0, 0x2, 0x48)
getresuid(0x0, &(0x7f0000000340)=<r3=>0x0, &(0x7f0000000380))
r4 = getgid()
r5 = geteuid()
stat(&(0x7f0000000180)='./file0\x00', &(0x7f00000005c0)={0x0, 0x0, 0x0, 0x0, 0x0, <r6=>0x0})
semctl$IPC_SET(r2, 0x0, 0x1, &(0x7f0000000480)={{0x6134e6ad, r3, r4, r5, r6, 0x0, 0x80000001}, 0xff, 0x80000000, 0x2})
syz_mount_image$msdos(&(0x7f0000000080)='msdos\x00', &(0x7f0000000100)='./file0\x00', 0x9, 0x1, &(0x7f0000000140)=[{&(0x7f0000000400)="e2307bd4cdb81d76edd6a6dee8d592e83f1ed1beb84607c4a822cb1e36fbac07bb0f2cc90dfab95294aaedcee12646d3b88f0c6a32036eef2565c1303bd6f4112f756fe87bc9fd3715841619d83cb09f720ec56fa6ce0a1116195d976154391d489f5e0bdbc56767e8a734e1ab7d82b184ccb0bb10ce130ca9bf9d3c91c3e8f59677d1f468956ca42b5bb0ab49ce06f3b37aad4a5db271e8d529d443fd5f1957bba0b6d08e8959d9751da07c818f49899a4da067a5d0c1077ead4d9b3c9bf39159ca0fc1ec7c5a41f38c09b83ec6d5160b632674abe7a4af94a8689c84ef692cef26f813bf40bf21e5e2d72897066197a6", 0xf1, 0x800}], 0x8b85384c7e9dcd97, &(0x7f0000000500)={[{@nodots='nodots'}, {@fat=@showexec='showexec'}, {@dots='dots'}, {@fat=@debug='debug'}, {@fat=@showexec='showexec'}, {@nodots='nodots'}, {@fat=@sys_immutable='sys_immutable'}, {@fat=@usefree='usefree'}, {@dots='dots'}], [{@appraise_type='appraise_type=imasig'}, {@smackfsdef={'smackfsdef', 0x3d, '/dev/kvm\x00'}}, {@func={'func', 0x3d, 'FIRMWARE_CHECK'}}, {@subj_user={'subj_user', 0x3d, '.\''}}, {@dont_measure='dont_measure'}, {@euid_eq={'euid', 0x3d, r5}}]})
r7 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_ENABLE_CAP_CPU(r7, 0x4068aea3, &(0x7f0000000380)={0x7b})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30)
ioctl$KVM_SET_REGS(r7, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r7, 0xae80, 0x0)

09:55:32 executing program 5:
setsockopt$IP_VS_SO_SET_STARTDAEMON(0xffffffffffffffff, 0x0, 0x48b, &(0x7f00000000c0)={0x0, 'veth0_to_bond\x00'}, 0x18)
socket(0x0, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r0)
syz_open_dev$vcsn(0x0, 0x0, 0x8003)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
connect$can_bcm(0xffffffffffffffff, 0x0, 0x0)
r2 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r2, &(0x7f0000000200)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6d73a5eb7532a"], 0x6b)
sendfile(r2, r2, &(0x7f00000001c0), 0x8080fffffffe)
r3 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r3, &(0x7f00000006c0)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6f73a5eb7532a7950878e24d651199437ae46d4d1ff26f0b5946a6396c2d8e4b77cc3ad4b78c8e2980c0a056eb39a52737f8b87f1309b50668495e595f9be98a59817f360d811644caf42f3084a082c39eebccfb665503ba3ffc3afaee683dabbbe94f420f9a301d6"], 0x6b)
sendfile(r3, r3, &(0x7f00000001c0), 0x8080fffffffe)
r4 = socket$inet(0x2, 0x100000000805, 0x0)
r5 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r5, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r6=>0x0]}, &(0x7f000095dffc)=0x1bb)
setsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(r4, 0x84, 0x72, &(0x7f0000000100)={r6}, 0xc)
getsockopt$inet_sctp_SCTP_RESET_STREAMS(r3, 0x84, 0x77, &(0x7f0000000100)={<r7=>r6, 0x0, 0x4, [0x7f, 0x3, 0x2, 0xff]}, &(0x7f0000000340)=0x10)
setsockopt$inet_sctp_SCTP_AUTH_DELETE_KEY(r2, 0x84, 0x19, &(0x7f0000000380)={r7, 0x8}, 0x8)
r8 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r9 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
fcntl$setstatus(r9, 0x4, 0x2000)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000002c0)={0xffffffffffffffff, 0xc0, &(0x7f00000003c0)={0x0, <r10=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x5, 0x7, 0x8, 0x2}, &(0x7f0000000200)=0xfff, 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000300)={r10}, 0xc)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000980)={0x0, 0xffffffffffffffff, 0x0, 0x5, &(0x7f0000000440)='f2fs\x00', r10}, 0x30)
r11 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r11, &(0x7f0000000200)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6f73a5eb7532a"], 0x6b)
sendfile(r11, r11, &(0x7f00000001c0), 0x8080fffffffe)
ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_PORT(r11, 0xc0a85352, &(0x7f0000000480)={{0x7, 0x64}, 'port0\x00', 0x1, 0x10840, 0x8, 0x7f, 0x0, 0x3, 0x0, 0x0, 0x1, 0x9})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000440)={0x0, 0xffffffffffffffff, 0x0, 0xc, &(0x7f0000000280)='eth0nodevlo\x00', r10}, 0x30)
fcntl$setown(r8, 0x8, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$P9_RREADLINK(r1, &(0x7f0000000580)=ANY=[@ANYBLOB="3a258211f663a7724bdef6a53bfce1e775d740627227b11e2daf85534aa6f5083067b0248878f07a91df1acc99e664c11cbf51b4f6bff473492cfc5ead68cb6a050655a837ad411cb73394239fdd9e33efb5b63c5ff85708d8994e34841e04ec5f4962c4636b7fb34f186b86bb0467bdd13133ef429bda82f9b8e15eae491432dd2a52707c9ff05a83380901aeeba6a468acc0159117074b79e3eae14d824500eef64107f2ce8e640653058270aa2695952d83c594a125149b91f5ef4021dfcdb74078938059110bd142f3c312c6ecfa636c2567683920c19b877c0100b56a570369b4a3f1d5c222e90a05b5fbfad863ae8a14c85cf21dc7ae5e1ed8ee86c42b4c4b52f5f951d46e18aaa93e909ccf37a43455b24102c998836b67ed7064869a18b2d66a5a45630aad8094ca93f6085a68197469c0ab01a37f699b9cc9"], 0x13d)
r12 = socket$inet6(0xa, 0x3, 0x2c)
connect$inet6(r12, &(0x7f0000000180)={0xa, 0x0, 0x0, @local, 0x3}, 0x1c)
r13 = open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0)
sendfile(r12, r13, 0x0, 0x8482)
getsockopt$inet_pktinfo(r13, 0x0, 0x8, &(0x7f0000000040)={0x0, @loopback, @initdev}, &(0x7f0000000080)=0xc)

09:55:32 executing program 2:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snapshot\x00', 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

09:55:33 executing program 3:
setsockopt$IP_VS_SO_SET_STARTDAEMON(0xffffffffffffffff, 0x0, 0x48b, &(0x7f00000000c0)={0x0, 'veth0_to_bond\x00'}, 0x18)
socket(0x0, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r0)
syz_open_dev$vcsn(0x0, 0x0, 0x8003)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
connect$can_bcm(0xffffffffffffffff, 0x0, 0x0)
r2 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r3 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r3, 0x4, 0x2000)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000002c0)={0xffffffffffffffff, 0xc0, &(0x7f00000003c0)={0x0, <r4=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x5, 0x7, 0x8, 0x2}, &(0x7f0000000200)=0xfff, 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000300)={r4}, 0xc)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000980)={0x0, 0xffffffffffffffff, 0x0, 0x5, &(0x7f0000000440)='f2fs\x00', r4}, 0x30)
r5 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r5, &(0x7f0000000200)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6f73a5eb7532a"], 0x6b)
sendfile(r5, r5, &(0x7f00000001c0)=0xffffff7f00000000, 0x8080fffffffe)
ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_PORT(r5, 0xc0a85352, &(0x7f0000000480)={{0x7, 0x64}, 'port0\x00', 0x1, 0x10840, 0x8, 0x7f, 0x0, 0x3, 0x0, 0x0, 0x1, 0x9})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000440)={0x0, 0xffffffffffffffff, 0x0, 0xc, &(0x7f0000000280)='eth0nodevlo\x00', r4}, 0x30)
fcntl$setown(r2, 0x8, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$P9_RREADLINK(r1, &(0x7f0000000580)=ANY=[@ANYBLOB="3a258211f663a7724bdef6a53bfce1e775d740627227b11e2daf85534aa6f5083067b0248878f07a91df1acc99e664c11cbf51b4f6bff473492cfc5ead68cb6a050655a837ad411cb73394239fdd9e33efb5b63c5ff85708d8994e34841e04ec5f4962c4636b7fb34f186b86bb0467bdd13133ef429bda82f9b8e15eae491432dd2a52707c9ff05a83380901aeeba6a468acc0159117074b79e3eae14d824500eef64107f2ce8e640653058270aa2695952d83c594a125149b91f5ef4021dfcdb74078938059110bd142f3c312c6ecfa636c2567683920c19b877c0100b56a570369b4a3f1d5c222e90a05b5fbfad863ae8a14c85cf21dc7ae5e1ed8ee86c42b4c4b52f5f951d46e18aaa93e909ccf37a43455b24102c998836b67ed7064869a18b2d66a5a45630aad8094ca93f6085a68197469c0ab01a37f699b9cc9"], 0x13d)
sendfile(r1, r1, &(0x7f0000000000), 0x8080fffffffe)
r6 = socket$inet6(0xa, 0x3, 0x2c)
connect$inet6(r6, &(0x7f0000000180)={0xa, 0x0, 0x0, @local, 0x3}, 0x1c)
r7 = open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0)
sendfile(r6, r7, 0x0, 0x8482)
getsockopt$inet_pktinfo(r7, 0x0, 0x8, &(0x7f0000000040)={0x0, @loopback, @initdev}, &(0x7f0000000080)=0xc)

09:55:33 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = dup3(r2, r1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r4 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r4, &(0x7f0000000200)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6f73a5eb7532a"], 0x6b)
sendfile(r4, r4, &(0x7f00000001c0), 0x8080fffffffe)
read$usbmon(r4, &(0x7f0000000100)=""/92, 0x5c)
r5 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r5, 0xae60)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
open(&(0x7f0000000080)='./bus\x00', 0x2, 0x4c)
r7 = socket$inet6(0xa, 0x3, 0x2c)
connect$inet6(r7, &(0x7f0000000180)={0xa, 0x0, 0x0, @local, 0x3}, 0x1c)
r8 = open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0)
sendfile(r7, r8, 0x0, 0x8482)
ioctl$KVM_SET_USER_MEMORY_REGION(r8, 0x4020ae46, &(0x7f0000000180)={0x1fd, 0x1, 0x2000, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_ENABLE_CAP_CPU(r6, 0x4068aea3, &(0x7f0000000380)={0x7b})
accept4(0xffffffffffffffff, &(0x7f0000000480)=@rxrpc=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x0, 0x0, @dev}}, &(0x7f0000000000)=0x80, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0)
ioctl$KVM_SET_REGS(r6, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r6, 0xae80, 0x0)

09:55:33 executing program 2:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snapshot\x00', 0x0, 0x0)
ioctl$TCSETA(0xffffffffffffffff, 0x5406, &(0x7f0000000100)={0x6, 0x2, 0x5, 0x40, 0x8, 0x8, 0x6, 0x9, 0x0, 0x1f})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r0, 0xae60)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30)
ioctl$KVM_SET_REGS(r1, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r1, 0xae80, 0x0)

[  951.222289][   T26] audit: type=1804 audit(1575885333.206:1038): pid=6147 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir334181620/syzkaller.4JfTNJ/879/file0/bus" dev="sda1" ino=16681 res=1
[  951.328781][   T26] audit: type=1804 audit(1575885333.306:1039): pid=6087 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.5" name="/root/syzkaller-testdir334181620/syzkaller.4JfTNJ/879/file0/bus" dev="sda1" ino=16681 res=1
09:55:33 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
r3 = syz_open_dev$vcsn(&(0x7f0000000080)='/dev/vcs#\x00', 0x0, 0x400)
r4 = socket$inet(0x2, 0x100000000805, 0x0)
r5 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r5, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r6=>0x0]}, &(0x7f000095dffc)=0x1bb)
setsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(r4, 0x84, 0x72, &(0x7f0000000100)={r6}, 0xc)
getsockopt$inet_sctp_SCTP_MAXSEG(0xffffffffffffffff, 0x84, 0xd, &(0x7f0000000100)=@assoc_id=<r7=>r6, &(0x7f0000000140)=0x4)
setsockopt$inet_sctp_SCTP_RESET_STREAMS(r3, 0x84, 0x77, &(0x7f0000000200)=ANY=[@ANYRES32=r7, @ANYBLOB="0300090000010100000700e5010bfb7f00090000"], 0x1a)
ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000000380)={0x7b})
r8 = socket$inet6(0xa, 0x3, 0x2c)
connect$inet6(r8, &(0x7f0000000180)={0xa, 0x0, 0x0, @local, 0x3}, 0x1c)
r9 = open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0)
sendfile(r8, r9, 0x0, 0x8482)
ioctl$KDSETLED(r9, 0x4b32, 0x7e)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

09:55:33 executing program 3:
setsockopt$IP_VS_SO_SET_STARTDAEMON(0xffffffffffffffff, 0x0, 0x48b, &(0x7f00000000c0)={0x0, 'veth0_to_bond\x00'}, 0x18)
socket(0x0, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r0)
syz_open_dev$vcsn(0x0, 0x0, 0x8003)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
connect$can_bcm(0xffffffffffffffff, 0x0, 0x0)
r2 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r3 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r3, 0x4, 0x2000)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000002c0)={0xffffffffffffffff, 0xc0, &(0x7f00000003c0)={0x0, <r4=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x5, 0x7, 0x8, 0x2}, &(0x7f0000000200)=0xfff, 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000300)={r4}, 0xc)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000980)={0x0, 0xffffffffffffffff, 0x0, 0x5, &(0x7f0000000440)='f2fs\x00', r4}, 0x30)
r5 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r5, &(0x7f0000000200)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6f73a5eb7532a"], 0x6b)
sendfile(r5, r5, &(0x7f00000001c0)=0xffffff7f00000000, 0x8080fffffffe)
ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_PORT(r5, 0xc0a85352, &(0x7f0000000480)={{0x7, 0x64}, 'port0\x00', 0x1, 0x10840, 0x8, 0x7f, 0x0, 0x3, 0x0, 0x0, 0x1, 0x9})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000440)={0x0, 0xffffffffffffffff, 0x0, 0xc, &(0x7f0000000280)='eth0nodevlo\x00', r4}, 0x30)
fcntl$setown(r2, 0x8, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$P9_RREADLINK(r1, &(0x7f0000000580)=ANY=[@ANYBLOB="3a258211f663a7724bdef6a53bfce1e775d740627227b11e2daf85534aa6f5083067b0248878f07a91df1acc99e664c11cbf51b4f6bff473492cfc5ead68cb6a050655a837ad411cb73394239fdd9e33efb5b63c5ff85708d8994e34841e04ec5f4962c4636b7fb34f186b86bb0467bdd13133ef429bda82f9b8e15eae491432dd2a52707c9ff05a83380901aeeba6a468acc0159117074b79e3eae14d824500eef64107f2ce8e640653058270aa2695952d83c594a125149b91f5ef4021dfcdb74078938059110bd142f3c312c6ecfa636c2567683920c19b877c0100b56a570369b4a3f1d5c222e90a05b5fbfad863ae8a14c85cf21dc7ae5e1ed8ee86c42b4c4b52f5f951d46e18aaa93e909ccf37a43455b24102c998836b67ed7064869a18b2d66a5a45630aad8094ca93f6085a68197469c0ab01a37f699b9cc9"], 0x13d)
sendfile(r1, r1, &(0x7f0000000000), 0x8080fffffffe)
r6 = socket$inet6(0xa, 0x3, 0x2c)
connect$inet6(r6, &(0x7f0000000180)={0xa, 0x0, 0x0, @local, 0x3}, 0x1c)
r7 = open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0)
sendfile(r6, r7, 0x0, 0x8482)
getsockopt$inet_pktinfo(r7, 0x0, 0x8, &(0x7f0000000040)={0x0, @loopback, @initdev}, &(0x7f0000000080)=0xc)

09:55:33 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0xf16ae2291d313dbf, 0x0, &(0x7f0000000140)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = dup3(r2, r1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x7)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60)
r5 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x4000000105042, 0x0)
write(r5, &(0x7f0000000200)="fdf01ae741043030219708b2e9a22414e8d9058cf44eecab83b2d28ce64965047f8122da91f2e47e046e9fc35c2d106b78bb06f5b13160ed8a0a91995e8bbea8ac66f5be7c659e654eb9a9efdeefbc8d4a0fcd31a782ec5ae3041b5f8e3a500e264144e3a5619c3a4a9f4cb16916f8910013ffc1345747a696f594e72965e81a225914af246f9a4584f20ec6b6135a9e5632230520a7bc370d9291675212ad7eb5673a1c4d7d03c415df3aab729ca15c3322d4b94626a6e508f5f2adf8f408b6799166f31c4e87ccdc3189b590ffba8b409111c7f6d36aae697d578d8024684647314eb25ee33f8392b42e5ecef3b52e19ebf6f1028cb8dcc54a11dd11b8adbb532b99d457453fbe3277a0c98672a9566c339311a4c007a143106f15054e01cafdcf6f9c6a17fb9ca3362a3a01cfedc8dbfe8bffa12dd17ba0be258156d1b4ef6f136711e49103776540bb986882aba0b7cff4e0102b105f9bea091a1b037373fcdc9f1fadfa9d21ff8f42156f74694d55058084ad477ce6c8bf47641c64d1cfe008025d87e5a02d3eba8d253e30062bdc7fe046bd590131d17ccc73a5ea27c8fb4bf752965f16301176416f440d11db988ad92726c693c5aa5b3ca28bc31ced72d0f4d12cb03fb261fe08e79e78f7aad21dc40cd694ec6e2bcb97be1c67fe59a6564924aaaa280aa94e04b9cb05bb8a0325a5d65f16cd0f8f09286a07382dce", 0x2fde00)
vmsplice(r5, &(0x7f0000000700)=[{&(0x7f0000000500)="449d6a795f0f2e8357dcf6ac776f172c7bc9cb97b72af3c57c30ff0749c97945ec487d1d6f0be92abde2dabec6f53a0bd56e13e1f6cf90adaf36151ad6df367fa5102914b646e99825b0b0334678e76b11cf1ac2fddd63bc85f0ec5bf60efead3600a25392f2d6b55b6d1cb103d7e9288c65e2f677d16550d8c992fff2edda38b09d4762463ef8cd71153b834a381501826317b8ccced90d0af9f41a2c48fb70b52c32637b5483f6191fe41a20a9a5bfb1869b4374b2ab695de46884af0ce2747a037e1138c8c2e05531fc585986efb845eb0d", 0xd3}, {&(0x7f0000000100)}, {&(0x7f0000000600)="6c97f57dec8e095a56084c9427f218bf9231f3450a54e55c249cf3f068d84ca60572adc46e33a691ff0abac882f791058130c6fefa8b0da4516d8fc7be9c491f956c84f740d6f2baab3b1d019ab2a3b86235723cad2086cc0284f3d95c4e53f41d14b6229f5892d5eb96f40a06b5323fe48fdc4b4479c6680d56bdd040167d0999346a8bb0e02c5c2a911408fb35a81b007477568f6bce25d9968df97b7b97dc78c8e4704681d27bf18108cbf57041cd147e8d6cb0e4da14a8b893fff377547994468b8aa6f12804602dd9dc945ea8dde0a0e06b1119b19b281ba7a5e010df21591b7bd707d9c94b32751577", 0xec}, {&(0x7f0000000200)="ac681e4544fe43c9cefc74ac688913f79f2d79856542163c0676e662fc410427be14e469a44b77380acb0dcb91052e423e5d82c2c4b62d3489489a152183e35fb91c78b9719ca9eeb72d85de95abcd46d925be5db47af36bcf3cd67e64dad7f1b0a21ac3f4e6533d1656f1e18466688f5180b34ea8325f248f4bce102037036c48c1f9497c0af4f18170cb8d1cdbd194e90300003fd618bd64d386b6cdfec46d5aff46acd9a3dd5bf627c2483ffcc1b1d81a", 0xb2}, {&(0x7f0000000400)="d0d45717a3f60699e3a5397ab6378ed9aa5156408fd277d85ca32077e32f546ca3308aeb3ebc6ed9e88b9c0429c78d04721103f81f222bb73f51e498ca3c97ee69", 0x41}], 0x5, 0x4)
r6 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_ENABLE_CAP_CPU(r6, 0x4068aea3, &(0x7f0000000380)={0x7b})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000588ff8)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
fcntl$lock(r8, 0x26, &(0x7f0000000080))
fcntl$lock(r8, 0x26, &(0x7f0000000180)={0x40001, 0x0, 0x0, 0x3ac})
dup3(r7, r8, 0x0)
accept4(r7, &(0x7f0000000480)=@rxrpc=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x0, 0x0, @dev}}, &(0x7f0000000000)=0xffffffffffffff2c, 0x141000)
bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0)
ioctl$KVM_SET_REGS(r6, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r6, 0xae80, 0x0)

09:55:33 executing program 2:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snapshot\x00', 0x0, 0x0)
ioctl$TCSETA(0xffffffffffffffff, 0x5406, &(0x7f0000000100)={0x6, 0x2, 0x5, 0x40, 0x8, 0x8, 0x6, 0x9, 0x0, 0x1f})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r0, 0xae60)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30)
ioctl$KVM_SET_REGS(r1, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r1, 0xae80, 0x0)

09:55:33 executing program 5:
setsockopt$IP_VS_SO_SET_STARTDAEMON(0xffffffffffffffff, 0x0, 0x48b, &(0x7f00000000c0)={0x0, 'veth0_to_bond\x00'}, 0x18)
socket(0x0, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r0)
syz_open_dev$vcsn(0x0, 0x0, 0x8003)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
connect$can_bcm(0xffffffffffffffff, 0x0, 0x0)
r2 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r2, &(0x7f0000000200)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6d73a5eb7532a"], 0x6b)
sendfile(r2, r2, &(0x7f00000001c0), 0x8080fffffffe)
r3 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r3, &(0x7f00000006c0)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6f73a5eb7532a7950878e24d651199437ae46d4d1ff26f0b5946a6396c2d8e4b77cc3ad4b78c8e2980c0a056eb39a52737f8b87f1309b50668495e595f9be98a59817f360d811644caf42f3084a082c39eebccfb665503ba3ffc3afaee683dabbbe94f420f9a301d6"], 0x6b)
sendfile(r3, r3, &(0x7f00000001c0), 0x8080fffffffe)
r4 = socket$inet(0x2, 0x100000000805, 0x0)
r5 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r5, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r6=>0x0]}, &(0x7f000095dffc)=0x1bb)
setsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(r4, 0x84, 0x72, &(0x7f0000000100)={r6}, 0xc)
getsockopt$inet_sctp_SCTP_RESET_STREAMS(r3, 0x84, 0x77, &(0x7f0000000100)={<r7=>r6, 0x0, 0x4, [0x7f, 0x3, 0x2, 0xff]}, &(0x7f0000000340)=0x10)
setsockopt$inet_sctp_SCTP_AUTH_DELETE_KEY(r2, 0x84, 0x19, &(0x7f0000000380)={r7, 0x8}, 0x8)
r8 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r9 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
fcntl$setstatus(r9, 0x4, 0x2000)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000002c0)={0xffffffffffffffff, 0xc0, &(0x7f00000003c0)={0x0, <r10=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x5, 0x7, 0x8, 0x2}, &(0x7f0000000200)=0xfff, 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000300)={r10}, 0xc)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000980)={0x0, 0xffffffffffffffff, 0x0, 0x5, &(0x7f0000000440)='f2fs\x00', r10}, 0x30)
r11 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r11, &(0x7f0000000200)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6f73a5eb7532a"], 0x6b)
sendfile(r11, r11, &(0x7f00000001c0), 0x8080fffffffe)
ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_PORT(r11, 0xc0a85352, &(0x7f0000000480)={{0x7, 0x64}, 'port0\x00', 0x1, 0x10840, 0x8, 0x7f, 0x0, 0x3, 0x0, 0x0, 0x1, 0x9})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000440)={0x0, 0xffffffffffffffff, 0x0, 0xc, &(0x7f0000000280)='eth0nodevlo\x00', r10}, 0x30)
fcntl$setown(r8, 0x8, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendfile(r1, r1, &(0x7f0000000000), 0x8080fffffffe)
r12 = socket$inet6(0xa, 0x3, 0x2c)
connect$inet6(r12, &(0x7f0000000180)={0xa, 0x0, 0x0, @local, 0x3}, 0x1c)
r13 = open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0)
sendfile(r12, r13, 0x0, 0x8482)
getsockopt$inet_pktinfo(r13, 0x0, 0x8, &(0x7f0000000040)={0x0, @loopback, @initdev}, &(0x7f0000000080)=0xc)

09:55:33 executing program 3:
setsockopt$IP_VS_SO_SET_STARTDAEMON(0xffffffffffffffff, 0x0, 0x48b, &(0x7f00000000c0)={0x0, 'veth0_to_bond\x00'}, 0x18)
socket(0x0, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r0)
syz_open_dev$vcsn(0x0, 0x0, 0x8003)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
connect$can_bcm(0xffffffffffffffff, 0x0, 0x0)
r2 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r3 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r3, 0x4, 0x2000)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000002c0)={0xffffffffffffffff, 0xc0, &(0x7f00000003c0)={0x0, <r4=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x5, 0x7, 0x8, 0x2}, &(0x7f0000000200)=0xfff, 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000300)={r4}, 0xc)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000980)={0x0, 0xffffffffffffffff, 0x0, 0x5, &(0x7f0000000440)='f2fs\x00', r4}, 0x30)
r5 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r5, &(0x7f0000000200)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6f73a5eb7532a"], 0x6b)
sendfile(r5, r5, &(0x7f00000001c0)=0xffffff7f00000000, 0x8080fffffffe)
ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_PORT(r5, 0xc0a85352, &(0x7f0000000480)={{0x7, 0x64}, 'port0\x00', 0x1, 0x10840, 0x8, 0x7f, 0x0, 0x3, 0x0, 0x0, 0x1, 0x9})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000440)={0x0, 0xffffffffffffffff, 0x0, 0xc, &(0x7f0000000280)='eth0nodevlo\x00', r4}, 0x30)
fcntl$setown(r2, 0x8, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$P9_RREADLINK(r1, &(0x7f0000000580)=ANY=[@ANYBLOB="3a258211f663a7724bdef6a53bfce1e775d740627227b11e2daf85534aa6f5083067b0248878f07a91df1acc99e664c11cbf51b4f6bff473492cfc5ead68cb6a050655a837ad411cb73394239fdd9e33efb5b63c5ff85708d8994e34841e04ec5f4962c4636b7fb34f186b86bb0467bdd13133ef429bda82f9b8e15eae491432dd2a52707c9ff05a83380901aeeba6a468acc0159117074b79e3eae14d824500eef64107f2ce8e640653058270aa2695952d83c594a125149b91f5ef4021dfcdb74078938059110bd142f3c312c6ecfa636c2567683920c19b877c0100b56a570369b4a3f1d5c222e90a05b5fbfad863ae8a14c85cf21dc7ae5e1ed8ee86c42b4c4b52f5f951d46e18aaa93e909ccf37a43455b24102c998836b67ed7064869a18b2d66a5a45630aad8094ca93f6085a68197469c0ab01a37f699b9cc9"], 0x13d)
sendfile(r1, r1, &(0x7f0000000000), 0x8080fffffffe)
r6 = socket$inet6(0xa, 0x3, 0x2c)
connect$inet6(r6, &(0x7f0000000180)={0xa, 0x0, 0x0, @local, 0x3}, 0x1c)
r7 = open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0)
sendfile(r6, r7, 0x0, 0x8482)
getsockopt$inet_pktinfo(r7, 0x0, 0x8, &(0x7f0000000040)={0x0, @loopback, @initdev}, &(0x7f0000000080)=0xc)

09:55:33 executing program 2:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snapshot\x00', 0x0, 0x0)
ioctl$TCSETA(0xffffffffffffffff, 0x5406, &(0x7f0000000100)={0x6, 0x2, 0x5, 0x40, 0x8, 0x8, 0x6, 0x9, 0x0, 0x1f})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r0, 0xae60)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30)
ioctl$KVM_SET_REGS(r1, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r1, 0xae80, 0x0)

09:55:33 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r3, &(0x7f0000000200)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6f73a5eb7532a"], 0x6b)
sendfile(r3, r3, &(0x7f00000001c0), 0x8080fffffffe)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000140)={0x10002, 0x0, 0x4, 0x1000, &(0x7f0000014000/0x1000)=nil})
ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000000380)={0x7b})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

09:55:33 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = dup3(r2, r1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60)
r5 = syz_open_dev$admmidi(&(0x7f0000000080)='/dev/admmidi#\x00', 0x72d5635f, 0x4000)
ioctl$SNDRV_RAWMIDI_IOCTL_PVERSION(r5, 0x80045700, &(0x7f0000000100))
r6 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_ENABLE_CAP_CPU(r6, 0x4068aea3, &(0x7f0000000380)={0x7b})
accept4(0xffffffffffffffff, &(0x7f0000000480)=@rxrpc=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x0, 0x0, @dev}}, &(0x7f0000000000)=0x80, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0)
ioctl$KVM_SET_REGS(r6, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r6, 0xae80, 0x0)

09:55:34 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
ioctl$TCSETA(0xffffffffffffffff, 0x5406, &(0x7f0000000100)={0x6, 0x2, 0x5, 0x40, 0x8, 0x8, 0x6, 0x9, 0x0, 0x1f})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

09:55:34 executing program 3:
r0 = syz_open_dev$mouse(&(0x7f00000015c0)='/dev/input/mouse#\x00', 0x101, 0x80202)
pipe(&(0x7f00000006c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
close(0xffffffffffffffff)
r2 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x6000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x200000000000df8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x11, r3, 0x0)
ioctl$PERF_EVENT_IOC_SET_OUTPUT(r2, 0x2405, r3)
r4 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x6000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x200000000000df8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r5 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x11, r5, 0x0)
ioctl$PERF_EVENT_IOC_SET_OUTPUT(r4, 0x2405, r5)
r6 = perf_event_open(&(0x7f0000000040)={0x0, 0x70, 0x0, 0x0, 0x0, 0x9, 0x0, 0x1, 0x6000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x18}, 0xa1a2e790cd3712fc, 0x0, 0x1f, 0x8, 0x800000}, 0x0, 0xfbffffffffffffff, 0xffffffffffffffff, 0x0)
r7 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x11, r7, 0x0)
ioctl$PERF_EVENT_IOC_SET_OUTPUT(r6, 0x2405, r7)
r8 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x6000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x200000000000df8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r9 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x11, r9, 0x0)
ioctl$PERF_EVENT_IOC_SET_OUTPUT(r8, 0x2405, r9)
r10 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x6000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x200000000000df8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r11 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000063000/0x1000)=nil, 0x1000, 0xa, 0x10, r11, 0x0)
ioctl$PERF_EVENT_IOC_SET_OUTPUT(r10, 0x2405, r11)
sendmsg$nl_xfrm(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000480)=ANY=[@ANYRES32=r0, @ANYBLOB="34803a7858ca0cfffc2e8eedfe88e60c863b40cc79918fcb63817fca376c5359900cfc3ccd0c2ab0ca958a8d54b495a69bf73fb4ac3d2d4b445a08d3c4ceb9c9844039c89cf76bf8c37e7a619c80e35a0562c440fd8131ca4dbdb90bca01074d1ec5e89fb5d5ffa7bbf3e0344bbfccdc906d53c77bb652e5f6f4c02c0b5a815878f6264339c3047dbcd4f0562ff50b4289580f65e05c1dd7d0a25cfc35292dd561f22cb87365ae18a6b4e501efb8964f03770a9dcd86159eaab3030376eb7a7bd5115fcb49a3ceeca809fd66afc7c4cac48caebdc1271b6ed78cd0f9b3d231b26d06af511f92ac8ab0e9a32b15c502f3057ea423b7", @ANYPTR64=&(0x7f0000000100)=ANY=[@ANYRESDEC, @ANYRES64, @ANYPTR64, @ANYBLOB="821dad156c6bb7ffa36da8262fad80b09ba43224b0f91b14a3df0338922f970e4071e91e17380de77b252eba3022a47a6fb09562b0deba9f8fc73d5c1297edb9468bf0ed5cd707a81cf4065ec6ebba711bee8db94c6cc931af501e4b45028efba207a13134299507e7a42705adb489b12ded90f9dfb8c7ab8e74ef05213690e42d751816a6830f802f2258a2a49c6ce30b1bbe8920d8f7be55b9544fa1754e4a4da8c3d87396b242cc0cf6abcbb0d5ce1a85c9cb5240aa7e8b415af582a00b8b5c0591eb10ac5e009da873be26951f23421a952d2039104414012822b1a1b3d630d1b0de0f9b0f00052c0839dea420d1eab8d72e"], @ANYRES64=r4, @ANYPTR=&(0x7f00000002c0)=ANY=[@ANYRES32, @ANYRES32=r5, @ANYRES16=r0, @ANYRES32=r6, @ANYPTR=&(0x7f0000000240)=ANY=[@ANYRESDEC=r9]], @ANYBLOB="220533d901b4265d09593e8b6476ea01372217e88168d7f4832d79c54d7471f8abd618b89ef01a70ed769a7b33cee28deeb3e942614731c719aca92cf17034bdc3112b9635d53806dd71155b0c63df", @ANYRES32=r11, @ANYRES16=r8], 0x8}}, 0x0)
fcntl$dupfd(r0, 0x0, 0xffffffffffffffff)
prlimit64(0x0, 0x0, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
epoll_create1(0x0)
r12 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r12, 0x4, 0x42000)
mmap(&(0x7f000005b000/0x4000)=nil, 0x4000, 0x0, 0x10000000000031, 0xffffffffffffffff, 0x0)
mbind(&(0x7f0000012000/0xc00000)=nil, 0xc00000, 0x0, 0x0, 0x0, 0x2000000000002)
close(0xffffffffffffffff)
mkdir(&(0x7f00000000c0)='./file0\x00', 0x0)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)

09:55:34 executing program 1:
setsockopt$IP_VS_SO_SET_STARTDAEMON(0xffffffffffffffff, 0x0, 0x48b, &(0x7f00000000c0)={0x0, 'veth0_to_bond\x00'}, 0x18)
socket(0x29a1b168ab16b0d, 0x0, 0xfd)
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0)
r0 = pkey_alloc(0x0, 0x3)
pkey_mprotect(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, r0)
pkey_free(r0)
r1 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r1)
syz_open_dev$vcsn(0x0, 0x0, 0x8003)
r2 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
connect$can_bcm(0xffffffffffffffff, 0x0, 0x0)
r3 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r4 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r4, 0x4, 0x2000)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000002c0)={0xffffffffffffffff, 0xc0, &(0x7f00000003c0)={0x0, <r5=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x5, 0x7, 0x8, 0x2}, &(0x7f0000000200)=0xfff, 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000300)={r5}, 0xc)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000980)={0x0, 0xffffffffffffffff, 0x0, 0x5, &(0x7f0000000440)='f2fs\x00', r5}, 0x2d)
r6 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r6, &(0x7f0000000200)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6f73a5eb7532a"], 0x6b)
sendfile(r6, r6, &(0x7f00000001c0), 0x8080fffffffe)
ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_PORT(r6, 0xc0a85352, &(0x7f0000000480)={{0x7, 0x64}, 'port0\x00', 0x1, 0x10840, 0x8, 0x7f, 0x0, 0x3, 0x0, 0x0, 0x1, 0x9})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000440)={0x0, 0xffffffffffffffff, 0x0, 0xc, &(0x7f0000000280)='eth0nodevlo\x00', r5}, 0x30)
fcntl$setown(r3, 0x8, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$P9_RREADLINK(r2, &(0x7f0000000580)=ANY=[@ANYBLOB="3a258211f663a7724bdef6a53bfce1e775d740627227b11e2daf85534aa6f5083067b0248878f07a91df1acc99e664c11cbf51b4f6bff473492cfc5ead68cb6a050655a837ad411cb73394239fdd9e33efb5b63c5ff85708d8994e34841e04ec5f4962c4636b7fb34f186b86bb0467bdd13133ef429bda82f9b8e15eae491432dd2a52707c9ff05a83380901aeeba6a468acc0159117074b79e3eae14d824500eef64107f2ce8e640653058270aa2695952d83c594a125149b91f5ef4021dfcdb74078938059110bd142f3c312c6ecfa636c2567683920c19b877c0100b56a570369b4a3f1d5c222e90a05b5fbfad863ae8a14c85cf21dc7ae5e1ed8ee86c42b4c4b52f5f951d46e18aaa93e909ccf37a43455b24102c998836b67ed7064869a18b2d66a5a45630aad8094ca93f6085a68197469c0ab01a37f699b9cc9"], 0x13d)
sendfile(r2, r2, &(0x7f0000000000), 0x8080fffffffe)
r7 = socket$inet6(0xa, 0x3, 0x2c)
connect$inet6(r7, &(0x7f0000000180)={0xa, 0x0, 0x0, @local, 0x3}, 0x1c)
r8 = open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0)
sendfile(r7, r8, 0x0, 0x8482)
getsockopt$inet_pktinfo(r8, 0x0, 0x8, &(0x7f0000000040)={0x0, @loopback, @initdev}, &(0x7f0000000080)=0xc)

09:55:34 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = dup3(r2, r1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_ENABLE_CAP_CPU(r5, 0x4068aea3, &(0x7f0000000380)={0x7b})
accept4(0xffffffffffffffff, &(0x7f0000000480)=@rxrpc=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x0, 0x0, @dev}}, &(0x7f0000000000)=0x80, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0)
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r5, 0xae80, 0x0)
pipe2(&(0x7f0000000080)={<r6=>0xffffffffffffffff}, 0x4000)
ioctl$KVM_GET_REGS(r6, 0x8090ae81, &(0x7f0000000100))

09:55:34 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
pipe(&(0x7f0000000080)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$TIOCOUTQ(r3, 0x5411, &(0x7f0000000100))
ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000000380)={0x7b})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  952.564416][   T26] audit: type=1804 audit(1575885334.556:1040): pid=6784 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir334181620/syzkaller.4JfTNJ/880/file0/bus" dev="sda1" ino=16767 res=1
09:55:34 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
ioctl$TCSETA(0xffffffffffffffff, 0x5406, &(0x7f0000000100)={0x6, 0x2, 0x5, 0x40, 0x8, 0x8, 0x6, 0x9, 0x0, 0x1f})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  952.721729][   T26] audit: type=1804 audit(1575885334.706:1041): pid=6817 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir100869913/syzkaller.GI7b3r/590/file0/bus" dev="sda1" ino=16679 res=1
09:55:34 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000400)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = dup3(r2, r1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_ENABLE_CAP_CPU(r5, 0x4068aea3, &(0x7f0000000380)={0x7b})
accept4(0xffffffffffffffff, &(0x7f0000000480)=@rxrpc=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x0, 0x0, @dev}}, &(0x7f0000000000)=0x80, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0)
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4], 0xd000})
ioctl$KVM_RUN(r5, 0xae80, 0x0)
r6 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r6, &(0x7f0000000100)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1e29c11a1ffea981dc0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee0276f1e7501245f13e5c26b586ac58f920b7a88a100c8d1b6b63ba3a098120488ff5bd8c254b6f73a5eb7e553"], 0x6b)
sendfile(r6, r6, &(0x7f00000001c0), 0x8080fffffffe)
bind$vsock_stream(r6, &(0x7f0000000080)={0x28, 0x0, 0x2711, @my=0x0}, 0x10)

[  952.806538][   T26] audit: type=1804 audit(1575885334.756:1042): pid=6777 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.1" name="/root/syzkaller-testdir100869913/syzkaller.GI7b3r/590/file0/bus" dev="sda1" ino=16679 res=1
09:55:34 executing program 5:
setsockopt$IP_VS_SO_SET_STARTDAEMON(0xffffffffffffffff, 0x0, 0x48b, &(0x7f00000000c0)={0x0, 'veth0_to_bond\x00'}, 0x18)
socket(0x0, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r0)
syz_open_dev$vcsn(0x0, 0x0, 0x8003)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
connect$can_bcm(0xffffffffffffffff, 0x0, 0x0)
r2 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r2, &(0x7f0000000200)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6d73a5eb7532a"], 0x6b)
sendfile(r2, r2, &(0x7f00000001c0), 0x8080fffffffe)
r3 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r3, &(0x7f00000006c0)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6f73a5eb7532a7950878e24d651199437ae46d4d1ff26f0b5946a6396c2d8e4b77cc3ad4b78c8e2980c0a056eb39a52737f8b87f1309b50668495e595f9be98a59817f360d811644caf42f3084a082c39eebccfb665503ba3ffc3afaee683dabbbe94f420f9a301d6"], 0x6b)
sendfile(r3, r3, &(0x7f00000001c0), 0x8080fffffffe)
r4 = socket$inet(0x2, 0x100000000805, 0x0)
r5 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r5, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r6=>0x0]}, &(0x7f000095dffc)=0x1bb)
setsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(r4, 0x84, 0x72, &(0x7f0000000100)={r6}, 0xc)
getsockopt$inet_sctp_SCTP_RESET_STREAMS(r3, 0x84, 0x77, &(0x7f0000000100)={<r7=>r6, 0x0, 0x4, [0x7f, 0x3, 0x2, 0xff]}, &(0x7f0000000340)=0x10)
setsockopt$inet_sctp_SCTP_AUTH_DELETE_KEY(r2, 0x84, 0x19, &(0x7f0000000380)={r7, 0x8}, 0x8)
r8 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r9 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
fcntl$setstatus(r9, 0x4, 0x2000)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000002c0)={0xffffffffffffffff, 0xc0, &(0x7f00000003c0)={0x0, <r10=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x5, 0x7, 0x8, 0x2}, &(0x7f0000000200)=0xfff, 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000300)={r10}, 0xc)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000980)={0x0, 0xffffffffffffffff, 0x0, 0x5, &(0x7f0000000440)='f2fs\x00', r10}, 0x30)
r11 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r11, &(0x7f0000000200)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6f73a5eb7532a"], 0x6b)
sendfile(r11, r11, &(0x7f00000001c0), 0x8080fffffffe)
ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_PORT(r11, 0xc0a85352, &(0x7f0000000480)={{0x7, 0x64}, 'port0\x00', 0x1, 0x10840, 0x8, 0x7f, 0x0, 0x3, 0x0, 0x0, 0x1, 0x9})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000440)={0x0, 0xffffffffffffffff, 0x0, 0xc, &(0x7f0000000280)='eth0nodevlo\x00', r10}, 0x30)
fcntl$setown(r8, 0x8, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendfile(r1, r1, &(0x7f0000000000), 0x8080fffffffe)
r12 = socket$inet6(0xa, 0x3, 0x2c)
connect$inet6(r12, &(0x7f0000000180)={0xa, 0x0, 0x0, @local, 0x3}, 0x1c)
r13 = open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0)
sendfile(r12, r13, 0x0, 0x8482)
getsockopt$inet_pktinfo(r13, 0x0, 0x8, &(0x7f0000000040)={0x0, @loopback, @initdev}, &(0x7f0000000080)=0xc)

09:55:34 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
ioctl$TCSETA(0xffffffffffffffff, 0x5406, &(0x7f0000000100)={0x6, 0x2, 0x5, 0x40, 0x8, 0x8, 0x6, 0x9, 0x0, 0x1f})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

09:55:35 executing program 3:
r0 = syz_open_dev$mouse(&(0x7f00000015c0)='/dev/input/mouse#\x00', 0x101, 0x80202)
pipe(&(0x7f00000006c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
close(0xffffffffffffffff)
r2 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x6000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x200000000000df8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x11, r3, 0x0)
ioctl$PERF_EVENT_IOC_SET_OUTPUT(r2, 0x2405, r3)
r4 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x6000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x200000000000df8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r5 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x11, r5, 0x0)
ioctl$PERF_EVENT_IOC_SET_OUTPUT(r4, 0x2405, r5)
r6 = perf_event_open(&(0x7f0000000040)={0x0, 0x70, 0x0, 0x0, 0x0, 0x9, 0x0, 0x1, 0x6000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x18}, 0xa1a2e790cd3712fc, 0x0, 0x1f, 0x8, 0x800000}, 0x0, 0xfbffffffffffffff, 0xffffffffffffffff, 0x0)
r7 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x11, r7, 0x0)
ioctl$PERF_EVENT_IOC_SET_OUTPUT(r6, 0x2405, r7)
r8 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x6000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x200000000000df8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r9 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x11, r9, 0x0)
ioctl$PERF_EVENT_IOC_SET_OUTPUT(r8, 0x2405, r9)
r10 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x6000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x200000000000df8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r11 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000063000/0x1000)=nil, 0x1000, 0xa, 0x10, r11, 0x0)
ioctl$PERF_EVENT_IOC_SET_OUTPUT(r10, 0x2405, r11)
sendmsg$nl_xfrm(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000480)=ANY=[@ANYRES32=r0, @ANYBLOB="34803a7858ca0cfffc2e8eedfe88e60c863b40cc79918fcb63817fca376c5359900cfc3ccd0c2ab0ca958a8d54b495a69bf73fb4ac3d2d4b445a08d3c4ceb9c9844039c89cf76bf8c37e7a619c80e35a0562c440fd8131ca4dbdb90bca01074d1ec5e89fb5d5ffa7bbf3e0344bbfccdc906d53c77bb652e5f6f4c02c0b5a815878f6264339c3047dbcd4f0562ff50b4289580f65e05c1dd7d0a25cfc35292dd561f22cb87365ae18a6b4e501efb8964f03770a9dcd86159eaab3030376eb7a7bd5115fcb49a3ceeca809fd66afc7c4cac48caebdc1271b6ed78cd0f9b3d231b26d06af511f92ac8ab0e9a32b15c502f3057ea423b7", @ANYPTR64=&(0x7f0000000100)=ANY=[@ANYRESDEC, @ANYRES64, @ANYPTR64, @ANYBLOB="821dad156c6bb7ffa36da8262fad80b09ba43224b0f91b14a3df0338922f970e4071e91e17380de77b252eba3022a47a6fb09562b0deba9f8fc73d5c1297edb9468bf0ed5cd707a81cf4065ec6ebba711bee8db94c6cc931af501e4b45028efba207a13134299507e7a42705adb489b12ded90f9dfb8c7ab8e74ef05213690e42d751816a6830f802f2258a2a49c6ce30b1bbe8920d8f7be55b9544fa1754e4a4da8c3d87396b242cc0cf6abcbb0d5ce1a85c9cb5240aa7e8b415af582a00b8b5c0591eb10ac5e009da873be26951f23421a952d2039104414012822b1a1b3d630d1b0de0f9b0f00052c0839dea420d1eab8d72e"], @ANYRES64=r4, @ANYPTR=&(0x7f00000002c0)=ANY=[@ANYRES32, @ANYRES32=r5, @ANYRES16=r0, @ANYRES32=r6, @ANYPTR=&(0x7f0000000240)=ANY=[@ANYRESDEC=r9]], @ANYBLOB="220533d901b4265d09593e8b6476ea01372217e88168d7f4832d79c54d7471f8abd618b89ef01a70ed769a7b33cee28deeb3e942614731c719aca92cf17034bdc3112b9635d53806dd71155b0c63df", @ANYRES32=r11, @ANYRES16=r8], 0x8}}, 0x0)
fcntl$dupfd(r0, 0x0, 0xffffffffffffffff)
prlimit64(0x0, 0x0, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
epoll_create1(0x0)
r12 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r12, 0x4, 0x42000)
mmap(&(0x7f000005b000/0x4000)=nil, 0x4000, 0x0, 0x10000000000031, 0xffffffffffffffff, 0x0)
mbind(&(0x7f0000012000/0xc00000)=nil, 0xc00000, 0x0, 0x0, 0x0, 0x2000000000002)
close(0xffffffffffffffff)
mkdir(&(0x7f00000000c0)='./file0\x00', 0x0)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)

09:55:35 executing program 2:
openat$snapshot(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
ioctl$TCSETA(0xffffffffffffffff, 0x5406, &(0x7f0000000100)={0x6, 0x2, 0x5, 0x40, 0x8, 0x8, 0x6, 0x9, 0x0, 0x1f})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

09:55:35 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = dup3(r2, r1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000bf7000)={0x10002, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_ENABLE_CAP_CPU(r5, 0x4068aea3, &(0x7f0000000380)={0x7b})
accept4(0xffffffffffffffff, &(0x7f0000000480)=@rxrpc=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x0, 0x0, @dev}}, &(0x7f0000000000)=0x80, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0)
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb, 0x0, 0x0, 0x0, 0x8000000], 0x12000})
ioctl$KVM_RUN(r5, 0xae80, 0x0)

[  953.381408][   T26] audit: type=1804 audit(1575885335.356:1043): pid=6817 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir100869913/syzkaller.GI7b3r/590/file0/bus" dev="sda1" ino=16679 res=1
[  953.472907][ T6789] debugfs: Directory '6789-4' with parent 'kvm' already present!
[  953.559445][   T26] audit: type=1804 audit(1575885335.546:1044): pid=7326 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir334181620/syzkaller.4JfTNJ/881/file0/bus" dev="sda1" ino=16682 res=1
09:55:35 executing program 1:
setsockopt$IP_VS_SO_SET_STARTDAEMON(0xffffffffffffffff, 0x0, 0x48b, &(0x7f00000000c0)={0x0, 'veth0_to_bond\x00'}, 0x18)
socket(0x0, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = syz_open_dev$vcsn(0x0, 0x0, 0x8003)
r2 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
connect$can_bcm(0xffffffffffffffff, 0x0, 0x0)
r3 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r4 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r4, 0x4, 0x2000)
ioctl$PERF_EVENT_IOC_RESET(r1, 0x2403, 0x9)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000002c0)={0xffffffffffffffff, 0xc0, &(0x7f00000003c0)={0x0, <r5=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x5, 0x7, 0x8, 0x2}, &(0x7f0000000200)=0xfff, 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000300)={r5}, 0xc)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000980)={0x0, 0xffffffffffffffff, 0x0, 0x5, &(0x7f0000000440)='f2fs\x00', r5}, 0x30)
r6 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r6, &(0x7f0000000580)=ANY=[@ANYBLOB="d6751d6d4465ce55e1da4200cf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7decda4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71c4311c077251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6f73a5eb7532ac01545b8d4e3d02530b59b8ef20a4cbdca103931f22a9f1e3e79f32aaab3cf508adacdd01cc2a1cdda6491e013cba36699389ce145279b5409d7f974d347165049865d2cf7594f718a62bcd1c15ae8248c37711ecab700fd1b35cc"], 0x6b)
sendfile(r6, r6, &(0x7f00000001c0), 0x8080fffffffe)
ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_PORT(r6, 0xc0a85352, &(0x7f0000000480)={{0x7, 0x64}, 'port0\x00', 0x1, 0x10840, 0x8, 0x7f, 0x0, 0x3, 0x0, 0x0, 0x1, 0x9})
r7 = gettid()
tkill(r7, 0x1000000000016)
r8 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x8, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x11, r8, 0x0)
ioctl$PERF_EVENT_IOC_SET_OUTPUT(0xffffffffffffffff, 0x2405, r8)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000340)={r7, r8, 0x0, 0x11, &(0x7f0000000100)='$%vmnet0vboxnet1\x00', <r9=>0x0}, 0x30)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000440)={0x0, 0xffffffffffffffff, 0x0, 0xc, &(0x7f0000000280)='trusted}#\x00', r9}, 0x202)
fcntl$setown(r3, 0x8, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r10 = socket$inet6(0xa, 0x3, 0x2c)
connect$inet6(r10, &(0x7f0000000180)={0xa, 0x0, 0x0, @local, 0x3}, 0x1c)
r11 = open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0)
sendfile(r10, r11, 0x0, 0x8482)
write$P9_RREADLINK(r11, &(0x7f0000000100)=ANY=[], 0x0)
sendfile(r2, r2, &(0x7f0000000000), 0x8080fffffffe)
r12 = socket$inet6(0xa, 0x3, 0x2c)
r13 = socket$inet6(0xa, 0x3, 0x2c)
connect$inet6(r13, &(0x7f0000000180)={0xa, 0x0, 0x0, @local, 0x3}, 0x1c)
r14 = open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0)
sendfile(r13, r14, 0x0, 0x8482)
connect$inet6(r14, &(0x7f0000000180)={0xa, 0x4e23, 0x0, @mcast1, 0x3}, 0x1c)
r15 = open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0)
sendfile(r12, r15, 0x0, 0x8482)
getsockopt$inet_pktinfo(r15, 0x0, 0x8, &(0x7f0000000040)={0x0, @loopback, @initdev}, &(0x7f0000000080)=0xc)

09:55:35 executing program 3:
r0 = syz_open_dev$mouse(&(0x7f00000015c0)='/dev/input/mouse#\x00', 0x101, 0x80202)
pipe(&(0x7f00000006c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
close(0xffffffffffffffff)
r2 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x6000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x200000000000df8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x11, r3, 0x0)
ioctl$PERF_EVENT_IOC_SET_OUTPUT(r2, 0x2405, r3)
r4 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x6000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x200000000000df8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r5 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x11, r5, 0x0)
ioctl$PERF_EVENT_IOC_SET_OUTPUT(r4, 0x2405, r5)
r6 = perf_event_open(&(0x7f0000000040)={0x0, 0x70, 0x0, 0x0, 0x0, 0x9, 0x0, 0x1, 0x6000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x18}, 0xa1a2e790cd3712fc, 0x0, 0x1f, 0x8, 0x800000}, 0x0, 0xfbffffffffffffff, 0xffffffffffffffff, 0x0)
r7 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x11, r7, 0x0)
ioctl$PERF_EVENT_IOC_SET_OUTPUT(r6, 0x2405, r7)
r8 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x6000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x200000000000df8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r9 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x11, r9, 0x0)
ioctl$PERF_EVENT_IOC_SET_OUTPUT(r8, 0x2405, r9)
r10 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x6000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x200000000000df8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r11 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000063000/0x1000)=nil, 0x1000, 0xa, 0x10, r11, 0x0)
ioctl$PERF_EVENT_IOC_SET_OUTPUT(r10, 0x2405, r11)
sendmsg$nl_xfrm(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000480)=ANY=[@ANYRES32=r0, @ANYBLOB="34803a7858ca0cfffc2e8eedfe88e60c863b40cc79918fcb63817fca376c5359900cfc3ccd0c2ab0ca958a8d54b495a69bf73fb4ac3d2d4b445a08d3c4ceb9c9844039c89cf76bf8c37e7a619c80e35a0562c440fd8131ca4dbdb90bca01074d1ec5e89fb5d5ffa7bbf3e0344bbfccdc906d53c77bb652e5f6f4c02c0b5a815878f6264339c3047dbcd4f0562ff50b4289580f65e05c1dd7d0a25cfc35292dd561f22cb87365ae18a6b4e501efb8964f03770a9dcd86159eaab3030376eb7a7bd5115fcb49a3ceeca809fd66afc7c4cac48caebdc1271b6ed78cd0f9b3d231b26d06af511f92ac8ab0e9a32b15c502f3057ea423b7", @ANYPTR64=&(0x7f0000000100)=ANY=[@ANYRESDEC, @ANYRES64, @ANYPTR64, @ANYBLOB="821dad156c6bb7ffa36da8262fad80b09ba43224b0f91b14a3df0338922f970e4071e91e17380de77b252eba3022a47a6fb09562b0deba9f8fc73d5c1297edb9468bf0ed5cd707a81cf4065ec6ebba711bee8db94c6cc931af501e4b45028efba207a13134299507e7a42705adb489b12ded90f9dfb8c7ab8e74ef05213690e42d751816a6830f802f2258a2a49c6ce30b1bbe8920d8f7be55b9544fa1754e4a4da8c3d87396b242cc0cf6abcbb0d5ce1a85c9cb5240aa7e8b415af582a00b8b5c0591eb10ac5e009da873be26951f23421a952d2039104414012822b1a1b3d630d1b0de0f9b0f00052c0839dea420d1eab8d72e"], @ANYRES64=r4, @ANYPTR=&(0x7f00000002c0)=ANY=[@ANYRES32, @ANYRES32=r5, @ANYRES16=r0, @ANYRES32=r6, @ANYPTR=&(0x7f0000000240)=ANY=[@ANYRESDEC=r9]], @ANYBLOB="220533d901b4265d09593e8b6476ea01372217e88168d7f4832d79c54d7471f8abd618b89ef01a70ed769a7b33cee28deeb3e942614731c719aca92cf17034bdc3112b9635d53806dd71155b0c63df", @ANYRES32=r11, @ANYRES16=r8], 0x8}}, 0x0)
fcntl$dupfd(r0, 0x0, 0xffffffffffffffff)
prlimit64(0x0, 0x0, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
epoll_create1(0x0)
r12 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r12, 0x4, 0x42000)
mmap(&(0x7f000005b000/0x4000)=nil, 0x4000, 0x0, 0x10000000000031, 0xffffffffffffffff, 0x0)
mbind(&(0x7f0000012000/0xc00000)=nil, 0xc00000, 0x0, 0x0, 0x0, 0x2000000000002)
close(0xffffffffffffffff)
mkdir(&(0x7f00000000c0)='./file0\x00', 0x0)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)

09:55:35 executing program 2:
openat$snapshot(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
ioctl$TCSETA(0xffffffffffffffff, 0x5406, &(0x7f0000000100)={0x6, 0x2, 0x5, 0x40, 0x8, 0x8, 0x6, 0x9, 0x0, 0x1f})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

09:55:35 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = dup3(r2, r1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
r4 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x6000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x200000000000df8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r5 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x11, r5, 0x0)
ioctl$PERF_EVENT_IOC_SET_OUTPUT(r4, 0x2405, r5)
ioctl$EXT4_IOC_GROUP_EXTEND(r4, 0x40086607, &(0x7f0000000080)=0xfffffffffffffffa)
r6 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x4000000105042, 0x0)
write(r6, &(0x7f0000000200)="fdf01ae741043030219708b2e9a22414e8d9058cf44eecab83b2d28ce64965047f8122da91f2e47e046e9fc35c2d106b78bb06f5b13160ed8a0a91995e8bbea8ac66f5be7c659e654eb9a9efdeefbc8d4a0fcd31a782ec5ae3041b5f8e3a500e264144e3a5619c3a4a9f4cb16916f8910013ffc1345747a696f594e72965e81a225914af246f9a4584f20ec6b6135a9e5632230520a7bc370d9291675212ad7eb5673a1c4d7d03c415df3aab729ca15c3322d4b94626a6e508f5f2adf8f408b6799166f31c4e87ccdc3189b590ffba8b409111c7f6d36aae697d578d8024684647314eb25ee33f8392b42e5ecef3b52e19ebf6f1028cb8dcc54a11dd11b8adbb532b99d457453fbe3277a0c98672a9566c339311a4c007a143106f15054e01cafdcf6f9c6a17fb9ca3362a3a01cfedc8dbfe8bffa12dd17ba0be258156d1b4ef6f136711e49103776540bb986882aba0b7cff4e0102b105f9bea091a1b037373fcdc9f1fadfa9d21ff8f42156f74694d55058084ad477ce6c8bf47641c64d1cfe008025d87e5a02d3eba8d253e30062bdc7fe046bd590131d17ccc73a5ea27c8fb4bf752965f16301176416f440d11db988ad92726c693c5aa5b3ca28bc31ced72d0f4d12cb03fb261fe08e79e78f7aad21dc40cd694ec6e2bcb97be1c67fe59a6564924aaaa280aa94e04b9cb05bb8a0325a5d65f16cd0f8f09286a07382dce", 0x2fde00)
dup3(r0, r6, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
r8 = socket$inet6(0xa, 0x3, 0x2c)
connect$inet6(r8, &(0x7f0000000180)={0xa, 0x0, 0x0, @local, 0x3}, 0x1c)
r9 = open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0)
sendfile(r8, r9, 0x0, 0x8482)
getsockname$ax25(r9, &(0x7f0000000100)={{0x3, @netrom}, [@default, @netrom, @null, @remote, @remote, @null, @rose, @rose]}, &(0x7f0000000180)=0x48)
ioctl$KVM_CREATE_IRQCHIP(r7, 0xae60)
r10 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r7, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_ENABLE_CAP_CPU(r10, 0x4068aea3, &(0x7f0000000380)={0x7b})
accept4(0xffffffffffffffff, &(0x7f0000000480)=@rxrpc=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x0, 0x0, @dev}}, &(0x7f0000000000)=0x80, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0)
ioctl$KVM_SET_REGS(r10, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r10, 0xae80, 0x0)

[  953.796658][   T26] audit: type=1804 audit(1575885335.766:1045): pid=7219 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.5" name="/root/syzkaller-testdir334181620/syzkaller.4JfTNJ/881/file0/bus" dev="sda1" ino=16682 res=1
09:55:35 executing program 4:
openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r0 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r0, &(0x7f0000000200)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6f73a5eb7532a"], 0x6b)
sendfile(r0, r0, &(0x7f00000001c0), 0x8080fffffffe)
r1 = socket$inet6(0xa, 0x3, 0x2c)
connect$inet6(r1, &(0x7f0000000180)={0xa, 0x0, 0x0, @local, 0x3}, 0x1c)
r2 = open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0)
sendfile(r1, r2, 0x0, 0x8482)
r3 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r3, &(0x7f0000000200)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6f73a5eb7532a"], 0x6b)
sendfile(r3, r3, &(0x7f00000001c0), 0x8080fffffffe)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_ENABLE_CAP_CPU(r5, 0x4068aea3, &(0x7f0000000380)={0x7b})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30)
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb, 0x1000], 0x12000})
ioctl$KVM_RUN(r5, 0xae80, 0x0)

[  954.034575][ T7552] kvm_hv_get_msr: 142 callbacks suppressed
[  954.034587][ T7552] kvm [7551]: vcpu0, guest rIP: 0x4a Hyper-V unhandled rdmsr: 0x4000004a
[  954.049570][ T7552] kvm [7551]: vcpu0, guest rIP: 0x4a Hyper-V unhandled rdmsr: 0x4000002b
[  954.058300][ T7552] kvm [7551]: vcpu0, guest rIP: 0x4a Hyper-V unhandled rdmsr: 0x40000076
[  954.067150][ T7552] kvm [7551]: vcpu0, guest rIP: 0x4a Hyper-V unhandled rdmsr: 0x4000000c
[  954.075871][ T7552] kvm [7551]: vcpu0, guest rIP: 0x4a Hyper-V unhandled rdmsr: 0x40000057
[  954.084653][ T7552] kvm [7551]: vcpu0, guest rIP: 0x4a Hyper-V unhandled rdmsr: 0x40000038
[  954.093698][ T7552] kvm [7551]: vcpu0, guest rIP: 0x4a Hyper-V unhandled rdmsr: 0x40000019
[  954.102429][ T7552] kvm [7551]: vcpu0, guest rIP: 0x4a Hyper-V unhandled rdmsr: 0x40000064
[  954.111292][ T7552] kvm [7551]: vcpu0, guest rIP: 0x4a Hyper-V unhandled rdmsr: 0x40000045
[  954.120116][ T7552] kvm [7551]: vcpu0, guest rIP: 0x4a Hyper-V unhandled rdmsr: 0x40000026
09:55:36 executing program 5:
setsockopt$IP_VS_SO_SET_STARTDAEMON(0xffffffffffffffff, 0x0, 0x48b, &(0x7f00000000c0)={0x0, 'veth0_to_bond\x00'}, 0x18)
socket(0x0, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r0)
syz_open_dev$vcsn(0x0, 0x0, 0x8003)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
connect$can_bcm(0xffffffffffffffff, 0x0, 0x0)
r2 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r2, &(0x7f0000000200)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6d73a5eb7532a"], 0x6b)
sendfile(r2, r2, &(0x7f00000001c0), 0x8080fffffffe)
r3 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r3, &(0x7f00000006c0)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6f73a5eb7532a7950878e24d651199437ae46d4d1ff26f0b5946a6396c2d8e4b77cc3ad4b78c8e2980c0a056eb39a52737f8b87f1309b50668495e595f9be98a59817f360d811644caf42f3084a082c39eebccfb665503ba3ffc3afaee683dabbbe94f420f9a301d6"], 0x6b)
sendfile(r3, r3, &(0x7f00000001c0), 0x8080fffffffe)
r4 = socket$inet(0x2, 0x100000000805, 0x0)
r5 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r5, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r6=>0x0]}, &(0x7f000095dffc)=0x1bb)
setsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(r4, 0x84, 0x72, &(0x7f0000000100)={r6}, 0xc)
getsockopt$inet_sctp_SCTP_RESET_STREAMS(r3, 0x84, 0x77, &(0x7f0000000100)={<r7=>r6, 0x0, 0x4, [0x7f, 0x3, 0x2, 0xff]}, &(0x7f0000000340)=0x10)
setsockopt$inet_sctp_SCTP_AUTH_DELETE_KEY(r2, 0x84, 0x19, &(0x7f0000000380)={r7, 0x8}, 0x8)
r8 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r9 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
fcntl$setstatus(r9, 0x4, 0x2000)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000002c0)={0xffffffffffffffff, 0xc0, &(0x7f00000003c0)={0x0, <r10=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x5, 0x7, 0x8, 0x2}, &(0x7f0000000200)=0xfff, 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000300)={r10}, 0xc)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000980)={0x0, 0xffffffffffffffff, 0x0, 0x5, &(0x7f0000000440)='f2fs\x00', r10}, 0x30)
r11 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r11, &(0x7f0000000200)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6f73a5eb7532a"], 0x6b)
sendfile(r11, r11, &(0x7f00000001c0), 0x8080fffffffe)
ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_PORT(r11, 0xc0a85352, &(0x7f0000000480)={{0x7, 0x64}, 'port0\x00', 0x1, 0x10840, 0x8, 0x7f, 0x0, 0x3, 0x0, 0x0, 0x1, 0x9})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000440)={0x0, 0xffffffffffffffff, 0x0, 0xc, &(0x7f0000000280)='eth0nodevlo\x00', r10}, 0x30)
fcntl$setown(r8, 0x8, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendfile(r1, r1, &(0x7f0000000000), 0x8080fffffffe)
r12 = socket$inet6(0xa, 0x3, 0x2c)
connect$inet6(r12, &(0x7f0000000180)={0xa, 0x0, 0x0, @local, 0x3}, 0x1c)
r13 = open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0)
sendfile(r12, r13, 0x0, 0x8482)
getsockopt$inet_pktinfo(r13, 0x0, 0x8, &(0x7f0000000040)={0x0, @loopback, @initdev}, &(0x7f0000000080)=0xc)

[  954.219250][   T26] audit: type=1804 audit(1575885336.206:1046): pid=7792 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.4" name="/root/syzkaller-testdir277592306/syzkaller.2XkVD1/788/bus" dev="sda1" ino=16806 res=1
09:55:36 executing program 3:
setsockopt$IP_VS_SO_SET_STARTDAEMON(0xffffffffffffffff, 0x0, 0x48b, &(0x7f00000000c0)={0x0, 'veth0_to_bond\x00'}, 0x18)
socket(0x0, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r0)
syz_open_dev$vcsn(0x0, 0x0, 0x8003)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
connect$can_bcm(0xffffffffffffffff, 0x0, 0x0)
r2 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r2, &(0x7f0000000200)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6d73a5eb7532a"], 0x6b)
sendfile(r2, r2, &(0x7f00000001c0), 0x8080fffffffe)
r3 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r3, &(0x7f00000006c0)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6f73a5eb7532a7950878e24d651199437ae46d4d1ff26f0b5946a6396c2d8e4b77cc3ad4b78c8e2980c0a056eb39a52737f8b87f1309b50668495e595f9be98a59817f360d811644caf42f3084a082c39eebccfb665503ba3ffc3afaee683dabbbe94f420f9a301d6"], 0x6b)
sendfile(r3, r3, &(0x7f00000001c0), 0x8080fffffffe)
r4 = socket$inet(0x2, 0x100000000805, 0x0)
r5 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r5, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r6=>0x0]}, &(0x7f000095dffc)=0x1bb)
setsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(r4, 0x84, 0x72, &(0x7f0000000100)={r6}, 0xc)
getsockopt$inet_sctp_SCTP_RESET_STREAMS(r3, 0x84, 0x77, &(0x7f0000000100)={<r7=>r6, 0x0, 0x4, [0x7f, 0x3, 0x2, 0xff]}, &(0x7f0000000340)=0x10)
setsockopt$inet_sctp_SCTP_AUTH_DELETE_KEY(r2, 0x84, 0x19, &(0x7f0000000380)={r7, 0x8}, 0x8)
r8 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r9 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
fcntl$setstatus(r9, 0x4, 0x2000)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000002c0)={0xffffffffffffffff, 0xc0, &(0x7f00000003c0)={0x0, <r10=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x5, 0x7, 0x8, 0x2}, &(0x7f0000000200)=0xfff, 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000300)={r10}, 0xc)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000980)={0x0, 0xffffffffffffffff, 0x0, 0x5, &(0x7f0000000440)='f2fs\x00', r10}, 0x30)
r11 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r11, &(0x7f0000000200)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6f73a5eb7532a"], 0x6b)
sendfile(r11, r11, &(0x7f00000001c0), 0x8080fffffffe)
ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_PORT(r11, 0xc0a85352, &(0x7f0000000480)={{0x7, 0x64}, 'port0\x00', 0x1, 0x10840, 0x8, 0x7f, 0x0, 0x3, 0x0, 0x0, 0x1, 0x9})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000440)={0x0, 0xffffffffffffffff, 0x0, 0xc, &(0x7f0000000280)='eth0nodevlo\x00', r10}, 0x30)
fcntl$setown(r8, 0x8, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendfile(r1, r1, &(0x7f0000000000), 0x8080fffffffe)
r12 = socket$inet6(0xa, 0x3, 0x2c)
connect$inet6(r12, &(0x7f0000000180)={0xa, 0x0, 0x0, @local, 0x3}, 0x1c)
r13 = open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0)
sendfile(r12, r13, 0x0, 0x8482)
getsockopt$inet_pktinfo(r13, 0x0, 0x8, &(0x7f0000000040)={0x0, @loopback, @initdev}, &(0x7f0000000080)=0xc)

[  954.337123][   T26] audit: type=1804 audit(1575885336.276:1047): pid=7792 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.4" name="/root/syzkaller-testdir277592306/syzkaller.2XkVD1/788/bus" dev="sda1" ino=16806 res=1
09:55:36 executing program 2:
openat$snapshot(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
ioctl$TCSETA(0xffffffffffffffff, 0x5406, &(0x7f0000000100)={0x6, 0x2, 0x5, 0x40, 0x8, 0x8, 0x6, 0x9, 0x0, 0x1f})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

09:55:36 executing program 2:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snapshot\x00', 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TCSETA(0xffffffffffffffff, 0x5406, &(0x7f0000000100)={0x6, 0x2, 0x5, 0x40, 0x8, 0x8, 0x6, 0x9, 0x0, 0x1f})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

09:55:36 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = dup3(r2, r1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text64={0x40, &(0x7f0000000100)="66baf80cb870527988ef66bafc0ced400f2134f236660f23aab91c0b0000b8be000000ba000000000f300f20d835080000000f22d826430f078f2978c30d00500000460fdaa700000000660f38829c3c72ce0000490f38f6be0a000000", 0x5d}], 0x1, 0x0, 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60)
r6 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$sock_SIOCSIFVLAN_SET_VLAN_INGRESS_PRIORITY_CMD(r5, 0x8983, &(0x7f0000000040)={0x2, 'ip6gretap0\x00', {0x9}, 0x7fff})
ioctl$KVM_ENABLE_CAP_CPU(r6, 0x4068aea3, &(0x7f0000000380)={0x7b})
accept4(0xffffffffffffffff, &(0x7f0000000480)=@rxrpc=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x0, 0x0, @dev}}, &(0x7f0000000000)=0x80, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0)
ioctl$KVM_SET_REGS(r6, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r6, 0xae80, 0x0)
ioctl$VIDIOC_DBG_S_REGISTER(r3, 0x4038564f, &(0x7f0000000180)={{0x7faee5a61a6e1943, @name="9ad90763a7758bae616ba91769f5bca1ec59e3632abe7435d4ae92b8d8276f56"}, 0x8, 0x401, 0x800})

09:55:36 executing program 3:
setsockopt$IP_VS_SO_SET_STARTDAEMON(0xffffffffffffffff, 0x0, 0x48b, &(0x7f00000000c0)={0x0, 'veth0_to_bond\x00'}, 0x18)
socket(0x0, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r0)
syz_open_dev$vcsn(0x0, 0x0, 0x8003)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
connect$can_bcm(0xffffffffffffffff, 0x0, 0x0)
r2 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r2, &(0x7f0000000200)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6d73a5eb7532a"], 0x6b)
sendfile(r2, r2, &(0x7f00000001c0), 0x8080fffffffe)
r3 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r3, &(0x7f00000006c0)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6f73a5eb7532a7950878e24d651199437ae46d4d1ff26f0b5946a6396c2d8e4b77cc3ad4b78c8e2980c0a056eb39a52737f8b87f1309b50668495e595f9be98a59817f360d811644caf42f3084a082c39eebccfb665503ba3ffc3afaee683dabbbe94f420f9a301d6"], 0x6b)
sendfile(r3, r3, &(0x7f00000001c0), 0x8080fffffffe)
r4 = socket$inet(0x2, 0x100000000805, 0x0)
r5 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r5, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r6=>0x0]}, &(0x7f000095dffc)=0x1bb)
setsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(r4, 0x84, 0x72, &(0x7f0000000100)={r6}, 0xc)
getsockopt$inet_sctp_SCTP_RESET_STREAMS(r3, 0x84, 0x77, &(0x7f0000000100)={<r7=>r6, 0x0, 0x4, [0x7f, 0x3, 0x2, 0xff]}, &(0x7f0000000340)=0x10)
setsockopt$inet_sctp_SCTP_AUTH_DELETE_KEY(r2, 0x84, 0x19, &(0x7f0000000380)={r7, 0x8}, 0x8)
r8 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r9 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
fcntl$setstatus(r9, 0x4, 0x2000)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000002c0)={0xffffffffffffffff, 0xc0, &(0x7f00000003c0)={0x0, <r10=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x5, 0x7, 0x8, 0x2}, &(0x7f0000000200)=0xfff, 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000300)={r10}, 0xc)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000980)={0x0, 0xffffffffffffffff, 0x0, 0x5, &(0x7f0000000440)='f2fs\x00', r10}, 0x30)
r11 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r11, &(0x7f0000000200)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6f73a5eb7532a"], 0x6b)
sendfile(r11, r11, &(0x7f00000001c0), 0x8080fffffffe)
ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_PORT(r11, 0xc0a85352, &(0x7f0000000480)={{0x7, 0x64}, 'port0\x00', 0x1, 0x10840, 0x8, 0x7f, 0x0, 0x3, 0x0, 0x0, 0x1, 0x9})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000440)={0x0, 0xffffffffffffffff, 0x0, 0xc, &(0x7f0000000280)='eth0nodevlo\x00', r10}, 0x30)
fcntl$setown(r8, 0x8, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendfile(r1, r1, &(0x7f0000000000), 0x8080fffffffe)
r12 = socket$inet6(0xa, 0x3, 0x2c)
connect$inet6(r12, &(0x7f0000000180)={0xa, 0x0, 0x0, @local, 0x3}, 0x1c)
r13 = open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0)
sendfile(r12, r13, 0x0, 0x8482)
getsockopt$inet_pktinfo(r13, 0x0, 0x8, &(0x7f0000000040)={0x0, @loopback, @initdev}, &(0x7f0000000080)=0xc)

[  954.951830][   T26] audit: type=1804 audit(1575885336.936:1048): pid=8032 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.4" name="/root/syzkaller-testdir277592306/syzkaller.2XkVD1/788/bus" dev="sda1" ino=16806 res=1
09:55:37 executing program 2:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snapshot\x00', 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TCSETA(0xffffffffffffffff, 0x5406, &(0x7f0000000100)={0x6, 0x2, 0x5, 0x40, 0x8, 0x8, 0x6, 0x9, 0x0, 0x1f})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  955.021091][   T26] audit: type=1804 audit(1575885336.936:1049): pid=8033 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.4" name="/root/syzkaller-testdir277592306/syzkaller.2XkVD1/788/bus" dev="sda1" ino=16806 res=1
[  955.143244][   T26] audit: type=1804 audit(1575885336.976:1050): pid=8023 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir334181620/syzkaller.4JfTNJ/882/file0/bus" dev="loop5" ino=451 res=1
[  955.277864][   T26] audit: type=1804 audit(1575885336.986:1051): pid=7821 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.5" name="/root/syzkaller-testdir334181620/syzkaller.4JfTNJ/882/file0/bus" dev="loop5" ino=451 res=1
09:55:39 executing program 1:
setsockopt$IP_VS_SO_SET_STARTDAEMON(0xffffffffffffffff, 0x0, 0x48b, &(0x7f00000000c0)={0x0, 'veth0_to_bond\x00'}, 0x18)
socket(0x0, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r0)
syz_open_dev$vcsn(0x0, 0x0, 0x8003)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
connect$can_bcm(0xffffffffffffffff, 0x0, 0x0)
r2 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r3 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r3, 0x4, 0x2000)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000002c0)={0xffffffffffffffff, 0xc0, &(0x7f00000003c0)={0x0, <r4=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x5, 0x7, 0x8, 0x2}, &(0x7f0000000200)=0xfff, 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000300)={r4}, 0xc)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000980)={0x0, 0xffffffffffffffff, 0x0, 0x5, &(0x7f0000000440)='f2fs\x00', r4}, 0x30)
r5 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r5, &(0x7f0000000200)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6f73a5eb7532a"], 0x6b)
sendfile(r5, r5, &(0x7f00000001c0), 0x8080fffffffe)
ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_PORT(r5, 0xc0a85352, &(0x7f0000000480)={{0x7, 0x64}, 'port0\x00', 0x1, 0x10840, 0x8, 0x7f, 0x0, 0x3, 0x0, 0x0, 0x1, 0x9})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000440)={0x0, 0xffffffffffffffff, 0x0, 0xc, &(0x7f0000000280)='eth0nodevlo\x00', r4}, 0x30)
fcntl$setown(r2, 0x8, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$P9_RREADLINK(r1, &(0x7f0000000580)=ANY=[@ANYBLOB="3a258211f663a7724bdef6a53bfce1e775d740627227b11e2daf85534aa6f5083067b0248878f07a91df1acc99e664c11cbf51b4f6bff473492cfc5ead68cb6a050655a837ad411cb73394239fdd9e33efb5b63c5ff85708d8994e34841e04ec5f4962c4636b7fb34f186b86bb0467bdd13133ef429bda82f9b8e15eae491432dd2a52707c9ff05a83380901aeeba6a468a4c0159117074b79e3eae14d824500eef64107f2ce8e640653058270aa2695952d83c594a125149b91f5ef4021dfcdb74078938059110bd142f3c312c6ecfa636c2567683920c19b877c0100b56a570369b4a3f1d5c222e90a05b5fbfad863ae8a14c85cf21dc7ae5e1ed8ee86c42b4c4b52f5f951d46e18aaa93e909ccf37a43455b24102c998836b67ed7064869a18b2d66a5a45630a2d8094ca93f6085a68197469c0ab01a37f699b9cc9"], 0x13d)
sendfile(r1, r1, &(0x7f0000000000), 0x8080fffffffe)
r6 = socket$inet6(0xa, 0x3, 0x2c)
r7 = syz_open_dev$media(&(0x7f0000000100)='/dev/media#\x00', 0x635f, 0x80)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, &(0x7f0000000340)={0x7, [0x0, 0x0, 0x0, 0x0, <r8=>0x0, 0x0, 0x0]}, &(0x7f0000000380)=0x20)
getsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(r7, 0x84, 0x72, &(0x7f00000006c0)={r8, 0x81, 0x30}, &(0x7f0000000700)=0xc)
connect$inet6(r6, &(0x7f0000000180)={0xa, 0x0, 0x0, @local, 0x3}, 0x1c)
r9 = open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0)
sendfile(r6, r9, 0x0, 0x8482)
getsockopt$inet_pktinfo(r9, 0x0, 0x8, &(0x7f0000000040)={0x0, @loopback, @initdev}, &(0x7f0000000080)=0xc)

09:55:39 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = dup3(r2, r1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_ENABLE_CAP_CPU(r5, 0x4068aea3, &(0x7f0000000380)={0x7b, 0x0, [0x0, 0x4]})
bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0)
r6 = socket$inet_dccp(0x2, 0x6, 0x0)
r7 = gettid()
fcntl$lock(r6, 0x24, &(0x7f0000000080)={0x1, 0x0, 0x4, 0x80000001, r7})
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r5, 0xae80, 0x0)

09:55:39 executing program 3:
setsockopt$IP_VS_SO_SET_STARTDAEMON(0xffffffffffffffff, 0x0, 0x48b, &(0x7f00000000c0)={0x0, 'veth0_to_bond\x00'}, 0x18)
socket(0x0, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r0)
syz_open_dev$vcsn(0x0, 0x0, 0x8003)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
connect$can_bcm(0xffffffffffffffff, 0x0, 0x0)
r2 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r2, &(0x7f0000000200)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6d73a5eb7532a"], 0x6b)
sendfile(r2, r2, &(0x7f00000001c0), 0x8080fffffffe)
r3 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r3, &(0x7f00000006c0)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6f73a5eb7532a7950878e24d651199437ae46d4d1ff26f0b5946a6396c2d8e4b77cc3ad4b78c8e2980c0a056eb39a52737f8b87f1309b50668495e595f9be98a59817f360d811644caf42f3084a082c39eebccfb665503ba3ffc3afaee683dabbbe94f420f9a301d6"], 0x6b)
sendfile(r3, r3, &(0x7f00000001c0), 0x8080fffffffe)
r4 = socket$inet(0x2, 0x100000000805, 0x0)
r5 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r5, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r6=>0x0]}, &(0x7f000095dffc)=0x1bb)
setsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(r4, 0x84, 0x72, &(0x7f0000000100)={r6}, 0xc)
getsockopt$inet_sctp_SCTP_RESET_STREAMS(r3, 0x84, 0x77, &(0x7f0000000100)={<r7=>r6, 0x0, 0x4, [0x7f, 0x3, 0x2, 0xff]}, &(0x7f0000000340)=0x10)
setsockopt$inet_sctp_SCTP_AUTH_DELETE_KEY(r2, 0x84, 0x19, &(0x7f0000000380)={r7, 0x8}, 0x8)
r8 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r9 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
fcntl$setstatus(r9, 0x4, 0x2000)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000002c0)={0xffffffffffffffff, 0xc0, &(0x7f00000003c0)={0x0, <r10=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x5, 0x7, 0x8, 0x2}, &(0x7f0000000200)=0xfff, 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000300)={r10}, 0xc)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000980)={0x0, 0xffffffffffffffff, 0x0, 0x5, &(0x7f0000000440)='f2fs\x00', r10}, 0x30)
r11 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r11, &(0x7f0000000200)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6f73a5eb7532a"], 0x6b)
sendfile(r11, r11, &(0x7f00000001c0), 0x8080fffffffe)
ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_PORT(r11, 0xc0a85352, &(0x7f0000000480)={{0x7, 0x64}, 'port0\x00', 0x1, 0x10840, 0x8, 0x7f, 0x0, 0x3, 0x0, 0x0, 0x1, 0x9})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000440)={0x0, 0xffffffffffffffff, 0x0, 0xc, &(0x7f0000000280)='eth0nodevlo\x00', r10}, 0x30)
fcntl$setown(r8, 0x8, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendfile(r1, r1, &(0x7f0000000000), 0x8080fffffffe)
r12 = socket$inet6(0xa, 0x3, 0x2c)
connect$inet6(r12, &(0x7f0000000180)={0xa, 0x0, 0x0, @local, 0x3}, 0x1c)
r13 = open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0)
sendfile(r12, r13, 0x0, 0x8482)
getsockopt$inet_pktinfo(r13, 0x0, 0x8, &(0x7f0000000040)={0x0, @loopback, @initdev}, &(0x7f0000000080)=0xc)

09:55:39 executing program 5:
setsockopt$IP_VS_SO_SET_STARTDAEMON(0xffffffffffffffff, 0x0, 0x48b, &(0x7f00000000c0)={0x0, 'veth0_to_bond\x00'}, 0x18)
socket(0x0, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r0)
syz_open_dev$vcsn(0x0, 0x0, 0x8003)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
connect$can_bcm(0xffffffffffffffff, 0x0, 0x0)
r2 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r2, &(0x7f0000000200)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6d73a5eb7532a"], 0x6b)
sendfile(r2, r2, &(0x7f00000001c0), 0x8080fffffffe)
r3 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r3, &(0x7f00000006c0)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6f73a5eb7532a7950878e24d651199437ae46d4d1ff26f0b5946a6396c2d8e4b77cc3ad4b78c8e2980c0a056eb39a52737f8b87f1309b50668495e595f9be98a59817f360d811644caf42f3084a082c39eebccfb665503ba3ffc3afaee683dabbbe94f420f9a301d6"], 0x6b)
sendfile(r3, r3, &(0x7f00000001c0), 0x8080fffffffe)
r4 = socket$inet(0x2, 0x100000000805, 0x0)
r5 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r5, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r6=>0x0]}, &(0x7f000095dffc)=0x1bb)
setsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(r4, 0x84, 0x72, &(0x7f0000000100)={r6}, 0xc)
getsockopt$inet_sctp_SCTP_RESET_STREAMS(r3, 0x84, 0x77, &(0x7f0000000100)={<r7=>r6, 0x0, 0x4, [0x7f, 0x3, 0x2, 0xff]}, &(0x7f0000000340)=0x10)
setsockopt$inet_sctp_SCTP_AUTH_DELETE_KEY(r2, 0x84, 0x19, &(0x7f0000000380)={r7, 0x8}, 0x8)
r8 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r9 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
fcntl$setstatus(r9, 0x4, 0x2000)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000002c0)={0xffffffffffffffff, 0xc0, &(0x7f00000003c0)={0x0, <r10=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x5, 0x7, 0x8, 0x2}, &(0x7f0000000200)=0xfff, 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000300)={r10}, 0xc)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000980)={0x0, 0xffffffffffffffff, 0x0, 0x5, &(0x7f0000000440)='f2fs\x00', r10}, 0x30)
r11 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r11, &(0x7f0000000200)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6f73a5eb7532a"], 0x6b)
sendfile(r11, r11, &(0x7f00000001c0), 0x8080fffffffe)
ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_PORT(r11, 0xc0a85352, &(0x7f0000000480)={{0x7, 0x64}, 'port0\x00', 0x1, 0x10840, 0x8, 0x7f, 0x0, 0x3, 0x0, 0x0, 0x1, 0x9})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000440)={0x0, 0xffffffffffffffff, 0x0, 0xc, &(0x7f0000000280)='eth0nodevlo\x00', r10}, 0x30)
fcntl$setown(r8, 0x8, 0x0)
write$P9_RREADLINK(r1, &(0x7f0000000580)=ANY=[@ANYBLOB="3a258211f663a7724bdef6a53bfce1e775d740627227b11e2daf85534aa6f5083067b0248878f07a91df1acc99e664c11cbf51b4f6bff473492cfc5ead68cb6a050655a837ad411cb73394239fdd9e33efb5b63c5ff85708d8994e34841e04ec5f4962c4636b7fb34f186b86bb0467bdd13133ef429bda82f9b8e15eae491432dd2a52707c9ff05a83380901aeeba6a468acc0159117074b79e3eae14d824500eef64107f2ce8e640653058270aa2695952d83c594a125149b91f5ef4021dfcdb74078938059110bd142f3c312c6ecfa636c2567683920c19b877c0100b56a570369b4a3f1d5c222e90a05b5fbfad863ae8a14c85cf21dc7ae5e1ed8ee86c42b4c4b52f5f951d46e18aaa93e909ccf37a43455b24102c998836b67ed7064869a18b2d66a5a45630aad8094ca93f6085a68197469c0ab01a37f699b9cc9"], 0x13d)
sendfile(r1, r1, &(0x7f0000000000), 0x8080fffffffe)
r12 = socket$inet6(0xa, 0x3, 0x2c)
connect$inet6(r12, &(0x7f0000000180)={0xa, 0x0, 0x0, @local, 0x3}, 0x1c)
r13 = open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0)
sendfile(r12, r13, 0x0, 0x8482)
getsockopt$inet_pktinfo(r13, 0x0, 0x8, &(0x7f0000000040)={0x0, @loopback, @initdev}, &(0x7f0000000080)=0xc)

09:55:39 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x6000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x200000000000df8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x11, r2, 0x0)
ioctl$PERF_EVENT_IOC_SET_OUTPUT(r1, 0x2405, r2)
r3 = creat(&(0x7f0000001400)='./file0\x00', 0x190)
splice(r1, &(0x7f0000000280)=0xff, r3, &(0x7f0000001440)=0xff, 0x80, 0x4)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_ENABLE_CAP_CPU(r5, 0x4068aea3, &(0x7f0000000380)={0x7b})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30)
r6 = accept4$packet(0xffffffffffffffff, &(0x7f0000000080)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000100)=0x14, 0x81800)
ioctl$sock_SIOCGIFCONF(r6, 0x8912, &(0x7f0000000140)=@buf={0x1000, &(0x7f0000000400)="477f69ba9797cee4949cad303d9efbbbe9637d8409c63b47ac6303a84e40f5a88337ef20f4b13ac22082235979500fba2f2b23b49371d2bbaa593694e5ae963f1877ff237a2296a6ae5c8580f1f3a9b1119be688f75de65a496bc5393b551d3b9b4390ef86480075e863e7ca8e985dc160ecca51631b0741b0c75d3e599b601f2bae4d967d39e7582d16590bda8b9d0f59a1fb1a3f213b06617982884fca8baae19f1844ec40b361626533a58398113b55b3a05dce5bd764886a757fba46ac7dc3957a2747370838503b7da98b29765bbcd59999294a0e2263db02bd9437e35aeaf7a16b44fab1eaafcbbb9fc58122e8ec8b7227ebbfe30b7fb90de8adf6acaed7ce2c418f9fe5445712f6ca3a00d968c8b6bcc7c7e63feec108a97284d57f7152245fdaad68c394b2594502d09f8dab4dca152049fc9003c783a8471bf5cad57605339a0ac37dd221cdbf40c7e352437e66af981c1aa9aceca1ada2a24aa01b9ecd3b74296fdab551e2725b070d5e329156884a0ebfcda3496c896e5497655d493b664ac1259edfe4ba66c36afed5c9ccc1976e8a3a9a01f27ce5e480eecdb42173ea8bf03f292cecaedc5553d1c5d7bb5870f0ef217b10fa2eee8ec0ec59311af06982f0d0f14aa5514abf86b1b476cb4b3f857897890e1c129159a7afb3230ba4197a042f64025f5196b5fa0515fe3d05c3581c64e5544bc248cb40138619173291c301651496099f3df778e2a22bf40b2a124842b17801febae0e3e181a2cf491f369104f36b19c5463d56a466fdb369d74aef8da6e8022f4d3888dd8a042547595d68462d4cfe0cdbdc83b07f793f3a3a43c4ee537ef7658d64f544f199c3e820472feafe3e489ad2ea409e068a7e1b52443a65b78719548ac09bfdb6e26a80767cfc4881ee256dc502be635294886cf0fabb93e049381a4e4b72013eee41cbe5129021e1495e78fdd7d72aa0df5008fbe1e9d79a7298b2e717aa700c611b4b48f638ef966374e2f97c261eadba1de441cd9df811a1120290a45ae6d1df2519e1bdbe60efb725751e6be544bf0cc407bf589b4036c67ce1d9e68086aff69d564ab098cfc548ba7e67cb64514edccdb790601fd9c99c017e1ef83d255f66c16f337149507a02b37ea7450a593d3d7768e34981a02756471b82db743afe51f454d51c45a07855b3bdce12b9aac57690986e441c4b52ac060cf589d32f5e57476c7ccae3aa32aa91ed2fc764cfacb9507fafe72e6ed9c047f20c56c0bf0f58aedef6ffadfefa69e15e565a6029a803ad80a0c0798c4c4971cdb4e0f88938c89abc07fabd39660217f85b152fc445bd54f163012c3acdceea0b1ba02277453ead8b7c2551c48ceb540b0def2509a39eb8a39657b60692dfd0fd504d148c7bf7f6842f03f23cd7f55c79c5faa330b09da1bc876cf85862e2330a599e5ab2f9e180ae93b098c56c237458372db8465e6a4f0e4739d213e0c076a80c28b8bd8268cc3639813010246eee4c3ea5a9f29c2bb201f4ac08d35f971445d84ff4bd7d48e290e3e879e5a386a8ded17de08a383c57b8acf1802af5c417fb890f253fc3dca9225c70a930e25c4b44036e6b765b5362727ec40c942333a94bce12a9e5717c036fb641eb22daf2858d2f62fb27bcc2c28629e58d53e6fc992f97df37ea2ece4a06dd0907a6d94a564daa379178027803d4ffcbe911b75e67a45c5159205e08a5753893ec2a791669bcf55b3e2801c359ffd0b78a084ba63fdfcca9ecdbec0d1e2f20939f38f5b84c95000fb166200463e67eea97d3861010aac438fbe21ef26986ce178ddaa2c05b30e131c8fb9249e97b907c87323705d55c70e29ec5a779b698058028687754a2702433466577a04d0e04d77942b237707ef0988c7ad2c14494beb20cf88a840c32b1bd94b3ca424fa1e97e28afac1f6781c451049081d693a16845c04673af437ec7ed61741b90943a827b4a73cde3db6a3c4193cadd1cc296e3c8148797d6b25090d86ce623e9e5e7b937e21379210e0869a49df978b11697a26e8505a999b96841508afd61be66b94bf9545a52df564cd67d67f0cf4ae47f9ee2751bbb494c976cc02106daae87555c6602c5eac0087513b61a4d81b0a24fff7eb584722d05963a2cd295df9a8ebfef9a1feb8267850176f898e92fbac16be03b24fed69d096cc0f4fc419f73e3cc88fa525ba88ccb76d104a80d3a3fd566a1e140141d8c10e24c95ec41635f1d4defbb86bb484751f2bd39bfc25d6d257c12f61451370eb0367994c93c18737dcb00b70b6edabe8f66d10c708e954af1e251824395d220789eae7c9762fbd1e4dada3b59a106e95850a67faae3dde8c7cebbb38c6fe1bc2f190fe5332ff68f1db742ec9b741eac1c8aa08496ea2e057ac8d0321d859921ffdf864a2fd536d069c38823997bc9c095427767904dda0ae0c22af42a37b69e235aba41f4c34332bc6243ab77984f64941ba915a69382de1e3e964889ddb8704d38d80eddd7104436cb348cd19b810b5c9c75721701642aa06bc8f740f936d9b4303908709b61328fc136c94ddc5d3d4266bd1a145a4944e81c607425cb711149c1d10f2caad1933fa61e2bea8cbb5d6bdc8b3971d94f818e3ee08ff47c7395dd52026e9fe0c6c154a367a9ca9a6248b9756e7476e72f81fa4ce38e91ae2e36ef7197990702d87ec6815fd9b47b9ba87de8814c423edcb169e95a03a4d0f5a9597d83ede522842bf7cba535f53ea6513a20b29b6005f03b23dc6a4ee426f82bdece483438602c7ea66347f8e2c9a501a2c4308adab0abc972d20849690c2b0c3f5d2fd8dbacde6e44633e7568f81b9108609b4e0cd1e006c8a02b58320f6f01b524f316fcc97c67c5d775795c02ffc778b7dd7508568827dbd83aba927b353a739eedff6f78c0cae3eb651d5193d88d258bada1f840e545b12ea4abe50825a9d4ae27df20ef09d1994582623a108b7a875c77ec5dae5a74e33e24d3b05cbac0f4a5095ecf5073dd407ed8007b76e4f996544a9a58cf9a882c34df8ba8a0386cb479696ab6155a124e834735e93a3afaacc0753fa74142ade56763a0eed207ab8ac97d6d8ea59efaff59a5e1bfec18479b17b643af4290a9a709c2ba862d4d5688b3b47bd878796e07249376bdbfe48891b0dab8c2ceab1d61f8e58b8eb5ea1ea05141c8ecd58190a44c0d61ea70f6835ce6dcdabcb995a63d0017cae449b44baa1846ce7d0360fdbd0b8cc6cc50bb8c8c55a989002bcef630950a93fff523ffa7fe020c4a3e26f2ea64fcd3365b3bcb7deb057d4d4982a08d0ee090540731fce7e0cda2643b72a2a8f5d91c44346db9c47ec4cd72a3cd270f308e0b3ff380d9b35f6a54c46df2913f18cbf66f3168165c69172060337a1349097619f9b14f9929cf5cbb35b9012a4962fe2c6705de7bd272947ec5ff5a432eaef86c015b4c84bb7ecfa2ea79d5815303934d2da93073881603ee46de272d38dfe9995d3382f6999d8655237603e44d0fb38d54e97606ccf6282b6207fa74bbeab32524ebf5d4f92849e2bb9a4d719ec0d29a06295d6706219e8306c987eb7afe50b132e0194f00e0d3c2fc41e48c72e3350d098a9aef6b5cb3a6d46e3e84da275a71edc57c9a5ad489e2ea2da9755a778eec5ca4f6c6c3d788dcbcf60898c4f3ad66e061687b28acc4e12a2cb8c704cc8348886f983a5c822ed97344413b43d34e0b2bb43622deb895c097ee0b93ff85a9ea0e3fbbf99090d472aa4d94cd6a7ad35d71a56cdbb44969879920fe5efeae26c7acd13f7524d77154fb1bffb358ed0ee4358daeb22af951b56dced0f388b111337d8cd6d3e0336a2c5044edb9c078d743aae76924199275d23fb9bb68ac11df6410422c184ae338de24befe2f192d9b5b2d8d552b803561de40bd1a48f702209d5f5fe6a2946f68f124fd4832d90260c16c0ed5e831838e2d28a5c386451fdf0f9e4b27b567b72383058dea8b96349dbb3a56e122a220d78c1f4ddd45a96e9d1731d24d0d4a358d4cb0954a0a6e40021da247c39617049f75b23e87ace5d25498d6d6e5c5620587809abfd3f6c71b9668913cba4353a251acdcd442fe47d09a1a5ce640c378884295eb65e53b290a18a9df313e62f8929c1fb1d13f7f32664d09b9ad71e9c7bac6b7d11bc18b6cde3e7acfdece2755f179d5906dbea8a931095318a2467331eec7c4583bf6e02416bd5127fe6589334b882f9942d52dd28b6e477512fdc68e30b2d505b9cd0571222ad91660db56e8a79f6d9826e84792175902610b08279e14b326de9a0048f7f06f22f8ace3a1206311526afa7f9c366c4f8d6a9c815efe3572d50b50d2fc662eb93d422041c053ed0c47fa0871389b4ac2f2a5b15cad19cb4b3a941ac198305c93c20327a64736941749e7fd07e9ca40db0947ffafc9b8b688a63e392a01ab35838778f026e6a636c883c27e4c45d9fc289ff22c2b269f0749251a1b591d26a14288e0d8819b98026a2cc295db40b3b7f6754ed6f7013a816f5916ba690372e0cc2e6b212899968b9cf1e48ae3c558f026c6e968192aa984cbed1ad1a9017cf73d34074fc5252cc6af5eb364cef665ce00cb90e2f7f61a08be337c2e103fa7a5e8dfece1eeb20ff7b84bf60318cbb397ead6aa55d5ff2e59fc9a8997da4035a1fc8f9010be3221efc921f5af8e89fa0823ecaecf80c4d58b90619757b33f140db0fa74d4c19af07407b28fc7b87f0d4693c9806f388ca48bcb3105f8388a6536a6f07ffadcdde27aaa8bf8ae62b99b51f9f321e9c93ab69f853c462f30e1eb2b0247171de7e14d46e3b14c02c06f208b4522d2a0a58d9dcab9cd11ac0ae27a76b863f6d44fce4677936973f860038bc4b9735a2de6cbd0254e1bc20d9f4981b5d599bc116d0f06daf621989d664ed5c778a30451e78a9f1d0c36b0b780aae0ee58b803a4ab6ccdfb30a7c25dd0f0d117129a1b47123ead6e5c9ac498a0f8007e77e0fcce44ef89b7286f04bcad42a6f5afa18c5dcbb56dd6af8967b78f84aaf111b9b5797d2af1a72f8c08474083723ef41432d683ef20e8b4225cec8fb39fb75a4aea1458b30f5dba2aa46d8586ca8254260d729a4fcba34a0c6b5ccc29a1381fa9295bc6213343f96358ed40cba2be3907fc87227af196a18826f9f75aaa0a73f2a0048be99ec7f2ef36c6cb674d3bb86ce4997be616c01cee011ffe279edac988421460f97baa11b4d682e4a62d3c695d145381689992b12783359090601f86bc9a01741d5fe86e3619caf66a8a5cbe1c986bda25c58e80355bc39f1284594ef1932a378dc068a1ceb5fcfc59a6098e4be42fca4b7317204bc21b7af791139ff2739de2ab40189b1e2f9fd953b0f7f3c5b6f4d07e70f8113f296ec01f2272231bc3b5f7614009c793134a7ce775d1b8fb21cea426aebc95495db148bc7bb073fb64f7fbb0b6cf4767872be2f581a083eb2de20a73bccd903758b4ad2c2cb2624107fb25a94783ef401083277fc18b0fcaffff5bf47b30de82fb322e766c9e4ec917baba446abbb79637b582f163cdf721c120c960752f298947ea05e075fe362d41a5336b5b1d72abb5b99e0b6e31a349f77ba0058546dc16ac0f0d49dcd32ce858f13064e3431eaad6e6ee2be25a13a7a5633c2bbce424b5654aabe2958da4d539804c276ca83fcd371c32c09dc97b219139b8d5577a35b27ac0df76d05f6c851f34fd11c206809443231e06bb4a87f9205968b3d08f335d2ccfe95a098590b0d62303d658671aa9dc90bc96e69b15276daa3f977f4c40774a93f55d"})
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
pipe(&(0x7f0000000140)={<r7=>0xffffffffffffffff})
vmsplice(r7, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
pipe(&(0x7f0000000140)={<r8=>0xffffffffffffffff})
vmsplice(r8, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r8, 0xc0502100, &(0x7f0000000180)={<r9=>0x0})
ioctl$SECCOMP_IOCTL_NOTIF_ID_VALID(r7, 0x80082102, &(0x7f0000000200)=r9)
ioctl$SECCOMP_IOCTL_NOTIF_SEND(r6, 0xc0182101, &(0x7f0000000180)={r9, 0xffff, 0x4})
ioctl$KVM_RUN(r5, 0xae80, 0x0)
syz_init_net_socket$x25(0x9, 0x5, 0x0)

09:55:39 executing program 2:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snapshot\x00', 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TCSETA(0xffffffffffffffff, 0x5406, &(0x7f0000000100)={0x6, 0x2, 0x5, 0x40, 0x8, 0x8, 0x6, 0x9, 0x0, 0x1f})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

09:55:39 executing program 2:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snapshot\x00', 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
ioctl$TCSETA(0xffffffffffffffff, 0x5406, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

09:55:39 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = dup3(r2, r1, 0x0)
syz_open_dev$vivid(&(0x7f0000000080)='/dev/video#\x00', 0x0, 0x2)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
uname(&(0x7f0000000500)=""/4096)
ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60)
socket$inet6_dccp(0xa, 0x6, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_ENABLE_CAP_CPU(r5, 0x4068aea3, &(0x7f0000000380)={0x7b})
accept4(0xffffffffffffffff, &(0x7f0000000480)=@rxrpc=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x0, 0x0, @dev}}, &(0x7f0000000000)=0x80, 0x0)
r6 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x6000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x200000000000df8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r7 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x11, r7, 0x0)
ioctl$PERF_EVENT_IOC_SET_OUTPUT(r6, 0x2405, r7)
ioctl$MON_IOCX_GETX(r3, 0x4018920a, &(0x7f0000000180)={&(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @iso}, &(0x7f0000001500)=""/4096, 0x1000})
ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(r7, 0xc0406618, &(0x7f0000000100)={{0x3, 0x0, @reserved="5bd10c2f7059d15b7c3622e6abaa2fad6bf0f7d9eef3635dff89170bf80fc7dc"}})
bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0)
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r5, 0xae80, 0x0)

09:55:39 executing program 3:
openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r0 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r0, &(0x7f0000000200)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6f73a5eb7532a"], 0x6b)
sendfile(r0, r0, &(0x7f00000001c0), 0x8080fffffffe)
r1 = socket$inet6(0xa, 0x3, 0x2c)
connect$inet6(r1, &(0x7f0000000180)={0xa, 0x0, 0x0, @local, 0x3}, 0x1c)
r2 = open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0)
sendfile(r1, r2, 0x0, 0x8482)
r3 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r3, &(0x7f0000000200)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6f73a5eb7532a"], 0x6b)
sendfile(r3, r3, &(0x7f00000001c0), 0x8080fffffffe)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_ENABLE_CAP_CPU(r5, 0x4068aea3, &(0x7f0000000380)={0x7b})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30)
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb, 0x1000], 0x12000})
ioctl$KVM_RUN(r5, 0xae80, 0x0)

[  957.541492][ T8524] FAT-fs (loop1): error, fat_get_cluster: invalid cluster chain (i_pos 17)
[  957.574802][ T8524] FAT-fs (loop1): Filesystem has been set read-only
[  957.581583][   T26] audit: type=1804 audit(1575885339.566:1052): pid=8651 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir334181620/syzkaller.4JfTNJ/883/bus" dev="sda1" ino=16679 res=1
[  957.622500][ T8524] FAT-fs (loop1): error, fat_free: invalid cluster chain (i_pos 17)
09:55:39 executing program 2:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snapshot\x00', 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
ioctl$TCSETA(0xffffffffffffffff, 0x5406, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

09:55:39 executing program 1:
setsockopt$IP_VS_SO_SET_STARTDAEMON(0xffffffffffffffff, 0x0, 0x48b, &(0x7f00000000c0)={0x0, 'veth0_to_bond\x00'}, 0x18)
socket(0x0, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r0)
syz_open_dev$vcsn(0x0, 0x0, 0x8003)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
connect$can_bcm(0xffffffffffffffff, 0x0, 0x0)
r2 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r3 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r3, 0x4, 0x2000)
ioctl$EVIOCSKEYCODE_V2(r1, 0x40284504, &(0x7f0000000100)={0x3b, 0x18, 0x2, 0x0, "4a7e656e5ed1c6d77520073f75fa85d13eefc58b898286dcad6ab0c74a25948c"})
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000002c0)={0xffffffffffffffff, 0xc0, &(0x7f00000003c0)={0x0, <r4=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x5, 0x7, 0x8, 0x2}, &(0x7f0000000200)=0xfff, 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000300)={r4}, 0xc)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000980)={0x0, 0xffffffffffffffff, 0x0, 0x5, &(0x7f0000000440)='f2fs\x00', r4}, 0x30)
r5 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r5, &(0x7f0000000200)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a1039563fbb87b2e85cd120488ff4ad8c254b6f73a5eb7532a"], 0x6b)
sendfile(r5, r5, &(0x7f00000001c0), 0x8080fffffffe)
ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_PORT(r5, 0xc0a85352, &(0x7f0000000480)={{0x7, 0x64}, 'port0\x00', 0x1, 0x10840, 0x8, 0x7f, 0x0, 0x3, 0x0, 0x0, 0x1, 0x9})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000440)={0x0, 0xffffffffffffffff, 0x0, 0xc, &(0x7f0000000280)='eth0nodevlo\x00', r4}, 0x30)
fcntl$setown(r2, 0x8, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$P9_RREADLINK(r1, &(0x7f0000000580)=ANY=[@ANYBLOB="3a258211f663a7724bdef6a53bfce1e775d740627227b11e2daf85534aa6f5083067b0248878f07a91df1acc99e664c11cbf51b4f6bff473492cfc5ead68cb6a050655a837ad411cb73394239fdd9e33efb5b63c5ff85708d8994e34841e04ec5f4962c4636b7fb34f186b86bb0467bdd13133ef429bda82f9b8e15eae491432dd2a52707c9ff05a83380901aeeba6a468acc0159117074b79e3eae14d824500eef64107f2ce8e640653058270aa2695952d83c594a125149b91f5ef4021dfcdb74078938059110bd142f3c312c6ecfa636c2567683920c19b877c0100b56a570369b4a3f1d5c222e90a05b5fbfad863ae8a14c85cf21dc7ae5e1ed8ee86c42b4c4b52f5f951d46e18aaa93e909ccf37a43455b24102c998836b67ed7064869a18b2d66a5a45630aad8094ca93f6085a68197469c0ab01a37f699b9cc9"], 0x13d)
sendfile(r1, r1, &(0x7f0000000000), 0x8080fffffffe)
r6 = socket$inet6(0xa, 0x3, 0x2c)
connect$inet6(r6, &(0x7f0000000180)={0xa, 0x0, 0x0, @local, 0x3}, 0x1c)
r7 = open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0)
sendfile(r6, r7, 0x0, 0x8482)
r8 = socket$inet6(0xa, 0x3, 0x2c)
connect$inet6(r8, &(0x7f0000000180)={0xa, 0x0, 0x0, @local, 0x3}, 0x1c)
r9 = open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0)
sendfile(r8, r9, 0x0, 0x8482)
getsockopt$inet_pktinfo(r1, 0x0, 0x8, &(0x7f0000000340)={0x0, @loopback, @initdev}, &(0x7f0000000080)=0xc)

09:55:40 executing program 3:
openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r0 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r0, &(0x7f0000000200)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6f73a5eb7532a"], 0x6b)
sendfile(r0, r0, &(0x7f00000001c0), 0x8080fffffffe)
r1 = socket$inet6(0xa, 0x3, 0x2c)
connect$inet6(r1, &(0x7f0000000180)={0xa, 0x0, 0x0, @local, 0x3}, 0x1c)
r2 = open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0)
sendfile(r1, r2, 0x0, 0x8482)
r3 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r3, &(0x7f0000000200)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6f73a5eb7532a"], 0x6b)
sendfile(r3, r3, &(0x7f00000001c0), 0x8080fffffffe)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_ENABLE_CAP_CPU(r5, 0x4068aea3, &(0x7f0000000380)={0x7b})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30)
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb, 0x1000], 0x12000})
ioctl$KVM_RUN(r5, 0xae80, 0x0)

09:55:40 executing program 5:
setsockopt$IP_VS_SO_SET_STARTDAEMON(0xffffffffffffffff, 0x0, 0x48b, &(0x7f00000000c0)={0x0, 'veth0_to_bond\x00'}, 0x18)
socket(0x0, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r0)
syz_open_dev$vcsn(0x0, 0x0, 0x8003)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
connect$can_bcm(0xffffffffffffffff, 0x0, 0x0)
r2 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r2, &(0x7f0000000200)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6d73a5eb7532a"], 0x6b)
sendfile(r2, r2, &(0x7f00000001c0), 0x8080fffffffe)
r3 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r3, &(0x7f00000006c0)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6f73a5eb7532a7950878e24d651199437ae46d4d1ff26f0b5946a6396c2d8e4b77cc3ad4b78c8e2980c0a056eb39a52737f8b87f1309b50668495e595f9be98a59817f360d811644caf42f3084a082c39eebccfb665503ba3ffc3afaee683dabbbe94f420f9a301d6"], 0x6b)
sendfile(r3, r3, &(0x7f00000001c0), 0x8080fffffffe)
r4 = socket$inet(0x2, 0x100000000805, 0x0)
r5 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r5, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r6=>0x0]}, &(0x7f000095dffc)=0x1bb)
setsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(r4, 0x84, 0x72, &(0x7f0000000100)={r6}, 0xc)
getsockopt$inet_sctp_SCTP_RESET_STREAMS(r3, 0x84, 0x77, &(0x7f0000000100)={<r7=>r6, 0x0, 0x4, [0x7f, 0x3, 0x2, 0xff]}, &(0x7f0000000340)=0x10)
setsockopt$inet_sctp_SCTP_AUTH_DELETE_KEY(r2, 0x84, 0x19, &(0x7f0000000380)={r7, 0x8}, 0x8)
r8 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r9 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
fcntl$setstatus(r9, 0x4, 0x2000)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000002c0)={0xffffffffffffffff, 0xc0, &(0x7f00000003c0)={0x0, <r10=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x5, 0x7, 0x8, 0x2}, &(0x7f0000000200)=0xfff, 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000300)={r10}, 0xc)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000980)={0x0, 0xffffffffffffffff, 0x0, 0x5, &(0x7f0000000440)='f2fs\x00', r10}, 0x30)
r11 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r11, &(0x7f0000000200)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6f73a5eb7532a"], 0x6b)
sendfile(r11, r11, &(0x7f00000001c0), 0x8080fffffffe)
ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_PORT(r11, 0xc0a85352, &(0x7f0000000480)={{0x7, 0x64}, 'port0\x00', 0x1, 0x10840, 0x8, 0x7f, 0x0, 0x3, 0x0, 0x0, 0x1, 0x9})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000440)={0x0, 0xffffffffffffffff, 0x0, 0xc, &(0x7f0000000280)='eth0nodevlo\x00', r10}, 0x30)
fcntl$setown(r8, 0x8, 0x0)
write$P9_RREADLINK(r1, &(0x7f0000000580)=ANY=[@ANYBLOB="3a258211f663a7724bdef6a53bfce1e775d740627227b11e2daf85534aa6f5083067b0248878f07a91df1acc99e664c11cbf51b4f6bff473492cfc5ead68cb6a050655a837ad411cb73394239fdd9e33efb5b63c5ff85708d8994e34841e04ec5f4962c4636b7fb34f186b86bb0467bdd13133ef429bda82f9b8e15eae491432dd2a52707c9ff05a83380901aeeba6a468acc0159117074b79e3eae14d824500eef64107f2ce8e640653058270aa2695952d83c594a125149b91f5ef4021dfcdb74078938059110bd142f3c312c6ecfa636c2567683920c19b877c0100b56a570369b4a3f1d5c222e90a05b5fbfad863ae8a14c85cf21dc7ae5e1ed8ee86c42b4c4b52f5f951d46e18aaa93e909ccf37a43455b24102c998836b67ed7064869a18b2d66a5a45630aad8094ca93f6085a68197469c0ab01a37f699b9cc9"], 0x13d)
sendfile(r1, r1, &(0x7f0000000000), 0x8080fffffffe)
r12 = socket$inet6(0xa, 0x3, 0x2c)
connect$inet6(r12, &(0x7f0000000180)={0xa, 0x0, 0x0, @local, 0x3}, 0x1c)
r13 = open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0)
sendfile(r12, r13, 0x0, 0x8482)
getsockopt$inet_pktinfo(r13, 0x0, 0x8, &(0x7f0000000040)={0x0, @loopback, @initdev}, &(0x7f0000000080)=0xc)

09:55:40 executing program 2:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snapshot\x00', 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
ioctl$TCSETA(0xffffffffffffffff, 0x5406, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

09:55:40 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
r3 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r3, &(0x7f0000000200)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6f73a5eb7532a"], 0x6b)
sendfile(r3, r3, &(0x7f00000001c0), 0x8080fffffffe)
setsockopt$SO_RDS_TRANSPORT(r3, 0x114, 0x8, &(0x7f0000000080), 0x4)
ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000000380)={0x7b})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  958.395605][   T26] kauditd_printk_skb: 2 callbacks suppressed
[  958.395699][   T26] audit: type=1804 audit(1575885340.386:1055): pid=8914 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir100869913/syzkaller.GI7b3r/593/file0/bus" dev="loop1" ino=454 res=1
[  958.567380][   T26] audit: type=1804 audit(1575885340.426:1056): pid=8914 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir100869913/syzkaller.GI7b3r/593/file0/bus" dev="loop1" ino=454 res=1
09:55:40 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = dup3(r2, r1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
r6 = socket$inet6(0xa, 0x3, 0x2c)
connect$inet6(r6, &(0x7f0000000180)={0xa, 0x0, 0x0, @local, 0x3}, 0x1c)
r7 = open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0)
sendfile(r6, r7, 0x0, 0x8482)
r8 = socket(0x11, 0x800000003, 0x0)
bind(r8, &(0x7f0000000080)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80)
getsockname$packet(r8, &(0x7f0000000040)={0x11, 0x0, <r9=>0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000200)=0x97a73c6a00f90940)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="d00800002400ffffff7f00000005ffffa6fffff7", @ANYRES32=r9, @ANYBLOB="63031000000000000000000000675e70cef7000000000000"], 0x3}}, 0x0)
ioctl$sock_inet6_SIOCSIFDSTADDR(r7, 0x8918, &(0x7f0000000100)={@rand_addr="d1130fbde556132d482724fade4f340a", 0x23, r9})
ioctl$KVM_ENABLE_CAP_CPU(r5, 0x4068aea3, &(0x7f0000000380)={0x7b})
accept4(r3, &(0x7f0000000480)=@rxrpc=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x0, 0x0, @dev}}, &(0x7f0000000080)=0x80, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0)
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r5, 0xae80, 0x0)

09:55:40 executing program 2:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snapshot\x00', 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
ioctl$TCSETA(0xffffffffffffffff, 0x5406, &(0x7f0000000100)={0x0, 0x2, 0x5, 0x40, 0x8, 0x8, 0x6, 0x9, 0x0, 0x1f})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

09:55:40 executing program 3:
openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r0 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r0, &(0x7f0000000200)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6f73a5eb7532a"], 0x6b)
sendfile(r0, r0, &(0x7f00000001c0), 0x8080fffffffe)
r1 = socket$inet6(0xa, 0x3, 0x2c)
connect$inet6(r1, &(0x7f0000000180)={0xa, 0x0, 0x0, @local, 0x3}, 0x1c)
r2 = open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0)
sendfile(r1, r2, 0x0, 0x8482)
r3 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r3, &(0x7f0000000200)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6f73a5eb7532a"], 0x6b)
sendfile(r3, r3, &(0x7f00000001c0), 0x8080fffffffe)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_ENABLE_CAP_CPU(r5, 0x4068aea3, &(0x7f0000000380)={0x7b})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30)
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb, 0x1000], 0x12000})
ioctl$KVM_RUN(r5, 0xae80, 0x0)

[  958.780888][   T26] audit: type=1804 audit(1575885340.766:1057): pid=9038 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir334181620/syzkaller.4JfTNJ/884/bus" dev="sda1" ino=16823 res=1
[  958.985643][   T26] audit: type=1804 audit(1575885340.966:1058): pid=8915 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.5" name="/root/syzkaller-testdir334181620/syzkaller.4JfTNJ/884/bus" dev="sda1" ino=16823 res=1
09:55:41 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = dup3(r2, r1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080))
ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_ENABLE_CAP_CPU(r5, 0x4068aea3, &(0x7f0000000380)={0x7b})
accept4(0xffffffffffffffff, &(0x7f0000000480)=@rxrpc=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x0, 0x0, @dev}}, &(0x7f0000000000)=0x80, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0)
r6 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r6, &(0x7f0000000200)=ANY=[@ANYRESHEX], 0x12)
sendfile(r6, r6, &(0x7f00000001c0), 0x8080fffffffe)
r7 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x4000000105042, 0x0)
write(r7, &(0x7f0000000200)="fdf01ae741043030219708b2e9a22414e8d9058cf44eecab83b2d28ce64965047f8122da91f2e47e046e9fc35c2d106b78bb06f5b13160ed8a0a91995e8bbea8ac66f5be7c659e654eb9a9efdeefbc8d4a0fcd31a782ec5ae3041b5f8e3a500e264144e3a5619c3a4a9f4cb16916f8910013ffc1345747a696f594e72965e81a225914af246f9a4584f20ec6b6135a9e5632230520a7bc370d9291675212ad7eb5673a1c4d7d03c415df3aab729ca15c3322d4b94626a6e508f5f2adf8f408b6799166f31c4e87ccdc3189b590ffba8b409111c7f6d36aae697d578d8024684647314eb25ee33f8392b42e5ecef3b52e19ebf6f1028cb8dcc54a11dd11b8adbb532b99d457453fbe3277a0c98672a9566c339311a4c007a143106f15054e01cafdcf6f9c6a17fb9ca3362a3a01cfedc8dbfe8bffa12dd17ba0be258156d1b4ef6f136711e49103776540bb986882aba0b7cff4e0102b105f9bea091a1b037373fcdc9f1fadfa9d21ff8f42156f74694d55058084ad477ce6c8bf47641c64d1cfe008025d87e5a02d3eba8d253e30062bdc7fe046bd590131d17ccc73a5ea27c8fb4bf752965f16301176416f440d11db988ad92726c693c5aa5b3ca28bc31ced72d0f4d12cb03fb261fe08e79e78f7aad21dc40cd694ec6e2bcb97be1c67fe59a6564924aaaa280aa94e04b9cb05bb8a0325a5d65f16cd0f8f09286a07382dce", 0x2fde00)
fcntl$dupfd(0xffffffffffffffff, 0x0, r7)
r8 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r8, &(0x7f0000000200)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6f73a5eb7532a"], 0x6b)
sendfile(r8, r8, &(0x7f00000001c0), 0x8080fffffffe)
ioctl$sock_bt_hidp_HIDPCONNDEL(r8, 0x400448c9, &(0x7f0000000140)={{0x1, 0x1, 0x7, 0xff, 0x7, 0x4}})
ioctl$KVM_SET_REGS(r6, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x2, 0xa9, 0x4cb], 0x12000})
ioctl$KVM_RUN(r5, 0xae80, 0x0)
r9 = socket$inet6(0xa, 0x3, 0x2c)
connect$inet6(r9, &(0x7f0000000180)={0xa, 0x0, 0x0, @local, 0x3}, 0x1c)
r10 = open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0)
sendfile(r9, r10, 0x0, 0x8482)
ioctl$DRM_IOCTL_GET_MAGIC(r10, 0x80046402, &(0x7f0000000100)=0x2)

[  959.111674][   T26] audit: type=1804 audit(1575885341.096:1059): pid=8914 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir100869913/syzkaller.GI7b3r/593/file0/bus" dev="loop1" ino=454 res=1
09:55:41 executing program 2:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snapshot\x00', 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
ioctl$TCSETA(0xffffffffffffffff, 0x5406, &(0x7f0000000100)={0x0, 0x2, 0x5, 0x40, 0x8, 0x8, 0x6, 0x9, 0x0, 0x1f})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

09:55:41 executing program 3:
openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r0 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r0, &(0x7f0000000200)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6f73a5eb7532a"], 0x6b)
sendfile(r0, r0, &(0x7f00000001c0), 0x8080fffffffe)
r1 = socket$inet6(0xa, 0x3, 0x2c)
connect$inet6(r1, &(0x7f0000000180)={0xa, 0x0, 0x0, @local, 0x3}, 0x1c)
r2 = open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0)
sendfile(r1, r2, 0x0, 0x8482)
r3 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r3, &(0x7f0000000200)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6f73a5eb7532a"], 0x6b)
sendfile(r3, r3, &(0x7f00000001c0), 0x8080fffffffe)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_ENABLE_CAP_CPU(r5, 0x4068aea3, &(0x7f0000000380)={0x7b})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30)
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb, 0x1000], 0x12000})
ioctl$KVM_RUN(r5, 0xae80, 0x0)

[  959.250878][   T26] audit: type=1804 audit(1575885341.156:1060): pid=8914 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir100869913/syzkaller.GI7b3r/593/file0/bus" dev="loop1" ino=454 res=1
09:55:41 executing program 5:
setsockopt$IP_VS_SO_SET_STARTDAEMON(0xffffffffffffffff, 0x0, 0x48b, &(0x7f00000000c0)={0x0, 'veth0_to_bond\x00'}, 0x18)
socket(0x0, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r0)
syz_open_dev$vcsn(0x0, 0x0, 0x8003)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
connect$can_bcm(0xffffffffffffffff, 0x0, 0x0)
r2 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r2, &(0x7f0000000200)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6d73a5eb7532a"], 0x6b)
sendfile(r2, r2, &(0x7f00000001c0), 0x8080fffffffe)
r3 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r3, &(0x7f00000006c0)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6f73a5eb7532a7950878e24d651199437ae46d4d1ff26f0b5946a6396c2d8e4b77cc3ad4b78c8e2980c0a056eb39a52737f8b87f1309b50668495e595f9be98a59817f360d811644caf42f3084a082c39eebccfb665503ba3ffc3afaee683dabbbe94f420f9a301d6"], 0x6b)
sendfile(r3, r3, &(0x7f00000001c0), 0x8080fffffffe)
r4 = socket$inet(0x2, 0x100000000805, 0x0)
r5 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r5, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r6=>0x0]}, &(0x7f000095dffc)=0x1bb)
setsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(r4, 0x84, 0x72, &(0x7f0000000100)={r6}, 0xc)
getsockopt$inet_sctp_SCTP_RESET_STREAMS(r3, 0x84, 0x77, &(0x7f0000000100)={<r7=>r6, 0x0, 0x4, [0x7f, 0x3, 0x2, 0xff]}, &(0x7f0000000340)=0x10)
setsockopt$inet_sctp_SCTP_AUTH_DELETE_KEY(r2, 0x84, 0x19, &(0x7f0000000380)={r7, 0x8}, 0x8)
r8 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r9 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
fcntl$setstatus(r9, 0x4, 0x2000)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000002c0)={0xffffffffffffffff, 0xc0, &(0x7f00000003c0)={0x0, <r10=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x5, 0x7, 0x8, 0x2}, &(0x7f0000000200)=0xfff, 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000300)={r10}, 0xc)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000980)={0x0, 0xffffffffffffffff, 0x0, 0x5, &(0x7f0000000440)='f2fs\x00', r10}, 0x30)
r11 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r11, &(0x7f0000000200)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6f73a5eb7532a"], 0x6b)
sendfile(r11, r11, &(0x7f00000001c0), 0x8080fffffffe)
ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_PORT(r11, 0xc0a85352, &(0x7f0000000480)={{0x7, 0x64}, 'port0\x00', 0x1, 0x10840, 0x8, 0x7f, 0x0, 0x3, 0x0, 0x0, 0x1, 0x9})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000440)={0x0, 0xffffffffffffffff, 0x0, 0xc, &(0x7f0000000280)='eth0nodevlo\x00', r10}, 0x30)
fcntl$setown(r8, 0x8, 0x0)
write$P9_RREADLINK(r1, &(0x7f0000000580)=ANY=[@ANYBLOB="3a258211f663a7724bdef6a53bfce1e775d740627227b11e2daf85534aa6f5083067b0248878f07a91df1acc99e664c11cbf51b4f6bff473492cfc5ead68cb6a050655a837ad411cb73394239fdd9e33efb5b63c5ff85708d8994e34841e04ec5f4962c4636b7fb34f186b86bb0467bdd13133ef429bda82f9b8e15eae491432dd2a52707c9ff05a83380901aeeba6a468acc0159117074b79e3eae14d824500eef64107f2ce8e640653058270aa2695952d83c594a125149b91f5ef4021dfcdb74078938059110bd142f3c312c6ecfa636c2567683920c19b877c0100b56a570369b4a3f1d5c222e90a05b5fbfad863ae8a14c85cf21dc7ae5e1ed8ee86c42b4c4b52f5f951d46e18aaa93e909ccf37a43455b24102c998836b67ed7064869a18b2d66a5a45630aad8094ca93f6085a68197469c0ab01a37f699b9cc9"], 0x13d)
sendfile(r1, r1, &(0x7f0000000000), 0x8080fffffffe)
r12 = socket$inet6(0xa, 0x3, 0x2c)
connect$inet6(r12, &(0x7f0000000180)={0xa, 0x0, 0x0, @local, 0x3}, 0x1c)
r13 = open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0)
sendfile(r12, r13, 0x0, 0x8482)
getsockopt$inet_pktinfo(r13, 0x0, 0x8, &(0x7f0000000040)={0x0, @loopback, @initdev}, &(0x7f0000000080)=0xc)

09:55:41 executing program 1:
setsockopt$IP_VS_SO_SET_STARTDAEMON(0xffffffffffffffff, 0x0, 0x48b, &(0x7f00000000c0)={0x0, 'veth0_to_bond\x00'}, 0x18)
r0 = socket(0x0, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0)
r1 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
sendfile(r0, 0xffffffffffffffff, &(0x7f0000000100)=0x1, 0x6)
fchdir(r1)
syz_open_dev$vcsn(0x0, 0x0, 0x8003)
r2 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
connect$can_bcm(0xffffffffffffffff, 0x0, 0x0)
r3 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r4 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r4, 0x4, 0x2000)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000600)={0xffffffffffffffff, 0xc0, &(0x7f0000000640)={0x0, <r5=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000700)={0x5, 0x7, 0x4, 0x2}, &(0x7f0000000380)=0x8000000000fff, 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x47)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000300), 0xfffffeba)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000980)={0x0, 0xffffffffffffffff, 0x0, 0x5, &(0x7f0000000440)='f2fs\x00', r5}, 0x30)
r6 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
r7 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x4000000105042, 0x0)
write(r7, &(0x7f0000000200)="fdf01ae741043030219708b2e9a22414e8d9058cf44eecab83b2d28ce64965047f8122da91f2e47e046e9fc35c2d106b78bb06f5b13160ed8a0a91995e8bbea8ac66f5be7c659e654eb9a9efdeefbc8d4a0fcd31a782ec5ae3041b5f8e3a500e264144e3a5619c3a4a9f4cb16916f8910013ffc1345747a696f594e72965e81a225914af246f9a4584f20ec6b6135a9e5632230520a7bc370d9291675212ad7eb5673a1c4d7d03c415df3aab729ca15c3322d4b94626a6e508f5f2adf8f408b6799166f31c4e87ccdc3189b590ffba8b409111c7f6d36aae697d578d8024684647314eb25ee33f8392b42e5ecef3b52e19ebf6f1028cb8dcc54a11dd11b8adbb532b99d457453fbe3277a0c98672a9566c339311a4c007a143106f15054e01cafdcf6f9c6a17fb9ca3362a3a01cfedc8dbfe8bffa12dd17ba0be258156d1b4ef6f136711e49103776540bb986882aba0b7cff4e0102b105f9bea091a1b037373fcdc9f1fadfa9d21ff8f42156f74694d55058084ad477ce6c8bf47641c64d1cfe008025d87e5a02d3eba8d253e30062bdc7fe046bd590131d17ccc73a5ea27c8fb4bf752965f16301176416f440d11db988ad92726c693c5aa5b3ca28bc31ced72d0f4d12cb03fb261fe08e79e78f7aad21dc40cd694ec6e2bcb97be1c67fe59a6564924aaaa280aa94e04b9cb05bb8a0325a5d65f16cd0f8f09286a07382dce", 0x2fde00)
write$binfmt_aout(r6, &(0x7f0000000580)=ANY=[@ANYBLOB="a92fb09e4b0201bb2af7f81dcc117ad95973f7ba3f9d0a1f9f56695c7294612cdfd9ff52faa5c3906d76084b170f337140b7d0fe6eba6255355f20168f319f8ef6ff98484aeed34ad3144578c64b6e6b83613b987ce20e8b136d28df422885cfab"], 0x224)
sendfile(r6, r6, &(0x7f00000001c0), 0x8080fffffffe)
ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_PORT(r6, 0xc0a85352, &(0x7f0000000480)={{0x7, 0x64}, 'port0\x00', 0x1, 0x10840, 0x8, 0x7f, 0x0, 0x3, 0x0, 0x0, 0x1, 0x9})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000440)={0x0, 0xffffffffffffffff, 0x0, 0xc, &(0x7f0000000280)='eth0nodevlo\x00', r5}, 0x30)
fcntl$setown(r3, 0x8, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$P9_RREADLINK(r2, &(0x7f0000000740)=ANY=[@ANYBLOB="3a258211f663a7724bdef6a53bfce1e775d740627227b11e2daf85534aa6f5083005b0248878f07a91df1acc99e664c11cbf51b4f6bff473492cfc5ead68cb6a050655a837ad411cb73394239fdd9e33efb5b63c5ff85708d8994e34841e04ec5f4962c4636b7fb34f3b6b86bb0467bdd13133ef429bda82f9b8e15eae491432dd2a52707c9ff05a83380901aeeba6a468ac05159117074b79e3eae14d824500eef64107f2ce8e640653058270aa2695952d83c594a125149b91f5ef4021dfcdb74078938059110bd142f3c312c6ecfa636c2567683920c19b877c0100b56a570369b4a3f1d5c222e90a05b5fbfad863ae8a14c85cf21dc7ae5e1ed8ee86c42b4c4b52f5f951d46e18aaa93e909ccf37a43455b24102c998836b67ed7064869a18b2d66a5a45630aad8094ca93f6085a68197469c0ab01a37f699b9cc96888bcf6f7c8f9660b69875b2f54a9710f17006c1dba847d7a3a0a54929ccbf22265008ca69be386db40f5077182d2cf1a8815ede43d067d799b052e5eea113f51ea063d8d92114f6f6d5e3ff74467e1478d85ac8c76e93667667a488a18"], 0x13d)
sendfile(r2, r2, &(0x7f0000000000), 0x8080fffffffe)
r8 = socket$inet6(0xa, 0x3, 0x2c)
connect$inet6(r8, &(0x7f0000000180)={0xa, 0x0, 0x0, @local, 0x3}, 0x1c)
r9 = open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0)
sendfile(r8, r9, 0x0, 0x8482)
getsockopt$inet_pktinfo(r9, 0x0, 0x8, &(0x7f0000000040)={0x0, @loopback, @initdev}, &(0x7f0000000080)=0xc)

09:55:41 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = dup3(r2, r1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_ENABLE_CAP_CPU(r5, 0x4068aea3, &(0x7f0000000380)={0x7b})
accept4(0xffffffffffffffff, &(0x7f0000000480)=@rxrpc=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x0, 0x0, @dev}}, &(0x7f0000000000)=0x80, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0xffffffffffffff19)
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r5, 0xae80, 0x0)

09:55:41 executing program 2:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snapshot\x00', 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
ioctl$TCSETA(0xffffffffffffffff, 0x5406, &(0x7f0000000100)={0x0, 0x2, 0x5, 0x40, 0x8, 0x8, 0x6, 0x9, 0x0, 0x1f})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

09:55:41 executing program 4:
setsockopt$IP_VS_SO_SET_STARTDAEMON(0xffffffffffffffff, 0x0, 0x48b, &(0x7f00000000c0)={0x0, 'veth0_to_bond\x00'}, 0x18)
socket(0x0, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r0)
syz_open_dev$vcsn(0x0, 0x0, 0x8003)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
connect$can_bcm(0xffffffffffffffff, 0x0, 0x0)
r2 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r3 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r3, 0x4, 0x2000)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000002c0)={0xffffffffffffffff, 0xc0, &(0x7f00000003c0)={0x0, <r4=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x5, 0x7, 0x8, 0x2}, &(0x7f0000000200)=0xfff, 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000300)={r4}, 0xc)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000980)={0x0, 0xffffffffffffffff, 0x0, 0x5, &(0x7f0000000440)='f2fs\x00', r4}, 0x30)
r5 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r5, &(0x7f0000000200)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6f73a5eb7532a"], 0x6b)
sendfile(r5, r5, &(0x7f00000001c0)=0xb006000000000000, 0x8080fffffffe)
ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_PORT(r5, 0xc0a85352, &(0x7f0000000480)={{0x7, 0x64}, 'port0\x00', 0x1, 0x10840, 0x8, 0x7f, 0x0, 0x3, 0x0, 0x0, 0x1, 0x9})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000440)={0x0, 0xffffffffffffffff, 0x0, 0xc, &(0x7f0000000280)='eth0nodevlo\x00', r4}, 0x30)
fcntl$setown(r2, 0x8, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$P9_RREADLINK(r1, &(0x7f0000000580)=ANY=[@ANYBLOB="3a258211f663a7724bdef6a53bfce1e775d740627227b11e2daf85534aa6f5083067b0248878f07a91df1acc99e664c11cbf51b4f6bff473492cfc5ead68cb6a050655a837ad411cb73394239fdd9e33efb5b63c5ff85708d8994e34841e04ec5f4962c4636b7fb34f186b86bb0467bdd13133ef429bda82f9b8e15eae491432dd2a52707c9ff05a83380901aeeba6a468acc0159117074b79e3eae14d824500eef64107f2ce8e640653058270aa2695952d83c594a125149b91f5ef4021dfcdb74078938059110bd142f3c312c6ecfa636c2567683920c19b877c0100b56a570369b4a3f1d5c222e90a05b5fbfad863ae8a14c85cf21dc7ae5e1ed8ee86c42b4c4b52f5f951d46e18aaa93e909ccf37a43455b24102c998836b67ed7064869a18b2d66a5a45630aad8094ca93f6085a68197469c0ab01a37f699b9cc9"], 0x13d)
sendfile(r1, r1, &(0x7f0000000000), 0x8080fffffffe)
r6 = socket$inet6(0xa, 0x3, 0x2c)
connect$inet6(r6, &(0x7f0000000180)={0xa, 0x0, 0x0, @local, 0x3}, 0x1c)
r7 = open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0)
sendfile(r6, r7, 0x0, 0x8482)
getsockopt$inet_pktinfo(r7, 0x0, 0x8, &(0x7f0000000040)={0x0, @loopback, @initdev}, &(0x7f0000000080)=0xc)

09:55:41 executing program 3:
openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r0 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r0, &(0x7f0000000200)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6f73a5eb7532a"], 0x6b)
sendfile(r0, r0, &(0x7f00000001c0), 0x8080fffffffe)
r1 = socket$inet6(0xa, 0x3, 0x2c)
connect$inet6(r1, &(0x7f0000000180)={0xa, 0x0, 0x0, @local, 0x3}, 0x1c)
r2 = open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0)
sendfile(r1, r2, 0x0, 0x8482)
r3 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r3, &(0x7f0000000200)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6f73a5eb7532a"], 0x6b)
sendfile(r3, r3, &(0x7f00000001c0), 0x8080fffffffe)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_ENABLE_CAP_CPU(r5, 0x4068aea3, &(0x7f0000000380)={0x7b})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30)
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb, 0x1000], 0x12000})
ioctl$KVM_RUN(r5, 0xae80, 0x0)

[  959.874122][   T26] audit: type=1804 audit(1575885341.866:1061): pid=9756 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir100869913/syzkaller.GI7b3r/594/file0/bus" dev="loop1" ino=455 res=1
09:55:41 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = dup3(r2, r1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_ENABLE_CAP_CPU(r5, 0x4068aea3, &(0x7f0000000380)={0x7b})
accept4(0xffffffffffffffff, &(0x7f0000000480)=@rxrpc=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x0, 0x0, @dev}}, &(0x7f0000000000)=0x80, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0)
r6 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r6, &(0x7f0000000200)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6f73a5eb7532a"], 0x6b)
r7 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r7, &(0x7f0000000200)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6f73a5eb7532a"], 0x6b)
sendfile(r7, r7, &(0x7f00000001c0), 0x8080fffffffe)
ioctl$UI_END_FF_UPLOAD(r7, 0x406855c9, &(0x7f0000000100)={0x8, 0xd, {0x2a, 0x6, 0x1000, {0xfe00, 0x9}, {0x8, 0x8001}, @const={0x6, {0x3, 0x0, 0x49c, 0x3}}}, {0x54, 0x6f, 0x5, {0x7, 0x7}, {0xff7f}, @cond=[{0x0, 0x7, 0x6, 0x6bf, 0xb10, 0x4}, {0x8000, 0xac19, 0x7f, 0x5, 0x6, 0x6}]}})
sendfile(r6, r6, &(0x7f00000001c0), 0x8080fffffffe)
r8 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000180)='/dev/cachefiles\x00', 0x0, 0x0)
perf_event_open$cgroup(&(0x7f0000000400)={0xc, 0x70, 0x5, 0x1, 0x7, 0x1, 0x0, 0x1, 0x40, 0x6, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x3, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x3815, 0x5, @perf_bp={&(0x7f0000000080), 0x1}, 0x10, 0xffff, 0x3, 0x8, 0x4, 0x2, 0x9}, r8, 0xd, 0xffffffffffffffff, 0x2)
ioctl$KVM_SET_REGS(r6, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r5, 0xae80, 0x0)

[  960.039619][   T26] audit: type=1804 audit(1575885341.996:1062): pid=9855 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir334181620/syzkaller.4JfTNJ/885/file0/bus" dev="sda1" ino=16840 res=1
09:55:42 executing program 2:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snapshot\x00', 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
ioctl$TCSETA(0xffffffffffffffff, 0x5406, &(0x7f0000000100)={0x6, 0x0, 0x5, 0x40, 0x8, 0x8, 0x6, 0x9, 0x0, 0x1f})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  960.195240][   T26] audit: type=1804 audit(1575885342.106:1063): pid=9678 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.5" name="/root/syzkaller-testdir334181620/syzkaller.4JfTNJ/885/file0/bus" dev="sda1" ino=16840 res=1
[  960.345227][ T9639] FAT-fs (loop1): error, fat_get_cluster: invalid cluster chain (i_pos 17)
[  960.427234][ T9639] FAT-fs (loop1): Filesystem has been set read-only
[  960.483995][T10010] kvm_hv_get_msr: 65 callbacks suppressed
[  960.484058][T10010] kvm [9995]: vcpu0, guest rIP: 0x4a Hyper-V unhandled rdmsr: 0x4000004a
[  960.496070][ T9878] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 17)
[  960.499618][ T9639] FAT-fs (loop1): error, fat_free: invalid cluster chain (i_pos 17)
[  960.522979][T10010] kvm [9995]: vcpu0, guest rIP: 0x4a Hyper-V unhandled rdmsr: 0x40000028
09:55:42 executing program 5:
setsockopt$IP_VS_SO_SET_STARTDAEMON(0xffffffffffffffff, 0x0, 0x48b, &(0x7f00000000c0)={0x0, 'veth0_to_bond\x00'}, 0x18)
socket(0x0, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r0)
syz_open_dev$vcsn(0x0, 0x0, 0x8003)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
connect$can_bcm(0xffffffffffffffff, 0x0, 0x0)
r2 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r2, &(0x7f0000000200)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6d73a5eb7532a"], 0x6b)
sendfile(r2, r2, &(0x7f00000001c0), 0x8080fffffffe)
r3 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r3, &(0x7f00000006c0)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6f73a5eb7532a7950878e24d651199437ae46d4d1ff26f0b5946a6396c2d8e4b77cc3ad4b78c8e2980c0a056eb39a52737f8b87f1309b50668495e595f9be98a59817f360d811644caf42f3084a082c39eebccfb665503ba3ffc3afaee683dabbbe94f420f9a301d6"], 0x6b)
sendfile(r3, r3, &(0x7f00000001c0), 0x8080fffffffe)
r4 = socket$inet(0x2, 0x100000000805, 0x0)
r5 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r5, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r6=>0x0]}, &(0x7f000095dffc)=0x1bb)
setsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(r4, 0x84, 0x72, &(0x7f0000000100)={r6}, 0xc)
getsockopt$inet_sctp_SCTP_RESET_STREAMS(r3, 0x84, 0x77, &(0x7f0000000100)={<r7=>r6, 0x0, 0x4, [0x7f, 0x3, 0x2, 0xff]}, &(0x7f0000000340)=0x10)
setsockopt$inet_sctp_SCTP_AUTH_DELETE_KEY(r2, 0x84, 0x19, &(0x7f0000000380)={r7, 0x8}, 0x8)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r8 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
fcntl$setstatus(r8, 0x4, 0x2000)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000002c0)={0xffffffffffffffff, 0xc0, &(0x7f00000003c0)={0x0, <r9=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x5, 0x7, 0x8, 0x2}, &(0x7f0000000200)=0xfff, 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000300)={r9}, 0xc)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000980)={0x0, 0xffffffffffffffff, 0x0, 0x5, &(0x7f0000000440)='f2fs\x00', r9}, 0x30)
r10 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r10, &(0x7f0000000200)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6f73a5eb7532a"], 0x6b)
sendfile(r10, r10, &(0x7f00000001c0), 0x8080fffffffe)
ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_PORT(r10, 0xc0a85352, &(0x7f0000000480)={{0x7, 0x64}, 'port0\x00', 0x1, 0x10840, 0x8, 0x7f, 0x0, 0x3, 0x0, 0x0, 0x1, 0x9})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000440)={0x0, 0xffffffffffffffff, 0x0, 0xc, &(0x7f0000000280)='eth0nodevlo\x00', r9}, 0x30)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$P9_RREADLINK(r1, &(0x7f0000000580)=ANY=[@ANYBLOB="3a258211f663a7724bdef6a53bfce1e775d740627227b11e2daf85534aa6f5083067b0248878f07a91df1acc99e664c11cbf51b4f6bff473492cfc5ead68cb6a050655a837ad411cb73394239fdd9e33efb5b63c5ff85708d8994e34841e04ec5f4962c4636b7fb34f186b86bb0467bdd13133ef429bda82f9b8e15eae491432dd2a52707c9ff05a83380901aeeba6a468acc0159117074b79e3eae14d824500eef64107f2ce8e640653058270aa2695952d83c594a125149b91f5ef4021dfcdb74078938059110bd142f3c312c6ecfa636c2567683920c19b877c0100b56a570369b4a3f1d5c222e90a05b5fbfad863ae8a14c85cf21dc7ae5e1ed8ee86c42b4c4b52f5f951d46e18aaa93e909ccf37a43455b24102c998836b67ed7064869a18b2d66a5a45630aad8094ca93f6085a68197469c0ab01a37f699b9cc9"], 0x13d)
sendfile(r1, r1, &(0x7f0000000000), 0x8080fffffffe)
r11 = socket$inet6(0xa, 0x3, 0x2c)
connect$inet6(r11, &(0x7f0000000180)={0xa, 0x0, 0x0, @local, 0x3}, 0x1c)
r12 = open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0)
sendfile(r11, r12, 0x0, 0x8482)
getsockopt$inet_pktinfo(r12, 0x0, 0x8, &(0x7f0000000040)={0x0, @loopback, @initdev}, &(0x7f0000000080)=0xc)

[  960.542364][T10010] kvm [9995]: vcpu0, guest rIP: 0x4a Hyper-V unhandled rdmsr: 0x4000007c
[  960.557878][ T9878] FAT-fs (loop4): Filesystem has been set read-only
[  960.564964][T10010] kvm [9995]: vcpu0, guest rIP: 0x4a Hyper-V unhandled rdmsr: 0x40000086
[  960.577180][ T9878] FAT-fs (loop4): error, fat_free: invalid cluster chain (i_pos 17)
09:55:42 executing program 3:
openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r0 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r0, &(0x7f0000000200)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6f73a5eb7532a"], 0x6b)
sendfile(r0, r0, &(0x7f00000001c0), 0x8080fffffffe)
r1 = socket$inet6(0xa, 0x3, 0x2c)
connect$inet6(r1, &(0x7f0000000180)={0xa, 0x0, 0x0, @local, 0x3}, 0x1c)
r2 = open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0)
sendfile(r1, r2, 0x0, 0x8482)
r3 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r3, &(0x7f0000000200)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6f73a5eb7532a"], 0x6b)
sendfile(r3, r3, &(0x7f00000001c0), 0x8080fffffffe)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_ENABLE_CAP_CPU(r5, 0x4068aea3, &(0x7f0000000380)={0x7b})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30)
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb, 0x1000], 0x12000})
ioctl$KVM_RUN(r5, 0xae80, 0x0)

[  960.588047][T10010] kvm [9995]: vcpu0, guest rIP: 0x4a Hyper-V unhandled rdmsr: 0x40000008
[  960.593029][   T26] audit: type=1804 audit(1575885342.576:1064): pid=9853 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.1" name="/root/syzkaller-testdir100869913/syzkaller.GI7b3r/594/file0/bus" dev="loop1" ino=455 res=1
[  960.607324][T10010] kvm [9995]: vcpu0, guest rIP: 0x4a Hyper-V unhandled rdmsr: 0x40000012
09:55:42 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = dup3(r2, r1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0xffffffffffffff2e}], 0x4e5cc36b9eff8db, 0x0, 0x0, 0x231)
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_ENABLE_CAP_CPU(r5, 0x4068aea3, &(0x7f0000000380)={0x7b})
accept4(0xffffffffffffffff, &(0x7f0000000480)=@rxrpc=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x0, 0x0, @dev}}, &(0x7f0000000000)=0x80, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0)
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r5, 0xae80, 0x0)

[  960.643308][T10010] kvm [9995]: vcpu0, guest rIP: 0x4a Hyper-V unhandled rdmsr: 0x4000001c
[  960.652056][T10010] kvm [9995]: vcpu0, guest rIP: 0x4a Hyper-V unhandled rdmsr: 0x40000026
[  960.662934][T10010] kvm [9995]: vcpu0, guest rIP: 0x4a Hyper-V unhandled rdmsr: 0x40000030
09:55:42 executing program 1:
setsockopt$IP_VS_SO_SET_STARTDAEMON(0xffffffffffffffff, 0x0, 0x48b, &(0x7f00000000c0)={0x0, 'veth0_to_bond\x00'}, 0x18)
socket(0x0, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r0)
syz_open_dev$vcsn(0x0, 0x0, 0x8003)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
connect$can_bcm(0xffffffffffffffff, 0x0, 0x0)
r2 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r3 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100), 0x9}, 0x0, 0x2, 0x0, 0x0, 0x0, 0x800}, 0x0, 0x1, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r3, 0x4, 0x2000)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000002c0)={0xffffffffffffffff, 0xfffffcaa, &(0x7f00000003c0)={0x0, <r4=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x5, 0x7, 0x8, 0x2}, &(0x7f0000000200)=0xfff, 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000300)={r4}, 0xc)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000980)={0x0, 0xffffffffffffffff, 0x0, 0x5, &(0x7f0000000440)='f2fs\x00', r4}, 0x30)
r5 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r5, &(0x7f0000000200)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6f73a5eb7532a"], 0x6b)
sendfile(r5, r5, &(0x7f00000001c0), 0x8080fffffffe)
ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_PORT(r5, 0xc0a85352, &(0x7f0000000480)={{0x7, 0x64}, 'port0\x00', 0x1, 0x10840, 0x8, 0x7f, 0x0, 0x3, 0x0, 0x0, 0x1, 0x9})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000440)={0x0, 0xffffffffffffffff, 0x0, 0xc, &(0x7f0000000280)='eth0nodevlo\x00', r4}, 0x30)
fcntl$setown(r2, 0x8, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$P9_RREADLINK(r1, &(0x7f0000000580)=ANY=[@ANYBLOB="3a258211f663a7724bdef6a53bfce1e775d740627227b11e2daf85534aa6f5083067b0248878f07a91df1acc99e664c11cbf51b4f6bff473492cfc5ead68cb6a050655a837ad411cb73394239fdd9e33efb5b63c5ff85708d8994e34841e04ec5f4962c4636b7fb34f186b86bb0467bdd13133ef429bda82f9b8e15eae491432dd2a52707c9ff05a83380901aeeba6a468acc0159117074b79e3eae14d824500eef64107f2ce8e640653058270aa2695952d83c594a125149b91f5ef4021dfcdb74078938059110bd142f3c312c6ecfa636c2567683920c19b877c0100b56a570369b4a3f1d5c222e90a05b5fbfad863ae8a14c85cf21dc7ae5e1ed8ee86c42b4c4b52f5f951d46e18aaa93e909ccf37a43455b24102c998836b67ed7064869a18b2d66a5a45630aad8094ca93f6085a68197469c0ab01a37f699b9cc9"], 0x13d)
sendfile(r1, r1, &(0x7f0000000000), 0x8080fffffffe)
r6 = socket$inet6(0xa, 0x3, 0x2c)
connect$inet6(r6, &(0x7f0000000180)={0xa, 0x0, 0x0, @local, 0x3}, 0x1c)
r7 = open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0)
sendfile(r6, r7, 0x0, 0x8482)
getsockopt$inet_pktinfo(r7, 0x0, 0x8, &(0x7f0000000040)={0x0, @loopback, @initdev}, &(0x7f0000000080)=0xc)

[  960.758166][T10010] kvm [9995]: vcpu0, guest rIP: 0x4a Hyper-V unhandled rdmsr: 0x4000003a
09:55:42 executing program 4:
setsockopt$IP_VS_SO_SET_STARTDAEMON(0xffffffffffffffff, 0x0, 0x48b, &(0x7f00000000c0)={0x0, 'veth0_to_bond\x00'}, 0x18)
r0 = socket(0x0, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0)
r1 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
sendfile(r0, 0xffffffffffffffff, &(0x7f0000000100)=0x1, 0x6)
fchdir(r1)
syz_open_dev$vcsn(0x0, 0x0, 0x8003)
r2 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
connect$can_bcm(0xffffffffffffffff, 0x0, 0x0)
r3 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r4 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r4, 0x4, 0x2000)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000600)={0xffffffffffffffff, 0xc0, &(0x7f0000000640)={0x0, <r5=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000700)={0x5, 0x7, 0x4, 0x2}, &(0x7f0000000380)=0x8000000000fff, 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x47)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000300), 0xfffffeba)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000980)={0x0, 0xffffffffffffffff, 0x0, 0x5, &(0x7f0000000440)='f2fs\x00', r5}, 0x30)
r6 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
r7 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x4000000105042, 0x0)
write(r7, &(0x7f0000000200)="fdf01ae741043030219708b2e9a22414e8d9058cf44eecab83b2d28ce64965047f8122da91f2e47e046e9fc35c2d106b78bb06f5b13160ed8a0a91995e8bbea8ac66f5be7c659e654eb9a9efdeefbc8d4a0fcd31a782ec5ae3041b5f8e3a500e264144e3a5619c3a4a9f4cb16916f8910013ffc1345747a696f594e72965e81a225914af246f9a4584f20ec6b6135a9e5632230520a7bc370d9291675212ad7eb5673a1c4d7d03c415df3aab729ca15c3322d4b94626a6e508f5f2adf8f408b6799166f31c4e87ccdc3189b590ffba8b409111c7f6d36aae697d578d8024684647314eb25ee33f8392b42e5ecef3b52e19ebf6f1028cb8dcc54a11dd11b8adbb532b99d457453fbe3277a0c98672a9566c339311a4c007a143106f15054e01cafdcf6f9c6a17fb9ca3362a3a01cfedc8dbfe8bffa12dd17ba0be258156d1b4ef6f136711e49103776540bb986882aba0b7cff4e0102b105f9bea091a1b037373fcdc9f1fadfa9d21ff8f42156f74694d55058084ad477ce6c8bf47641c64d1cfe008025d87e5a02d3eba8d253e30062bdc7fe046bd590131d17ccc73a5ea27c8fb4bf752965f16301176416f440d11db988ad92726c693c5aa5b3ca28bc31ced72d0f4d12cb03fb261fe08e79e78f7aad21dc40cd694ec6e2bcb97be1c67fe59a6564924aaaa280aa94e04b9cb05bb8a0325a5d65f16cd0f8f09286a07382dce", 0x2fde00)
write$binfmt_aout(r6, &(0x7f0000000580)=ANY=[@ANYBLOB="a92fb09e4b0201bb2af7f81dcc117ad95973f7ba3f9d0a1f9f56695c7294612cdfd9ff52faa5c3906d76084b170f337140b7d0fe6eba6255355f20168f319f8ef6ff98484aeed34ad3144578c64b6e6b83613b987ce20e8b136d28df422885cfab"], 0x224)
sendfile(r6, r6, &(0x7f00000001c0), 0x8080fffffffe)
ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_PORT(r6, 0xc0a85352, &(0x7f0000000480)={{0x7, 0x64}, 'port0\x00', 0x1, 0x10840, 0x8, 0x7f, 0x0, 0x3, 0x0, 0x0, 0x1, 0x9})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000440)={0x0, 0xffffffffffffffff, 0x0, 0xc, &(0x7f0000000280)='eth0nodevlo\x00', r5}, 0x30)
fcntl$setown(r3, 0x8, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$P9_RREADLINK(r2, &(0x7f0000000740)=ANY=[@ANYBLOB="3a258211f663a7724bdef6a53bfce1e775d740627227b11e2daf85534aa6f5083005b0248878f07a91df1acc99e664c11cbf51b4f6bff473492cfc5ead68cb6a050655a837ad411cb73394239fdd9e33efb5b63c5ff85708d8994e34841e04ec5f4962c4636b7fb34f3b6b86bb0467bdd13133ef429bda82f9b8e15eae491432dd2a52707c9ff05a83380901aeeba6a468ac05159117074b79e3eae14d824500eef64107f2ce8e640653058270aa2695952d83c594a125149b91f5ef4021dfcdb74078938059110bd142f3c312c6ecfa636c2567683920c19b877c0100b56a570369b4a3f1d5c222e90a05b5fbfad863ae8a14c85cf21dc7ae5e1ed8ee86c42b4c4b52f5f951d46e18aaa93e909ccf37a43455b24102c998836b67ed7064869a18b2d66a5a45630aad8094ca93f6085a68197469c0ab01a37f699b9cc96888bcf6f7c8f9660b69875b2f54a9710f17006c1dba847d7a3a0a54929ccbf22265008ca69be386db40f5077182d2cf1a8815ede43d067d799b052e5eea113f51ea063d8d92114f6f6d5e3ff74467e1478d85ac8c76e93667667a488a18"], 0x13d)
sendfile(r2, r2, &(0x7f0000000000), 0x8080fffffffe)
r8 = socket$inet6(0xa, 0x3, 0x2c)
connect$inet6(r8, &(0x7f0000000180)={0xa, 0x0, 0x0, @local, 0x3}, 0x1c)
r9 = open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0)
sendfile(r8, r9, 0x0, 0x8482)
getsockopt$inet_pktinfo(r9, 0x0, 0x8, &(0x7f0000000040)={0x0, @loopback, @initdev}, &(0x7f0000000080)=0xc)

09:55:43 executing program 3:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snapshot\x00', 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
socket$vsock_stream(0x28, 0x1, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000000380)={0x7b, 0x0, [0x0, 0x7fffffff, 0x581]})
ioctl$VIDIOC_S_FREQUENCY(0xffffffffffffffff, 0x402c5639, &(0x7f0000000100)={0x7f, 0x3, 0x6})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x4, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

09:55:43 executing program 2:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snapshot\x00', 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
ioctl$TCSETA(0xffffffffffffffff, 0x5406, &(0x7f0000000100)={0x6, 0x0, 0x0, 0x40, 0x8, 0x8, 0x6, 0x9, 0x0, 0x1f})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

09:55:43 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = dup3(r2, r1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_ENABLE_CAP_CPU(r5, 0x4068aea3, &(0x7f0000000380)={0x7b})
accept4(0xffffffffffffffff, &(0x7f0000000480)=@rxrpc=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x0, 0x0, @dev}}, &(0x7f0000000000)=0x11, 0x0)
ioctl$FITRIM(0xffffffffffffffff, 0xc0185879, &(0x7f0000000140)={0x80, 0x5})
ioctl$sock_FIOGETOWN(r2, 0x8903, &(0x7f0000000100))
r6 = socket$inet6(0xa, 0x3, 0x2c)
connect$inet6(r6, &(0x7f0000000180)={0xa, 0x0, 0x0, @local, 0x3}, 0x1c)
openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cachefiles\x00', 0x10100, 0x0)
r7 = open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0)
sendfile(r6, r7, 0x0, 0x8482)
ioctl$KVM_RUN(r7, 0xae80, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0)
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r5, 0xae80, 0x0)

[  961.615102][T10434] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 17)
[  961.639661][T10434] FAT-fs (loop4): Filesystem has been set read-only
09:55:43 executing program 3:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snapshot\x00', 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
socket$vsock_stream(0x28, 0x1, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000000380)={0x7b, 0x0, [0x0, 0x7fffffff, 0x581]})
ioctl$VIDIOC_S_FREQUENCY(0xffffffffffffffff, 0x402c5639, &(0x7f0000000100)={0x7f, 0x3, 0x6})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x4, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  961.670441][T10434] FAT-fs (loop4): error, fat_free: invalid cluster chain (i_pos 17)
09:55:43 executing program 2:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snapshot\x00', 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
ioctl$TCSETA(0xffffffffffffffff, 0x5406, &(0x7f0000000100)={0x6, 0x0, 0x0, 0x40, 0x8, 0x8, 0x6, 0x9, 0x0, 0x1f})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

09:55:43 executing program 5:
setsockopt$IP_VS_SO_SET_STARTDAEMON(0xffffffffffffffff, 0x0, 0x48b, &(0x7f00000000c0)={0x0, 'veth0_to_bond\x00'}, 0x18)
socket(0x0, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r0)
syz_open_dev$vcsn(0x0, 0x0, 0x8003)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
connect$can_bcm(0xffffffffffffffff, 0x0, 0x0)
r2 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r2, &(0x7f0000000200)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6d73a5eb7532a"], 0x6b)
sendfile(r2, r2, &(0x7f00000001c0), 0x8080fffffffe)
r3 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r3, &(0x7f00000006c0)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6f73a5eb7532a7950878e24d651199437ae46d4d1ff26f0b5946a6396c2d8e4b77cc3ad4b78c8e2980c0a056eb39a52737f8b87f1309b50668495e595f9be98a59817f360d811644caf42f3084a082c39eebccfb665503ba3ffc3afaee683dabbbe94f420f9a301d6"], 0x6b)
sendfile(r3, r3, &(0x7f00000001c0), 0x8080fffffffe)
r4 = socket$inet(0x2, 0x100000000805, 0x0)
r5 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r5, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r6=>0x0]}, &(0x7f000095dffc)=0x1bb)
setsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(r4, 0x84, 0x72, &(0x7f0000000100)={r6}, 0xc)
getsockopt$inet_sctp_SCTP_RESET_STREAMS(r3, 0x84, 0x77, &(0x7f0000000100)={<r7=>r6, 0x0, 0x4, [0x7f, 0x3, 0x2, 0xff]}, &(0x7f0000000340)=0x10)
setsockopt$inet_sctp_SCTP_AUTH_DELETE_KEY(r2, 0x84, 0x19, &(0x7f0000000380)={r7, 0x8}, 0x8)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r8 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
fcntl$setstatus(r8, 0x4, 0x2000)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000002c0)={0xffffffffffffffff, 0xc0, &(0x7f00000003c0)={0x0, <r9=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x5, 0x7, 0x8, 0x2}, &(0x7f0000000200)=0xfff, 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000300)={r9}, 0xc)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000980)={0x0, 0xffffffffffffffff, 0x0, 0x5, &(0x7f0000000440)='f2fs\x00', r9}, 0x30)
r10 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r10, &(0x7f0000000200)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6f73a5eb7532a"], 0x6b)
sendfile(r10, r10, &(0x7f00000001c0), 0x8080fffffffe)
ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_PORT(r10, 0xc0a85352, &(0x7f0000000480)={{0x7, 0x64}, 'port0\x00', 0x1, 0x10840, 0x8, 0x7f, 0x0, 0x3, 0x0, 0x0, 0x1, 0x9})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000440)={0x0, 0xffffffffffffffff, 0x0, 0xc, &(0x7f0000000280)='eth0nodevlo\x00', r9}, 0x30)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$P9_RREADLINK(r1, &(0x7f0000000580)=ANY=[@ANYBLOB="3a258211f663a7724bdef6a53bfce1e775d740627227b11e2daf85534aa6f5083067b0248878f07a91df1acc99e664c11cbf51b4f6bff473492cfc5ead68cb6a050655a837ad411cb73394239fdd9e33efb5b63c5ff85708d8994e34841e04ec5f4962c4636b7fb34f186b86bb0467bdd13133ef429bda82f9b8e15eae491432dd2a52707c9ff05a83380901aeeba6a468acc0159117074b79e3eae14d824500eef64107f2ce8e640653058270aa2695952d83c594a125149b91f5ef4021dfcdb74078938059110bd142f3c312c6ecfa636c2567683920c19b877c0100b56a570369b4a3f1d5c222e90a05b5fbfad863ae8a14c85cf21dc7ae5e1ed8ee86c42b4c4b52f5f951d46e18aaa93e909ccf37a43455b24102c998836b67ed7064869a18b2d66a5a45630aad8094ca93f6085a68197469c0ab01a37f699b9cc9"], 0x13d)
sendfile(r1, r1, &(0x7f0000000000), 0x8080fffffffe)
r11 = socket$inet6(0xa, 0x3, 0x2c)
connect$inet6(r11, &(0x7f0000000180)={0xa, 0x0, 0x0, @local, 0x3}, 0x1c)
r12 = open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0)
sendfile(r11, r12, 0x0, 0x8482)
getsockopt$inet_pktinfo(r12, 0x0, 0x8, &(0x7f0000000040)={0x0, @loopback, @initdev}, &(0x7f0000000080)=0xc)

09:55:43 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff})
socket$inet_dccp(0x2, 0x6, 0x0)
r2 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x4000000105042, 0x0)
write(r2, &(0x7f0000000200)="fdf01ae741043030219708b2e9a22414e8d9058cf44eecab83b2d28ce64965047f8122da91f2e47e046e9fc35c2d106b78bb06f5b13160ed8a0a91995e8bbea8ac66f5be7c659e654eb9a9efdeefbc8d4a0fcd31a782ec5ae3041b5f8e3a500e264144e3a5619c3a4a9f4cb16916f8910013ffc1345747a696f594e72965e81a225914af246f9a4584f20ec6b6135a9e5632230520a7bc370d9291675212ad7eb5673a1c4d7d03c415df3aab729ca15c3322d4b94626a6e508f5f2adf8f408b6799166f31c4e87ccdc3189b590ffba8b409111c7f6d36aae697d578d8024684647314eb25ee33f8392b42e5ecef3b52e19ebf6f1028cb8dcc54a11dd11b8adbb532b99d457453fbe3277a0c98672a9566c339311a4c007a143106f15054e01cafdcf6f9c6a17fb9ca3362a3a01cfedc8dbfe8bffa12dd17ba0be258156d1b4ef6f136711e49103776540bb986882aba0b7cff4e0102b105f9bea091a1b037373fcdc9f1fadfa9d21ff8f42156f74694d55058084ad477ce6c8bf47641c64d1cfe008025d87e5a02d3eba8d253e30062bdc7fe046bd590131d17ccc73a5ea27c8fb4bf752965f16301176416f440d11db988ad92726c693c5aa5b3ca28bc31ced72d0f4d12cb03fb261fe08e79e78f7aad21dc40cd694ec6e2bcb97be1c67fe59a6564924aaaa280aa94e04b9cb05bb8a0325a5d65f16cd0f8f09286a07382dce", 0x2fde00)
r3 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x6000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x80000000, 0x5}, 0x80, 0x0, 0x200000000000df8, 0x0, 0x10000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x11, r4, 0x0)
ioctl$PERF_EVENT_IOC_SET_OUTPUT(r3, 0x2405, r4)
r5 = dup3(r3, r1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r6, 0xae60)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r6, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
r8 = creat(&(0x7f0000000100)='./file0\x00', 0x4)
ioctl$RTC_ALM_SET(r8, 0x40247007, &(0x7f0000000140)={0x0, 0x1f, 0x17, 0x1b, 0xb, 0x3, 0x0, 0x13e, 0x8000000000000000})
ioctl$KVM_ENABLE_CAP_CPU(r7, 0x4068aea3, &(0x7f0000000380)={0x7b})
r9 = accept4(0xffffffffffffffff, &(0x7f0000000480)=@rxrpc=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x0, 0x0, @dev}}, &(0x7f0000000000)=0x80, 0x0)
r10 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000380)='cpuacct.usage_percpu_sys\x00', 0x0, 0x0)
r11 = socket$nl_generic(0x10, 0x3, 0x10)
r12 = syz_genetlink_get_family_id$tipc(&(0x7f0000000400)='TIPC\x00')
sendmsg$TIPC_CMD_SET_LINK_WINDOW(r11, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000440)={0x1c, r12, 0x1, 0x0, 0x0, {{}, 0x0, 0x4109, 0x0, {0x14, 0x18, {0x0, @bearer=@udp='udp:syz1\x00'}}}}, 0x30}}, 0x0)
sendmsg$TIPC_CMD_ENABLE_BEARER(r10, &(0x7f0000000480)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000440)={&(0x7f0000000540)=ANY=[@ANYBLOB="570000002dc42a6c603e7f8f761b6454679f2fd4263003f59a1701dcc61e7ecb39896f8c118cd9e206c27a9c60929ff018e1725849140798564d846fc1928f4ee57f1662ec6af0a233e44ccbb6c2d21eee0282da3a63566f439f3a01d34b05d0bb8e7aae79acfc3a890fd47b24b1de7de74e85fc532859350081cf97575042835736aed22a73221e26dcc47cb4acd6f43a4028f4c51981cda6d7e4bd1d5bb46b9298", @ANYRES16=r12, @ANYBLOB="020025bd7000fddbdf25010000000000000001410000001800170000000400006d997564703a73797a3200000000"], 0x34}, 0x1, 0x0, 0x0, 0x2008000}, 0x0)
sendmsg$TIPC_CMD_SHOW_PORTS(0xffffffffffffffff, &(0x7f0000000500)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x44814980}, 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x1c, r12, 0x200, 0x70bd2a, 0x25dfdbfc, {}, ["", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x800}, 0x4000)
fsconfig$FSCONFIG_SET_FD(r6, 0x5, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0xffffffffffffffff)
bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0)
setsockopt$TIPC_GROUP_LEAVE(r9, 0x10f, 0x88)
ioctl$KVM_SET_REGS(r7, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r7, 0xae80, 0x0)

09:55:44 executing program 2:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snapshot\x00', 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
ioctl$TCSETA(0xffffffffffffffff, 0x5406, &(0x7f0000000100)={0x6, 0x0, 0x0, 0x40, 0x8, 0x8, 0x6, 0x9, 0x0, 0x1f})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

09:55:44 executing program 1:
setsockopt$IP_VS_SO_SET_STARTDAEMON(0xffffffffffffffff, 0x0, 0x48b, &(0x7f00000000c0)={0x0, 'veth0_to_bond\x00'}, 0x18)
socket(0x0, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x7, &(0x7f0000000b40)=[{&(0x7f0000000340)="2162a491029ae0163b974b4365e99b685217906d57fcb19d0bbc5db23e5097b9f00c12e31934d5d02e045d39ea72d9cec6b558119936759d2182f3f2b0468375c6399bad9f2572d9c7f5f0de878f5c956889951c91c8", 0x56, 0x1f}, {&(0x7f00000006c0)="142b32fbf7456b4b9f7cf3b7132fbff556184ed762bae8fbe22a440c1f6ff539eaa8fe3138cde84b684ae174395e419ed91a83d1fc4fa90a4c320a2d5a733d3231a87bc8045600a22acba96bca2600cc8cc5ce40e4ae5bce7359f6f013bbf1bc08f6ebe3487192a0f8c06b4082b91c1ecfe83fd6805305d477d2c738d80922e9bcdd80f18f39007961f1e612157054d3a2a1a3a4", 0x94, 0x4}, {&(0x7f0000000780)="ba218164c3a7ec888d45d456c30f4da3faa92e778debfec6649ec53e3f3702246e5ba34a44db2bca471ce8db55657f992b4ab498e6df3dea3714dd00483c25f410cd622f4d059c2b622d62ac4566a04d2ee1a73227a12c457a640e4855237713f7f29ab18654b3359b0ff6ea3c06e8e047b473d452fe709dc65c2324454af176987aa39c35fea1305e0ad3fb9fcce198ff6f75a55559013830d0c7c3e8e3b194cf47833155", 0xa5, 0x6}, {&(0x7f0000000840)="0b46e4afec3be586aa5a11eaa44ed302a9d99758c27d2b577751c59760b37678d2146fcbe223a17d370f5d27017ad80f8390f042bf0772d90a3e203329afa69d774c6848d56a56d226db6080878ca8cb8dfe52c7fd121d646f15082e48e4d2aae215a27da4dbd4d6d4ca2cdfd99008a947735a224d3918289f65616ec14f676c5c4a7bdb2e1ad8755141ddebb611c75f5078afafbcba9182799a55b25a6f8a19bbde54bb94bc5d56b7b22fbfcf539322c036dc55d32dfc93884803d1d77dffee5f90bac2565cdb351ad86c43a2f30ba78847c3", 0xd3, 0xe8}, {&(0x7f00000009c0)="e091f9f4734f4eb083ed7c6afcb4f942f7404899c14fd58bb0b5f81b1c939de6d0f6399db0d8a27357d7e0c6be6de7fd60087602abf08e0321377a9ad68d0ce1eaba1fa125cc4f6bf23d21ad8fa09df91b9b725afc587ceb5219da68e00e8e5fcf632378cd71657c1d4910b324c1f22f7959b1e9aa5696a248a78904ce572984de", 0x81, 0x3ff}, {&(0x7f0000000940)="e9f135e44812f740a11e3b0b92915fcc91decb", 0x13, 0x7}, {&(0x7f0000000a80)="08df9aa5065536f888a437ee15553ce32e12b4b4373dc2312fc2cf7aef1140c0415ec1c52d0f65251b3dfa0956938744e2840fdd162020fda33bbc05a3aa57320ddad7ff02a4897f860f686f9cbb3f2662b5291efaa71f1145a3b35f8ace610d07e0ee90471deaeaca2c41975fe0d9361a68601b12b33b8107281627a4a486ae390f7db633e2dd9a47610d02f5194b5d14c3d0940d085d357af308f6f44b447ceb8b", 0xa2, 0x5}], 0x440, 0x0)
r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = syz_open_dev$vcsn(0x0, 0x0, 0x8003)
r2 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
connect$can_bcm(0xffffffffffffffff, 0x0, 0x0)
r3 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r4 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r4, 0x4, 0x2000)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000002c0)={0xffffffffffffffff, 0xc0, &(0x7f00000003c0)={0x0, <r5=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x5, 0x7, 0x8, 0x2}, &(0x7f0000000200)=0xfff, 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000300)={r5}, 0xc)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000980)={0x0, 0xffffffffffffffff, 0x0, 0x5, &(0x7f0000000440)='f2fs\x00', r5}, 0x30)
r6 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r6, &(0x7f0000000200)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba380984ad8c254b6f73a5eb7532a00000000"], 0x6b)
sendfile(r6, r6, &(0x7f00000001c0), 0x8080fffffffe)
ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_PORT(r6, 0xc0a85352, &(0x7f0000000480)={{0x7, 0x64}, 'port0\x00', 0x1, 0x10840, 0x8, 0x7f, 0x0, 0x3, 0x0, 0x0, 0x1, 0x9})
setsockopt$inet6_tcp_TCP_CONGESTION(r1, 0x6, 0xd, &(0x7f0000000100)='cdg\x00', 0x4)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000440)={0x0, 0xffffffffffffffff, 0x0, 0xc, &(0x7f0000000280)='eth0nodevlo\x00', r5}, 0x30)
fcntl$setown(r3, 0x8, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$P9_RREADLINK(r2, &(0x7f0000000580)=ANY=[@ANYBLOB="3a258211f663a7724bdef6a53bfce1e775d740627227b11e2daf85534aa6f5083067b0248878f07a91df1acc99e664c11cbf51b4f6bff473492cfc5ead68cb6a050655a837ad411cb73394239fdd9e33efb5b63c5ff85708d8994e34841e04ec5f4962c4636b7fb34f186b86bb0467bdd13133ef429bda82f9b8e15eae491432dd2a52707c9ff05a83380901aeeba6a468acc0159117074b79e3eae14d824500eef64107f2ce8e640653058270aa2695952d83c594a125149b91f5ef4021dfcdb74078938059110bd142f3c312c6ecfa636c2567683920c19b877c0100b56a570369b4a3f1d5c222e90a05b5fbfad863ae8a14c85cf21dc7ae5e1ed8ee86c42b4c4b52f5f951d46e18aaa93e909ccf37a43455b24102c998836b67ed7064869a18b2d66a5a45630aad8094ca93f6085a68197469c0ab01a37f699b9cc9"], 0x13d)
sendfile(r2, r2, &(0x7f0000000000), 0x8080fffffffe)
r7 = socket$inet6(0xa, 0x3, 0x2c)
connect$inet6(r7, &(0x7f0000000180)={0xa, 0x0, 0x0, @local, 0x3}, 0x1c)
r8 = open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0)
sendfile(r7, r8, 0x0, 0x8482)
getsockopt$inet_pktinfo(r8, 0x0, 0x8, &(0x7f0000000040)={0x0, @loopback, @initdev}, &(0x7f0000000080)=0xc)

09:55:44 executing program 4:
r0 = syz_open_dev$mouse(&(0x7f00000015c0)='/dev/input/mouse#\x00', 0x101, 0x2)
pipe(&(0x7f00000006c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
close(0xffffffffffffffff)
sendmsg$nl_xfrm(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000480)=ANY=[@ANYBLOB="f04000001a0075430000000000000000fe8000000000000000000000000000bbff0200000000000000000001800000000000730982e772f382b8000000001e7a316d8c8c1d789ddbc99e8cfaeb4240cd7c077f73790755339eac7e4f491fad5fa42261a312e06e62bd16552b44d475934ff7000000000000a962023d6cfce4c70c422fab96336388f1b5d26b30ea8f68495150ba86055eb70597e14693507a6a", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="ac1e00010000000000000000000000000000000000000000ff02000000000000000000000000000100000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000120000000000000000000000000000000000000000b20015878a77c9d5cbb5a7959fc35c342e82b9006f35b07cd3cd9b2a6f5cca7dc37c2ccb177a7e2da1d498131cd24586d2384a4d75324833904108262d2224e686c817"], 0xf0}}, 0x0)
r2 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dlm_plock\x00', 0x280000, 0x0)
ioctl$SNDRV_PCM_IOCTL_HW_PARAMS_OLD(r2, 0xc1004111, 0x0)
ioctl$FS_IOC_FSGETXATTR(r1, 0x801c581f, &(0x7f0000000680)={0x5, 0x6, 0xfffffa3c, 0x20})
fcntl$dupfd(r0, 0x0, 0xffffffffffffffff)
prlimit64(0x0, 0x0, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
epoll_create1(0x0)
r3 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x6, 0x7}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r3, 0x4, 0x42000)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000640)={&(0x7f0000000700)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xcc, 0xcc, 0x5, [@ptr={0x7, 0x0, 0x0, 0x2, 0x4}, @fwd={0x4}, @array={0x0, 0x0, 0x0, 0x3, 0x0, {0x3, 0x3, 0x100}}, @typedef={0x1, 0x0, 0x0, 0x8, 0x3}, @union={0xf, 0x5, 0x0, 0x5, 0x0, 0x0, [{0x1, 0x2}, {0xb, 0x11, 0xcbb4}, {0xe, 0x5, 0x5}, {0x1, 0x1, 0x401}, {0x1, 0x0, 0x8000}]}, @restrict={0xc, 0x0, 0x0, 0xb, 0x4}, @const={0x10, 0x0, 0x0, 0xa, 0x3}, @const={0x2, 0x0, 0x0, 0xa, 0x3}, @func_proto={0x0, 0x3, 0x0, 0xd, 0x0, [{0xd, 0x4}, {0xe}, {0xa, 0x2}]}]}, {0x0, [0x0, 0x2e, 0x2e]}}, &(0x7f00000001c0)=""/55, 0xe9, 0x37, 0x1}, 0x20)
r4 = openat$dlm_monitor(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dlm-monitor\x00', 0x4000, 0x0)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r4, 0x4040534e, &(0x7f0000000140)={0xe0, @tick=0x8, 0x80, {0x6, 0xff}, 0x9, 0x3, 0x3f})
mmap(&(0x7f000005b000/0x4000)=nil, 0x4000, 0x0, 0x10000000000031, 0xffffffffffffffff, 0x0)
mbind(&(0x7f0000012000/0xc00000)=nil, 0xc00000, 0x0, 0x0, 0x0, 0x2000000000002)
close(0xffffffffffffffff)
r5 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x4000000105042, 0x0)
write(r5, &(0x7f0000000200)="fdf01ae741043030219708b2e9a22414e8d9058cf44eecab83b2d28ce64965047f8122da91f2e47e046e9fc35c2d106b78bb06f5b13160ed8a0a91995e8bbea8ac66f5be7c659e654eb9a9efdeefbc8d4a0fcd31a782ec5ae3041b5f8e3a500e264144e3a5619c3a4a9f4cb16916f8910013ffc1345747a696f594e72965e81a225914af246f9a4584f20ec6b6135a9e5632230520a7bc370d9291675212ad7eb5673a1c4d7d03c415df3aab729ca15c3322d4b94626a6e508f5f2adf8f408b6799166f31c4e87ccdc3189b590ffba8b409111c7f6d36aae697d578d8024684647314eb25ee33f8392b42e5ecef3b52e19ebf6f1028cb8dcc54a11dd11b8adbb532b99d457453fbe3277a0c98672a9566c339311a4c007a143106f15054e01cafdcf6f9c6a17fb9ca3362a3a01cfedc8dbfe8bffa12dd17ba0be258156d1b4ef6f136711e49103776540bb986882aba0b7cff4e0102b105f9bea091a1b037373fcdc9f1fadfa9d21ff8f42156f74694d55058084ad477ce6c8bf47641c64d1cfe008025d87e5a02d3eba8d253e30062bdc7fe046bd590131d17ccc73a5ea27c8fb4bf752965f16301176416f440d11db988ad92726c693c5aa5b3ca28bc31ced72d0f4d12cb03fb261fe08e79e78f7aad21dc40cd694ec6e2bcb97be1c67fe59a6564924aaaa280aa94e04b9cb05bb8a0325a5d65f16cd0f8f09286a07382dce", 0x2fde00)
tee(r5, 0xffffffffffffffff, 0x2, 0x1)
getpid()
r6 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r6, &(0x7f0000000200)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6f73a5eb7532a"], 0x6b)
sendfile(r6, r6, &(0x7f00000001c0), 0x8080fffffffe)
clock_gettime(0x0, &(0x7f0000000800)={<r7=>0x0, <r8=>0x0})
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_STATUS(r6, 0xc05c5340, &(0x7f0000000840)={0x400, 0x5, 0x4, {r7, r8+10000000}, 0x5, 0x4})
mkdir(&(0x7f00000000c0)='./file0\x00', 0x0)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)

09:55:44 executing program 3:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snapshot\x00', 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
socket$vsock_stream(0x28, 0x1, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000000380)={0x7b, 0x0, [0x0, 0x7fffffff, 0x581]})
ioctl$VIDIOC_S_FREQUENCY(0xffffffffffffffff, 0x402c5639, &(0x7f0000000100)={0x7f, 0x3, 0x6})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x4, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  962.412846][T10679] FAT-fs (loop1): invalid media value (0x2e)
[  962.540139][T10679] FAT-fs (loop1): Can't find a valid FAT filesystem
09:55:44 executing program 2:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snapshot\x00', 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
ioctl$TCSETA(0xffffffffffffffff, 0x5406, &(0x7f0000000100)={0x6, 0x0, 0x0, 0x0, 0x8, 0x8, 0x6, 0x9, 0x0, 0x1f})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

09:55:45 executing program 5:
setsockopt$IP_VS_SO_SET_STARTDAEMON(0xffffffffffffffff, 0x0, 0x48b, &(0x7f00000000c0)={0x0, 'veth0_to_bond\x00'}, 0x18)
socket(0x0, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r0)
syz_open_dev$vcsn(0x0, 0x0, 0x8003)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
connect$can_bcm(0xffffffffffffffff, 0x0, 0x0)
r2 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r2, &(0x7f0000000200)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6d73a5eb7532a"], 0x6b)
sendfile(r2, r2, &(0x7f00000001c0), 0x8080fffffffe)
r3 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r3, &(0x7f00000006c0)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6f73a5eb7532a7950878e24d651199437ae46d4d1ff26f0b5946a6396c2d8e4b77cc3ad4b78c8e2980c0a056eb39a52737f8b87f1309b50668495e595f9be98a59817f360d811644caf42f3084a082c39eebccfb665503ba3ffc3afaee683dabbbe94f420f9a301d6"], 0x6b)
sendfile(r3, r3, &(0x7f00000001c0), 0x8080fffffffe)
r4 = socket$inet(0x2, 0x100000000805, 0x0)
r5 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r5, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r6=>0x0]}, &(0x7f000095dffc)=0x1bb)
setsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(r4, 0x84, 0x72, &(0x7f0000000100)={r6}, 0xc)
getsockopt$inet_sctp_SCTP_RESET_STREAMS(r3, 0x84, 0x77, &(0x7f0000000100)={<r7=>r6, 0x0, 0x4, [0x7f, 0x3, 0x2, 0xff]}, &(0x7f0000000340)=0x10)
setsockopt$inet_sctp_SCTP_AUTH_DELETE_KEY(r2, 0x84, 0x19, &(0x7f0000000380)={r7, 0x8}, 0x8)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r8 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
fcntl$setstatus(r8, 0x4, 0x2000)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000002c0)={0xffffffffffffffff, 0xc0, &(0x7f00000003c0)={0x0, <r9=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x5, 0x7, 0x8, 0x2}, &(0x7f0000000200)=0xfff, 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000300)={r9}, 0xc)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000980)={0x0, 0xffffffffffffffff, 0x0, 0x5, &(0x7f0000000440)='f2fs\x00', r9}, 0x30)
r10 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r10, &(0x7f0000000200)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6f73a5eb7532a"], 0x6b)
sendfile(r10, r10, &(0x7f00000001c0), 0x8080fffffffe)
ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_PORT(r10, 0xc0a85352, &(0x7f0000000480)={{0x7, 0x64}, 'port0\x00', 0x1, 0x10840, 0x8, 0x7f, 0x0, 0x3, 0x0, 0x0, 0x1, 0x9})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000440)={0x0, 0xffffffffffffffff, 0x0, 0xc, &(0x7f0000000280)='eth0nodevlo\x00', r9}, 0x30)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$P9_RREADLINK(r1, &(0x7f0000000580)=ANY=[@ANYBLOB="3a258211f663a7724bdef6a53bfce1e775d740627227b11e2daf85534aa6f5083067b0248878f07a91df1acc99e664c11cbf51b4f6bff473492cfc5ead68cb6a050655a837ad411cb73394239fdd9e33efb5b63c5ff85708d8994e34841e04ec5f4962c4636b7fb34f186b86bb0467bdd13133ef429bda82f9b8e15eae491432dd2a52707c9ff05a83380901aeeba6a468acc0159117074b79e3eae14d824500eef64107f2ce8e640653058270aa2695952d83c594a125149b91f5ef4021dfcdb74078938059110bd142f3c312c6ecfa636c2567683920c19b877c0100b56a570369b4a3f1d5c222e90a05b5fbfad863ae8a14c85cf21dc7ae5e1ed8ee86c42b4c4b52f5f951d46e18aaa93e909ccf37a43455b24102c998836b67ed7064869a18b2d66a5a45630aad8094ca93f6085a68197469c0ab01a37f699b9cc9"], 0x13d)
sendfile(r1, r1, &(0x7f0000000000), 0x8080fffffffe)
r11 = socket$inet6(0xa, 0x3, 0x2c)
connect$inet6(r11, &(0x7f0000000180)={0xa, 0x0, 0x0, @local, 0x3}, 0x1c)
r12 = open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0)
sendfile(r11, r12, 0x0, 0x8482)
getsockopt$inet_pktinfo(r12, 0x0, 0x8, &(0x7f0000000040)={0x0, @loopback, @initdev}, &(0x7f0000000080)=0xc)

09:55:45 executing program 3:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snapshot\x00', 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
socket$vsock_stream(0x28, 0x1, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000000380)={0x7b, 0x0, [0x0, 0x7fffffff, 0x581]})
ioctl$VIDIOC_S_FREQUENCY(0xffffffffffffffff, 0x402c5639, &(0x7f0000000100)={0x7f, 0x3, 0x6})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

09:55:45 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = dup3(r2, r1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_ENABLE_CAP_CPU(r5, 0x4068aea3, &(0x7f0000000380)={0x7b})
accept4(0xffffffffffffffff, &(0x7f0000000480)=@rxrpc=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x0, 0x0, @dev}}, &(0x7f0000000000)=0x80, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0)
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r5, 0xae80, 0x0)

09:55:45 executing program 2:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snapshot\x00', 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
ioctl$TCSETA(0xffffffffffffffff, 0x5406, &(0x7f0000000100)={0x6, 0x0, 0x0, 0x0, 0x8, 0x8, 0x6, 0x9, 0x0, 0x1f})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  963.194199][T10679] FAT-fs (loop1): invalid media value (0x2e)
[  963.200253][T10679] FAT-fs (loop1): Can't find a valid FAT filesystem
09:55:45 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
dup3(r2, r1, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
accept4(0xffffffffffffffff, &(0x7f0000000100)=@rxrpc=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x0, 0x0, @dev}}, &(0x7f0000000000)=0x777, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30)
ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r4, 0xae80, 0x0)

09:55:45 executing program 2:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snapshot\x00', 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
ioctl$TCSETA(0xffffffffffffffff, 0x5406, &(0x7f0000000100)={0x6, 0x0, 0x0, 0x0, 0x8, 0x8, 0x6, 0x9, 0x0, 0x1f})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

09:55:45 executing program 1:
setsockopt$IP_VS_SO_SET_STARTDAEMON(0xffffffffffffffff, 0x0, 0x48b, &(0x7f00000000c0)={0x0, 'veth0_to_bond\x00'}, 0x18)
socket(0x0, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r0)
syz_open_dev$vcsn(0x0, 0x0, 0x8003)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
connect$can_bcm(0xffffffffffffffff, 0x0, 0x0)
r2 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r3 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r3, 0x4, 0x2000)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000002c0)={0xffffffffffffffff, 0xc0, &(0x7f00000003c0)={0x0, <r4=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x5, 0x7, 0x8, 0x2}, &(0x7f0000000200)=0xfff, 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000300)={r4}, 0xc)
r5 = gettid()
tkill(r5, 0x1000000000016)
r6 = getpgrp(r5)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000980)={r6, 0xffffffffffffffff, 0x0, 0x5, &(0x7f0000000100)='f2fs\x00', r4}, 0x30)
r7 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r7, &(0x7f0000000200)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6f73a5eb7532a"], 0x6b)
sendfile(r7, r7, &(0x7f00000001c0), 0x8080fffffffe)
ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_PORT(r7, 0xc0a85352, &(0x7f0000000480)={{0x7, 0x64}, 'port0\x00', 0x1, 0x10840, 0x8, 0x7f, 0x0, 0x3, 0x0, 0x0, 0x1, 0x9})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000440)={0x0, 0xffffffffffffffff, 0x0, 0xc, &(0x7f0000000280)='eth0nodevlo\x00', r4}, 0x30)
fcntl$setown(r2, 0x8, 0x0)
r8 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x6000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x200000000000df8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r9 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x11, r9, 0x0)
ioctl$PERF_EVENT_IOC_SET_OUTPUT(r8, 0x2405, r9)
r10 = gettid()
tkill(r10, 0x1000000000016)
perf_event_open(0x0, r10, 0x100000000000f, r9, 0x2)
write$P9_RREADLINK(r1, &(0x7f0000000580)=ANY=[@ANYBLOB="3a258211f663a7724bdef6a53bfce1e775d740627227b11e2daf85534aa6f5083067b0248878f07a91df1acc99e664c11cbf51b4f6bff473492cfc5ead68cb6a050655a837ad411cb73394239fdd9e33efb5b63c5ff85708d8994e34841e04ec5f4962c4636b7fb34f186b86bb0467bdd13133ef429bda82f9b8e15eae491432dd2a52707c9ff05a83380901aeeba6a468acc0159117074b79e3eae14d824500eef64107f2ce8e640653058270aa2695952d83c594a125149b91f5ef4021dfcdb74078938059110bd142f3c312c6ecfa636c2567683920c19b877c0100b56a570369b4a3f1d5c222e90a05b5fbfad863ae8a14c85cf21dc7ae5e1ed8ee86c42b4c4b52f5f951d46e18aaa93e909ccf37a43455b24102c998836b67ed7064869a18b2d66a5a45630aad8094ca93f6085a68197469c0ab01a37f699b9cc9"], 0x13d)
sendfile(r1, r1, &(0x7f0000000000), 0x8080fffffffe)
r11 = socket$inet6(0xa, 0x3, 0x2c)
connect$inet6(r11, &(0x7f0000000180)={0xa, 0x0, 0x0, @local, 0x3}, 0x1c)
r12 = open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0)
sendfile(r11, r12, 0x0, 0x8482)
getsockopt$inet_pktinfo(r12, 0x0, 0x8, &(0x7f0000000040)={0x0, @loopback, @initdev}, &(0x7f0000000080)=0xc)

09:55:45 executing program 3:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snapshot\x00', 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
socket$vsock_stream(0x28, 0x1, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000000380)={0x7b, 0x0, [0x0, 0x7fffffff, 0x581]})
ioctl$VIDIOC_S_FREQUENCY(0xffffffffffffffff, 0x402c5639, &(0x7f0000000100)={0x7f, 0x3, 0x6})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  963.716533][   T26] kauditd_printk_skb: 15 callbacks suppressed
[  963.716553][   T26] audit: type=1804 audit(1575885345.706:1080): pid=10825 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir334181620/syzkaller.4JfTNJ/888/file0/bus" dev="sda1" ino=16801 res=1
09:55:45 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = dup3(r2, r1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60)
r5 = socket$inet6(0xa, 0x3, 0x2c)
connect$inet6(r5, &(0x7f0000000180)={0xa, 0x0, 0x0, @local, 0x3}, 0x1c)
r6 = open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0)
sendfile(r5, r6, 0x0, 0x8482)
ioctl$KVM_SET_REGS(r6, 0x4090ae82, &(0x7f0000000500)={[0x0, 0x0, 0x101, 0x80000000, 0x1, 0x7, 0xff, 0xec, 0x4, 0x0, 0xfffffffffffffff8, 0x6, 0x800, 0x67, 0x81, 0x8e], 0x4000, 0x1})
r7 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_ENABLE_CAP_CPU(r7, 0x4068aea3, &(0x7f0000000380)={0x7b})
r8 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x4000000105042, 0x0)
write(r8, &(0x7f0000000200)="fdf01ae741043030219708b2e9a22414e8d9058cf44eecab83b2d28ce64965047f8122da91f2e47e046e9fc35c2d106b78bb06f5b13160ed8a0a91995e8bbea8ac66f5be7c659e654eb9a9efdeefbc8d4a0fcd31a782ec5ae3041b5f8e3a500e264144e3a5619c3a4a9f4cb16916f8910013ffc1345747a696f594e72965e81a225914af246f9a4584f20ec6b6135a9e5632230520a7bc370d9291675212ad7eb5673a1c4d7d03c415df3aab729ca15c3322d4b94626a6e508f5f2adf8f408b6799166f31c4e87ccdc3189b590ffba8b409111c7f6d36aae697d578d8024684647314eb25ee33f8392b42e5ecef3b52e19ebf6f1028cb8dcc54a11dd11b8adbb532b99d457453fbe3277a0c98672a9566c339311a4c007a143106f15054e01cafdcf6f9c6a17fb9ca3362a3a01cfedc8dbfe8bffa12dd17ba0be258156d1b4ef6f136711e49103776540bb986882aba0b7cff4e0102b105f9bea091a1b037373fcdc9f1fadfa9d21ff8f42156f74694d55058084ad477ce6c8bf47641c64d1cfe008025d87e5a02d3eba8d253e30062bdc7fe046bd590131d17ccc73a5ea27c8fb4bf752965f16301176416f440d11db988ad92726c693c5aa5b3ca28bc31ced72d0f4d12cb03fb261fe08e79e78f7aad21dc40cd694ec6e2bcb97be1c67fe59a6564924aaaa280aa94e04b9cb05bb8a0325a5d65f16cd0f8f09286a07382dce", 0x2fde00)
fsetxattr$trusted_overlay_origin(r8, &(0x7f0000000100)='trusted.overlay.origin\x00', &(0x7f0000000140)='y\x00', 0x2, 0x3)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000588ff8)={<r9=>0xffffffffffffffff, <r10=>0xffffffffffffffff})
fcntl$lock(r10, 0x26, &(0x7f0000000080))
fcntl$lock(r10, 0x26, &(0x7f0000000180)={0x40001, 0x0, 0x0, 0x3ac})
dup3(r9, r10, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000588ff8)={<r11=>0xffffffffffffffff, <r12=>0xffffffffffffffff})
fcntl$lock(r12, 0x26, &(0x7f0000000080))
fcntl$lock(r12, 0x26, &(0x7f0000000180)={0x40001, 0x0, 0x0, 0x3ac})
dup3(r11, r12, 0x0)
accept4(r11, &(0x7f0000000480)=@rxrpc=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x0, 0x0, @dev}}, &(0x7f0000000000)=0x6b6, 0x80000)
r13 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x6000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x200000000000df8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r14 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x11, r14, 0x0)
ioctl$PERF_EVENT_IOC_SET_OUTPUT(r13, 0x2405, r14)
fcntl$setsig(r14, 0xa, 0x3)
bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0)
ioctl$KVM_SET_REGS(r7, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000000000], 0x12000})
r15 = syz_open_dev$ttys(0xc, 0x2, 0x1)
ioctl$KDGKBMETA(r15, 0x4b62, &(0x7f0000000080))
ioctl$KVM_RUN(r7, 0xae80, 0x0)

[  963.900471][   T26] audit: type=1804 audit(1575885345.876:1081): pid=10823 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.5" name="/root/syzkaller-testdir334181620/syzkaller.4JfTNJ/888/file0/bus" dev="sda1" ino=16801 res=1
09:55:46 executing program 2:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snapshot\x00', 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
ioctl$TCSETA(0xffffffffffffffff, 0x5406, &(0x7f0000000100)={0x6, 0x0, 0x0, 0x40, 0x0, 0x8, 0x6, 0x9, 0x0, 0x1f})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

09:55:46 executing program 3:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snapshot\x00', 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
socket$vsock_stream(0x28, 0x1, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000000380)={0x7b, 0x0, [0x0, 0x7fffffff, 0x581]})
ioctl$VIDIOC_S_FREQUENCY(0xffffffffffffffff, 0x402c5639, &(0x7f0000000100)={0x7f, 0x3, 0x6})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

09:55:46 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = dup3(r2, r1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY_ALL_USERS(0xffffffffffffffff, 0xc0406619, &(0x7f0000000080)={{0x2, 0x0, @reserved="ee9901e56c4a0b87158b2f388a6338e21f684d6cfc43e02fa37c1ec504fbbe99"}})
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_ENABLE_CAP_CPU(r5, 0x4068aea3, &(0x7f0000000380)={0x7b})
accept4(0xffffffffffffffff, &(0x7f0000000480)=@rxrpc=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x0, 0x0, @dev}}, &(0x7f0000000000)=0x80, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0)
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb, 0x4], 0x12000})
ioctl$KVM_RUN(r5, 0xae80, 0x0)

09:55:46 executing program 5:
setsockopt$IP_VS_SO_SET_STARTDAEMON(0xffffffffffffffff, 0x0, 0x48b, &(0x7f00000000c0)={0x0, 'veth0_to_bond\x00'}, 0x18)
socket(0x0, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r0)
syz_open_dev$vcsn(0x0, 0x0, 0x8003)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
connect$can_bcm(0xffffffffffffffff, 0x0, 0x0)
r2 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r2, &(0x7f0000000200)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6d73a5eb7532a"], 0x6b)
sendfile(r2, r2, &(0x7f00000001c0), 0x8080fffffffe)
r3 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r3, &(0x7f00000006c0)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6f73a5eb7532a7950878e24d651199437ae46d4d1ff26f0b5946a6396c2d8e4b77cc3ad4b78c8e2980c0a056eb39a52737f8b87f1309b50668495e595f9be98a59817f360d811644caf42f3084a082c39eebccfb665503ba3ffc3afaee683dabbbe94f420f9a301d6"], 0x6b)
sendfile(r3, r3, &(0x7f00000001c0), 0x8080fffffffe)
r4 = socket$inet(0x2, 0x100000000805, 0x0)
r5 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r5, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r6=>0x0]}, &(0x7f000095dffc)=0x1bb)
setsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(r4, 0x84, 0x72, &(0x7f0000000100)={r6}, 0xc)
getsockopt$inet_sctp_SCTP_RESET_STREAMS(r3, 0x84, 0x77, &(0x7f0000000100)={<r7=>r6, 0x0, 0x4, [0x7f, 0x3, 0x2, 0xff]}, &(0x7f0000000340)=0x10)
setsockopt$inet_sctp_SCTP_AUTH_DELETE_KEY(r2, 0x84, 0x19, &(0x7f0000000380)={r7, 0x8}, 0x8)
r8 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r9 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
fcntl$setstatus(r9, 0x4, 0x2000)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000002c0)={0xffffffffffffffff, 0xc0, &(0x7f00000003c0)={0x0, <r10=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x5, 0x7, 0x8, 0x2}, &(0x7f0000000200)=0xfff, 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000300)={r10}, 0xc)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000980)={0x0, 0xffffffffffffffff, 0x0, 0x5, &(0x7f0000000440)='f2fs\x00', r10}, 0x30)
r11 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r11, &(0x7f0000000200)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6f73a5eb7532a"], 0x6b)
sendfile(r11, r11, &(0x7f00000001c0), 0x8080fffffffe)
ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_PORT(r11, 0xc0a85352, &(0x7f0000000480)={{0x7, 0x64}, 'port0\x00', 0x1, 0x10840, 0x8, 0x7f, 0x0, 0x3, 0x0, 0x0, 0x1, 0x9})
fcntl$setown(r8, 0x8, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$P9_RREADLINK(r1, &(0x7f0000000580)=ANY=[@ANYBLOB="3a258211f663a7724bdef6a53bfce1e775d740627227b11e2daf85534aa6f5083067b0248878f07a91df1acc99e664c11cbf51b4f6bff473492cfc5ead68cb6a050655a837ad411cb73394239fdd9e33efb5b63c5ff85708d8994e34841e04ec5f4962c4636b7fb34f186b86bb0467bdd13133ef429bda82f9b8e15eae491432dd2a52707c9ff05a83380901aeeba6a468acc0159117074b79e3eae14d824500eef64107f2ce8e640653058270aa2695952d83c594a125149b91f5ef4021dfcdb74078938059110bd142f3c312c6ecfa636c2567683920c19b877c0100b56a570369b4a3f1d5c222e90a05b5fbfad863ae8a14c85cf21dc7ae5e1ed8ee86c42b4c4b52f5f951d46e18aaa93e909ccf37a43455b24102c998836b67ed7064869a18b2d66a5a45630aad8094ca93f6085a68197469c0ab01a37f699b9cc9"], 0x13d)
sendfile(r1, r1, &(0x7f0000000000), 0x8080fffffffe)
r12 = socket$inet6(0xa, 0x3, 0x2c)
connect$inet6(r12, &(0x7f0000000180)={0xa, 0x0, 0x0, @local, 0x3}, 0x1c)
r13 = open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0)
sendfile(r12, r13, 0x0, 0x8482)
getsockopt$inet_pktinfo(r13, 0x0, 0x8, &(0x7f0000000040)={0x0, @loopback, @initdev}, &(0x7f0000000080)=0xc)

09:55:46 executing program 4:
setsockopt$IP_VS_SO_SET_STARTDAEMON(0xffffffffffffffff, 0x0, 0x48b, &(0x7f00000000c0)={0x0, 'veth0_to_bond\x00'}, 0x18)
socket(0x0, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r0)
syz_open_dev$vcsn(0x0, 0x0, 0x8003)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
connect$can_bcm(0xffffffffffffffff, 0x0, 0x0)
r2 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r3 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r3, 0x4, 0x2000)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000002c0)={0xffffffffffffffff, 0xc0, &(0x7f00000003c0)={0x0, <r4=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x5, 0x7, 0x8, 0x2}, &(0x7f0000000200)=0xfff, 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000300)={r4}, 0xc)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000980)={0x0, 0xffffffffffffffff, 0x0, 0x5, &(0x7f0000000440)='f2fs\x00', r4}, 0x30)
r5 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r5, &(0x7f0000000200)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6f73a5eb7532a"], 0x6b)
sendfile(r5, r5, &(0x7f00000001c0)=0x3209000000000000, 0x8080fffffffe)
ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_PORT(r5, 0xc0a85352, &(0x7f0000000480)={{0x7, 0x64}, 'port0\x00', 0x1, 0x10840, 0x8, 0x7f, 0x0, 0x3, 0x0, 0x0, 0x1, 0x9})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000440)={0x0, 0xffffffffffffffff, 0x0, 0xc, &(0x7f0000000280)='eth0nodevlo\x00', r4}, 0x30)
fcntl$setown(r2, 0x8, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$P9_RREADLINK(r1, &(0x7f0000000580)=ANY=[@ANYBLOB="3a258211f663a7724bdef6a53bfce1e775d740627227b11e2daf85534aa6f5083067b0248878f07a91df1acc99e664c11cbf51b4f6bff473492cfc5ead68cb6a050655a837ad411cb73394239fdd9e33efb5b63c5ff85708d8994e34841e04ec5f4962c4636b7fb34f186b86bb0467bdd13133ef429bda82f9b8e15eae491432dd2a52707c9ff05a83380901aeeba6a468acc0159117074b79e3eae14d824500eef64107f2ce8e640653058270aa2695952d83c594a125149b91f5ef4021dfcdb74078938059110bd142f3c312c6ecfa636c2567683920c19b877c0100b56a570369b4a3f1d5c222e90a05b5fbfad863ae8a14c85cf21dc7ae5e1ed8ee86c42b4c4b52f5f951d46e18aaa93e909ccf37a43455b24102c998836b67ed7064869a18b2d66a5a45630aad8094ca93f6085a68197469c0ab01a37f699b9cc9"], 0x13d)
sendfile(r1, r1, &(0x7f0000000000), 0x8080fffffffe)
r6 = socket$inet6(0xa, 0x3, 0x2c)
connect$inet6(r6, &(0x7f0000000180)={0xa, 0x0, 0x0, @local, 0x3}, 0x1c)
r7 = open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0)
sendfile(r6, r7, 0x0, 0x8482)
getsockopt$inet_pktinfo(r7, 0x0, 0x8, &(0x7f0000000040)={0x0, @loopback, @initdev}, &(0x7f0000000080)=0xc)

09:55:46 executing program 2:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snapshot\x00', 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
ioctl$TCSETA(0xffffffffffffffff, 0x5406, &(0x7f0000000100)={0x6, 0x0, 0x0, 0x40, 0x0, 0x8, 0x6, 0x9, 0x0, 0x1f})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

09:55:46 executing program 3:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snapshot\x00', 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
socket$vsock_stream(0x28, 0x1, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000000380)={0x7b, 0x0, [0x0, 0x7fffffff, 0x581]})
ioctl$VIDIOC_S_FREQUENCY(0xffffffffffffffff, 0x402c5639, &(0x7f0000000100)={0x7f, 0x3, 0x6})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x4, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

09:55:46 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = dup3(r2, r1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_ENABLE_CAP_CPU(r5, 0x4068aea3, &(0x7f0000000380)={0x7b})
sendmsg$tipc(r3, &(0x7f0000000280)={&(0x7f0000000080)=@name={0x1e, 0x2, 0x1, {{0x2, 0x3}, 0x3}}, 0x10, &(0x7f0000000240)=[{&(0x7f0000000100)="a0757a58ca62800c4c02b6c12f3a2a7021789536612cac077e52409872a5d4e2672aa9e3ff4450982c6b9a511d30525038cf0f2877ac7921f56fd7022883ca7c0f5bfebc6e80c8436e79bb3c09521eeae39ea7cd1ae91a5552c32c2b3be84360cfd4fe78ec174b75f9f1d66229d1773c6a72812871f0d87677074b2f90375b0cfcaa8f764ba62d8b9904342f33c405c6b646d3c31677494b14986a61", 0x9c}, {&(0x7f0000000200)="51be57b217f9d2d3e5bda07fa8753c1b1579661694c2ec0798c4de21e3ec2e9f9b264091f75e984589e592", 0x2b}], 0x2, &(0x7f0000000400)="7791b2d1d9875b237d0d9f020828dde89f9e545d2269def2d808f2a13317f385de9ee8dbb5a3d1c0ae40a27d9f3c6af772ee2bc885a736604b4005fdcd2f9f80ea2fb0061e27c66e6f68f23a2d8b35478de84087f4be5755e8b754512fe64f5ae4ab18d2f3ff9e9f2931849402b495a66120f9a7103662432a38", 0x7a, 0x8082}, 0x80)
accept4(r1, &(0x7f0000000480)=@rxrpc=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x0, 0x0, @dev}}, &(0x7f0000000500)=0xffffffffffffff2d, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0)
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0xfffffffffffffffc, 0x0, 0x4cb, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x2], 0x12000})
ioctl$KVM_RUN(r5, 0xae80, 0x0)

09:55:46 executing program 2:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snapshot\x00', 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
ioctl$TCSETA(0xffffffffffffffff, 0x5406, &(0x7f0000000100)={0x6, 0x0, 0x0, 0x40, 0x0, 0x8, 0x6, 0x9, 0x0, 0x1f})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  965.027334][   T26] audit: type=1804 audit(1575885347.016:1082): pid=11280 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.4" name="/root/syzkaller-testdir277592306/syzkaller.2XkVD1/795/file0/bus" dev="sda1" ino=16676 res=1
[  965.136232][   T26] audit: type=1804 audit(1575885347.116:1083): pid=11490 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir334181620/syzkaller.4JfTNJ/889/file0/bus" dev="sda1" ino=16829 res=1
09:55:48 executing program 1:
setsockopt$IP_VS_SO_SET_STARTDAEMON(0xffffffffffffffff, 0x0, 0x48b, &(0x7f00000000c0)={0x0, 'veth0_to_bond\x00'}, 0x18)
socket(0x0, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r0)
syz_open_dev$vcsn(0x0, 0x0, 0x8003)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
connect$can_bcm(0xffffffffffffffff, 0x0, 0x0)
r2 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r3 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r3, 0x4, 0x2000)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000002c0)={0xffffffffffffffff, 0xc0, &(0x7f00000003c0)={0x0, <r4=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x5, 0x7, 0x8, 0x2}, &(0x7f0000000200)=0xfff, 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000300)={r4}, 0xc)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000980)={0x0, 0xffffffffffffffff, 0x0, 0x5, &(0x7f0000000440)='f2fs\x00', r4}, 0x30)
r5 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r5, &(0x7f0000000340)=ANY=[@ANYBLOB="d6751d6d446acecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a438072518db8c9e4cbaee06ac58f920b7a88a303c8d1b6b63ba3a098120488ff4ad8c254b6f78297dadfc4e41569038686421b"], 0x6b)
sendfile(r5, r5, &(0x7f00000001c0), 0x8080fffffffe)
ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_PORT(r5, 0xc0a85352, &(0x7f0000000480)={{0x7, 0x64}, 'port0\x00', 0x1, 0x10840, 0x8, 0x7f, 0x0, 0x3, 0x0, 0x0, 0x1, 0x9})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000440)={0x0, 0xffffffffffffffff, 0x0, 0xc, &(0x7f0000000280)='eth0nodevlo\x00', r4}, 0x30)
fcntl$setown(r2, 0x8, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$P9_RREADLINK(r1, &(0x7f0000000580)=ANY=[@ANYBLOB="3a258211f663a7724bdef6a53bfce1e775d740627227b11e2daf85534aa6f5083067b0248878f07a91df1acc99e664c11cbf51b4f6bff473492cfc5ead68cb6a050655a837ad411cb73394239fdd9e33efb5b63c5ff85708d8994e34841e04ec5f4962c4636b7fb34f186b86bb0467bdd13133ef429bda82f9b8e15eae491432dd2a52707c9ff05a83380901aeeba6a468acc0159117074b79e3eae14d824500eef64107f2ce8e640653058270aa2695952d83c594a125149b91f5ef4021dfcdb74078938059110bd142f3c312c6ecfa636c2567683920c19b877c0100b56a570369b4a3f1d5c222e90a05b5fbfad863ae8a14c85cf21dc7ae5e1ed8ee86c42b4c4b52f5f951d46e18aaa93e909ccf37a43455b24102c998836b67ed7064869a18b2d66a5a45630aad8094ca93f6085a68197469c0ab01a37f699b9cc9"], 0x13d)
sendfile(r1, r1, &(0x7f0000000000), 0x8080fffffffe)
r6 = socket$inet6(0xa, 0x3, 0x2c)
connect$inet6(r6, &(0x7f0000000180)={0xa, 0x0, 0x0, @local, 0x3}, 0x1c)
r7 = open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0)
sendfile(r6, r7, 0x0, 0x8482)
getsockopt$inet_pktinfo(r7, 0x0, 0x8, &(0x7f0000000040)={0x0, @loopback, @initdev}, &(0x7f0000000080)=0xc)

09:55:48 executing program 2:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snapshot\x00', 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
ioctl$TCSETA(0xffffffffffffffff, 0x5406, &(0x7f0000000100)={0x6, 0x0, 0x0, 0x40, 0x8, 0x0, 0x6, 0x9, 0x0, 0x1f})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

09:55:48 executing program 3:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snapshot\x00', 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
socket$vsock_stream(0x28, 0x1, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000000380)={0x7b, 0x0, [0x0, 0x7fffffff, 0x581]})
ioctl$VIDIOC_S_FREQUENCY(0xffffffffffffffff, 0x402c5639, &(0x7f0000000100)={0x7f, 0x3, 0x6})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x4, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

09:55:48 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
getpeername$unix(r1, &(0x7f0000000100)=@abs, &(0x7f0000000080)=0x6e)
dup3(r2, r1, 0x0)
r3 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000180)='/dev/cachefiles\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x7)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaaad66, 0x0, 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_ENABLE_CAP_CPU(r5, 0x4068aea3, &(0x7f0000000380)={0x7b})
accept4(0xffffffffffffffff, &(0x7f0000000480)=@rxrpc=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x0, 0x0, @dev}}, &(0x7f0000000000)=0x80, 0x0)
ioctl$VIDIOC_S_FREQUENCY(0xffffffffffffffff, 0x402c5639, &(0x7f0000000200)={0x9e, 0x2, 0x8})
bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0)
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1], 0x12000, 0x40})
ioctl$KVM_RUN(r5, 0xae80, 0x0)

09:55:48 executing program 5:
setsockopt$IP_VS_SO_SET_STARTDAEMON(0xffffffffffffffff, 0x0, 0x48b, &(0x7f00000000c0)={0x0, 'veth0_to_bond\x00'}, 0x18)
socket(0x0, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r0)
syz_open_dev$vcsn(0x0, 0x0, 0x8003)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
connect$can_bcm(0xffffffffffffffff, 0x0, 0x0)
r2 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r2, &(0x7f0000000200)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6d73a5eb7532a"], 0x6b)
sendfile(r2, r2, &(0x7f00000001c0), 0x8080fffffffe)
r3 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r3, &(0x7f00000006c0)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6f73a5eb7532a7950878e24d651199437ae46d4d1ff26f0b5946a6396c2d8e4b77cc3ad4b78c8e2980c0a056eb39a52737f8b87f1309b50668495e595f9be98a59817f360d811644caf42f3084a082c39eebccfb665503ba3ffc3afaee683dabbbe94f420f9a301d6"], 0x6b)
sendfile(r3, r3, &(0x7f00000001c0), 0x8080fffffffe)
r4 = socket$inet(0x2, 0x100000000805, 0x0)
r5 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r5, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r6=>0x0]}, &(0x7f000095dffc)=0x1bb)
setsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(r4, 0x84, 0x72, &(0x7f0000000100)={r6}, 0xc)
getsockopt$inet_sctp_SCTP_RESET_STREAMS(r3, 0x84, 0x77, &(0x7f0000000100)={<r7=>r6, 0x0, 0x4, [0x7f, 0x3, 0x2, 0xff]}, &(0x7f0000000340)=0x10)
setsockopt$inet_sctp_SCTP_AUTH_DELETE_KEY(r2, 0x84, 0x19, &(0x7f0000000380)={r7, 0x8}, 0x8)
r8 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r9 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
fcntl$setstatus(r9, 0x4, 0x2000)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000002c0)={0xffffffffffffffff, 0xc0, &(0x7f00000003c0)={0x0, <r10=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x5, 0x7, 0x8, 0x2}, &(0x7f0000000200)=0xfff, 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000300)={r10}, 0xc)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000980)={0x0, 0xffffffffffffffff, 0x0, 0x5, &(0x7f0000000440)='f2fs\x00', r10}, 0x30)
r11 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r11, &(0x7f0000000200)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6f73a5eb7532a"], 0x6b)
sendfile(r11, r11, &(0x7f00000001c0), 0x8080fffffffe)
ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_PORT(r11, 0xc0a85352, &(0x7f0000000480)={{0x7, 0x64}, 'port0\x00', 0x1, 0x10840, 0x8, 0x7f, 0x0, 0x3, 0x0, 0x0, 0x1, 0x9})
fcntl$setown(r8, 0x8, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$P9_RREADLINK(r1, &(0x7f0000000580)=ANY=[@ANYBLOB="3a258211f663a7724bdef6a53bfce1e775d740627227b11e2daf85534aa6f5083067b0248878f07a91df1acc99e664c11cbf51b4f6bff473492cfc5ead68cb6a050655a837ad411cb73394239fdd9e33efb5b63c5ff85708d8994e34841e04ec5f4962c4636b7fb34f186b86bb0467bdd13133ef429bda82f9b8e15eae491432dd2a52707c9ff05a83380901aeeba6a468acc0159117074b79e3eae14d824500eef64107f2ce8e640653058270aa2695952d83c594a125149b91f5ef4021dfcdb74078938059110bd142f3c312c6ecfa636c2567683920c19b877c0100b56a570369b4a3f1d5c222e90a05b5fbfad863ae8a14c85cf21dc7ae5e1ed8ee86c42b4c4b52f5f951d46e18aaa93e909ccf37a43455b24102c998836b67ed7064869a18b2d66a5a45630aad8094ca93f6085a68197469c0ab01a37f699b9cc9"], 0x13d)
sendfile(r1, r1, &(0x7f0000000000), 0x8080fffffffe)
r12 = socket$inet6(0xa, 0x3, 0x2c)
connect$inet6(r12, &(0x7f0000000180)={0xa, 0x0, 0x0, @local, 0x3}, 0x1c)
r13 = open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0)
sendfile(r12, r13, 0x0, 0x8482)
getsockopt$inet_pktinfo(r13, 0x0, 0x8, &(0x7f0000000040)={0x0, @loopback, @initdev}, &(0x7f0000000080)=0xc)

09:55:48 executing program 4:
setsockopt$IP_VS_SO_SET_STARTDAEMON(0xffffffffffffffff, 0x0, 0x48b, &(0x7f00000000c0)={0x0, 'veth0_to_bond\x00'}, 0x18)
socket(0x0, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r0)
syz_open_dev$vcsn(0x0, 0x0, 0x8003)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
connect$can_bcm(0xffffffffffffffff, 0x0, 0x0)
r2 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r2, &(0x7f0000000200)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6d73a5eb7532a"], 0x6b)
sendfile(r2, r2, &(0x7f00000001c0), 0x8080fffffffe)
r3 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r3, &(0x7f00000006c0)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6f73a5eb7532a7950878e24d651199437ae46d4d1ff26f0b5946a6396c2d8e4b77cc3ad4b78c8e2980c0a056eb39a52737f8b87f1309b50668495e595f9be98a59817f360d811644caf42f3084a082c39eebccfb665503ba3ffc3afaee683dabbbe94f420f9a301d6"], 0x6b)
sendfile(r3, r3, &(0x7f00000001c0), 0x8080fffffffe)
r4 = socket$inet(0x2, 0x100000000805, 0x0)
r5 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r5, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r6=>0x0]}, &(0x7f000095dffc)=0x1bb)
setsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(r4, 0x84, 0x72, &(0x7f0000000100)={r6}, 0xc)
getsockopt$inet_sctp_SCTP_RESET_STREAMS(r3, 0x84, 0x77, &(0x7f0000000100)={<r7=>r6, 0x0, 0x4, [0x7f, 0x3, 0x2, 0xff]}, &(0x7f0000000340)=0x10)
setsockopt$inet_sctp_SCTP_AUTH_DELETE_KEY(r2, 0x84, 0x19, &(0x7f0000000380)={r7, 0x8}, 0x8)
r8 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r9 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
fcntl$setstatus(r9, 0x4, 0x2000)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000002c0)={0xffffffffffffffff, 0xc0, &(0x7f00000003c0)={0x0, <r10=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x5, 0x7, 0x8, 0x2}, &(0x7f0000000200)=0xfff, 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000300)={r10}, 0xc)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000980)={0x0, 0xffffffffffffffff, 0x0, 0x5, &(0x7f0000000440)='f2fs\x00', r10}, 0x30)
r11 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r11, &(0x7f0000000200)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6f73a5eb7532a"], 0x6b)
sendfile(r11, r11, &(0x7f00000001c0), 0x8080fffffffe)
ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_PORT(r11, 0xc0a85352, &(0x7f0000000480)={{0x7, 0x64}, 'port0\x00', 0x1, 0x10840, 0x8, 0x7f, 0x0, 0x3, 0x0, 0x0, 0x1, 0x9})
fcntl$setown(r8, 0x8, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$P9_RREADLINK(r1, &(0x7f0000000580)=ANY=[@ANYBLOB="3a258211f663a7724bdef6a53bfce1e775d740627227b11e2daf85534aa6f5083067b0248878f07a91df1acc99e664c11cbf51b4f6bff473492cfc5ead68cb6a050655a837ad411cb73394239fdd9e33efb5b63c5ff85708d8994e34841e04ec5f4962c4636b7fb34f186b86bb0467bdd13133ef429bda82f9b8e15eae491432dd2a52707c9ff05a83380901aeeba6a468acc0159117074b79e3eae14d824500eef64107f2ce8e640653058270aa2695952d83c594a125149b91f5ef4021dfcdb74078938059110bd142f3c312c6ecfa636c2567683920c19b877c0100b56a570369b4a3f1d5c222e90a05b5fbfad863ae8a14c85cf21dc7ae5e1ed8ee86c42b4c4b52f5f951d46e18aaa93e909ccf37a43455b24102c998836b67ed7064869a18b2d66a5a45630aad8094ca93f6085a68197469c0ab01a37f699b9cc9"], 0x13d)
sendfile(r1, r1, &(0x7f0000000000), 0x8080fffffffe)
r12 = socket$inet6(0xa, 0x3, 0x2c)
connect$inet6(r12, &(0x7f0000000180)={0xa, 0x0, 0x0, @local, 0x3}, 0x1c)
r13 = open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0)
sendfile(r12, r13, 0x0, 0x8482)
getsockopt$inet_pktinfo(r13, 0x0, 0x8, &(0x7f0000000040)={0x0, @loopback, @initdev}, &(0x7f0000000080)=0xc)

[  966.904319][T11710] kvm_hv_get_msr: 610 callbacks suppressed
[  966.904334][T11710] kvm [11703]: vcpu0, guest rIP: 0x4a Hyper-V unhandled rdmsr: 0x40000037
[  966.986288][T11710] kvm [11703]: vcpu0, guest rIP: 0x4a Hyper-V unhandled rdmsr: 0x40000057
[  967.050622][T11710] kvm [11703]: vcpu0, guest rIP: 0x4a Hyper-V unhandled rdmsr: 0x4000008f
[  967.096587][T11710] kvm [11703]: vcpu0, guest rIP: 0x4a Hyper-V unhandled rdmsr: 0x40000044
[  967.129708][T11710] kvm [11703]: vcpu0, guest rIP: 0x4a Hyper-V unhandled rdmsr: 0x40000034
09:55:49 executing program 2:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snapshot\x00', 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
ioctl$TCSETA(0xffffffffffffffff, 0x5406, &(0x7f0000000100)={0x6, 0x0, 0x0, 0x40, 0x8, 0x0, 0x6, 0x9, 0x0, 0x1f})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

09:55:49 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = dup3(r2, r1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_ENABLE_CAP_CPU(r5, 0x4068aea3, &(0x7f0000000380)={0x7b})
accept4(0xffffffffffffffff, &(0x7f0000000480)=@rxrpc=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x0, 0x0, @dev}}, &(0x7f0000000000)=0x80, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0)
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x3, 0xfffffffffffffff8, 0xfffffffffffffffd, 0x4cb, 0x0, 0x1, 0x0, 0x0, 0xffffffffffffffff, 0x10000000], 0x12000})
ioctl$KVM_RUN(r5, 0xae80, 0x0)

[  967.241487][T11927] FAT-fs (loop1): error, fat_get_cluster: invalid cluster chain (i_pos 17)
09:55:49 executing program 3:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snapshot\x00', 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
socket$vsock_stream(0x28, 0x1, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000000380)={0x7b, 0x0, [0x0, 0x7fffffff, 0x581]})
ioctl$VIDIOC_S_FREQUENCY(0xffffffffffffffff, 0x402c5639, &(0x7f0000000100)={0x7f, 0x3, 0x6})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x4, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  967.322807][T11927] FAT-fs (loop1): Filesystem has been set read-only
[  967.351923][T11927] FAT-fs (loop1): error, fat_free: invalid cluster chain (i_pos 17)
[  967.416897][   T26] audit: type=1804 audit(1575885349.406:1084): pid=11960 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir100869913/syzkaller.GI7b3r/598/file0/bus" dev="loop1" ino=460 res=1
09:55:49 executing program 2:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snapshot\x00', 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
ioctl$TCSETA(0xffffffffffffffff, 0x5406, &(0x7f0000000100)={0x6, 0x0, 0x0, 0x40, 0x8, 0x0, 0x6, 0x9, 0x0, 0x1f})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  967.572236][   T26] audit: type=1804 audit(1575885349.436:1085): pid=11932 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir334181620/syzkaller.4JfTNJ/890/file0/bus" dev="loop5" ino=459 res=1
09:55:49 executing program 0:
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = dup3(r1, r0, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab270, 0x0, 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_ENABLE_CAP_CPU(r4, 0x4068aea3, &(0x7f0000000380)={0x7b})
accept4(0xffffffffffffffff, &(0x7f0000000480)=@rxrpc=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x0, 0x0, @dev}}, &(0x7f0000000000)=0x80, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0)
ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r4, 0xae80, 0x0)

09:55:49 executing program 1:
setsockopt$IP_VS_SO_SET_STARTDAEMON(0xffffffffffffffff, 0x0, 0x48b, &(0x7f00000000c0)={0x0, 'veth0_to_bond\x00'}, 0x18)
socket(0x0, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r0)
syz_open_dev$vcsn(0x0, 0x0, 0x8003)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0)
ioctl$TIOCSLCKTRMIOS(0xffffffffffffffff, 0x5457, &(0x7f0000000100))
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
connect$can_bcm(0xffffffffffffffff, 0x0, 0x0)
r2 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r3 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r3, 0x4, 0x2000)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000002c0)={0xffffffffffffffff, 0xc0, &(0x7f00000003c0)={0x0, <r4=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x5, 0x7, 0x8, 0x2}, &(0x7f0000000200)=0xfff, 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000300)={r4}, 0xc)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000980)={0x0, 0xffffffffffffffff, 0x0, 0x5, &(0x7f0000000440)='f2fs\x00', r4}, 0x30)
r5 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r5, &(0x7f0000000200)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6f73a5eb7532a"], 0x6b)
sendfile(r5, r5, &(0x7f00000001c0), 0x8080fffffffe)
ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_PORT(r5, 0xc0a85352, &(0x7f0000000480)={{0x7, 0x64}, 'port0\x00', 0x1, 0x10840, 0x8, 0x7f, 0x0, 0x3, 0x0, 0x0, 0x1, 0x9})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000440)={0x0, 0xffffffffffffffff, 0x0, 0xc, &(0x7f0000000280)='eth0nodevlo\x00', r4}, 0x30)
fcntl$setown(r2, 0x8, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$P9_RREADLINK(r1, &(0x7f0000000580)=ANY=[@ANYBLOB="3a258211f663a7724bdef6a53bfce1e775d740627227b11e2daf85534aa6f5083067b0248878f07a91df1acc99e664c11cbf51b4f6bff473492cfc5ead68cb6a050655a837ad411cb73394239fdd9e33efb5b63c5ff85708d8994e34841e04ec5f4962c4636b7fb34f186b86bb0467bdd13133ef429bda82f9b8e15eae491432dd2a52707c9ff05a83380901aeeba6a468acc0159117074b79e3eae14d824500eef64107f2ce8e640653058270aa2695952d83c594a125149b91f5ef4021dfcdb74078938059110bd142f3c312c6ecfa636c2567683920c19b877c0100b56a570369b4a3f1d5c222e90a05b5fbfad863ae8a14c85cf21dc7ae5e1ed8ee86c42b4c4b52f5f951d46e18aaa93e909ccf37a43455b24102c998836b67ed7064869a18b2d66a5a45630aad8094ca93f6085a68197469c0ab01a37f699b9cc9"], 0x13d)
sendfile(r1, r1, &(0x7f0000000000), 0x8080fffffffe)
r6 = socket$inet6(0xa, 0x3, 0x2c)
connect$inet6(r6, &(0x7f0000000180)={0xa, 0x0, 0x0, @local, 0x3}, 0x1c)
r7 = open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0)
sendfile(r6, r7, 0x0, 0x8482)
getsockopt$inet_pktinfo(r7, 0x0, 0x8, &(0x7f0000000040)={0x0, @loopback, @initdev}, &(0x7f0000000080)=0xc)

[  967.710597][   T26] audit: type=1804 audit(1575885349.456:1086): pid=11937 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.4" name="/root/syzkaller-testdir277592306/syzkaller.2XkVD1/796/file0/bus" dev="sda1" ino=16723 res=1
09:55:49 executing program 5:
setsockopt$IP_VS_SO_SET_STARTDAEMON(0xffffffffffffffff, 0x0, 0x48b, &(0x7f00000000c0)={0x0, 'veth0_to_bond\x00'}, 0x18)
socket(0x0, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r0)
syz_open_dev$vcsn(0x0, 0x0, 0x8003)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
connect$can_bcm(0xffffffffffffffff, 0x0, 0x0)
r2 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r2, &(0x7f0000000200)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6d73a5eb7532a"], 0x6b)
sendfile(r2, r2, &(0x7f00000001c0), 0x8080fffffffe)
r3 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r3, &(0x7f00000006c0)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6f73a5eb7532a7950878e24d651199437ae46d4d1ff26f0b5946a6396c2d8e4b77cc3ad4b78c8e2980c0a056eb39a52737f8b87f1309b50668495e595f9be98a59817f360d811644caf42f3084a082c39eebccfb665503ba3ffc3afaee683dabbbe94f420f9a301d6"], 0x6b)
sendfile(r3, r3, &(0x7f00000001c0), 0x8080fffffffe)
r4 = socket$inet(0x2, 0x100000000805, 0x0)
r5 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r5, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r6=>0x0]}, &(0x7f000095dffc)=0x1bb)
setsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(r4, 0x84, 0x72, &(0x7f0000000100)={r6}, 0xc)
getsockopt$inet_sctp_SCTP_RESET_STREAMS(r3, 0x84, 0x77, &(0x7f0000000100)={<r7=>r6, 0x0, 0x4, [0x7f, 0x3, 0x2, 0xff]}, &(0x7f0000000340)=0x10)
setsockopt$inet_sctp_SCTP_AUTH_DELETE_KEY(r2, 0x84, 0x19, &(0x7f0000000380)={r7, 0x8}, 0x8)
r8 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r9 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
fcntl$setstatus(r9, 0x4, 0x2000)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000002c0)={0xffffffffffffffff, 0xc0, &(0x7f00000003c0)={0x0, <r10=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x5, 0x7, 0x8, 0x2}, &(0x7f0000000200)=0xfff, 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000300)={r10}, 0xc)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000980)={0x0, 0xffffffffffffffff, 0x0, 0x5, &(0x7f0000000440)='f2fs\x00', r10}, 0x30)
r11 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r11, &(0x7f0000000200)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6f73a5eb7532a"], 0x6b)
sendfile(r11, r11, &(0x7f00000001c0), 0x8080fffffffe)
ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_PORT(r11, 0xc0a85352, &(0x7f0000000480)={{0x7, 0x64}, 'port0\x00', 0x1, 0x10840, 0x8, 0x7f, 0x0, 0x3, 0x0, 0x0, 0x1, 0x9})
fcntl$setown(r8, 0x8, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$P9_RREADLINK(r1, &(0x7f0000000580)=ANY=[@ANYBLOB="3a258211f663a7724bdef6a53bfce1e775d740627227b11e2daf85534aa6f5083067b0248878f07a91df1acc99e664c11cbf51b4f6bff473492cfc5ead68cb6a050655a837ad411cb73394239fdd9e33efb5b63c5ff85708d8994e34841e04ec5f4962c4636b7fb34f186b86bb0467bdd13133ef429bda82f9b8e15eae491432dd2a52707c9ff05a83380901aeeba6a468acc0159117074b79e3eae14d824500eef64107f2ce8e640653058270aa2695952d83c594a125149b91f5ef4021dfcdb74078938059110bd142f3c312c6ecfa636c2567683920c19b877c0100b56a570369b4a3f1d5c222e90a05b5fbfad863ae8a14c85cf21dc7ae5e1ed8ee86c42b4c4b52f5f951d46e18aaa93e909ccf37a43455b24102c998836b67ed7064869a18b2d66a5a45630aad8094ca93f6085a68197469c0ab01a37f699b9cc9"], 0x13d)
sendfile(r1, r1, &(0x7f0000000000), 0x8080fffffffe)
r12 = socket$inet6(0xa, 0x3, 0x2c)
connect$inet6(r12, &(0x7f0000000180)={0xa, 0x0, 0x0, @local, 0x3}, 0x1c)
r13 = open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0)
sendfile(r12, r13, 0x0, 0x8482)
getsockopt$inet_pktinfo(r13, 0x0, 0x8, &(0x7f0000000040)={0x0, @loopback, @initdev}, &(0x7f0000000080)=0xc)

09:55:49 executing program 3:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snapshot\x00', 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
socket$vsock_stream(0x28, 0x1, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000000380)={0x7b, 0x0, [0x0, 0x7fffffff, 0x581]})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x4, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  967.800811][   T26] audit: type=1804 audit(1575885349.516:1087): pid=11930 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.5" name="/root/syzkaller-testdir334181620/syzkaller.4JfTNJ/890/file0/bus" dev="loop5" ino=459 res=1
[  967.869195][T12153] kvm [12152]: vcpu0, guest rIP: 0x4a Hyper-V unhandled rdmsr: 0x4000008c
[  967.877907][T12153] kvm [12152]: vcpu0, guest rIP: 0x4a Hyper-V unhandled rdmsr: 0x40000086
[  967.916221][   T26] audit: type=1804 audit(1575885349.536:1088): pid=11931 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.4" name="/root/syzkaller-testdir277592306/syzkaller.2XkVD1/796/file0/bus" dev="sda1" ino=16723 res=1
09:55:49 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = dup3(r2, r1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
r5 = socket$inet6(0xa, 0x3, 0x2c)
connect$inet6(r5, &(0x7f0000000180)={0xa, 0x0, 0x0, @local, 0x3}, 0x1c)
r6 = open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0)
sendfile(r5, r6, 0x0, 0x8482)
ioctl$TIOCGSID(r6, 0x5429, &(0x7f0000000080))
ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60)
r7 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_ENABLE_CAP_CPU(r7, 0x4068aea3, &(0x7f0000000380)={0x7b})
accept4(0xffffffffffffffff, &(0x7f0000000480)=@rxrpc=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x0, 0x0, @dev}}, &(0x7f0000000000)=0x80, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0)
ioctl$KVM_SET_REGS(r7, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r7, 0xae80, 0x0)

[  967.988433][T12153] kvm [12152]: vcpu0, guest rIP: 0x4a Hyper-V unhandled rdmsr: 0x4000007a
[  968.041048][T12153] kvm [12152]: vcpu0, guest rIP: 0x4a Hyper-V unhandled rdmsr: 0x40000074
[  968.058799][T12153] kvm [12152]: vcpu0, guest rIP: 0x4a Hyper-V unhandled rdmsr: 0x4000006e
[  968.301907][T12271] FAT-fs (loop1): error, fat_get_cluster: invalid cluster chain (i_pos 17)
09:55:50 executing program 3:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snapshot\x00', 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
socket$vsock_stream(0x28, 0x1, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000000380)={0x7b, 0x0, [0x0, 0x7fffffff, 0x581]})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x4, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

09:55:50 executing program 2:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snapshot\x00', 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
ioctl$TCSETA(0xffffffffffffffff, 0x5406, &(0x7f0000000100)={0x6, 0x0, 0x0, 0x40, 0x8, 0x8, 0x0, 0x9, 0x0, 0x1f})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  968.437905][T12271] FAT-fs (loop1): Filesystem has been set read-only
[  968.496448][T12271] FAT-fs (loop1): error, fat_free: invalid cluster chain (i_pos 17)
[  968.514417][   T26] audit: type=1804 audit(1575885350.506:1089): pid=12392 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir334181620/syzkaller.4JfTNJ/891/file0/bus" dev="loop5" ino=462 res=1
09:55:50 executing program 4:
r0 = socket(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[@ANYBLOB="140000005a00014a000000000000000000000000abbf2c137cf243f34e9e95300953eff606000000000000009cdbd7d0c1b5990ecbb31d1d66970aaef7a2676df5c86e42534850370a1c9353eb35ed6a7e3b4eac10079f6786"], 0x14}}, 0x0)

09:55:50 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = dup3(r2, r1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_ENABLE_CAP_CPU(r5, 0x4068aea3, &(0x7f0000000380)={0x7b})
accept4(0xffffffffffffffff, &(0x7f0000000480)=@rxrpc=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x0, 0x0, @dev}}, &(0x7f0000000000)=0x80, 0x0)
accept$nfc_llcp(0xffffffffffffffff, &(0x7f0000000100), &(0x7f0000000080)=0x60)
bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0)
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r5, 0xae80, 0x0)

09:55:50 executing program 1:
setsockopt$IP_VS_SO_SET_STARTDAEMON(0xffffffffffffffff, 0x0, 0x48b, &(0x7f00000000c0)={0x0, 'veth0_to_bond\x00'}, 0x18)
socket(0x0, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r0)
syz_open_dev$vcsn(0x0, 0x0, 0x8003)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
connect$can_bcm(0xffffffffffffffff, 0x0, 0x0)
r2 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r3 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r3, 0x4, 0x2000)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000002c0)={0xffffffffffffffff, 0xc0, &(0x7f00000003c0)={0x0, <r4=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x5, 0x7, 0x8, 0x2}, &(0x7f0000000200)=0xfff, 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000300)={r4}, 0xc)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000980)={0x0, 0xffffffffffffffff, 0x0, 0x5, &(0x7f0000000440)='f2fs\x00', r4}, 0x30)
r5 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r5, &(0x7f0000000200)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6f73a5eb7532a"], 0x6b)
sendfile(r5, r5, &(0x7f00000001c0), 0x8080fffffffe)
ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_PORT(r5, 0xc0a85352, &(0x7f0000000480)={{0x7, 0x64}, 'port0\x00', 0x1, 0x10840, 0x8, 0x7f, 0x0, 0x3, 0x0, 0x0, 0x1, 0x9})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000440)={0x0, 0xffffffffffffffff, 0x0, 0xc, &(0x7f0000000280)='eth0nodevlo\x00', r4}, 0x30)
fcntl$setown(r2, 0x8, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$P9_RREADLINK(r1, &(0x7f0000000580)=ANY=[@ANYBLOB="3a258211f663a7724bdef6a53bfce1e775d740627227b11e2daf85534aa6f5083067b0248878f07a91df1acc99e664c11cbf51b4f6bff473492cfc5ead68cb6a050655a837ad411cb73394239fdd9e33efb5b63c5ff85708d8994e34841e04ec5f4962c4636b7fb34f186b86bb0467bdd13133ef429bda82f9b8e15eae491432dd2a52707c9ff05a83380901aeeba6a468acc0159117074b79e3eae14d824500eef64107f2ce8e640653058270aa2695952d83c594a125149b91f5ef4021dfcdb74078938059110bd142f3c312c6ecfa636c2567683920c19b877c0100b56a570369b4a3f1d5c222e90a05b5fbfad863ae8a14c85cf21dc7ae5e1ed8ee86c42b4c4b52f5f951d46e18aaa93e909ccf37a43455b24102c998836b67ed7064869a18b2d66a5a45630aad8094ca93f6085a68197469c0ab01a37f699b9cc9"], 0x13d)
sendfile(r1, r1, &(0x7f0000000000), 0x8080fffffffe)
r6 = socket$inet6(0xa, 0x3, 0x2c)
connect$inet6(r6, &(0x7f0000000180)={0xa, 0x0, 0x0, @local, 0x3}, 0x1c)
setsockopt$nfc_llcp_NFC_LLCP_MIUX(r5, 0x118, 0x1, &(0x7f0000000100)=0x3, 0x4)
r7 = open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0)
sendfile(r6, r7, 0x0, 0x8482)
getsockopt$inet_pktinfo(r7, 0x0, 0x8, &(0x7f0000000040)={0x0, @loopback, @initdev}, &(0x7f0000000080)=0xc)

09:55:50 executing program 3:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snapshot\x00', 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
socket$vsock_stream(0x28, 0x1, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000000380)={0x7b, 0x0, [0x0, 0x7fffffff, 0x581]})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x4, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

09:55:50 executing program 2:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snapshot\x00', 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
ioctl$TCSETA(0xffffffffffffffff, 0x5406, &(0x7f0000000100)={0x6, 0x0, 0x0, 0x40, 0x8, 0x8, 0x0, 0x9, 0x0, 0x1f})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

09:55:50 executing program 5:
setsockopt$IP_VS_SO_SET_STARTDAEMON(0xffffffffffffffff, 0x0, 0x48b, &(0x7f00000000c0)={0x0, 'veth0_to_bond\x00'}, 0x18)
socket(0x0, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r0)
syz_open_dev$vcsn(0x0, 0x0, 0x8003)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
connect$can_bcm(0xffffffffffffffff, 0x0, 0x0)
r2 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r2, &(0x7f0000000200)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6d73a5eb7532a"], 0x6b)
sendfile(r2, r2, &(0x7f00000001c0), 0x8080fffffffe)
r3 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r3, &(0x7f00000006c0)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6f73a5eb7532a7950878e24d651199437ae46d4d1ff26f0b5946a6396c2d8e4b77cc3ad4b78c8e2980c0a056eb39a52737f8b87f1309b50668495e595f9be98a59817f360d811644caf42f3084a082c39eebccfb665503ba3ffc3afaee683dabbbe94f420f9a301d6"], 0x6b)
sendfile(r3, r3, &(0x7f00000001c0), 0x8080fffffffe)
r4 = socket$inet(0x2, 0x100000000805, 0x0)
r5 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r5, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r6=>0x0]}, &(0x7f000095dffc)=0x1bb)
setsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(r4, 0x84, 0x72, &(0x7f0000000100)={r6}, 0xc)
getsockopt$inet_sctp_SCTP_RESET_STREAMS(r3, 0x84, 0x77, &(0x7f0000000100)={<r7=>r6, 0x0, 0x4, [0x7f, 0x3, 0x2, 0xff]}, &(0x7f0000000340)=0x10)
setsockopt$inet_sctp_SCTP_AUTH_DELETE_KEY(r2, 0x84, 0x19, &(0x7f0000000380)={r7, 0x8}, 0x8)
r8 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r9 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
fcntl$setstatus(r9, 0x4, 0x2000)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000002c0)={0xffffffffffffffff, 0xc0, &(0x7f00000003c0)={0x0, <r10=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x5, 0x7, 0x8, 0x2}, &(0x7f0000000200)=0xfff, 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000300)={r10}, 0xc)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000980)={0x0, 0xffffffffffffffff, 0x0, 0x5, &(0x7f0000000440)='f2fs\x00', r10}, 0x30)
r11 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r11, &(0x7f0000000200)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6f73a5eb7532a"], 0x6b)
sendfile(r11, r11, &(0x7f00000001c0), 0x8080fffffffe)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000440)={0x0, 0xffffffffffffffff, 0x0, 0xc, &(0x7f0000000280)='eth0nodevlo\x00', r10}, 0x30)
fcntl$setown(r8, 0x8, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$P9_RREADLINK(r1, &(0x7f0000000580)=ANY=[@ANYBLOB="3a258211f663a7724bdef6a53bfce1e775d740627227b11e2daf85534aa6f5083067b0248878f07a91df1acc99e664c11cbf51b4f6bff473492cfc5ead68cb6a050655a837ad411cb73394239fdd9e33efb5b63c5ff85708d8994e34841e04ec5f4962c4636b7fb34f186b86bb0467bdd13133ef429bda82f9b8e15eae491432dd2a52707c9ff05a83380901aeeba6a468acc0159117074b79e3eae14d824500eef64107f2ce8e640653058270aa2695952d83c594a125149b91f5ef4021dfcdb74078938059110bd142f3c312c6ecfa636c2567683920c19b877c0100b56a570369b4a3f1d5c222e90a05b5fbfad863ae8a14c85cf21dc7ae5e1ed8ee86c42b4c4b52f5f951d46e18aaa93e909ccf37a43455b24102c998836b67ed7064869a18b2d66a5a45630aad8094ca93f6085a68197469c0ab01a37f699b9cc9"], 0x13d)
sendfile(r1, r1, &(0x7f0000000000), 0x8080fffffffe)
r12 = socket$inet6(0xa, 0x3, 0x2c)
connect$inet6(r12, &(0x7f0000000180)={0xa, 0x0, 0x0, @local, 0x3}, 0x1c)
r13 = open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0)
sendfile(r12, r13, 0x0, 0x8482)
getsockopt$inet_pktinfo(r13, 0x0, 0x8, &(0x7f0000000040)={0x0, @loopback, @initdev}, &(0x7f0000000080)=0xc)

09:55:51 executing program 4:
r0 = socket$inet6(0xa, 0x80003, 0x6b)
ioctl(r0, 0x1000008912, &(0x7f00000001c0)="0805b5055e0bcfe8475071")
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x3, 0xe, &(0x7f0000000280)=ANY=[@ANYBLOB="b7000000a5517f5fbfa30000000000004603000028feffff7a0af0fff8ffffff71a4f0ff00000000b706000000000001dd400200000000003406000001ed000071185400000000002e640000000000007b0300fe000000008500000013000000b7000000000000009500000000000000023bc065b7a379d179fc9e88af69912435f1b6a693172e61917adef6ee1c8a2b4f8ef1e50beca090d32050e436fe275daf51efd601b6bf01c8e8b1b5e4fef3bef7054815ae98743d1ace4c46631256dd19aed0d600c0da7c89edff3128e599b0eaebbdbd7359a48f5b0afc646cb7796001b1470d1259965a7209006d12cc8d46e5512bb71eef5b7ea11fc21142baa608cd8d08b097a59f9fef8bbbf3ae000be3dc3c1248abe55f0200000000000000923f3feebe02ae182309641b5185bd9691daebc6b9dbfc310dc8b1343728b37cd316399db20a93df9f0a3fcc9a43c8ee047b94a8395615f9068dc33e53627a7e36c2a941c6b4553ced3bd75ccee3173a76ecb5706d0196e029683c0b4bed2f438c1ea7daa69f613be08408c1bb4e1d267710d6eff209a9de6e268fba34cfc8d7ef948e12984f"], &(0x7f00000001c0)='\x00\xf1)\r*\xbbzL\x8e7\x9e\xaa\xb3y\xb9\xfa!\xad!\xb4\xd4\x94\xa0\x86\xcf\x12#\xb4\xd3n$\x85\x06k\xb2\xf9\xd5\"\xfe\x86 \b\x7f\xe8\x8a\xcf\x89\x9b\xbaR]\xf5{J\x84\x15\xf9)\xf3\xc8\xd5`\xe6\xe6\x9eI\x02\xce\x1fI\xa8w\xc3#\xba\xf5\xe9\xea>\xc7\xab2,\xa0\x84t\xce\x04Tf\xc5\xfe`\'\x9b\xe2MH%\x93\x028\xcb\x0f\xdb\x16\xe2l\x80\xe6\xcd\xceW\x01SS-o`X\xf6\xa4\xc1|\xbe\xc4\xf0\xac1zp\xc9\x89\xef.\xa4\x91\xb4\xf3('}, 0x48)

09:55:51 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = dup3(r2, r1, 0x0)
r4 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x6000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x200000000000df8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r5 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x11, r5, 0x0)
ioctl$PERF_EVENT_IOC_SET_OUTPUT(r4, 0x2405, r5)
r6 = dup2(r5, r2)
getsockopt$XDP_MMAP_OFFSETS(r6, 0x11b, 0x1, &(0x7f0000000100), &(0x7f0000000080)=0x80)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r7, 0xae60)
r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r7, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_ENABLE_CAP_CPU(r8, 0x4068aea3, &(0x7f0000000380)={0x7b})
accept4(0xffffffffffffffff, &(0x7f0000000480)=@rxrpc=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x0, 0x0, @dev}}, &(0x7f0000000000)=0x80, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0)
ioctl$KVM_SET_REGS(r8, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000005, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r8, 0xae80, 0x0)

09:55:51 executing program 2:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snapshot\x00', 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
ioctl$TCSETA(0xffffffffffffffff, 0x5406, &(0x7f0000000100)={0x6, 0x0, 0x0, 0x40, 0x8, 0x8, 0x0, 0x9, 0x0, 0x1f})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  969.244841][   T26] kauditd_printk_skb: 3 callbacks suppressed
[  969.244859][   T26] audit: type=1804 audit(1575885351.236:1093): pid=12702 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir100869913/syzkaller.GI7b3r/600/file0/bus" dev="sda1" ino=16630 res=1
09:55:51 executing program 3:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snapshot\x00', 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
socket$vsock_stream(0x28, 0x1, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$VIDIOC_S_FREQUENCY(0xffffffffffffffff, 0x402c5639, &(0x7f0000000100)={0x7f, 0x3, 0x6})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x4, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  969.470856][   T26] audit: type=1804 audit(1575885351.336:1094): pid=12574 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.1" name="/root/syzkaller-testdir100869913/syzkaller.GI7b3r/600/file0/bus" dev="sda1" ino=16630 res=1
09:55:51 executing program 4:
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$sock_int(r0, 0x1, 0xe, &(0x7f0000000140), 0x2f)

09:55:51 executing program 2:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snapshot\x00', 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
ioctl$TCSETA(0xffffffffffffffff, 0x5406, &(0x7f0000000100)={0x6, 0x0, 0x0, 0x40, 0x8, 0x8, 0x6, 0x0, 0x0, 0x1f})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  969.776766][   T26] audit: type=1804 audit(1575885351.766:1095): pid=13011 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir334181620/syzkaller.4JfTNJ/892/file0/bus" dev="loop5" ino=463 res=1
[  969.810730][T12950] sock: process `syz-executor.4' is using obsolete setsockopt SO_BSDCOMPAT
09:55:51 executing program 3:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snapshot\x00', 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
socket$vsock_stream(0x28, 0x1, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$VIDIOC_S_FREQUENCY(0xffffffffffffffff, 0x402c5639, &(0x7f0000000100)={0x7f, 0x3, 0x6})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x4, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  969.938148][   T26] audit: type=1804 audit(1575885351.886:1096): pid=13053 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir100869913/syzkaller.GI7b3r/600/file0/bus" dev="sda1" ino=16630 res=1
09:55:52 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = dup3(r2, r1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_ENABLE_CAP_CPU(r5, 0x4068aea3, &(0x7f0000000380)={0x7b})
accept4(0xffffffffffffffff, &(0x7f0000000480)=@rxrpc=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x0, 0x0, @dev}}, &(0x7f0000000000)=0x80, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0)
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r5, 0xae80, 0x0)

09:55:52 executing program 4:
r0 = socket(0xa, 0x1, 0x0)
setsockopt$IP_VS_SO_SET_STOPDAEMON(0xffffffffffffffff, 0x0, 0x48c, &(0x7f0000000000)={0x0, '\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00p\x80\x00', 0x1}, 0x37b)
ioctl(r0, 0x8916, &(0x7f0000000000))
ioctl(r0, 0x8936, &(0x7f0000000000))

09:55:52 executing program 1:
setsockopt$IP_VS_SO_SET_STARTDAEMON(0xffffffffffffffff, 0x0, 0x48b, &(0x7f00000000c0)={0x0, 'veth0_to_bond\x00'}, 0x18)
socket(0x0, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./bus\x00', 0x800000000e004, 0x137, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r0)
syz_open_dev$vcsn(0x0, 0x0, 0x8003)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000100)={0xff81, 0x4, 0xa61bfd43b0977a78}, 0x4)
connect$can_bcm(0xffffffffffffffff, 0x0, 0x0)
r2 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r3 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r3, 0x4, 0x2000)
r4 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r4, &(0x7f0000000200)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6f73a5eb7532a"], 0x6b)
sendfile(r4, r4, &(0x7f00000001c0), 0x8080fffffffe)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000002c0)={r4, 0xc0, &(0x7f00000003c0)={0x0, <r5=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x5, 0x7, 0x8, 0x2}, &(0x7f0000000200)=0xfff, 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000300)={r5}, 0xc)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000980)={0x0, 0xffffffffffffffff, 0x0, 0x5, &(0x7f0000000440)='f2fs\x00', r5}, 0x30)
r6 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r6, &(0x7f0000000580)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7cbd80927a2aaea7c4755c1b8438a2d86a4af71157a2d4bd27e1b8b378485241d9c43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6f73a5eb7532acfd3ba1f5c1e5e10a9885cba22428ed0f822a031ca52d99c1d0f1cb26011c0be46a065736848649a68d5db9f3621a3c78ea3e7f43cb161fe28653d5de7c73b4eaf588a9c6bf30758d0e886ae2e35e9127c"], 0x6b)
sendfile(r6, r6, &(0x7f00000001c0), 0x8080fffffffe)
ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_PORT(r6, 0xc0a85352, &(0x7f0000000480)={{0x7, 0x64}, 'port0\x00', 0x1, 0x10840, 0x8, 0x7f, 0x0, 0x3, 0x0, 0x0, 0x1, 0x9})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000440)={0x0, 0xffffffffffffffff, 0x0, 0xc, &(0x7f0000000280)='eth0nodevlo\x00', r5}, 0x30)
fcntl$setown(r2, 0x8, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$P9_RREADLINK(r1, &(0x7f00000006c0)=ANY=[@ANYBLOB="3a258211f663a7724bdef6a53bfce1e775d740627227b11e2daf85534aa6f5083067b0248878f07a91df1acc99e664c11cbf51b4f6bff473492cfc5ead68cb6a050655a837ad411cb73394239fdd9e33efb5b63c5ff85708d8994e34841e04ec5f4962c4636b7fb34f186b86bb0467bdd13133ef429bda82f9b8e15eae491432dd2a52707c9ff05a83380901aeeba6a468acc0159117074b79e3eae14d824500eef64107f2ce8e640653058270aa2695952d83c594a125149b91f5ef4021dfcdb74078938059110bd142f3c312c6ecfa636c2567683920c19b877c01e97b6a570369b4a3f1d5c222e90a05b5fbfad863ae8a14c85cf21dc7ae5e1ed8ee86c42b4c4b52f5f951d46e18aaa93e909ccf37a43455b24102c998836b67ed7064869a18b2d66a5a45630aad8094ca93f6085a68197469c0ab01a37f699b9cc9"], 0x13d)
sendfile(r1, r1, &(0x7f0000000000), 0x8080fffffffe)
r7 = socket$inet6(0xa, 0x3, 0x2c)
connect$inet6(r7, &(0x7f0000000180)={0xa, 0x0, 0x0, @local, 0x3}, 0x1c)
r8 = open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0)
sendfile(r7, r8, 0x0, 0x8482)
getsockopt$inet_pktinfo(r8, 0x0, 0x8, &(0x7f0000000040)={0x0, @loopback, @initdev}, &(0x7f0000000080)=0xc)

[  970.133257][   T26] audit: type=1804 audit(1575885351.896:1097): pid=12702 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.1" name="/root/syzkaller-testdir100869913/syzkaller.GI7b3r/600/file0/bus" dev="sda1" ino=16630 res=1
09:55:52 executing program 2:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snapshot\x00', 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
ioctl$TCSETA(0xffffffffffffffff, 0x5406, &(0x7f0000000100)={0x6, 0x0, 0x0, 0x40, 0x8, 0x8, 0x6})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  970.201246][   T26] audit: type=1804 audit(1575885351.916:1098): pid=12875 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.5" name="/root/syzkaller-testdir334181620/syzkaller.4JfTNJ/892/file0/bus" dev="loop5" ino=463 res=1
09:55:52 executing program 5:
setsockopt$IP_VS_SO_SET_STARTDAEMON(0xffffffffffffffff, 0x0, 0x48b, &(0x7f00000000c0)={0x0, 'veth0_to_bond\x00'}, 0x18)
socket(0x0, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r0)
syz_open_dev$vcsn(0x0, 0x0, 0x8003)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
connect$can_bcm(0xffffffffffffffff, 0x0, 0x0)
r2 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r2, &(0x7f0000000200)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6d73a5eb7532a"], 0x6b)
sendfile(r2, r2, &(0x7f00000001c0), 0x8080fffffffe)
r3 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r3, &(0x7f00000006c0)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6f73a5eb7532a7950878e24d651199437ae46d4d1ff26f0b5946a6396c2d8e4b77cc3ad4b78c8e2980c0a056eb39a52737f8b87f1309b50668495e595f9be98a59817f360d811644caf42f3084a082c39eebccfb665503ba3ffc3afaee683dabbbe94f420f9a301d6"], 0x6b)
sendfile(r3, r3, &(0x7f00000001c0), 0x8080fffffffe)
r4 = socket$inet(0x2, 0x100000000805, 0x0)
r5 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r5, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r6=>0x0]}, &(0x7f000095dffc)=0x1bb)
setsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(r4, 0x84, 0x72, &(0x7f0000000100)={r6}, 0xc)
getsockopt$inet_sctp_SCTP_RESET_STREAMS(r3, 0x84, 0x77, &(0x7f0000000100)={<r7=>r6, 0x0, 0x4, [0x7f, 0x3, 0x2, 0xff]}, &(0x7f0000000340)=0x10)
setsockopt$inet_sctp_SCTP_AUTH_DELETE_KEY(r2, 0x84, 0x19, &(0x7f0000000380)={r7, 0x8}, 0x8)
r8 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r9 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
fcntl$setstatus(r9, 0x4, 0x2000)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000002c0)={0xffffffffffffffff, 0xc0, &(0x7f00000003c0)={0x0, <r10=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x5, 0x7, 0x8, 0x2}, &(0x7f0000000200)=0xfff, 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000300)={r10}, 0xc)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000980)={0x0, 0xffffffffffffffff, 0x0, 0x5, &(0x7f0000000440)='f2fs\x00', r10}, 0x30)
r11 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r11, &(0x7f0000000200)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6f73a5eb7532a"], 0x6b)
sendfile(r11, r11, &(0x7f00000001c0), 0x8080fffffffe)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000440)={0x0, 0xffffffffffffffff, 0x0, 0xc, &(0x7f0000000280)='eth0nodevlo\x00', r10}, 0x30)
fcntl$setown(r8, 0x8, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$P9_RREADLINK(r1, &(0x7f0000000580)=ANY=[@ANYBLOB="3a258211f663a7724bdef6a53bfce1e775d740627227b11e2daf85534aa6f5083067b0248878f07a91df1acc99e664c11cbf51b4f6bff473492cfc5ead68cb6a050655a837ad411cb73394239fdd9e33efb5b63c5ff85708d8994e34841e04ec5f4962c4636b7fb34f186b86bb0467bdd13133ef429bda82f9b8e15eae491432dd2a52707c9ff05a83380901aeeba6a468acc0159117074b79e3eae14d824500eef64107f2ce8e640653058270aa2695952d83c594a125149b91f5ef4021dfcdb74078938059110bd142f3c312c6ecfa636c2567683920c19b877c0100b56a570369b4a3f1d5c222e90a05b5fbfad863ae8a14c85cf21dc7ae5e1ed8ee86c42b4c4b52f5f951d46e18aaa93e909ccf37a43455b24102c998836b67ed7064869a18b2d66a5a45630aad8094ca93f6085a68197469c0ab01a37f699b9cc9"], 0x13d)
sendfile(r1, r1, &(0x7f0000000000), 0x8080fffffffe)
r12 = socket$inet6(0xa, 0x3, 0x2c)
connect$inet6(r12, &(0x7f0000000180)={0xa, 0x0, 0x0, @local, 0x3}, 0x1c)
r13 = open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0)
sendfile(r12, r13, 0x0, 0x8482)
getsockopt$inet_pktinfo(r13, 0x0, 0x8, &(0x7f0000000040)={0x0, @loopback, @initdev}, &(0x7f0000000080)=0xc)

09:55:52 executing program 4:
r0 = socket$inet6(0xa, 0x3, 0x6b)
ioctl(r0, 0x1000008912, &(0x7f00000001c0)="0805b5055e0bcfe8475071")
r1 = socket$packet(0x11, 0x2000000000000003, 0x300)
getsockopt$sock_int(r1, 0x1, 0x2d, &(0x7f0000000040), &(0x7f0000000080)=0x4)

09:55:52 executing program 3:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snapshot\x00', 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
socket$vsock_stream(0x28, 0x1, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$VIDIOC_S_FREQUENCY(0xffffffffffffffff, 0x402c5639, &(0x7f0000000100)={0x7f, 0x3, 0x6})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x4, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

09:55:52 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = dup3(r2, r1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
r4 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/sync_sock_size\x00', 0x2, 0x0)
setsockopt$inet6_tcp_TLS_TX(r4, 0x6, 0x1, &(0x7f0000000180)=@ccm_128={{0x303}, "2bf52c2b37ffcbf1", "bf6454d0eb3ddd0d3e1d65c94cb353e6", "e7ea2091", "d0a216d0c0fafe82"}, 0x28)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
r6 = shmget$private(0x0, 0x4000, 0x200, &(0x7f0000ffa000/0x4000)=nil)
shmctl$SHM_UNLOCK(r6, 0xc)
shmctl$SHM_STAT(r6, 0xd, &(0x7f0000000900)=""/4096)
ioctl$KVM_CREATE_IRQCHIP(r5, 0xae60)
r7 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
r8 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vcsu\x00', 0x486c02, 0x0)
ioctl$KDFONTOP_COPY(r8, 0x4b72, &(0x7f0000000100)={0x3, 0x1, 0x15, 0x2, 0x4, &(0x7f0000000500)})
ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x2, 0x3, 0x1000, &(0x7f0000ffc000/0x1000)=nil})
ioctl$KVM_ENABLE_CAP_CPU(r7, 0x4068aea3, &(0x7f0000000380)={0x7b})
accept4(0xffffffffffffffff, &(0x7f0000000480)=@rxrpc=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x0, 0x0, @dev}}, &(0x7f0000000000)=0x80, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0)
ioctl$KVM_SET_REGS(r7, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r7, 0xae80, 0x0)

09:55:52 executing program 4:
r0 = socket$inet6(0xa, 0x80003, 0x6b)
ioctl(r0, 0x1000008912, &(0x7f00000001c0)="0805b5055e0bcfe8475071")
r1 = socket$inet_udp(0x2, 0x2, 0x0)
sendmmsg$inet(r1, &(0x7f00000060c0)=[{{&(0x7f0000000180)={0x2, 0x4e24, @empty}, 0x10, 0x0, 0x0, &(0x7f0000000440)=[@ip_tos_u8={{0x11}}], 0x18}}], 0x1, 0x0)

09:55:52 executing program 1:
setsockopt$IP_VS_SO_SET_STARTDAEMON(0xffffffffffffffff, 0x0, 0x48b, &(0x7f00000000c0)={0x0, 'veth0_to_bond\x00'}, 0x18)
socket(0x0, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = syz_open_dev$vcsn(0x0, 0x0, 0x8003)
r2 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
connect$can_bcm(0xffffffffffffffff, 0x0, 0x0)
r3 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r4 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r4, 0x4, 0x2000)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000002c0)={0xffffffffffffffff, 0xc0, &(0x7f00000003c0)={0x0, <r5=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x5, 0x7, 0x8, 0x2}, &(0x7f0000000200)=0xfff, 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000300)={r5}, 0xc)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000980)={0x0, 0xffffffffffffffff, 0x0, 0x5, &(0x7f0000000440)='f2fs\x00', r5}, 0x30)
r6 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r6, &(0x7f0000000200)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6f73a5eb7532a"], 0x6b)
sendfile(r6, r6, &(0x7f00000001c0), 0x8080fffffffe)
ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_PORT(r6, 0xc0a85352, &(0x7f0000000480)={{0x7, 0x64}, 'port0\x00', 0x1, 0x10840, 0x8, 0x7f, 0x0, 0x3, 0x0, 0x0, 0x1, 0x9})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000440)={0x0, 0xffffffffffffffff, 0x0, 0xc, &(0x7f0000000280)='eth0nodevlo\x00', r5}, 0x30)
fcntl$setown(r3, 0x8, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$P9_RREADLINK(r2, &(0x7f0000000580)=ANY=[@ANYBLOB="3a258211f663a7724bdef6a53bfce1e775d740627227b11e2daf85534aa6f5083067b0248878f07a91df1acc99e664c11cbf51b4f6bff473492cfc5ead68cb6a050655a837ad411cb73394239fdd9e33efb5b63c5ff85708d8994e34841e04ec5f4962c4636b7fb34f186b86bb0467bdd13133ef429bda82f9b8e15eae491432dd2a52707c9ff05a83380901aeeba6a468acc0159117074b79e3eae14d824500eef64107f2ce8e640653058270aa2695952d83c594a125149b91f5ef4021dfcdb74078938059110bd142f3c312c6ecfa636c2567683920c19b877c0100b56a570369b4a3f1d5c222e90a05b5fbfad863ae8a14c85cf21dc7ae5e1ed8ee86c42b4c4b52f5f951d46e18aaa93e909ccf37a43455b24102c998836b67ed7064869a18b2d66a5a45630aad8094ca93f6085a68197469c0ab01a37f699b9cc9"], 0x13d)
sendfile(r2, r2, &(0x7f0000000000), 0x8080fffffffe)
r7 = socket$inet6(0xa, 0x3, 0x2c)
fsetxattr$security_ima(r1, &(0x7f0000000100)='security.ima\x00', &(0x7f0000000340)=@ng={0x4, 0x10, "57a456d581250597b30716"}, 0xd, 0x1)
connect$inet6(r7, &(0x7f0000000180)={0xa, 0x0, 0x0, @local, 0x3}, 0x1c)
r8 = open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0)
sendfile(r7, r8, 0x0, 0x8482)
getsockopt$inet_pktinfo(r8, 0x0, 0x8, &(0x7f0000000040)={0x0, @loopback, @initdev}, &(0x7f0000000080)=0xc)

09:55:52 executing program 2:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snapshot\x00', 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
ioctl$TCSETA(0xffffffffffffffff, 0x5406, &(0x7f0000000100)={0x6, 0x0, 0x0, 0x40, 0x8, 0x8, 0x6})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

09:55:52 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = dup3(r0, r1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
pipe(&(0x7f0000000080)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(0xffffffffffffffff, 0x84, 0x18, &(0x7f0000000100)={<r6=>0x0, 0x340f}, &(0x7f0000000140)=0x8)
setsockopt$inet_sctp6_SCTP_MAXSEG(r5, 0x84, 0xd, &(0x7f0000000180)=@assoc_value={r6, 0x4}, 0x8)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_ENABLE_CAP_CPU(r4, 0x4068aea3, &(0x7f0000000380)={0x7b})
accept4(0xffffffffffffffff, &(0x7f0000000480)=@rxrpc=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x0, 0x0, @dev}}, &(0x7f0000000000)=0x80, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0)
ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r4, 0xae80, 0x0)

09:55:52 executing program 3:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snapshot\x00', 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
socket$vsock_stream(0x28, 0x1, 0x0)
ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000000380)={0x7b, 0x0, [0x0, 0x7fffffff, 0x581]})
ioctl$VIDIOC_S_FREQUENCY(0xffffffffffffffff, 0x402c5639, &(0x7f0000000100)={0x7f, 0x3, 0x6})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x4, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

09:55:52 executing program 4:
r0 = socket$inet6(0xa, 0x80003, 0x6b)
ioctl(r0, 0x1000008912, &(0x7f00000001c0)="0805b5055e0bcfe8475071")
r1 = socket$netlink(0x10, 0x3, 0x0)
getsockopt$SO_TIMESTAMP(r1, 0x1, 0x1600bd5c, &(0x7f0000000040), &(0x7f0000000080)=0x4)

[  970.955391][   T26] audit: type=1804 audit(1575885352.946:1099): pid=13619 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir334181620/syzkaller.4JfTNJ/893/file0/bus" dev="loop5" ino=464 res=1
[  971.170289][   T26] audit: type=1804 audit(1575885353.156:1100): pid=13588 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.5" name="/root/syzkaller-testdir334181620/syzkaller.4JfTNJ/893/file0/bus" dev="loop5" ino=464 res=1
[  971.226830][T13625] FAT-fs (loop1): error, fat_get_cluster: invalid cluster chain (i_pos 17)
[  971.262320][T13625] FAT-fs (loop1): Filesystem has been set read-only
09:55:53 executing program 2:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snapshot\x00', 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
ioctl$TCSETA(0xffffffffffffffff, 0x5406, &(0x7f0000000100)={0x6, 0x0, 0x0, 0x40, 0x8, 0x8, 0x6})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  971.270631][   T26] audit: type=1804 audit(1575885353.186:1101): pid=13632 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir100869913/syzkaller.GI7b3r/602/file0/bus" dev="loop1" ino=465 res=1
[  971.307768][T13625] FAT-fs (loop1): error, fat_free: invalid cluster chain (i_pos 17)
[  971.337440][   T26] audit: type=1804 audit(1575885353.316:1102): pid=13618 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.1" name="/root/syzkaller-testdir100869913/syzkaller.GI7b3r/602/file0/bus" dev="loop1" ino=465 res=1
09:55:53 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = dup3(r2, r1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080))
ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_ENABLE_CAP_CPU(r5, 0x4068aea3, &(0x7f0000000380)={0x7b})
accept4(0xffffffffffffffff, &(0x7f0000000480)=@rxrpc=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x0, 0x0, @dev}}, &(0x7f0000000000)=0x80, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0)
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r5, 0xae80, 0x0)

09:55:53 executing program 4:
perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x203, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000140)={<r0=>0x0, <r1=>0x0})
recvmsg$kcm(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000380), 0x10000023, &(0x7f00000002c0)=""/77, 0x42e}, 0x0)
recvmsg$kcm(r0, &(0x7f0000000200)={&(0x7f0000000040)=@ax25, 0x2, &(0x7f0000000000)=[{&(0x7f0000000080)=""/151, 0x6129cde3}], 0x6e, &(0x7f00000001c0)=""/17, 0x10036, 0x7301}, 0x3f00)
sendmsg(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000100), 0x47, &(0x7f0000000000)}, 0x0)

09:55:53 executing program 3:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snapshot\x00', 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
socket$vsock_stream(0x28, 0x1, 0x0)
ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000000380)={0x7b, 0x0, [0x0, 0x7fffffff, 0x581]})
ioctl$VIDIOC_S_FREQUENCY(0xffffffffffffffff, 0x402c5639, &(0x7f0000000100)={0x7f, 0x3, 0x6})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x4, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

09:55:53 executing program 5:
setsockopt$IP_VS_SO_SET_STARTDAEMON(0xffffffffffffffff, 0x0, 0x48b, &(0x7f00000000c0)={0x0, 'veth0_to_bond\x00'}, 0x18)
socket(0x0, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r0)
syz_open_dev$vcsn(0x0, 0x0, 0x8003)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
connect$can_bcm(0xffffffffffffffff, 0x0, 0x0)
r2 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r2, &(0x7f0000000200)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6d73a5eb7532a"], 0x6b)
sendfile(r2, r2, &(0x7f00000001c0), 0x8080fffffffe)
r3 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r3, &(0x7f00000006c0)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6f73a5eb7532a7950878e24d651199437ae46d4d1ff26f0b5946a6396c2d8e4b77cc3ad4b78c8e2980c0a056eb39a52737f8b87f1309b50668495e595f9be98a59817f360d811644caf42f3084a082c39eebccfb665503ba3ffc3afaee683dabbbe94f420f9a301d6"], 0x6b)
sendfile(r3, r3, &(0x7f00000001c0), 0x8080fffffffe)
r4 = socket$inet(0x2, 0x100000000805, 0x0)
r5 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r5, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r6=>0x0]}, &(0x7f000095dffc)=0x1bb)
setsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(r4, 0x84, 0x72, &(0x7f0000000100)={r6}, 0xc)
getsockopt$inet_sctp_SCTP_RESET_STREAMS(r3, 0x84, 0x77, &(0x7f0000000100)={<r7=>r6, 0x0, 0x4, [0x7f, 0x3, 0x2, 0xff]}, &(0x7f0000000340)=0x10)
setsockopt$inet_sctp_SCTP_AUTH_DELETE_KEY(r2, 0x84, 0x19, &(0x7f0000000380)={r7, 0x8}, 0x8)
r8 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r9 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
fcntl$setstatus(r9, 0x4, 0x2000)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000002c0)={0xffffffffffffffff, 0xc0, &(0x7f00000003c0)={0x0, <r10=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x5, 0x7, 0x8, 0x2}, &(0x7f0000000200)=0xfff, 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000300)={r10}, 0xc)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000980)={0x0, 0xffffffffffffffff, 0x0, 0x5, &(0x7f0000000440)='f2fs\x00', r10}, 0x30)
r11 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r11, &(0x7f0000000200)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6f73a5eb7532a"], 0x6b)
sendfile(r11, r11, &(0x7f00000001c0), 0x8080fffffffe)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000440)={0x0, 0xffffffffffffffff, 0x0, 0xc, &(0x7f0000000280)='eth0nodevlo\x00', r10}, 0x30)
fcntl$setown(r8, 0x8, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$P9_RREADLINK(r1, &(0x7f0000000580)=ANY=[@ANYBLOB="3a258211f663a7724bdef6a53bfce1e775d740627227b11e2daf85534aa6f5083067b0248878f07a91df1acc99e664c11cbf51b4f6bff473492cfc5ead68cb6a050655a837ad411cb73394239fdd9e33efb5b63c5ff85708d8994e34841e04ec5f4962c4636b7fb34f186b86bb0467bdd13133ef429bda82f9b8e15eae491432dd2a52707c9ff05a83380901aeeba6a468acc0159117074b79e3eae14d824500eef64107f2ce8e640653058270aa2695952d83c594a125149b91f5ef4021dfcdb74078938059110bd142f3c312c6ecfa636c2567683920c19b877c0100b56a570369b4a3f1d5c222e90a05b5fbfad863ae8a14c85cf21dc7ae5e1ed8ee86c42b4c4b52f5f951d46e18aaa93e909ccf37a43455b24102c998836b67ed7064869a18b2d66a5a45630aad8094ca93f6085a68197469c0ab01a37f699b9cc9"], 0x13d)
sendfile(r1, r1, &(0x7f0000000000), 0x8080fffffffe)
r12 = socket$inet6(0xa, 0x3, 0x2c)
connect$inet6(r12, &(0x7f0000000180)={0xa, 0x0, 0x0, @local, 0x3}, 0x1c)
r13 = open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0)
sendfile(r12, r13, 0x0, 0x8482)
getsockopt$inet_pktinfo(r13, 0x0, 0x8, &(0x7f0000000040)={0x0, @loopback, @initdev}, &(0x7f0000000080)=0xc)

09:55:53 executing program 2:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snapshot\x00', 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
ioctl$TCSETA(0xffffffffffffffff, 0x5406, &(0x7f0000000100)={0x6, 0x0, 0x0, 0x40, 0x8, 0x8, 0x6})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

09:55:53 executing program 1:
setsockopt$IP_VS_SO_SET_STARTDAEMON(0xffffffffffffffff, 0x0, 0x48b, &(0x7f00000000c0)={0x0, 'veth0_to_bond\x00'}, 0x18)
socket(0x0, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r0)
syz_open_dev$vcsn(0x0, 0x0, 0x8003)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
connect$can_bcm(0xffffffffffffffff, 0x0, 0x0)
r2 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r3 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r3, 0x4, 0x2000)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000002c0)={0xffffffffffffffff, 0xc0, &(0x7f00000003c0)={0x0, <r4=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x5, 0x7, 0x8, 0x2}, &(0x7f0000000200)=0xfff, 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000300)={r4}, 0xc)
r5 = gettid()
tkill(r5, 0x1000000000016)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000980)={r5, 0xffffffffffffffff, 0x0, 0x5, &(0x7f0000000440)='f2fs\x00', r4}, 0xe9a8880124ab16ef)
r6 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r6, &(0x7f00000006c0)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d2b2b69a611e8141902d0d82b088310b1d10ae6521005dd2eb39f8953a76e61ed465a8b1dddcfe7d0bdb4a37c7dcd80905a2aaea7c4755c1b8438a0f00000000000000807251aee01f008f920b7a88a103c8d144253ba3a0981204dc124aff88ff4ad8c254b6e73a85804021e429ba2ad433b5810fe10600594de4bd14f63df275883b04a9da8d3c38dcd83381"], 0x6b)
sendfile(r6, r6, &(0x7f00000001c0), 0x8080fffffffe)
ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_PORT(r6, 0xc0a85352, &(0x7f0000000480)={{0x7, 0x64}, 'port0\x00', 0x1, 0x10840, 0x8, 0x7f, 0x0, 0x3, 0x0, 0x0, 0x1, 0x9})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000440)={0x0, 0xffffffffffffffff, 0x0, 0xc, &(0x7f0000000280)='eth0nodevlo\x00', r4}, 0x30)
fcntl$setown(r2, 0x8, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$P9_RREADLINK(r1, &(0x7f0000000580)=ANY=[@ANYBLOB="3a258211f663a7724bdef6a53bfce1e775d740627227b11e2daf85534aa6f5083067b0248878f07a91df1acc99e664c11cbf51b4f6bff473492cfc5ead68cb6a050655a837ad411cb73394239fdd9e33efb5b63c5ff85708d8994e34841e04ec5f4962c4636b7fb34f186b86bb0467bdd13133ef429bda82f9b8e15eae491432dd2a52707c9ff05a83380901aeeba6a468acc0159117074b79e3eae14d824500eef64107f2ce8e640653058270aa2695952d83c594a125149b91f5ef4021dfcdb74078938059110bd142f3c312c6ecfa636c2567683920c19b877c0100b56a570369b4a3f1d5c222e90a05b5fbfad863ae8a14c85cf21dc7ae5e1ed8ee86c42b4c4b52f5f951d46e18aaa93e909ccf37a43455b24102c998836b67ed7064869a18b2d66a5a45630aad8094ca93f6085a68197469c0ab01a37f699b9cc9"], 0x13d)
sendfile(r1, r1, &(0x7f0000000000), 0x8080fffffffe)
r7 = socket$inet6(0xa, 0x3, 0x2c)
r8 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r8, &(0x7f0000000200)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fac76d189ee76e5611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6f73a5eb7532500000000000000"], 0x6b)
sendfile(r8, r8, &(0x7f00000001c0), 0x8080fffffffe)
connect$inet6(r8, &(0x7f0000000180)={0xa, 0x0, 0x0, @ipv4={[], [], @broadcast}, 0x7}, 0x1c)
r9 = socket$inet6(0xa, 0x3, 0x2c)
connect$inet6(r9, &(0x7f0000000180)={0xa, 0x0, 0x0, @local, 0x3}, 0x1c)
r10 = open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0)
sendfile(r9, r10, 0x0, 0x8482)
bind$inet6(r9, &(0x7f0000000100)={0xa, 0x4e22, 0x4, @local, 0x7fffffff}, 0x1c)
r11 = open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0)
sendfile(r7, r11, 0x0, 0x8482)
getsockopt$inet_pktinfo(r11, 0x0, 0x8, &(0x7f0000000040)={0x0, @loopback, @initdev}, &(0x7f0000000080)=0xc)

09:55:53 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = dup3(r2, r1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
r6 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x4000000105042, 0x0)
write(r6, &(0x7f0000000200)="fdf01ae741043030219708b2e9a22414e8d9058cf44eecab83b2d28ce64965047f8122da91f2e47e046e9fc35c2d106b78bb06f5b13160ed8a0a91995e8bbea8ac66f5be7c659e654eb9a9efdeefbc8d4a0fcd31a782ec5ae3041b5f8e3a500e264144e3a5619c3a4a9f4cb16916f8910013ffc1345747a696f594e72965e81a225914af246f9a4584f20ec6b6135a9e5632230520a7bc370d9291675212ad7eb5673a1c4d7d03c415df3aab729ca15c3322d4b94626a6e508f5f2adf8f408b6799166f31c4e87ccdc3189b590ffba8b409111c7f6d36aae697d578d8024684647314eb25ee33f8392b42e5ecef3b52e19ebf6f1028cb8dcc54a11dd11b8adbb532b99d457453fbe3277a0c98672a9566c339311a4c007a143106f15054e01cafdcf6f9c6a17fb9ca3362a3a01cfedc8dbfe8bffa12dd17ba0be258156d1b4ef6f136711e49103776540bb986882aba0b7cff4e0102b105f9bea091a1b037373fcdc9f1fadfa9d21ff8f42156f74694d55058084ad477ce6c8bf47641c64d1cfe008025d87e5a02d3eba8d253e30062bdc7fe046bd590131d17ccc73a5ea27c8fb4bf752965f16301176416f440d11db988ad92726c693c5aa5b3ca28bc31ced72d0f4d12cb03fb261fe08e79e78f7aad21dc40cd694ec6e2bcb97be1c67fe59a6564924aaaa280aa94e04b9cb05bb8a0325a5d65f16cd0f8f09286a07382dce", 0x2fde00)
ioctl$FS_IOC_FSSETXATTR(r6, 0x401c5820, &(0x7f0000000240)={0x9, 0x1f, 0x2, 0x4121, 0x8})
ioctl$KVM_ENABLE_CAP_CPU(r5, 0x4068aea3, &(0x7f0000000380)={0x7b})
accept4(0xffffffffffffffff, &(0x7f0000000480)=@rxrpc=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x0, 0x0, @dev}}, &(0x7f0000000000)=0x80, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0)
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
fcntl$F_SET_RW_HINT(r0, 0x40c, &(0x7f0000000080))
r7 = openat$dlm_monitor(0xffffffffffffff9c, &(0x7f0000000200)='/dev/dlm-monitor\x00', 0x4000, 0x0)
accept(r7, &(0x7f0000000100)=@llc, &(0x7f0000000180)=0x80)
ioctl$KVM_RUN(r5, 0xae80, 0x0)

09:55:53 executing program 3:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snapshot\x00', 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
socket$vsock_stream(0x28, 0x1, 0x0)
ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000000380)={0x7b, 0x0, [0x0, 0x7fffffff, 0x581]})
ioctl$VIDIOC_S_FREQUENCY(0xffffffffffffffff, 0x402c5639, &(0x7f0000000100)={0x7f, 0x3, 0x6})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x4, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

09:55:54 executing program 2:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snapshot\x00', 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
ioctl$TCSETA(0xffffffffffffffff, 0x5406, &(0x7f0000000100)={0x6, 0x0, 0x0, 0x40, 0x8, 0x8, 0x6})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

09:55:54 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000))
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
getsockopt$IP6T_SO_GET_INFO(r2, 0x29, 0x40, &(0x7f0000000100)={'raw\x00'}, &(0x7f0000000080)=0x54)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_ENABLE_CAP_CPU(r3, 0x4068aea3, &(0x7f0000000380)={0x7b})
accept4(0xffffffffffffffff, &(0x7f0000000480)=@rxrpc=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x0, 0x0, @dev}}, &(0x7f0000000000)=0x80, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0)
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0xfffffffffffffff9, 0x40000000000004cb, 0x0, 0x0, 0x100000, 0x0, 0x7, 0x800, 0x0, 0x1], 0x4})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

09:55:54 executing program 3:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snapshot\x00', 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000000380)={0x7b, 0x0, [0x0, 0x7fffffff, 0x581]})
ioctl$VIDIOC_S_FREQUENCY(0xffffffffffffffff, 0x402c5639, &(0x7f0000000100)={0x7f, 0x3, 0x6})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x4, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

09:55:54 executing program 4:
r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='/\x00~WMz\x0f0\x80\x90\"\xcf\xde&U]\xc9\xec\xfe\x19t@n\xe8\xd3\x83dx-c\xb6a(T\xb2\xe4\x9d\xbd\xca\xefq\x81\x97\xe3~\x87\n0\x8b\x1e\t\x00\x00\x00\x88\xa4H\xce\x98]\x92\agm0%\xef\x93>Q\x82\x8a\xb6u\x06N*\xdb\xe9\x12d#\xb4\x9cm\xb2\xf1`\xd4\x9c\xb6\xcc\xe7l\'(\x9aO\x9d\n\xd8\x1e\xd8\xda2NDcq\xef\x1eu\tsT\xaa\xa5\x86\r#\x83\xdf\x87Rk\xaa\x18M\x90\xbbw)6l\x17\xbc3\xd7e\xe9\xbc/\x88*\x13\xf3\xa9\xc1\xf6\x06`\xbdO\xd2\xfa1\xd2\xc0\xa7u$\"\x89\xeb\x8e\x14\x03w\xaao\xb3\x17\x00\xf18\xdcM~\b\xd5|(*g\xdeZu\xc5G\x1f\x81\x00\x00\x00\x00\x00\x00\x00\x9bS\x98\x17\xdb\xa7\x7fK\x93\xcf\xe7-\x19\\I\x1f\xb6\'d\xfce\x92\xe0m\xd0\xa7\xf6:\xbb\xd4\xc6\xe3/_\xa1\x9fnM\xc0t\xd8$\xfc|i\x80@\xc7\xe8\xb2q6\xfa\xd5~b\x89B\xb4i\xeeGh\\\x94\"\xbf\xc1\x99*Lv\xa4\xa3\x91&\xd2\x14\x02\xb9g-*\xa0\xf8\x9b\x04,\xa8\x98%-\x1e%\xf8L\x01\xbe\x87\xd4\x8c\x9d\x9c\r9\xfb#\x1d\xd7\xc0\xe6E\x81\x16c\xeaN\xb8\xfb\x06\xd2\x01\a\xc7\x9e\xb1\x85Xu\xc9v\xe5X\xe6\xe3\xf3\x16\xc4\x88\x03%M3\xec=c\x84\xeb\xc2\xb0\x87\xfdb\xa9\xa4\xe6\xd8\xe5\xeaq/\x1e\xbcW\xec+\xa3f\x9a\x91Tr\xe0N\\\xc5\xb8\x91\xbb\xa5a\xc7OzWcr\xdd\xeb2\xa8\xd2=7}\'B\xcb\xcb\x97\xb7\x99\x03\x85z\xb1\xb4\x84\xd8,\xb4{\x80\xec7\x96\f\x03~\x9b\xfa_0\x82\xc4\xaaD\xa2\x8cU\x96\xa66\xa5\xf4\xeb\xc2\xe3=P\xee\xee\xe2o\xa6\xa2\xbf\x9b\xa2\v\xb9\x9ewi\x94\x1a\xf2\x98\x19\x18\xfdR\xed:\x10-\xaeJ\x92{KA\xda|\xabl|\xfe\xaaKK\xb2:', 0x0, 0x0)
close(r0)

09:55:54 executing program 2:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snapshot\x00', 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
ioctl$TCSETA(0xffffffffffffffff, 0x5406, &(0x7f0000000100)={0x6, 0x0, 0x0, 0x40, 0x8, 0x8, 0x6})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, 0x0}], 0x1, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  972.501594][T14189] kvm_hv_get_msr: 477 callbacks suppressed
[  972.501610][T14189] kvm [14188]: vcpu0, guest rIP: 0x4a Hyper-V unhandled rdmsr: 0x40000061
[  972.604674][T14189] kvm [14188]: vcpu0, guest rIP: 0x4a Hyper-V unhandled rdmsr: 0x4000000d
[  972.621293][T14189] kvm [14188]: vcpu0, guest rIP: 0x4a Hyper-V unhandled rdmsr: 0x40000019
[  972.640017][T14189] kvm [14188]: vcpu0, guest rIP: 0x4a Hyper-V unhandled rdmsr: 0x40000079
09:55:54 executing program 4:
perf_event_open(&(0x7f0000000000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1fc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
recvmsg(0xffffffffffffffff, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000380)=ANY=[@ANYBLOB="b70200000d000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000"], &(0x7f0000000340)='syzkaller\x00'}, 0x48)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000dc0)=ANY=[@ANYBLOB="00d057b68cfa70c23389fc6c7fbbd3f03def00000001130bf8c7c55cd9e094875a8700006f8509009b50d015ce6487d4ef5ec05941e786417dc08409307012879e4f30f76e95de4a4f120cead02df8cb3f485163f877f5f6bab338c36e77a37243091ecc41ca61f2faf128102659a9c119e8a2c4a74f236eb1c0ef3b00000000000000000000000000000000000000000057e5cdea000000000000000000000000000000000000003625b7269beef28b0dd4c50a00d7af98f40500000000000000d84a1cc529b115debfc1f9cf5f9362cfdca252e9eb1419e760a2e2bd6042e72426add1c057130d9b97d418e97eeae5f4240489b83c3295c2cba8368928f93e0000000000"], 0x105)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000080)='hugetlb.2MB.usage_in_bytes\x00', 0x0, 0x0)
ioctl$TUNDETACHFILTER(0xffffffffffffffff, 0x401054d6, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000040)={r0, 0x18000000000002a0, 0xb9, 0x0, &(0x7f0000000500)="b9ff0300000d698cb89e14f088a8000fffff0000ab00638877fbac141421e9", 0x0, 0x100}, 0x28)
ioctl$PERF_EVENT_IOC_SET_FILTER(0xffffffffffffffff, 0x8914, 0x0)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x84, 0xb, 0x0, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x7a05, 0x1700)
write$cgroup_subtree(r1, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000080)='cpuacBt.usage_user\r', 0x0, 0x0)
socket$kcm(0x2, 0x0, 0x2)
sendmsg$inet(0xffffffffffffffff, 0x0, 0x0)

09:55:54 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = dup3(r2, r1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_ENABLE_CAP_CPU(r5, 0x4068aea3, &(0x7f0000000380)={0x7b})
accept4(0xffffffffffffffff, &(0x7f0000000480)=@rxrpc=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x0, 0x0, @dev}}, &(0x7f0000000000)=0x80, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0)
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r5, 0xae80, 0x0)
r6 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_S_DV_TIMINGS(r6, 0xc0845657, &(0x7f0000000100)={0x0, @bt={0x7, 0x4, 0x1, 0x3, 0x8, 0x471c, 0x6, 0xffffffbb, 0xd8, 0x6, 0x824, 0x4, 0x7, 0x80000001, 0x4, 0x1}})

[  972.660560][T14189] kvm [14188]: vcpu0, guest rIP: 0x4a Hyper-V unhandled rdmsr: 0x40000015
[  972.670049][T14189] kvm [14188]: vcpu0, guest rIP: 0x4a Hyper-V unhandled rdmsr: 0x40000039
[  972.705758][T14189] kvm [14188]: vcpu0, guest rIP: 0x4a Hyper-V unhandled rdmsr: 0x40000039
09:55:54 executing program 5:
setsockopt$IP_VS_SO_SET_STARTDAEMON(0xffffffffffffffff, 0x0, 0x48b, &(0x7f00000000c0)={0x0, 'veth0_to_bond\x00'}, 0x18)
socket(0x0, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r0)
syz_open_dev$vcsn(0x0, 0x0, 0x8003)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
connect$can_bcm(0xffffffffffffffff, 0x0, 0x0)
r2 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r2, &(0x7f0000000200)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6d73a5eb7532a"], 0x6b)
sendfile(r2, r2, &(0x7f00000001c0), 0x8080fffffffe)
r3 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r3, &(0x7f00000006c0)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6f73a5eb7532a7950878e24d651199437ae46d4d1ff26f0b5946a6396c2d8e4b77cc3ad4b78c8e2980c0a056eb39a52737f8b87f1309b50668495e595f9be98a59817f360d811644caf42f3084a082c39eebccfb665503ba3ffc3afaee683dabbbe94f420f9a301d6"], 0x6b)
sendfile(r3, r3, &(0x7f00000001c0), 0x8080fffffffe)
r4 = socket$inet(0x2, 0x100000000805, 0x0)
r5 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r5, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r6=>0x0]}, &(0x7f000095dffc)=0x1bb)
setsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(r4, 0x84, 0x72, &(0x7f0000000100)={r6}, 0xc)
getsockopt$inet_sctp_SCTP_RESET_STREAMS(r3, 0x84, 0x77, &(0x7f0000000100)={<r7=>r6, 0x0, 0x4, [0x7f, 0x3, 0x2, 0xff]}, &(0x7f0000000340)=0x10)
setsockopt$inet_sctp_SCTP_AUTH_DELETE_KEY(r2, 0x84, 0x19, &(0x7f0000000380)={r7, 0x8}, 0x8)
r8 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r9 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
fcntl$setstatus(r9, 0x4, 0x2000)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000002c0)={0xffffffffffffffff, 0xc0, &(0x7f00000003c0)={0x0, <r10=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x5, 0x7, 0x8, 0x2}, &(0x7f0000000200)=0xfff, 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000300)={r10}, 0xc)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000980)={0x0, 0xffffffffffffffff, 0x0, 0x5, &(0x7f0000000440)='f2fs\x00', r10}, 0x30)
r11 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
write$binfmt_aout(r11, &(0x7f0000000200)=ANY=[@ANYBLOB="d6751d6d4465cecb2ca1abb39655e1da420fcf76d189ee76e5ddb334d232b69a611e1ed465a8b1dddcfe7d0bdb4a37c7dcd80927a2aaea7c4755c1b8438a2d86a4af71157a43807251aee06ac58f920b7a88a103c8d1b6b63ba3a098120488ff4ad8c254b6f73a5eb7532a"], 0x6b)
ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_PORT(r11, 0xc0a85352, &(0x7f0000000480)={{0x7, 0x64}, 'port0\x00', 0x1, 0x10840, 0x8, 0x7f, 0x0, 0x3, 0x0, 0x0, 0x1, 0x9})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000440)={0x0, 0xffffffffffffffff, 0x0, 0xc, &(0x7f0000000280)='eth0nodevlo\x00', r10}, 0x30)
fcntl$setown(r8, 0x8, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$P9_RREADLINK(r1, &(0x7f0000000580)=ANY=[@ANYBLOB="3a258211f663a7724bdef6a53bfce1e775d740627227b11e2daf85534aa6f5083067b0248878f07a91df1acc99e664c11cbf51b4f6bff473492cfc5ead68cb6a050655a837ad411cb73394239fdd9e33efb5b63c5ff85708d8994e34841e04ec5f4962c4636b7fb34f186b86bb0467bdd13133ef429bda82f9b8e15eae491432dd2a52707c9ff05a83380901aeeba6a468acc0159117074b79e3eae14d824500eef64107f2ce8e640653058270aa2695952d83c594a125149b91f5ef4021dfcdb74078938059110bd142f3c312c6ecfa636c2567683920c19b877c0100b56a570369b4a3f1d5c222e90a05b5fbfad863ae8a14c85cf21dc7ae5e1ed8ee86c42b4c4b52f5f951d46e18aaa93e909ccf37a43455b24102c998836b67ed7064869a18b2d66a5a45630aad8094ca93f6085a68197469c0ab01a37f699b9cc9"], 0x13d)
sendfile(r1, r1, &(0x7f0000000000), 0x8080fffffffe)
r12 = socket$inet6(0xa, 0x3, 0x2c)
connect$inet6(r12, &(0x7f0000000180)={0xa, 0x0, 0x0, @local, 0x3}, 0x1c)
r13 = open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0)
sendfile(r12, r13, 0x0, 0x8482)
getsockopt$inet_pktinfo(r13, 0x0, 0x8, &(0x7f0000000040)={0x0, @loopback, @initdev}, &(0x7f0000000080)=0xc)

[  972.778161][T14189] kvm [14188]: vcpu0, guest rIP: 0x4a Hyper-V unhandled rdmsr: 0x40000069
[  972.807511][T14189] kvm [14188]: vcpu0, guest rIP: 0x4a Hyper-V unhandled rdmsr: 0x40000036
[  972.829896][T14189] kvm [14188]: vcpu0, guest rIP: 0x4a Hyper-V unhandled rdmsr: 0x40000005
09:55:54 executing program 3:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snapshot\x00', 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaab1c3, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000000380)={0x7b, 0x0, [0x0, 0x7fffffff, 0x581]})
ioctl$VIDIOC_S_FREQUENCY(0xffffffffffffffff, 0x402c5639, &(0x7f0000000100)={0x7f, 0x3, 0x6})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x4, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  973.518703][T14424] ==================================================================
[  973.527052][T14424] BUG: KCSAN: data-race in atime_needs_update / fat_truncate_time
[  973.534858][T14424] 
[  973.537195][T14424] read to 0xffff8880b3d057e0 of 8 bytes by task 14355 on cpu 0:
[  973.544835][T14424]  atime_needs_update+0x1f7/0x360
[  973.549874][T14424]  touch_atime+0x63/0x190
[  973.554208][T14424]  generic_file_read_iter+0x116e/0x1440
[  973.559915][T14424]  generic_file_splice_read+0x35c/0x500
[  973.565564][T14424]  do_splice_to+0xf2/0x130
[  973.569994][T14424]  splice_direct_to_actor+0x1a1/0x510
[  973.575367][T14424]  do_splice_direct+0x161/0x1e0
[  973.580224][T14424]  do_sendfile+0x384/0x7f0
[  973.584651][T14424]  __x64_sys_sendfile64+0xbe/0x140
[  973.589778][T14424]  do_syscall_64+0xcc/0x370
[  973.594291][T14424]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[  973.600178][T14424] 
[  973.602721][T14424] write to 0xffff8880b3d057e0 of 8 bytes by task 14424 on cpu 1:
[  973.610454][T14424]  fat_truncate_time+0x145/0x2e0
[  973.615821][T14424]  fat_update_time+0x75/0x1c0
[  973.620522][T14424]  touch_atime+0x172/0x190
[  973.624967][T14424]  generic_file_read_iter+0x116e/0x1440
[  973.632532][T14424]  generic_file_splice_read+0x35c/0x500
[  973.638088][T14424]  do_splice_to+0xf2/0x130
[  973.642515][T14424]  splice_direct_to_actor+0x1a1/0x510
[  973.648001][T14424]  do_splice_direct+0x161/0x1e0
[  973.652865][T14424]  do_sendfile+0x384/0x7f0
[  973.657295][T14424]  __x64_sys_sendfile64+0xbe/0x140
[  973.662424][T14424]  do_syscall_64+0xcc/0x370
[  973.667033][T14424]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[  973.672921][T14424] 
[  973.675252][T14424] Reported by Kernel Concurrency Sanitizer on:
[  973.681417][T14424] CPU: 1 PID: 14424 Comm: syz-executor.5 Not tainted 5.4.0-syzkaller #0
[  973.689904][T14424] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  973.699972][T14424] ==================================================================
[  973.708174][T14424] Kernel panic - not syncing: panic_on_warn set ...
[  973.714785][T14424] CPU: 1 PID: 14424 Comm: syz-executor.5 Not tainted 5.4.0-syzkaller #0
[  973.723112][T14424] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  973.733172][T14424] Call Trace:
[  973.736481][T14424]  dump_stack+0x11d/0x181
[  973.741024][T14424]  panic+0x210/0x640
[  973.744950][T14424]  ? vprintk_func+0x8d/0x140
[  973.749560][T14424]  kcsan_report.cold+0xc/0xd
[  973.754169][T14424]  kcsan_setup_watchpoint+0x3fe/0x460
[  973.759772][T14424]  __tsan_unaligned_write8+0xc4/0x100
[  973.765246][T14424]  fat_truncate_time+0x145/0x2e0
[  973.770199][T14424]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[  973.775935][T14424]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  973.782196][T14424]  fat_update_time+0x75/0x1c0
[  973.786888][T14424]  ? __read_once_size.constprop.0+0x20/0x20
[  973.792801][T14424]  touch_atime+0x172/0x190
[  973.797268][T14424]  generic_file_read_iter+0x116e/0x1440
[  973.803022][T14424]  generic_file_splice_read+0x35c/0x500
[  973.808584][T14424]  do_splice_to+0xf2/0x130
[  973.813000][T14424]  ? add_to_pipe+0x1a0/0x1a0
[  973.817596][T14424]  ? add_to_pipe+0x1a0/0x1a0
[  973.822184][T14424]  splice_direct_to_actor+0x1a1/0x510
[  973.827554][T14424]  ? generic_pipe_buf_nosteal+0x20/0x20
[  973.833119][T14424]  do_splice_direct+0x161/0x1e0
[  973.837978][T14424]  do_sendfile+0x384/0x7f0
[  973.842396][T14424]  __x64_sys_sendfile64+0xbe/0x140
[  973.847813][T14424]  do_syscall_64+0xcc/0x370
[  973.852338][T14424]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[  973.858223][T14424] RIP: 0033:0x45a6f9
[  973.862260][T14424] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  973.881857][T14424] RSP: 002b:00007fba271e6c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  973.890419][T14424] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 000000000045a6f9
[  973.898385][T14424] RDX: 00000000200001c0 RSI: 0000000000000006 RDI: 0000000000000006
[  973.906554][T14424] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000
[  973.914618][T14424] R10: 00008080fffffffe R11: 0000000000000246 R12: 00007fba271e76d4
[  973.922629][T14424] R13: 00000000004c905a R14: 00000000004e0c50 R15: 00000000ffffffff
[  973.932524][T14424] Kernel Offset: disabled
[  973.937054][T14424] Rebooting in 86400 seconds..